From 5c1dcd89b523759d04a632fd4ce3ffa5347086f4 Mon Sep 17 00:00:00 2001 From: Vikas Nale Date: Tue, 8 Jul 2025 15:12:36 +0530 Subject: [PATCH 1/2] directoryAdmin, directoryManager, and directoryUser are hard-coded in the helper class. Instead of hard-coding, we can create a static class and use it across the application. Ref: https://redmine.marcoaiot.com/issues/387 --- .../Entitlements/PermissionsMaster.cs | 10 ++++ Marco.Pms.Services/Helpers/DirectoryHelper.cs | 53 ++++++++----------- 2 files changed, 33 insertions(+), 30 deletions(-) create mode 100644 Marco.Pms.Model/Entitlements/PermissionsMaster.cs diff --git a/Marco.Pms.Model/Entitlements/PermissionsMaster.cs b/Marco.Pms.Model/Entitlements/PermissionsMaster.cs new file mode 100644 index 0000000..24e115f --- /dev/null +++ b/Marco.Pms.Model/Entitlements/PermissionsMaster.cs @@ -0,0 +1,10 @@ +namespace Marco.Pms.Model.Entitlements +{ + public static class PermissionsMaster + { + public static readonly Guid DirectoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda"); + public static readonly Guid DirectoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5"); + public static readonly Guid DirectoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb"); + + } +} diff --git a/Marco.Pms.Services/Helpers/DirectoryHelper.cs b/Marco.Pms.Services/Helpers/DirectoryHelper.cs index bafa36f..37f58cf 100644 --- a/Marco.Pms.Services/Helpers/DirectoryHelper.cs +++ b/Marco.Pms.Services/Helpers/DirectoryHelper.cs @@ -1,6 +1,7 @@ using Marco.Pms.DataAccess.Data; using Marco.Pms.Model.Directory; using Marco.Pms.Model.Dtos.Directory; +using Marco.Pms.Model.Entitlements; using Marco.Pms.Model.Mapper; using Marco.Pms.Model.Projects; using Marco.Pms.Model.Utilities; @@ -20,9 +21,6 @@ namespace Marco.Pms.Services.Helpers private readonly ILoggingService _logger; private readonly UserHelper _userHelper; private readonly PermissionServices _permissionServices; - private readonly Guid directoryAdmin; - private readonly Guid directoryManager; - private readonly Guid directoryUser; public DirectoryHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices) { @@ -30,13 +28,8 @@ namespace Marco.Pms.Services.Helpers _logger = logger; _userHelper = userHelper; _permissionServices = permissionServices; - directoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda"); - directoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5"); - directoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb"); } - - public async Task> GetListOfContacts(string? search, bool active, ContactFilterDto? filterDto, Guid? projectId) { Guid tenantId = _userHelper.GetTenantId(); @@ -45,12 +38,12 @@ namespace Marco.Pms.Services.Helpers var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); List? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync(); List bucketIds = employeeBuckets.Select(c => c.BucketId).ToList(); - if (permissionIds.Contains(directoryAdmin)) + if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) { var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync(); bucketIds = buckets.Select(b => b.Id).ToList(); } - else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser)) { var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync(); var createdBucketIds = buckets.Select(b => b.Id).ToList(); @@ -199,11 +192,11 @@ namespace Marco.Pms.Services.Helpers var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); EmployeeBucketMapping? employeeBucket = null; - if (permissionIds.Contains(directoryAdmin)) + if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) { employeeBucket = employeeBuckets.FirstOrDefault(); } - else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser)) { employeeBucket = employeeBuckets.FirstOrDefault(eb => eb.EmployeeId == LoggedInEmployee.Id); } @@ -483,12 +476,12 @@ namespace Marco.Pms.Services.Helpers var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); List? