admin/marco.pms.api
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

added the logic only employee who created expense or payment requset able to submit it for review

Browse Source
This commit is contained in:
ashutosh.nehete 2025-11-18 17:45:31 +05:30
parent f4e6fab3d6
commit 0349229bac
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Marco.Pms.Services/Service/ExpensesService.cs
View File

@ -1514,7 +1514,7 @@ namespace Marco.Pms.Services.Service
// Special case: allow review status if creator is the logged-in user // Special case: allow review status if creator is the logged-in user
bool hasStatusPermission = Review == status.Id && loggedInEmployee.Id == paymentRequest.CreatedById; bool hasStatusPermission = Review == status.Id && loggedInEmployee.Id == paymentRequest.CreatedById;
if (!hasPermission && !hasStatusPermission) if (!hasPermission || !hasStatusPermission)
{ {
continue; continue;
} }
@ -3497,7 +3497,7 @@ namespace Marco.Pms.Services.Service
var isRejected = model.StatusId == RejectedByApprover var isRejected = model.StatusId == RejectedByApprover
|| model.StatusId == RejectedByReviewer; || model.StatusId == RejectedByReviewer;
if ((!isRejected) || (isRejected && (loggedInEmployeeId == model.CreatedById || hasManagePermission))) if ((!isRejected) || (isRejected && loggedInEmployeeId == model.CreatedById))
{ {
response.NextStatus = statusMapping.NextStatus.Where(ns => ns != null && ns.Id != Done).Select(ns => _mapper.Map<ExpensesStatusMasterMongoDB>(ns)).ToList(); response.NextStatus = statusMapping.NextStatus.Where(ns => ns != null && ns.Id != Done).Select(ns => _mapper.Map<ExpensesStatusMasterMongoDB>(ns)).ToList();
} }