updated permission

This commit is contained in:
Warunee Tamkoo 2024-09-06 15:17:42 +07:00
parent b48df26505
commit 7e83cd8d87
7 changed files with 81 additions and 19 deletions

View file

@ -492,7 +492,7 @@ export class AssignController extends Controller {
*/ */
@Get("") @Get("")
async GetAssign(@Query() assign_id: string, @Request() request: RequestWithUser) { async GetAssign(@Query() assign_id: string, @Request() request: RequestWithUser) {
await new permission().PermissionUpdate(request, "SYS_PROBATION"); await new permission().PermissionGet(request, "SYS_PROBATION");
const assign = await this.assignRepository.findOne({ const assign = await this.assignRepository.findOne({
select: [ select: [

View file

@ -3,7 +3,6 @@ import {
Route, Route,
Security, Security,
Tags, Tags,
Path,
Request, Request,
SuccessResponse, SuccessResponse,
Response, Response,
@ -21,6 +20,7 @@ import { MapKnowledgeSkill } from "../entities/MapKnowledgeSkill";
import { Personal } from "../entities/Personal"; import { Personal } from "../entities/Personal";
import { Law } from "../entities/Law"; import { Law } from "../entities/Law";
import { Assign } from "../entities/Assign"; import { Assign } from "../entities/Assign";
import permission from "../interfaces/permission";
@Route("api/v1/probation/data-options") @Route("api/v1/probation/data-options")
@Tags("Data Options") @Tags("Data Options")
@ -45,7 +45,7 @@ export class DataOptionController extends Controller {
* *
*/ */
@Get("knowledge") @Get("knowledge")
async GetKnowledge(@Query() personal_id: string, @Request() request: RequestWithUser) { async GetKnowledge(@Query() personal_id: string) {
const person = await this.personalRepository.findOne({ const person = await this.personalRepository.findOne({
where: { personal_id }, where: { personal_id },
}); });
@ -106,7 +106,7 @@ export class DataOptionController extends Controller {
* *
*/ */
@Get("skill") @Get("skill")
async GetSkill(@Query() personal_id: string, @Request() request: RequestWithUser) { async GetSkill(@Query() personal_id: string) {
const person = await this.personalRepository.findOne({ const person = await this.personalRepository.findOne({
where: { personal_id }, where: { personal_id },
}); });
@ -258,7 +258,7 @@ export class DataOptionController extends Controller {
* *
*/ */
@Get("law") @Get("law")
async GetLaw(@Query() personal_id: string, @Request() request: RequestWithUser) { async GetLaw(@Query() personal_id: string) {
const results = await this.lawRepository.find({ const results = await this.lawRepository.find({
select: ["id", "parent_id", "description", "status_select"], select: ["id", "parent_id", "description", "status_select"],
where: { where: {
@ -286,6 +286,8 @@ export class DataOptionController extends Controller {
*/ */
@Get("new-assign") @Get("new-assign")
async NewAssign(@Query() personal_id: string, @Request() request: RequestWithUser) { async NewAssign(@Query() personal_id: string, @Request() request: RequestWithUser) {
await new permission().PermissionGet(request, "SYS_PROBATION");
const person = await this.personalRepository.findOne({ const person = await this.personalRepository.findOne({
select: [ select: [
"personal_id", "personal_id",

View file

@ -23,7 +23,7 @@ import { Assign } from "../entities/Assign";
import { Personal } from "../entities/Personal"; import { Personal } from "../entities/Personal";
import CallAPI from "../interfaces/call-api"; import CallAPI from "../interfaces/call-api";
import { CreateEvaluateChairman, EvaluateChairman } from "../entities/EvaluateChairman"; import { CreateEvaluateChairman, EvaluateChairman } from "../entities/EvaluateChairman";
import permission from "../interfaces/permission";
@Route("api/v1/probation/evaluate-chairman") @Route("api/v1/probation/evaluate-chairman")
@Tags("แบบประเมินผล (คณะกรรมการ)") @Tags("แบบประเมินผล (คณะกรรมการ)")
@Security("bearerAuth") @Security("bearerAuth")
@ -45,7 +45,9 @@ export class EvaluateChairmanController extends Controller {
* *
*/ */
@Get("create") @Get("create")
async CreateEvaluate(@Query() assign_id: string) { async CreateEvaluate(@Query() assign_id: string, @Request() request: RequestWithUser) {
await new permission().PermissionGet(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -174,7 +176,12 @@ export class EvaluateChairmanController extends Controller {
* *
*/ */
@Get("") @Get("")
async GetEvaluate(@Query() assign_id: string, @Query() evaluate_no?: string) { async GetEvaluate(
@Request() request: RequestWithUser,
@Query() assign_id: string,
@Query() evaluate_no?: string,
) {
await new permission().PermissionGet(request, "SYS_PROBATION");
// ต้องปรับเป็น id ของคนที่ access เข้ามา // ต้องปรับเป็น id ของคนที่ access เข้ามา
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
@ -330,6 +337,8 @@ export class EvaluateChairmanController extends Controller {
@Body() requestBody: CreateEvaluateChairman, @Body() requestBody: CreateEvaluateChairman,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -416,6 +425,8 @@ export class EvaluateChairmanController extends Controller {
@Body() requestBody: CreateEvaluateChairman, @Body() requestBody: CreateEvaluateChairman,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
let evaluate = await this.evaluateChairmanRepository.findOne({ let evaluate = await this.evaluateChairmanRepository.findOne({
where: { id: evaluate_id }, where: { id: evaluate_id },
}); });

