admin/marco.pms.api
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

Solved the rebase issuees

Browse Source
This commit is contained in:
ashutosh.nehete 2025-09-19 17:51:27 +05:30
commit 64e6255458
8 changed files with 270 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Marco.Pms.Services/Controllers/DocumentController.cs
View File

@ -1420,15 +1420,14 @@ namespace Marco.Pms.Services.Controllers
}
// Check if the logged in employee has permission to delete OR is the owner of the document attachment
var hasDeletePermission = await _permission.HasPermission(PermissionsMaster.DeleteDocument, loggedInEmployee.Id);
var hasViewPermission = false;
var hasDeletePermission = false;
if (ProjectEntity == documentAttachment.DocumentType?.DocumentCategory?.EntityTypeId)
{
hasViewPermission = await _permission.HasPermission(PermissionsMaster.ViewDocument, loggedInEmployee.Id, documentAttachment.EntityId);
hasDeletePermission = await _permission.HasPermission(PermissionsMaster.DeleteDocument, loggedInEmployee.Id, documentAttachment.EntityId);
}
else if (EmployeeEntity == documentAttachment.DocumentType?.DocumentCategory?.EntityTypeId)
{
hasViewPermission = await _permission.HasPermission(PermissionsMaster.ViewDocument, loggedInEmployee.Id);
hasDeletePermission = await _permission.HasPermission(PermissionsMaster.DeleteDocument, loggedInEmployee.Id);
}
if (!hasDeletePermission && loggedInEmployee.Id != documentAttachment.EntityId)
{

13
Marco.Pms.Services/Controllers/EmployeeController.cs
View File

@ -148,12 +148,13 @@ namespace MarcoBMS.Services.Controllers
.Distinct()
.ToListAsync();
result = await _context.Employees
.Include(fp => fp.JobRole)
.Where(e => employeeIds.Contains(e.Id) && e.IsActive && e.TenantId == tenantId)
.Select(e => e.ToEmployeeVMFromEmployee())
.Distinct()
.ToListAsync();
var employees = await _context.Employees
.Include(fp => fp.JobRole)
.Where(e => employeeIds.Contains(e.Id) && e.JobRole != null && e.IsActive && e.TenantId == tenantId)
.Distinct()
.ToListAsync();
result = employees.Select(e => e.ToEmployeeVMFromEmployee()).ToList();
_logger.LogInfo("Employee list fetched using limited access (active only).");
}