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync(); List bucketIds = employeeBuckets.Select(c => c.BucketId).ToList(); - if (permissionIds.Contains(directoryAdmin)) + if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) { var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync(); bucketIds = buckets.Select(b => b.Id).ToList(); } - else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser)) { var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync(); var createdBucketIds = buckets.Select(b => b.Id).ToList(); @@ -919,9 +912,9 @@ namespace Marco.Pms.Services.Helpers } // --- Permission Checks --- - var hasAdminPermission = await _permissionServices.HasPermission(directoryAdmin, loggedInEmployee.Id); - var hasManagerPermission = await _permissionServices.HasPermission(directoryManager, loggedInEmployee.Id); - var hasUserPermission = await _permissionServices.HasPermission(directoryUser, loggedInEmployee.Id); + var hasAdminPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryAdmin, loggedInEmployee.Id); + var hasManagerPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryAdmin, loggedInEmployee.Id); + var hasUserPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryUser, loggedInEmployee.Id); IQueryable notesQuery = _context.ContactNotes .Include(cn => cn.UpdatedBy) @@ -1166,11 +1159,11 @@ namespace Marco.Pms.Services.Helpers var bucketIds = employeeBuckets.Select(b => b.BucketId).ToList(); List employeeBucketVM = await _context.EmployeeBucketMappings.Where(b => bucketIds.Contains(b.BucketId)).ToListAsync(); List bucketList = new List(); - if (permissionIds.Contains(directoryAdmin)) + if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) { bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => b.TenantId == tenantId).ToListAsync(); } - else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser)) { bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => bucketIds.Contains(b.Id) || b.CreatedByID == LoggedInEmployee.Id).ToListAsync(); } @@ -1208,8 +1201,8 @@ namespace Marco.Pms.Services.Helpers { var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync(); var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); - var demo = !permissionIds.Contains(directoryUser); - if (!permissionIds.Contains(directoryAdmin) && !permissionIds.Contains(directoryManager) && !permissionIds.Contains(directoryUser)) + var demo = !permissionIds.Contains(PermissionsMaster.DirectoryUser); + if (!permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && !permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && !permissionIds.Contains(PermissionsMaster.DirectoryUser)) { _logger.LogError("Employee {EmployeeId} attemped to create a bucket, but do not have permission", LoggedInEmployee.Id); return ApiResponse.ErrorResponse("You don't have permission", "You don't have permission", 401); @@ -1266,15 +1259,15 @@ namespace Marco.Pms.Services.Helpers } Bucket? accessableBucket = null; - if (permissionIds.Contains(directoryAdmin)) + if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) { accessableBucket = bucket; } - else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(id)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(id)) { accessableBucket = bucket; } - else if (permissionIds.Contains(directoryUser)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryUser)) { if (bucket.CreatedByID == LoggedInEmployee.Id) { @@ -1332,15 +1325,15 @@ namespace Marco.Pms.Services.Helpers var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList(); var employeeBucketIds = employeeBuckets.Select(eb => eb.EmployeeId).ToList(); Bucket? accessableBucket = null; - if (permissionIds.Contains(directoryAdmin)) + if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) { accessableBucket = bucket; } - else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(bucketId)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(bucketId)) { accessableBucket = bucket; } - else if (permissionIds.Contains(directoryUser)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryUser)) { if (bucket.CreatedByID == LoggedInEmployee.Id) { @@ -1433,15 +1426,15 @@ namespace Marco.Pms.Services.Helpers var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList(); Bucket? accessableBucket = null; - if (permissionIds.Contains(directoryAdmin)) + if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) { accessableBucket = bucket; } - else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(id)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(id)) { accessableBucket = bucket; } - else if (permissionIds.Contains(directoryUser)) + else if (permissionIds.Contains(PermissionsMaster.DirectoryUser)) { if (bucket.CreatedByID == LoggedInEmployee.Id) { From 2304912bf88af07656bd5d62fae5473e5fea60f1 Mon Sep 17 00:00:00 2001 From: "ashutosh.nehete" Date: Tue, 8 Jul 2025 16:07:27 +0530 Subject: [PATCH 2/2] Added all Feature permission in static file and use that static file to check the permission --- .../Entitlements/PermissionsMaster.cs | 20 ++++++++++++++++++- .../Controllers/EmployeeController.cs | 8 ++------ .../Controllers/TaskController.cs | 10 +++------- .../Controllers/UserController.cs | 9 +++++---- Marco.Pms.Services/Helpers/MasterHelper.cs | 13 +++++------- Marco.Pms.Services/Helpers/ProjectsHelper.cs | 4 ---- 6 files changed, 34 insertions(+), 30 deletions(-) diff --git a/Marco.Pms.Model/Entitlements/PermissionsMaster.cs b/Marco.Pms.Model/Entitlements/PermissionsMaster.cs index 24e115f..d0bef58 100644 --- a/Marco.Pms.Model/Entitlements/PermissionsMaster.cs +++ b/Marco.Pms.Model/Entitlements/PermissionsMaster.cs @@ -5,6 +5,24 @@ public static readonly Guid DirectoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda"); public static readonly Guid DirectoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5"); public static readonly Guid DirectoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb"); - + public static readonly Guid ViewProject = Guid.Parse("6ea44136-987e-44ba-9e5d-1cf8f5837ebc"); + public static readonly Guid ManageProject = Guid.Parse("172fc9b6-755b-4f62-ab26-55c34a330614"); + public static readonly Guid ManageTeam = Guid.Parse("b94802ce-0689-4643-9e1d-11c86950c35b"); + public static readonly Guid ViewProjectInfra = Guid.Parse("8d7cc6e3-9147-41f7-aaa7-fa507e450bd4"); + public static readonly Guid ManageProjectInfra = Guid.Parse("cf2825ad-453b-46aa-91d9-27c124d63373"); + public static readonly Guid ViewTask = Guid.Parse("9fcc5f87-25e3-4846-90ac-67a71ab92e3c"); + public static readonly Guid AddAndEditTask = Guid.Parse("08752f33-3b29-4816-b76b-ea8a968ed3c5"); + public static readonly Guid AssignAndReportProgress = Guid.Parse("6a32379b-8b3f-49a6-8c48-4b7ac1b55dc2"); + public static readonly Guid ApproveTask = Guid.Parse("db4e40c5-2ba9-4b6d-b8a6-a16a250ff99c"); + public static readonly Guid ViewAllEmployees = Guid.Parse("60611762-7f8a-4fb5-b53f-b1139918796b"); + public static readonly Guid ViewTeamMembers = Guid.Parse("b82d2b7e-0d52-45f3-997b-c008ea460e7f"); + public static readonly Guid AddAndEditEmployee = Guid.Parse("a97d366a-c2bb-448d-be93-402bd2324566"); + public static readonly Guid AssignRoles = Guid.Parse("fbd213e0-0250-46f1-9f5f-4b2a1e6e76a3"); + public static readonly Guid TeamAttendance = Guid.Parse("915e6bff-65f6-4e3f-aea8-3fd217d3ea9e"); + public static readonly Guid RegularizeAttendance = Guid.Parse("57802c4a-00aa-4a1f-a048-fd2f70dd44b6"); + public static readonly Guid SelfAttendance = Guid.Parse("ccb0589f-712b-43de-92ed-5b6088e7dc4e"); + public static readonly Guid ViewMasters = Guid.Parse("5ffbafe0-7ab0-48b1-bb50-c1bf76b65f9d"); + public static readonly Guid ManageMasters = Guid.Parse("588a8824-f924-4955-82d8-fc51956cf323"); } } + diff --git a/Marco.Pms.Services/Controllers/EmployeeController.cs b/Marco.Pms.Services/Controllers/EmployeeController.cs index 698dd67..9884e53 100644 --- a/Marco.Pms.Services/Controllers/EmployeeController.cs +++ b/Marco.Pms.Services/Controllers/EmployeeController.cs @@ -38,8 +38,6 @@ namespace MarcoBMS.Services.Controllers private readonly IHubContext _signalR; private readonly PermissionServices _permission; private readonly ProjectsHelper _projectsHelper; - private readonly Guid ViewAllEmployees; - private readonly Guid ViewTeamMembers; private readonly Guid tenantId; @@ -56,8 +54,6 @@ namespace MarcoBMS.Services.Controllers _logger = logger; _signalR = signalR; _permission = permission; - ViewAllEmployees = Guid.Parse("60611762-7f8a-4fb5-b53f-b1139918796b"); - ViewTeamMembers = Guid.Parse("b82d2b7e-0d52-45f3-997b-c008ea460e7f"); _projectsHelper = projectsHelper; tenantId = _userHelper.GetTenantId(); } @@ -126,8 +122,8 @@ namespace MarcoBMS.Services.Controllers List projects = await _projectsHelper.GetMyProjects(tenantId, loggedInEmployee); var