diff --git a/Controllers/RecruitController.cs b/Controllers/RecruitController.cs index 902e009..db11b8e 100644 --- a/Controllers/RecruitController.cs +++ b/Controllers/RecruitController.cs @@ -444,7 +444,7 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { - var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_SELECT"); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_CONTEST"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { @@ -504,7 +504,7 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { - var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_EXAM_SELECT"); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_EXAM_CONTEST"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { @@ -613,7 +613,7 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { - var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_EXAM_SELECT"); + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_EXAM_CONTEST"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { @@ -668,8 +668,9 @@ namespace BMA.EHR.Recruit.Service.Controllers .ToList(); var roles = _httpContextAccessor?.HttpContext?.User?.FindAll(ClaimTypes.Role)?.Select(c => c.Value).ToList(); + if (!roles.Contains("head")) - { + { var criteria = new List(); var profileOrganization = await _contextMetadata.ProfileOrganizations.AsQueryable() .FirstOrDefaultAsync(x => x.UserId == Guid.Parse(UserId)); @@ -684,8 +685,7 @@ namespace BMA.EHR.Recruit.Service.Controllers criteria = GetAllIdByRoot(ocId.Id); if (criteria.Any()) _periodExams = _periodExams.Where(x => x.CreatedUserId == UserId || criteria.Contains(x.OcId == null ? Guid.Parse("00000000-0000-0000-0000-000000000000") : x.OcId)).ToList(); - } - + } return Success(_periodExams); } catch (Exception ex) @@ -916,7 +916,7 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { - var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_EXAM_SELECT"); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_EXAM_CONTEST"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { @@ -986,7 +986,7 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_EXAM_SELECT"); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_EXAM_CONTEST"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { @@ -1023,7 +1023,7 @@ namespace BMA.EHR.Recruit.Service.Controllers [ProducesResponseType(StatusCodes.Status500InternalServerError)] public async Task> ImportCandidateFileByIdAsync(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_SELECT"); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_CONTEST"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { @@ -1236,7 +1236,7 @@ namespace BMA.EHR.Recruit.Service.Controllers [HttpPost("score/{id:length(36)}"), DisableRequestSizeLimit] public async Task> ImportScoreFileAsync(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_SELECT"); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_CONTEST"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") {