94
Marco.Pms.Services/Controllers/MarketController.cs
View File

@ -1,9 +1,12 @@
using Marco.Pms.DataAccess.Data;
using AutoMapper;
using Marco.Pms.DataAccess.Data;
using Marco.Pms.Helpers.Utility;
using Marco.Pms.Model.Dtos.Util;
using Marco.Pms.Model.Mapper;
using Marco.Pms.Model.Master;
using Marco.Pms.Model.TenantModels;
using Marco.Pms.Model.Utilities;
using MarcoBMS.Services.Helpers;
using Marco.Pms.Model.ViewModels.Tenant;
using MarcoBMS.Services.Service;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
@ -14,24 +17,30 @@ namespace Marco.Pms.Services.Controllers
[ApiController]
public class MarketController : ControllerBase
{
private readonly ApplicationDbContext _context;
private readonly UserHelper _userHelper;
private readonly IDbContextFactory<ApplicationDbContext> _dbContextFactory;
private readonly FeatureDetailsHelper _featureDetailsHelper;
private readonly IServiceScopeFactory _serviceScopeFactory;
private readonly IEmailSender _emailSender;
private readonly IConfiguration _configuration;
public MarketController(ApplicationDbContext context, UserHelper userHelper, RefreshTokenService refreshTokenService,
IEmailSender emailSender, IConfiguration configuration, EmployeeHelper employeeHelper)
public MarketController(IDbContextFactory<ApplicationDbContext> dbContextFactory,
IServiceScopeFactory serviceScopeFactory,
IEmailSender emailSender,
IConfiguration configuration,
FeatureDetailsHelper featureDetailsHelper)
{
_context = context;
_userHelper = userHelper;
_emailSender = emailSender;
_configuration = configuration;
_dbContextFactory = dbContextFactory ?? throw new ArgumentNullException(nameof(dbContextFactory));
_serviceScopeFactory = serviceScopeFactory ?? throw new ArgumentNullException(nameof(serviceScopeFactory));
_emailSender = emailSender ?? throw new ArgumentNullException(nameof(emailSender));
_configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));
_featureDetailsHelper = featureDetailsHelper ?? throw new ArgumentNullException(nameof(featureDetailsHelper));
}
[HttpGet]
[Route("industries")]
public async Task<IActionResult> GetIndustries()
{
var tenantId = _userHelper.GetTenantId();
await using var _context = await _dbContextFactory.CreateDbContextAsync();
var industries = await _context.Industries.ToListAsync();
return Ok(ApiResponse<object>.SuccessResponse(industries, "Success.", 200));
@ -40,6 +49,8 @@ namespace Marco.Pms.Services.Controllers
[HttpPost("enquire")]
public async Task<IActionResult> RequestDemo([FromBody] InquiryDto inquiryDto)
{
await using var _context = await _dbContextFactory.CreateDbContextAsync();
Inquiries inquiry = inquiryDto.ToInquiriesFromInquiriesDto();
_context.Inquiries.Add(inquiry);
await _context.SaveChangesAsync();
@ -58,5 +69,66 @@ namespace Marco.Pms.Services.Controllers
}
return NotFound(ApiResponse<object>.ErrorResponse("Industry not found.", "Industry not found.", 404));
}
[HttpGet("list/subscription-plan")]
public async Task<IActionResult> GetSubscriptionPlanList([FromQuery] PLAN_FREQUENCY? frequency)
{
using var scope = _serviceScopeFactory.CreateScope();
var _logger = scope.ServiceProvider.GetRequiredService<ILoggingService>();
var _mapper = scope.ServiceProvider.GetRequiredService<IMapper>();
_logger.LogInfo("GetSubscriptionPlanList called with frequency: {Frequency}", frequency ?? PLAN_FREQUENCY.MONTHLY);
// Initialize the list to store subscription plan view models
List<SubscriptionPlanVM> detailsVM = new List<SubscriptionPlanVM>();
try
{
// Create DbContext
await using var _context = await _dbContextFactory.CreateDbContextAsync();
// Load subscription plans with optional frequency filtering
IQueryable<SubscriptionPlanDetails> query = _context.SubscriptionPlanDetails.Include(sp => sp.Plan).Include(sp => sp.Currency);
if (frequency.HasValue)
{
query = query.Where(sp => sp.Frequency == frequency.Value);
_logger.LogInfo("Filtering subscription plans by frequency: {Frequency}", frequency);
}
else
{
_logger.LogInfo("Fetching all subscription plans without frequency filter");
}
var subscriptionPlans = await query.ToListAsync();
// Map and fetch feature details for each subscription plan
foreach (var subscriptionPlan in subscriptionPlans)
{
var response = _mapper.Map<SubscriptionPlanVM>(subscriptionPlan);
try
{
response.Features = await _featureDetailsHelper.GetFeatureDetails(subscriptionPlan.FeaturesId);
}
catch (Exception exFeature)
{
_logger.LogError(exFeature, "Failed to fetch features for FeaturesId: {FeaturesId}", subscriptionPlan.FeaturesId);
response.Features = null; // or set to a default/fallback value
}
detailsVM.Add(response);
}
_logger.LogInfo("Successfully fetched {Count} subscription plans", detailsVM.Count);
return Ok(ApiResponse<object>.SuccessResponse(detailsVM, "List of plans fetched successfully", 200));
}
catch (Exception ex)
{
_logger.LogError(ex, "Error occurred while fetching subscription plans");
return StatusCode(500, ApiResponse<object>.ErrorResponse("An error occurred while fetching subscription plans."));
}
}
}
}

