Added isSystem flage in Employee and ApplicationRole table and added functionality not to suspend employee if isSystem=true and not to update or delete application role if isSystem=true
This commit is contained in:
parent
d807ac1998
commit
261938fbad
2436
Marco.Pms.DataAccess/Migrations/20250508055854_Added_IsSystem_Flag.Designer.cs
generated
Normal file
2436
Marco.Pms.DataAccess/Migrations/20250508055854_Added_IsSystem_Flag.Designer.cs
generated
Normal file
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,40 @@
|
||||
using Microsoft.EntityFrameworkCore.Migrations;
|
||||
|
||||
#nullable disable
|
||||
|
||||
namespace Marco.Pms.DataAccess.Migrations
|
||||
{
|
||||
/// <inheritdoc />
|
||||
public partial class Added_IsSystem_Flag : Migration
|
||||
{
|
||||
/// <inheritdoc />
|
||||
protected override void Up(MigrationBuilder migrationBuilder)
|
||||
{
|
||||
migrationBuilder.AddColumn<bool>(
|
||||
name: "IsSystem",
|
||||
table: "Employees",
|
||||
type: "tinyint(1)",
|
||||
nullable: false,
|
||||
defaultValue: false);
|
||||
|
||||
migrationBuilder.AddColumn<bool>(
|
||||
name: "IsSystem",
|
||||
table: "ApplicationRoles",
|
||||
type: "tinyint(1)",
|
||||
nullable: false,
|
||||
defaultValue: false);
|
||||
}
|
||||
|
||||
/// <inheritdoc />
|
||||
protected override void Down(MigrationBuilder migrationBuilder)
|
||||
{
|
||||
migrationBuilder.DropColumn(
|
||||
name: "IsSystem",
|
||||
table: "Employees");
|
||||
|
||||
migrationBuilder.DropColumn(
|
||||
name: "IsSystem",
|
||||
table: "ApplicationRoles");
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -342,6 +342,9 @@ namespace Marco.Pms.DataAccess.Migrations
|
||||
b.Property<bool>("IsActive")
|
||||
.HasColumnType("tinyint(1)");
|
||||
|
||||
b.Property<bool>("IsSystem")
|
||||
.HasColumnType("tinyint(1)");
|
||||
|
||||
b.Property<Guid?>("JobRoleId")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
@ -468,6 +471,9 @@ namespace Marco.Pms.DataAccess.Migrations
|
||||
b.Property<string>("Description")
|
||||
.HasColumnType("longtext");
|
||||
|
||||
b.Property<bool>("IsSystem")
|
||||
.HasColumnType("tinyint(1)");
|
||||
|
||||
b.Property<string>("Role")
|
||||
.HasColumnType("longtext");
|
||||
|
||||
|
||||
@ -39,6 +39,8 @@ namespace Marco.Pms.Model.Employees
|
||||
|
||||
public bool IsActive { get; set; } = true;
|
||||
|
||||
public bool IsSystem { get; set; } = false;
|
||||
|
||||
public Guid RoleId { get; set; }
|
||||
//[ForeignKey(nameof(RoleId))]
|
||||
//public EmployeeRole EmployeeRole { get; set; }
|
||||
|
||||
@ -5,6 +5,7 @@
|
||||
public Guid Id { get; set; }
|
||||
public string? Role { get; set; }
|
||||
public string? Description { get; set; }
|
||||
public bool IsSystem { get; set; } = false;
|
||||
|
||||
public Guid TenantId { get; set; }
|
||||
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Marco.Pms.Model.Mapper
|
||||
{
|
||||
Id = model.Id,
|
||||
Role = model.Role,
|
||||
IsSystem = model.IsSystem,
|
||||
Description = model.Description,
|
||||
//FeaturePermission = model.FeaturePermissions
|
||||
};
|
||||
|
||||
@ -29,6 +29,7 @@ namespace Marco.Pms.Model.Mapper
|
||||
PhoneNumber = model.PhoneNumber,
|
||||
Photo = model.Photo,
|
||||
IsActive = model.IsActive,
|
||||
IsSystem = model.IsSystem,
|
||||
JoiningDate = model.JoiningDate
|
||||
};
|
||||
}
|
||||
|
||||
@ -5,6 +5,7 @@
|
||||
public Guid Id { get; set; }
|
||||
public string? Role { get; set; }
