diff --git a/Controllers/RecruitController.cs b/Controllers/RecruitController.cs index 262ba71..902e009 100644 --- a/Controllers/RecruitController.cs +++ b/Controllers/RecruitController.cs @@ -444,15 +444,12 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { - var action = "CREATE"; - var system = "SYS_EXAM_SELECT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_SELECT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); if (req == null) return Error(GlobalMessages.InvalidRequestParam, (int)HttpStatusCode.BadRequest); @@ -507,15 +504,12 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { - var action = "UPDATE"; - var system = "SYS_EXAM_SELECT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_EXAM_SELECT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var data = await _context.RecruitImports.AsQueryable().FirstOrDefaultAsync(x => x.Id == id); if (data == null) @@ -619,6 +613,12 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_EXAM_SELECT"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.RecruitImports.AsQueryable() .Include(x => x.ImportFile) .Include(x => x.Recruits) @@ -916,15 +916,12 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { - var action = "DELETE"; - var system = "SYS_EXAM_SELECT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_EXAM_SELECT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var data = await _context.RecruitImports.AsQueryable() .Include(x => x.ImportHostories) .Include(x => x.ImportFile) @@ -989,6 +986,12 @@ namespace BMA.EHR.Recruit.Service.Controllers { try { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_EXAM_SELECT"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.RecruitImportHistories.AsQueryable() .Include(x => x.RecruitImport) .Where(x => x.RecruitImport.Id == id) @@ -1020,15 +1023,12 @@ namespace BMA.EHR.Recruit.Service.Controllers [ProducesResponseType(StatusCodes.Status500InternalServerError)] public async Task> ImportCandidateFileByIdAsync(Guid id) { - var action = "CREATE"; - var system = "SYS_EXAM_SELECT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_SELECT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var tmpDir = Path.Combine(_webHostEnvironment.ContentRootPath, "tmp"); if (!Directory.Exists(tmpDir)) Directory.CreateDirectory(tmpDir); @@ -1236,15 +1236,12 @@ namespace BMA.EHR.Recruit.Service.Controllers [HttpPost("score/{id:length(36)}"), DisableRequestSizeLimit] public async Task> ImportScoreFileAsync(Guid id) { - var action = "CREATE"; - var system = "SYS_EXAM_SELECT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_SELECT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var tmpDir = Path.Combine(_webHostEnvironment.ContentRootPath, "tmp"); if (!Directory.Exists(tmpDir)) Directory.CreateDirectory(tmpDir);