7
Marco.Pms.Services/Controllers/ProjectController.cs
View File

@ -470,6 +470,13 @@ namespace MarcoBMS.Services.Controllers
var response = await _projectServices.GetAssignedProjectLevelPermissionAsync(employeeId, projectId, tenantId, loggedInEmployee);
return StatusCode(response.StatusCode, response);
}
[HttpGet("get/all/project-level-permission/{projectId}")]
public async Task<IActionResult> GetAllPermissionFroProject(Guid projectId)
{
Employee loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
var response = await _projectServices.GetAllPermissionFroProjectAsync(projectId, loggedInEmployee, tenantId);
return StatusCode(response.StatusCode, response);
}
[HttpGet("get/proejct-level/modules")]
public async Task<IActionResult> AssignProjectLevelModules()
{

6
Marco.Pms.Services/Helpers/EmployeeHelper.cs
View File

@ -85,12 +85,12 @@ namespace MarcoBMS.Services.Helpers
.Distinct()
.ToListAsync();
result = await _context.Employees
var employees = await _context.Employees
.Include(fp => fp.JobRole)
.Where(e => employeeIds.Contains(e.Id) && e.IsActive && e.TenantId == tenantId)
.Select(e => e.ToEmployeeVMFromEmployee())
.Where(e => employeeIds.Contains(e.Id) && e.JobRole != null && e.IsActive && e.TenantId == tenantId)
.Distinct()
.ToListAsync();
result = employees.Select(e => e.ToEmployeeVMFromEmployee()).ToList();
}
else if (ShowInActive)

1
Marco.Pms.Services/Service/PermissionServices.cs
View File

@ -88,7 +88,6 @@ namespace Marco.Pms.Services.Service
{
Guid.Parse("53176ebf-c75d-42e5-839f-4508ffac3def"),
Guid.Parse("9d4b5489-2079-40b9-bd77-6e1bf90bc19f"),
Guid.Parse("81ab8a87-8ccd-4015-a917-0627cee6a100"),
Guid.Parse("52c9cf54-1eb2-44d2-81bb-524cf29c0a94"),
Guid.Parse("a8cf4331-8f04-4961-8360-a3f7c3cc7462")
};