projectIds = projects.Select(p => p.Id).ToList(); - var hasViewAllEmployeesPermission = await _permission.HasPermission(ViewAllEmployees, loggedInEmployee.Id); - var hasViewTeamMembersPermission = await _permission.HasPermission(ViewTeamMembers, loggedInEmployee.Id); + var hasViewAllEmployeesPermission = await _permission.HasPermission(PermissionsMaster.ViewAllEmployees, loggedInEmployee.Id); + var hasViewTeamMembersPermission = await _permission.HasPermission(PermissionsMaster.ViewTeamMembers, loggedInEmployee.Id); List result = new(); diff --git a/Marco.Pms.Services/Controllers/TaskController.cs b/Marco.Pms.Services/Controllers/TaskController.cs index 4ad1f85..ca24f1a 100644 --- a/Marco.Pms.Services/Controllers/TaskController.cs +++ b/Marco.Pms.Services/Controllers/TaskController.cs @@ -31,8 +31,6 @@ namespace MarcoBMS.Services.Controllers private readonly ILoggingService _logger; private readonly IHubContext _signalR; private readonly PermissionServices _permissionServices; - private readonly Guid Approve_Task; - private readonly Guid Assign_Report_Task; public TaskController(ApplicationDbContext context, UserHelper userHelper, S3UploadService s3Service, ILoggingService logger, PermissionServices permissionServices, IHubContext signalR) @@ -43,8 +41,6 @@ namespace MarcoBMS.Services.Controllers _logger = logger; _signalR = signalR; _permissionServices = permissionServices; - Approve_Task = Guid.Parse("db4e40c5-2ba9-4b6d-b8a6-a16a250ff99c"); - Assign_Report_Task = Guid.Parse("6a32379b-8b3f-49a6-8c48-4b7ac1b55dc2"); } private Guid GetTenantId() @@ -72,7 +68,7 @@ namespace MarcoBMS.Services.Controllers var employee = await _userHelper.GetCurrentEmployeeAsync(); // Check for permission to approve tasks - var hasPermission = await _permissionServices.HasPermission(Assign_Report_Task, employee.Id); + var hasPermission = await _permissionServices.HasPermission(PermissionsMaster.AssignAndReportProgress, employee.Id); if (!hasPermission) { _logger.LogWarning("Employee {EmployeeId} attempted to assign Task without permission", employee.Id); @@ -136,7 +132,7 @@ namespace MarcoBMS.Services.Controllers var tenantId = GetTenantId(); var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); - var hasPermission = await _permissionServices.HasPermission(Assign_Report_Task, loggedInEmployee.Id); + var hasPermission = await _permissionServices.HasPermission(PermissionsMaster.AssignAndReportProgress, loggedInEmployee.Id); if (!hasPermission) { _logger.LogWarning("Unauthorized task report attempt by Employee {EmployeeId} for Task {TaskId}", loggedInEmployee.Id, reportTask.Id); @@ -701,7 +697,7 @@ namespace MarcoBMS.Services.Controllers } // Check for permission to approve tasks - var hasPermission = await _permissionServices.HasPermission(Approve_Task, loggedInEmployee.Id); + var hasPermission = await _permissionServices.HasPermission(PermissionsMaster.ApproveTask, loggedInEmployee.Id); if (!hasPermission) { _logger.LogWarning("Employee {EmployeeId} attempted to approve Task {TaskId} without permission", loggedInEmployee.Id, approveTask.Id); diff --git a/Marco.Pms.Services/Controllers/UserController.cs b/Marco.Pms.Services/Controllers/UserController.cs index 2d33b15..2aeb208 100644 --- a/Marco.Pms.Services/Controllers/UserController.cs +++ b/Marco.Pms.Services/Controllers/UserController.cs @@ -22,7 +22,7 @@ namespace MarcoBMS.Services.Controllers private readonly ProjectsHelper _projectsHelper; private readonly RolesHelper _rolesHelper; - public UserController(EmployeeHelper employeeHelper, ProjectsHelper projectsHelper, UserHelper userHelper, RolesHelper rolesHelper) + public UserController(EmployeeHelper employeeHelper, ProjectsHelper projectsHelper, UserHelper userHelper, RolesHelper rolesHelper) { _userHelper = userHelper; _employeeHelper = employeeHelper; @@ -45,7 +45,7 @@ namespace MarcoBMS.Services.Controllers var user = await _userHelper.GetCurrentUserAsync(); Employee emp = new Employee { }; - if(user != null) + if (user != null) { emp = await _employeeHelper.GetEmployeeByApplicationUserID(user.Id); } @@ -54,9 +54,10 @@ namespace MarcoBMS.Services.Controllers string[] projectsId = []; /* User with permission