diff --git a/Marco.Pms.Services/Service/DirectoryService.cs b/Marco.Pms.Services/Service/DirectoryService.cs index bcbabbd..6c0948a 100644 --- a/Marco.Pms.Services/Service/DirectoryService.cs +++ b/Marco.Pms.Services/Service/DirectoryService.cs @@ -956,10 +956,14 @@ namespace Marco.Pms.Services.Service try { var contact = _mapper.Map(createContact); - if (string.IsNullOrWhiteSpace(createContact.Name)) + if (string.IsNullOrWhiteSpace(createContact.Description)) { contact.Description = string.Empty; } + if (string.IsNullOrWhiteSpace(createContact.Designation)) + { + contact.Designation = string.Empty; + } contact.CreatedAt = DateTime.UtcNow; contact.CreatedById = loggedInEmployeeId; contact.TenantId = tenantId; @@ -2031,9 +2035,11 @@ namespace Marco.Pms.Services.Service try { - var bucketIds = await _context.ContactBucketMappings.Where(cb => cb.ContactId == noteDto.ContactId).Select(cb => cb.BucketId).ToListAsync(); - var hasContactAccess = await _context.EmployeeBucketMappings.AnyAsync(eb => bucketIds.Contains(eb.BucketId) && eb.EmployeeId == loggedInEmployee.Id); - if (!hasContactAccess) + var (hasAdminPermission, hasManagerPermission, hasUserPermission) = await CheckPermissionsAsync(loggedInEmployee.Id); + + var bucketIds = await _context.ContactBucketMappings.AsNoTracking().Where(cb => cb.ContactId == noteDto.ContactId).Select(cb => cb.BucketId).ToListAsync(); + var hasContactAccess = await _context.EmployeeBucketMappings.AsNoTracking().AnyAsync(eb => bucketIds.Contains(eb.BucketId) && eb.EmployeeId == loggedInEmployee.Id); + if (!hasAdminPermission && !hasContactAccess) { _logger.LogWarning("Employee {EmployeeId} does not have permission to delete contact {ContactId}", loggedInEmployee.Id, noteDto.ContactId);