|
||||
public string? Description { get; set; }
|
||||
public bool IsSystem { get; set; }
|
||||
public ICollection<FeaturePermissionVM>? FeaturePermission { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
@ -28,6 +28,7 @@
|
||||
public string? ApplicationUserId { get; set; }
|
||||
|
||||
public Guid? JobRoleId { get; set; }
|
||||
public bool IsSystem { get; set; }
|
||||
public string? JobRole { get; set; }
|
||||
|
||||
}
|
||||
|
||||
@ -85,50 +85,7 @@ namespace MarcoBMS.Services.Controllers
|
||||
}
|
||||
}
|
||||
|
||||
[HttpPost]
|
||||
[Route("roles")]
|
||||
public async Task<IActionResult> ManageRoles([FromBody] List<EmployeeRoleDot> employeeRoleDots)
|
||||
{
|
||||
if (!ModelState.IsValid)
|
||||
{
|
||||
var errors = ModelState.Values
|
||||
.SelectMany(v => v.Errors)
|
||||
.Select(e => e.ErrorMessage)
|
||||
.ToList();
|
||||
return BadRequest(ApiResponse<object>.ErrorResponse("Invalid data", errors, 400));
|
||||
}
|
||||
|
||||
Guid TenantId = GetTenantId();
|
||||
try
|
||||
{
|
||||
foreach (EmployeeRoleDot role in employeeRoleDots)
|
||||
{
|
||||
EmployeeRoleMapping mapping = role.ToEmployeeRoleMappingFromEmployeeRoleDot(TenantId);
|
||||
|
||||
var existingItem = await _context.EmployeeRoleMappings.AsNoTracking().SingleOrDefaultAsync(c => c.Id == mapping.Id);
|
||||
|
||||
if (existingItem == null)
|
||||
{
|
||||
|
||||
if (role.IsEnabled == true)
|
||||
{
|
||||
_context.EmployeeRoleMappings.Add(mapping);
|
||||
}
|
||||
}
|
||||
else if (role.IsEnabled == false)
|
||||
{
|
||||
_context.EmployeeRoleMappings.Remove(existingItem);
|
||||
}
|
||||
|
||||
}
|
||||
await _context.SaveChangesAsync();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
return BadRequest(ApiResponse<object>.ErrorResponse(ex.Message, ex, 400));
|
||||
}
|
||||
return Ok(ApiResponse<object>.SuccessResponse("success", "Roles modified.", 200));
|
||||
}
|
||||
|
||||
[HttpGet]
|
||||
[Route("list/{projectid?}")]
|
||||
@ -323,8 +280,16 @@ namespace MarcoBMS.Services.Controllers
|
||||
public async Task<IActionResult> SuspendEmployee(Guid id)
|
||||
{
|
||||
Guid tenantId = _userHelper.GetTenantId();
|
||||
Employee? employee = await _context.Employees.FirstOrDefaultAsync(e => e.Id == id && e.TenantId == tenantId);
|
||||
var LoggedEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||
Employee? employee = await _context.Employees.FirstOrDefaultAsync(e => e.Id == id && e.IsActive && e.TenantId == tenantId);
|
||||
if (employee != null)
|
||||
{
|
||||
if (employee.IsSystem)
|
||||
{
|
||||
_logger.LogWarning("Employee with ID {LoggedEmployeeId} tries to suspend system-defined employee with ID {EmployeeId}", LoggedEmployee.Id, employee.Id);
|
||||
return BadRequest(ApiResponse<object>.ErrorResponse("System-defined employees cannot be suspended.", "System-defined employees cannot be suspended.", 400));
|
||||
}
|
||||
else
|
||||
{
|
||||
var assignedToTasks = await _context.TaskMembers.Where(t => t.EmployeeId == employee.Id).ToListAsync();
|
||||
if (assignedToTasks.Count != 0)
|
||||
@ -384,6 +349,7 @@ namespace MarcoBMS.Services.Controllers
|
||||
await _context.SaveChangesAsync();
|
||||
_logger.LogInfo("Employee with ID {EmployeId} Deleted successfully", employee.Id);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
_logger.LogError("Employee with ID {EmploueeId} not found in database", id);
|
||||
|
||||
@ -1,11 +1,13 @@
|
||||
using System.Data;