manage project can see all projects */ - if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614")) { + if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614")) + { List projects = await _projectsHelper.GetAllProjectByTanentID(emp.TenantId); - projectsId = projects.Select(c=>c.Id.ToString()).ToArray(); + projectsId = projects.Select(c => c.Id.ToString()).ToArray(); } else { diff --git a/Marco.Pms.Services/Helpers/MasterHelper.cs b/Marco.Pms.Services/Helpers/MasterHelper.cs index cdad89c..f994639 100644 --- a/Marco.Pms.Services/Helpers/MasterHelper.cs +++ b/Marco.Pms.Services/Helpers/MasterHelper.cs @@ -2,6 +2,7 @@ using Marco.Pms.Model.Directory; using Marco.Pms.Model.Dtos.Master; using Marco.Pms.Model.Employees; +using Marco.Pms.Model.Entitlements; using Marco.Pms.Model.Mapper; using Marco.Pms.Model.Master; using Marco.Pms.Model.Utilities; @@ -19,8 +20,6 @@ namespace Marco.Pms.Services.Helpers private readonly ILoggingService _logger; private readonly UserHelper _userHelper; private readonly PermissionServices _permissionService; - private readonly Guid View_Master; - private readonly Guid Manage_Master; public MasterHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices) @@ -29,8 +28,6 @@ namespace Marco.Pms.Services.Helpers _logger = logger; _userHelper = userHelper; _permissionService = permissionServices; - View_Master = Guid.Parse("5ffbafe0-7ab0-48b1-bb50-c1bf76b65f9d"); - Manage_Master = Guid.Parse("588a8824-f924-4955-82d8-fc51956cf323"); } // -------------------------------- Contact Category -------------------------------- public async Task> CreateContactCategory(CreateContactCategoryDto contactCategoryDto) @@ -267,7 +264,7 @@ namespace Marco.Pms.Services.Helpers var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); // Step 2: Check permission to view master data - bool hasViewPermission = await _permissionService.HasPermission(View_Master, loggedInEmployee.Id); + bool hasViewPermission = await _permissionService.HasPermission(PermissionsMaster.ViewMasters, loggedInEmployee.Id); if (!hasViewPermission) { _logger.LogWarning("Access denied for employeeId: {EmployeeId}", loggedInEmployee.Id); @@ -312,7 +309,7 @@ namespace Marco.Pms.Services.Helpers var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); // Step 2: Check if user has permission to manage master data - var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id); + var hasManageMasterPermission = await _permissionService.HasPermission(PermissionsMaster.ManageMasters, loggedInEmployee.Id); if (!hasManageMasterPermission) { _logger.LogWarning("Access denied for employeeId: {EmployeeId}", loggedInEmployee.Id); @@ -368,7 +365,7 @@ namespace Marco.Pms.Services.Helpers var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); // Step 3: Check permissions - var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id); + var hasManageMasterPermission = await _permissionService.HasPermission(PermissionsMaster.ManageMasters, loggedInEmployee.Id); if (!hasManageMasterPermission) { _logger.LogWarning("Access denied. EmployeeId: {EmployeeId} does not have Manage Master permission.", loggedInEmployee.Id); @@ -421,7 +418,7 @@ namespace Marco.Pms.Services.Helpers var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); // Step 2: Check permission to manage master data - var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id); + var hasManageMasterPermission = await _permissionService.HasPermission(PermissionsMaster.ManageMasters, loggedInEmployee.Id); if (!hasManageMasterPermission) { _logger.LogWarning("Delete denied. EmployeeId: {EmployeeId} lacks Manage_Master permission.", loggedInEmployee.Id); diff --git a/Marco.Pms.Services/Helpers/ProjectsHelper.cs b/Marco.Pms.Services/Helpers/ProjectsHelper.cs index 8ccbc85..50bb9a0 100644 --- a/Marco.Pms.Services/Helpers/ProjectsHelper.cs +++ b/Marco.Pms.Services/Helpers/ProjectsHelper.cs @@ -2,11 +2,7 @@ using Marco.Pms.Model.Employees; using Marco.Pms.Model.Entitlements; using Marco.Pms.Model.Projects; -using Marco.Pms.Model.Utilities; -using Marco.Pms.Model.ViewModels.Projects; -using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; -using ModelServices.Helpers; namespace MarcoBMS.Services.Helpers {