Showing the submit but only to creator or manager if rejected
This commit is contained in:
parent
eb9fc5c72a
commit
1e7363ea2f
@ -341,7 +341,12 @@ namespace Marco.Pms.Services.Service
|
|||||||
}
|
}
|
||||||
return ApiResponse<object>.ErrorResponse("Expense Not Found", "Expense Not Found", 404);
|
return ApiResponse<object>.ErrorResponse("Expense Not Found", "Expense Not Found", 404);
|
||||||
}
|
}
|
||||||
expenseDetails = await GetAllExpnesRelatedTablesForSingle(expense, expense.TenantId);
|
|
||||||
|
using var scope = _serviceScopeFactory.CreateScope();
|
||||||
|
var permissionService = scope.ServiceProvider.GetRequiredService<PermissionServices>();
|
||||||
|
var hasManagePermission = await permissionService.HasPermission(PermissionsMaster.ExpenseManage, loggedInEmployee.Id);
|
||||||
|
|
||||||
|
expenseDetails = await GetAllExpnesRelatedTablesForSingle(expense, hasManagePermission, loggedInEmployee.Id, expense.TenantId);
|
||||||
}
|
}
|
||||||
var vm = _mapper.Map<ExpenseDetailsVM>(expenseDetails);
|
var vm = _mapper.Map<ExpenseDetailsVM>(expenseDetails);
|
||||||
|
|
||||||
@ -1412,13 +1417,21 @@ namespace Marco.Pms.Services.Service
|
|||||||
return await permissionService.HasPermission(PermissionsMaster.ExpenseProcess, loggedInEmployee.Id);
|
return await permissionService.HasPermission(PermissionsMaster.ExpenseProcess, loggedInEmployee.Id);
|
||||||
});
|
});
|
||||||
|
|
||||||
await Task.WhenAll(hasViewSelfPermissionTask, hasViewAllPermissionTask, hasReviewPermissionTask, hasApprovePermissionTask, hasProcessPermissionTask);
|
var hasManagePermissionTask = Task.Run(async () =>
|
||||||
|
{
|
||||||
|
using var scope = _serviceScopeFactory.CreateScope();
|
||||||
|
var permissionService = scope.ServiceProvider.GetRequiredService<PermissionServices>();
|
||||||
|
return await permissionService.HasPermission(PermissionsMaster.ExpenseManage, loggedInEmployee.Id);
|
||||||
|
});
|
||||||
|
|
||||||
|
await Task.WhenAll(hasViewSelfPermissionTask, hasViewAllPermissionTask, hasReviewPermissionTask, hasApprovePermissionTask, hasProcessPermissionTask, hasManagePermissionTask);
|
||||||
|
|
||||||
bool hasViewSelfPermission = hasViewSelfPermissionTask.Result;
|
bool hasViewSelfPermission = hasViewSelfPermissionTask.Result;
|
||||||
bool hasViewAllPermission = hasViewAllPermissionTask.Result;
|
bool hasViewAllPermission = hasViewAllPermissionTask.Result;
|
||||||
bool hasReviewPermission = hasReviewPermissionTask.Result;
|
bool hasReviewPermission = hasReviewPermissionTask.Result;
|
||||||
bool hasApprovePermission = hasApprovePermissionTask.Result;
|
bool hasApprovePermission = hasApprovePermissionTask.Result;
|
||||||
bool hasProcessPermission = hasProcessPermissionTask.Result;
|
bool hasProcessPermission = hasProcessPermissionTask.Result;
|
||||||
|
bool hasManagePermission = hasProcessPermissionTask.Result;
|
||||||
|
|
||||||
// Deny access if user has no relevant permissions
|
// Deny access if user has no relevant permissions
|
||||||
if (!hasViewSelfPermission && !hasViewAllPermission && !hasReviewPermission && !hasApprovePermission && !hasProcessPermission)
|
if (!hasViewSelfPermission && !hasViewAllPermission && !hasReviewPermission && !hasApprovePermission && !hasProcessPermission)