|
||||
using Marco.Pms.DataAccess.Data;
|
||||
using Marco.Pms.Model.Dtos.Employees;
|
||||
using Marco.Pms.Model.Dtos.Roles;
|
||||
using Marco.Pms.Model.Entitlements;
|
||||
using Marco.Pms.Model.Mapper;
|
||||
using Marco.Pms.Model.Utilities;
|
||||
using Marco.Pms.Model.ViewModels;
|
||||
using MarcoBMS.Services.Helpers;
|
||||
using MarcoBMS.Services.Service;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
@ -21,16 +23,16 @@ namespace MarcoBMS.Services.Controllers
|
||||
private readonly ApplicationDbContext _context;
|
||||
private readonly RolesHelper _rolesHelper;
|
||||
private readonly UserHelper _userHelper;
|
||||
|
||||
|
||||
private readonly UserManager<ApplicationUser> _userManager;
|
||||
private readonly ILoggingService _logger;
|
||||
|
||||
public RolesController(UserManager<ApplicationUser> userManager, ApplicationDbContext context, RolesHelper rolesHelper, UserHelper userHelper)
|
||||
public RolesController(UserManager<ApplicationUser> userManager, ApplicationDbContext context, RolesHelper rolesHelper, UserHelper userHelper, ILoggingService logger)
|
||||
{
|
||||
_context = context;
|
||||
_userManager = userManager;
|
||||
_rolesHelper = rolesHelper;
|
||||
_userHelper = userHelper;
|
||||
_logger = logger;
|
||||
}
|
||||
|
||||
private Guid GetTenantId()
|
||||
@ -137,6 +139,7 @@ namespace MarcoBMS.Services.Controllers
|
||||
{
|
||||
Id = item.Id,
|
||||
Role = item.Role,
|
||||
IsSystem = item.IsSystem,
|
||||
Description = item.Description,
|
||||
FeaturePermission = []
|
||||
};
|
||||
@ -225,17 +228,21 @@ namespace MarcoBMS.Services.Controllers
|
||||
try
|
||||
{
|
||||
Guid TenantId = GetTenantId();
|
||||
|
||||
var LoggedEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||
var existingRole = await _context.ApplicationRoles.AsNoTracking().FirstOrDefaultAsync(r => r.Id == id);
|
||||
if (existingRole != null && existingRole.IsSystem)
|
||||
{
|
||||
_logger.LogWarning("Employee with ID {LoggedEmployeeId} tries to update System-defined application roles {AppcationRoleId}", LoggedEmployee.Id, existingRole.Id);
|
||||
return BadRequest(ApiResponse<object>.ErrorResponse("System-defined roles cannot be updated", "System-defined roles cannot be updated", 400));
|
||||
}
|
||||
ApplicationRole role = updateRoleDto.ToApplicationRoleFromUpdateDto(TenantId);
|
||||
|
||||
if (role.TenantId != TenantId)
|
||||
return Unauthorized(ApiResponse<object>.ErrorResponse("You don't have any authority to update role", "You don't have any authority to update role", 401));
|
||||
|
||||
var projectModel = _context.ApplicationRoles.Update(role);
|
||||
|
||||
if (projectModel == null)
|
||||
if (existingRole != null)
|
||||
{
|
||||
return NotFound(ApiResponse<object>.ErrorResponse("Project not found", "Project not found", 404));
|
||||
_context.ApplicationRoles.Update(role);
|
||||
await _context.SaveChangesAsync();
|
||||
}
|
||||
|
||||
bool modified = false;
|
||||
@ -265,7 +272,13 @@ namespace MarcoBMS.Services.Controllers
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
return BadRequest(ApiResponse<object>.ErrorResponse(ex.Message, ex, 400));
|
||||
var response = new
|
||||
{
|
||||
message = ex.Message,
|
||||
detail = ex.StackTrace,
|
||||
statusCode = StatusCodes.Status500InternalServerError
|
||||
};
|
||||
return BadRequest(ApiResponse<object>.ErrorResponse(ex.Message, response, 400));
|
||||
}
|
||||
}
|
||||
|
||||
