From c1f70f6dd08d6ee7e54d39eb90b29bbecf1824b0 Mon Sep 17 00:00:00 2001 From: kittapath Date: Tue, 22 Oct 2024 08:21:00 +0700 Subject: [PATCH] check workflow --- src/controllers/SalaryController.ts | 4 +- src/controllers/SalaryEmployeeController.ts | 3 +- src/controllers/SalaryRankController.ts | 5 +- .../SalaryRankEmployeeController.ts | 3 +- src/interfaces/permission.ts | 64 ++++++++++--------- 5 files changed, 44 insertions(+), 35 deletions(-) diff --git a/src/controllers/SalaryController.ts b/src/controllers/SalaryController.ts index d89b735..1891293 100644 --- a/src/controllers/SalaryController.ts +++ b/src/controllers/SalaryController.ts @@ -257,7 +257,9 @@ export class SalaryController extends Controller { detail: "string", //คำอธิบาย }) async GetSalaryById(@Request() request: RequestWithUser, @Path() id: string) { - await new permission().PermissionGet(request, "SYS_SALARY_CHART_OFFICER"); + let _workflow = await new permission().Workflow(request, id, "SYS_SALARY_CHART_OFFICER"); + if (_workflow == false) + await new permission().PermissionGet(request, "SYS_SALARY_CHART_OFFICER"); const salary = await this.salaryRepository.findOne({ relations: ["posType_", "posLevel_"], where: { id: id }, diff --git a/src/controllers/SalaryEmployeeController.ts b/src/controllers/SalaryEmployeeController.ts index 6777ba1..feecfd8 100644 --- a/src/controllers/SalaryEmployeeController.ts +++ b/src/controllers/SalaryEmployeeController.ts @@ -222,7 +222,8 @@ export class SalaryEmployeeController extends Controller { detail: "string", //คำอธิบาย }) async GetSalaryById(@Request() request: RequestWithUser, @Path() id: string) { - await new permission().PermissionGet(request, "SYS_WAGE_CHART_EMP"); + let _workflow = await new permission().Workflow(request, id, "SYS_WAGE_CHART_EMP"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_WAGE_CHART_EMP"); const salary = await this.salaryEmployeeRepository.findOne({ where: { id: id }, select: ["name", "group", "isActive", "date", "startDate", "endDate", "details"], diff --git a/src/controllers/SalaryRankController.ts b/src/controllers/SalaryRankController.ts index 7852f3e..1dd9037 100644 --- a/src/controllers/SalaryRankController.ts +++ b/src/controllers/SalaryRankController.ts @@ -133,12 +133,13 @@ export class SalaryRanksController extends Controller { async listSalaryRanks( @Request() request: RequestWithUser, @Path() id: string, - @Request() req: RequestWithUser, @Query("page") page: number = 1, @Query("pageSize") pageSize: number = 10, @Query("keyword") keyword?: string, ) { - await new permission().PermissionGet(request, "SYS_SALARY_CHART_OFFICER"); + let _workflow = await new permission().Workflow(request, id, "SYS_SALARY_CHART_OFFICER"); + if (_workflow == false) + await new permission().PermissionGet(request, "SYS_SALARY_CHART_OFFICER"); const [salaryRank, total] = await AppDataSource.getRepository(SalaryRanks) .createQueryBuilder("salaryRank") .andWhere( diff --git a/src/controllers/SalaryRankEmployeeController.ts b/src/controllers/SalaryRankEmployeeController.ts index 51ea4be..6078c57 100644 --- a/src/controllers/SalaryRankEmployeeController.ts +++ b/src/controllers/SalaryRankEmployeeController.ts @@ -158,7 +158,8 @@ export class SalaryRankEmployeeController extends Controller { @Query("pageSize") pageSize: number = 10, @Query("keyword") keyword?: string, ) { - await new permission().PermissionGet(request, "SYS_WAGE_CHART_EMP"); + let _workflow = await new permission().Workflow(request, id, "SYS_WAGE_CHART_EMP"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_WAGE_CHART_EMP"); const [salaryRankEmployee, total] = await