|
||||||
@ -1557,7 +1570,18 @@ namespace Marco.Pms.Services.Service
|
|||||||
//if (paymentRequest.RecurringPayment != null)
|
//if (paymentRequest.RecurringPayment != null)
|
||||||
// response.RecurringPaymentUID = $"{paymentRequest.RecurringPayment.UIDPrefix}/{paymentRequest.RecurringPayment.UIDPostfix:D5}";
|
// response.RecurringPaymentUID = $"{paymentRequest.RecurringPayment.UIDPrefix}/{paymentRequest.RecurringPayment.UIDPostfix:D5}";
|
||||||
response.Attachments = attachmentVMs;
|
response.Attachments = attachmentVMs;
|
||||||
response.NextStatus = nextStatuses;
|
|
||||||
|
// Assign nextStatuses only if:
|
||||||
|
// 1. The payment request was rejected by approver/reviewer AND the current user is the creator, OR
|
||||||
|
// 2. The payment request is in any other status (not rejected)
|
||||||
|
var isRejected = paymentRequest.ExpenseStatusId == RejectedByApprover
|
||||||
|
|| paymentRequest.ExpenseStatusId == RejectedByReviewer;
|
||||||
|
|
||||||
|
if ((!isRejected) || (isRejected && (loggedInEmployee.Id == paymentRequest.CreatedById || hasManagePermission)))
|
||||||
|
{
|
||||||
|
response.NextStatus = nextStatuses;
|
||||||
|
}
|
||||||
|
|
||||||
response.UpdateLogs = updateLogs.Select(ul =>
|
response.UpdateLogs = updateLogs.Select(ul =>
|
||||||
{
|
{
|
||||||
var statusVm = status.FirstOrDefault(es => es.Id == ul.StatusId);
|
var statusVm = status.FirstOrDefault(es => es.Id == ul.StatusId);
|
||||||
@ -3238,7 +3262,7 @@ namespace Marco.Pms.Services.Service
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
private async Task<ExpenseDetailsMongoDB> GetAllExpnesRelatedTablesForSingle(Expenses model, Guid tenantId)
|
private async Task<ExpenseDetailsMongoDB> GetAllExpnesRelatedTablesForSingle(Expenses model, bool hasManagePermission, Guid loggedInEmployeeId, Guid tenantId)
|
||||||
{
|
{
|
||||||
var statusMappingTask = Task.Run(async () =>
|
var statusMappingTask = Task.Run(async () =>
|
||||||
{
|
{
|
||||||
@ -3308,7 +3332,17 @@ namespace Marco.Pms.Services.Service
|
|||||||
if (statusMapping != null)
|
if (statusMapping != null)
|
||||||
{
|
{
|
||||||
response.Status = _mapper.Map<ExpensesStatusMasterMongoDB>(statusMapping.Status);
|
response.Status = _mapper.Map<ExpensesStatusMasterMongoDB>(statusMapping.Status);
|
||||||
response.NextStatus = _mapper.Map<List<ExpensesStatusMasterMongoDB>>(statusMapping.NextStatus);
|
|
||||||
|
// Assign nextStatuses only if:
|
||||||
|
// 1. The expense was rejected by approver/reviewer AND the current user is the creator, OR
|
||||||
|
// 2. The expense is in any other status (not rejected)
|
||||||
|
var isRejected = model.StatusId == RejectedByApprover
|
||||||
|
|| model.StatusId == RejectedByReviewer;
|
||||||
|
|
||||||
|
if ((!isRejected) || (isRejected && (loggedInEmployeeId == model.CreatedById || hasManagePermission)))
|
||||||
|
{
|
||||||
|
response.NextStatus = _mapper.Map<List<ExpensesStatusMasterMongoDB>>(statusMapping.NextStatus);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (response.Status == null)
|
if (response.Status == null)
|
||||||
{
|
{
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user