View file

@ -23,7 +23,7 @@ import { Assign } from "../entities/Assign";
import { CreateEvaluateCommander, EvaluateCommander } from "../entities/EvaluateCommander"; import { CreateEvaluateCommander, EvaluateCommander } from "../entities/EvaluateCommander";
import { Personal } from "../entities/Personal"; import { Personal } from "../entities/Personal";
import CallAPI from "../interfaces/call-api"; import CallAPI from "../interfaces/call-api";
import permission from "../interfaces/permission";
@Route("api/v1/probation/evaluate") @Route("api/v1/probation/evaluate")
@Tags("แบบประเมินผล (ผู้บังคับบัญชา)") @Tags("แบบประเมินผล (ผู้บังคับบัญชา)")
@Security("bearerAuth") @Security("bearerAuth")
@ -45,7 +45,9 @@ export class EvaluateController extends Controller {
* *
*/ */
@Get("create") @Get("create")
async CreateEvaluate(@Query() assign_id: string) { async CreateEvaluate(@Query() assign_id: string, @Request() request: RequestWithUser) {
await new permission().PermissionGet(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -118,7 +120,13 @@ export class EvaluateController extends Controller {
* *
*/ */
@Get("") @Get("")
async GetEvaluate(@Query() assign_id: string, @Query() evaluate_no?: string) { async GetEvaluate(
@Request() request: RequestWithUser,
@Query() assign_id: string,
@Query() evaluate_no?: string,
) {
await new permission().PermissionGet(request, "SYS_PROBATION");
// ต้องปรับเป็น id ของคนที่ access เข้ามา // ต้องปรับเป็น id ของคนที่ access เข้ามา
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
@ -241,6 +249,8 @@ export class EvaluateController extends Controller {
@Body() requestBody: CreateEvaluateCommander, @Body() requestBody: CreateEvaluateCommander,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -327,6 +337,8 @@ export class EvaluateController extends Controller {
@Body() requestBody: CreateEvaluateCommander, @Body() requestBody: CreateEvaluateCommander,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
let evaluate = await this.evaluateCommanderRepository.findOne({ let evaluate = await this.evaluateCommanderRepository.findOne({
where: { id: evaluate_id }, where: { id: evaluate_id },
}); });

View file

@ -25,7 +25,7 @@ import { AssignOutput } from "../entities/AssignOutput";
import { CreateEvaluateAssessor, EvaluateAssessor } from "../entities/EvaluateAssessor"; import { CreateEvaluateAssessor, EvaluateAssessor } from "../entities/EvaluateAssessor";
import { CreateEvaluateAchievement, EvaluateAchievement } from "../entities/EvaluateAchievement"; import { CreateEvaluateAchievement, EvaluateAchievement } from "../entities/EvaluateAchievement";
import CallAPI from "../interfaces/call-api"; import CallAPI from "../interfaces/call-api";
import permission from "../interfaces/permission";
@Route("api/v1/probation/evaluate-record") @Route("api/v1/probation/evaluate-record")
@Tags("แบบบันทึกผล") @Tags("แบบบันทึกผล")
@Security("bearerAuth") @Security("bearerAuth")
@ -49,7 +49,9 @@ export class EvaluateRecordController extends Controller {
* *
*/ */
@Get("create") @Get("create")
async GetCreate(@Query() assign_id: string) { async GetCreate(@Query() assign_id: string, @Request() request: RequestWithUser) {
await new permission().PermissionGet(request, "SYS_PROBATION");
const directorData = await this.assignDirectorRepository.findOne({ const directorData = await this.assignDirectorRepository.findOne({
select: ["personal_id", "dated", "fullname", "position", "posType", "posLevel"], select: ["personal_id", "dated", "fullname", "position", "posType", "posLevel"],
where: { where: {
@ -159,7 +161,13 @@ export class EvaluateRecordController extends Controller {
* *
*/ */
@Get("") @Get("")
async GetData(@Query() assign_id: string, @Query() evaluate_no?: string) { async GetData(
@Request() request: RequestWithUser,
@Query() assign_id: string,
@Query() evaluate_no?: string,
) {
await new permission().PermissionGet(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -389,6 +397,8 @@ export class EvaluateRecordController extends Controller {
@Body() requestBody: CreateEvaluateAssessor, @Body() requestBody: CreateEvaluateAssessor,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -505,6 +515,8 @@ export class EvaluateRecordController extends Controller {
@Body() requestBody: CreateEvaluateAssessor, @Body() requestBody: CreateEvaluateAssessor,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -608,7 +620,9 @@ export class EvaluateRecordController extends Controller {
* *
*/ */
@Get("create/commander") @Get("create/commander")
async GetCreateCommander(@Query() assign_id: string) { async GetCreateCommander(@Query() assign_id: string, @Request() request: RequestWithUser) {
await new permission().PermissionGet(request, "SYS_PROBATION");
const directorData = await this.assignDirectorRepository.findOne({ const directorData = await this.assignDirectorRepository.findOne({
select: ["personal_id", "dated", "fullname", "position", "posType", "posLevel"], select: ["personal_id", "dated", "fullname", "position", "posType", "posLevel"],
where: { where: {
@ -703,7 +717,13 @@ export class EvaluateRecordController extends Controller {
* *
*/ */
@Get("commander") @Get("commander")
async GetDataCommander(@Query() assign_id: string, @Query() evaluate_no?: string) { async GetDataCommander(
@Request() request: RequestWithUser,
@Query() assign_id: string,
@Query() evaluate_no?: string,
) {
await new permission().PermissionGet(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -933,6 +953,8 @@ export class EvaluateRecordController extends Controller {
@Body() requestBody: CreateEvaluateAssessor, @Body() requestBody: CreateEvaluateAssessor,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -1046,6 +1068,8 @@ export class EvaluateRecordController extends Controller {
@Body() requestBody: CreateEvaluateAssessor, @Body() requestBody: CreateEvaluateAssessor,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {

View file

@ -24,6 +24,7 @@ import { Personal } from "../entities/Personal";
import CallAPI from "../interfaces/call-api"; import CallAPI from "../interfaces/call-api";
import { EvaluateChairman } from "../entities/EvaluateChairman"; import { EvaluateChairman } from "../entities/EvaluateChairman";
import { CreateEvaluateResult, EvaluateResult } from "../entities/EvaluateResult"; import { CreateEvaluateResult, EvaluateResult } from "../entities/EvaluateResult";
import permission from "../interfaces/permission";
@Route("api/v1/probation/evaluate-result") @Route("api/v1/probation/evaluate-result")
@Tags("แบบรายงานการประเมินฯ") @Tags("แบบรายงานการประเมินฯ")
@ -47,7 +48,9 @@ export class EvaluateResultController extends Controller {
* *
*/ */
@Get("create") @Get("create")
async CreateEvaluate(@Query() assign_id: string) { async CreateEvaluate(@Query() assign_id: string, @Request() request: RequestWithUser) {
await new permission().PermissionGet(request, "SYS_PROBATION");
const assign = await this.assignRepository.findOne({ const assign = await this.assignRepository.findOne({
relations: ["profile"], relations: ["profile"],
where: { id: assign_id }, where: { id: assign_id },
@ -179,7 +182,13 @@ export class EvaluateResultController extends Controller {
* *
*/ */
@Get("") @Get("")
async GetEvaluate(@Query() assign_id: string, @Query() evaluate_no?: string) { async GetEvaluate(
@Request() request: RequestWithUser,
@Query() assign_id: string,
@Query() evaluate_no?: string,
) {
await new permission().PermissionGet(request, "SYS_PROBATION");
// ต้องปรับเป็น id ของคนที่ access เข้ามา // ต้องปรับเป็น id ของคนที่ access เข้ามา
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
@ -319,6 +328,8 @@ export class EvaluateResultController extends Controller {
@Body() requestBody: CreateEvaluateResult, @Body() requestBody: CreateEvaluateResult,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
const director = await this.assignDirectorRepository.findOne({ const director = await this.assignDirectorRepository.findOne({
select: ["personal_id"], select: ["personal_id"],
where: { where: {
@ -410,6 +421,8 @@ export class EvaluateResultController extends Controller {
@Body() requestBody: CreateEvaluateResult, @Body() requestBody: CreateEvaluateResult,
@Request() request: RequestWithUser, @Request() request: RequestWithUser,
) { ) {
await new permission().PermissionUpdate(request, "SYS_PROBATION");
let evaluate = await this.evaluateResultRepository.findOne({ let evaluate = await this.evaluateResultRepository.findOne({
where: { id: evaluate_id }, where: { id: evaluate_id },
}); });

View file

@ -137,7 +137,7 @@ export class PersonalController extends Controller {
*/ */
@Get("") @Get("")
async GetPersonal(@Request() request: RequestWithUser, @Query() personal_id: string) { async GetPersonal(@Request() request: RequestWithUser, @Query() personal_id: string) {
await new permission().PermissionList(request, "SYS_PROBATION"); await new permission().PermissionGet(request, "SYS_PROBATION");
const person = await this.personalRepository.findOne({ const person = await this.personalRepository.findOne({
where: { personal_id: personal_id }, where: { personal_id: personal_id },
}); });