AppDataSource.getRepository(SalaryRankEmployee) .createQueryBuilder("salaryRankEmployee") .andWhere( diff --git a/src/interfaces/permission.ts b/src/interfaces/permission.ts index fb2d669..870d2fe 100644 --- a/src/interfaces/permission.ts +++ b/src/interfaces/permission.ts @@ -53,18 +53,7 @@ class CheckAuth { return await new CallAPI() .GetData(req, `/org/permission/org/${system}/${action}`) .then(async (x) => { - console.log(x); let privilege = x.privilege; - // if (action.trim().toLocaleUpperCase() == "CREATE") - // privilege = await this.PermissionCreate(req, system); - // if (action.trim().toLocaleUpperCase() == "DELETE") - // privilege = await this.PermissionDelete(req, system); - // if (action.trim().toLocaleUpperCase() == "GET") - // privilege = await this.PermissionGet(req, system); - // if (action.trim().toLocaleUpperCase() == "LIST") - // privilege = await this.PermissionList(req, system); - // if (action.trim().toLocaleUpperCase() == "UPDATE") - // privilege = await this.PermissionUpdate(req, system); let data: any = { root: [null], @@ -72,6 +61,7 @@ class CheckAuth { child2: [null], child3: [null], child4: [null], + privilege: [null], }; let node = 4; if (x.orgChild1Id == null) { @@ -83,13 +73,23 @@ class CheckAuth { } else if (x.orgChild4Id == null) { node = 3; } - if (privilege == "ROOT") { + if (privilege == "OWNER") { + data = { + root: null, + child1: null, + child2: null, + child3: null, + child4: null, + privilege: "OWNER", + }; + } else if (privilege == "ROOT") { data = { root: [x.orgRootId], child1: null, child2: null, child3: null, child4: null, + privilege: "ROOT", }; } else if (privilege == "CHILD") { data = { @@ -98,6 +98,7 @@ class CheckAuth { child2: node >= 2 ? [x.orgChild2Id] : null, child3: node >= 3 ? [x.orgChild3Id] : null, child4: node >= 4 ? [x.orgChild4Id] : null, + privilege: "CHILD", }; } else if (privilege == "NORMAL") { data = { @@ -106,16 +107,9 @@ class CheckAuth { child2: [x.orgChild2Id], child3: [x.orgChild3Id], child4: [x.orgChild4Id], + privilege: "NORMAL", }; } else if (privilege == "SPECIFIC") { - } else if (privilege == "OWNER") { - data = { - root: null, - child1: null, - child2: null, - child3: null, - child4: null, - }; } return data; @@ -145,16 +139,6 @@ class CheckAuth { .GetData(req, `/org/permission/user/${system}/${action}/${profileId}`) .then(async (x) => { let org = x.org; - // if (action.trim().toLocaleUpperCase() == "CREATE") - // org = await this.PermissionOrgCreate(req, system); - // if (action.trim().toLocaleUpperCase() == "DELETE") - // org = await this.PermissionOrgDelete(req, system); - // if (action.trim().toLocaleUpperCase() == "GET") - // org = await this.PermissionOrgGet(req, system); - // if (action.trim().toLocaleUpperCase() == "LIST") - // org = await this.PermissionOrgList(req, system); - // if (action.trim().toLocaleUpperCase() == "UPDATE") - // org = await this.PermissionOrgUpdate(req, system); if (org.root != null) if (x.orgRootId != org.root[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล"; if (org.child1 != null) @@ -176,6 +160,26 @@ class CheckAuth { } }); } + public async Workflow(req: RequestWithUser, id: string, sysName: string) { + if ( + req.headers.hasOwnProperty("api_key") && + req.headers["api_key"] && + req.headers["api_key"] == process.env.API_KEY + ) { + return null; + } + return await new CallAPI() + .PostData(req, "/org/workflow/keycloak/isofficer", { + refId: id, + sysName: sysName, + }) + .then((x) => { + return true; + }) + .catch((x) => { + return false; + }); + } public async PermissionCreate(req: RequestWithUser, system: string) { return await this.Permission(req, system, "CREATE"); }