@ -303,11 +316,67 @@ namespace MarcoBMS.Services.Controllers
|
||||
{
|
||||
Id = role.Id,
|
||||
Role = role.Role,
|
||||
IsSystem = role.IsSystem,
|
||||
FeaturePermission = featurePermissions
|
||||
};
|
||||
|
||||
return Ok(ApiResponse<object>.SuccessResponse(vm, "Roles Perimssions fetched successfully.", 200));
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
[HttpPost]
|
||||
[Route("assign-roles")]
|
||||
public async Task<IActionResult> ManageRoles([FromBody] List<EmployeeRoleDot> employeeRoleDots)
|
||||
{
|
||||
if (!ModelState.IsValid)
|
||||
{
|
||||
var errors = ModelState.Values
|
||||
.SelectMany(v => v.Errors)
|
||||
.Select(e => e.ErrorMessage)
|
||||
.ToList();
|
||||
return BadRequest(ApiResponse<object>.ErrorResponse("Invalid data", errors, 400));
|
||||
}
|
||||
var employeesIds = employeeRoleDots.Select(e => e.EmployeeId).Distinct().ToList();
|
||||
var LoggedEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||
var employees = await _context.Employees.Where(e => employeesIds.Contains(e.Id)).ToListAsync();
|
||||
|
||||
Guid TenantId = GetTenantId();
|
||||
try
|
||||
{
|
||||
foreach (EmployeeRoleDot role in employeeRoleDots)
|
||||
{
|
||||
var employee = employees.Find(e => e.Id == role.EmployeeId && e.IsSystem);
|
||||
if (employee != null)
|
||||
{
|
||||
_logger.LogWarning("Employee with ID {LoggedEmployeeId} tries to assign or remove the application role to System-defined employee with ID {EmployeeId}", LoggedEmployee.Id, employee.Id);
|
||||
return BadRequest(ApiResponse<object>.ErrorResponse("System-defined employee cannot have application roles assigned or removed.", "System-defined employee cannot have application roles assigned or removed.", 400));
|
||||
}
|
||||
EmployeeRoleMapping mapping = role.ToEmployeeRoleMappingFromEmployeeRoleDot(TenantId);
|
||||
|
||||
var existingItem = await _context.EmployeeRoleMappings.AsNoTracking().SingleOrDefaultAsync(c => c.Id == mapping.Id);
|
||||
|
||||
if (existingItem == null)
|
||||
{
|
||||
if (role.IsEnabled == true)
|
||||
{
|
||||
_context.EmployeeRoleMappings.Add(mapping);
|
||||
}
|
||||
}
|
||||
else if (role.IsEnabled == false)
|
||||
{
|
||||
_context.EmployeeRoleMappings.Remove(existingItem);
|
||||
}
|
||||
|
||||
}
|
||||
await _context.SaveChangesAsync();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
return BadRequest(ApiResponse<object>.ErrorResponse(ex.Message, ex, 400));
|
||||
}
|
||||
return Ok(ApiResponse<object>.SuccessResponse("success", "Roles modified.", 200));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -63,6 +63,7 @@ namespace Marco.Pms.Services.Service
|
||||
{
|
||||
Role = "Super User",
|
||||
Description = "Super User",
|
||||
IsSystem = true,
|
||||
TenantId = Guid.Parse("b3466e83-7e11-464c-b93a-daf047838b26")
|
||||
};
|
||||
if (!await dbContext.ApplicationRoles.Where(a => a.Role == "Super User").AnyAsync())
|
||||
@ -93,6 +94,7 @@ namespace Marco.Pms.Services.Service
|
||||
PhoneNumber = "9876543210",
|
||||
Photo = null, // GetFileDetails(model.Photo).Result.FileData,
|
||||
JobRoleId = jobRole != null ? jobRole.Id : Guid.Empty,
|
||||
IsSystem = true,
|
||||
JoiningDate = Convert.ToDateTime("2000-04-20 10:11:17.588000"),
|
||||
};
|
||||
if ((!await dbContext.Employees.Where(e => e.FirstName == "Admin").AnyAsync()) && (jobRole != null ? jobRole.Id : Guid.Empty) != Guid.Empty)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user