224
Marco.Pms.Services/Service/ProjectServices.cs
View File

@ -16,6 +16,7 @@ using Marco.Pms.Model.ViewModels.Master;
using Marco.Pms.Model.ViewModels.Projects;
using Marco.Pms.Services.Helpers;
using Marco.Pms.Services.Service.ServiceInterfaces;
using MarcoBMS.Services.Helpers;
using MarcoBMS.Services.Service;
using Microsoft.CodeAnalysis;
using Microsoft.EntityFrameworkCore;
@ -29,7 +30,6 @@ namespace Marco.Pms.Services.Service
private readonly IServiceScopeFactory _serviceScopeFactory;
private readonly ApplicationDbContext _context; // Keeping this for direct scoped context use where appropriate
private readonly ILoggingService _logger;
private readonly PermissionServices _permission;
private readonly CacheUpdateHelper _cache;
private readonly IMapper _mapper;
public ProjectServices(
@ -37,17 +37,15 @@ namespace Marco.Pms.Services.Service
IServiceScopeFactory serviceScopeFactory,
ApplicationDbContext context,
ILoggingService logger,
PermissionServices permission,
CacheUpdateHelper cache,
IMapper mapper)
{
_dbContextFactory = dbContextFactory ?? throw new ArgumentNullException(nameof(dbContextFactory));
_serviceScopeFactory = serviceScopeFactory ?? throw new ArgumentNullException(nameof(serviceScopeFactory));
_context = context ?? throw new ArgumentNullException(nameof(context));
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
_permission = permission ?? throw new ArgumentNullException(nameof(permission));
_cache = cache ?? throw new ArgumentNullException(nameof(cache));
_mapper = mapper ?? throw new ArgumentNullException(nameof(mapper));
_serviceScopeFactory = serviceScopeFactory ?? throw new ArgumentNullException(nameof(serviceScopeFactory));
}
#region =================================================================== Project Get APIs ===================================================================
@ -87,7 +85,6 @@ namespace Marco.Pms.Services.Service
return ApiResponse<object>.ErrorResponse("An internal server error occurred. Please try again later.", null, 500);
}
}
public async Task<ApiResponse<object>> GetAllProjectsAsync(Guid tenantId, Employee loggedInEmployee)
{
try
@ -146,11 +143,12 @@ namespace Marco.Pms.Services.Service
return ApiResponse<object>.ErrorResponse("An internal server error occurred. Please try again later.", null, 500);
}
}
public async Task<ApiResponse<object>> GetProjectAsync(Guid id, Guid tenantId, Employee loggedInEmployee)
{
try
{
using var scope = _serviceScopeFactory.CreateScope();
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- Step 1: Run independent operations in PARALLEL ---
// We can check permissions and fetch data at the same time to reduce latency.
var permissionTask = _permission.HasProjectPermission(loggedInEmployee, id);
@ -190,13 +188,15 @@ namespace Marco.Pms.Services.Service
return ApiResponse<object>.ErrorResponse("An internal server error occurred.", null, 500);
}
}
public async Task<ApiResponse<object>> GetProjectDetailsAsync(Guid id, Guid tenantId, Employee loggedInEmployee)
{
try
{
_logger.LogInfo("Details requested by EmployeeId: {EmployeeId} for ProjectId: {ProjectId}", loggedInEmployee.Id, id);
using var scope = _serviceScopeFactory.CreateScope();
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// Step 1: Check global view project permission
var hasViewProjectPermission = await _permission.HasPermission(PermissionsMaster.ViewProject, loggedInEmployee.Id, id);
if (!hasViewProjectPermission)
@ -252,7 +252,6 @@ namespace Marco.Pms.Services.Service
return ApiResponse<object>.ErrorResponse("An internal server error occurred. Please try again later.", null, 500);
}
}
public async Task<ApiResponse<object>> GetProjectDetailsOldAsync(Guid id, Guid tenantId, Employee loggedInEmployee)
{
var project = await _context.Projects
@ -419,6 +418,7 @@ namespace Marco.Pms.Services.Service
try
{
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- Step 1: Fetch the Existing Entity from the Database ---
// This is crucial to avoid the data loss bug. We only want to modify an existing record.
var existingProject = await _context.Projects
@ -519,6 +519,9 @@ namespace Marco.Pms.Services.Service
try
{
using var scope = _serviceScopeFactory.CreateScope();
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- CRITICAL: Security Check ---
// Before fetching data, you MUST verify the user has permission to see it.
// This is a placeholder for your actual permission logic.
@ -589,6 +592,9 @@ namespace Marco.Pms.Services.Service
try
{
using var scope = _serviceScopeFactory.CreateScope();
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- Step 2: Security and Existence Checks ---
// Before fetching data, you MUST verify the user has permission to see it.
// This is a placeholder for your actual permission logic.
@ -660,11 +666,14 @@ namespace Marco.Pms.Services.Service
_logger.LogInfo("Starting to manage {AllocationCount} allocations for user {UserId}.", allocationsDto.Count, loggedInEmployee.Id);
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- (Placeholder) Security Check ---
// In a real application, you would check if the loggedInEmployee has permission
// to manage allocations for ALL projects involved in this batch.
var projectIdsInBatch = allocationsDto.Select(a => a.ProjectId).Distinct().ToList();
var hasPermission = await _permission.HasPermission(PermissionsMaster.ManageTeam, loggedInEmployee.Id);
var projectId = projectIdsInBatch.FirstOrDefault();
var hasPermission = await _permission.HasPermission(PermissionsMaster.ManageTeam, loggedInEmployee.Id, projectId);
if (!hasPermission)
{
_logger.LogWarning("Access DENIED for user {UserId} trying to manage allocations for projects.", loggedInEmployee.Id);
@ -779,6 +788,9 @@ namespace Marco.Pms.Services.Service
try
{
using var scope = _serviceScopeFactory.CreateScope();
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- Step 2: Clarified Security Check ---
// The permission should be about viewing another employee's assignments, not a generic "Manage Team".
// This is a placeholder for your actual, more specific permission logic.
@ -855,15 +867,20 @@ namespace Marco.Pms.Services.Service
_logger.LogInfo("Starting to manage {AllocationCount} project assignments for Employee {EmployeeId}.", allocationsDto.Count, employeeId);
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- (Placeholder) Security Check ---
// You MUST verify that the loggedInEmployee has permission to modify the assignments for the target employeeId.
var hasPermission = await _permission.HasPermission(PermissionsMaster.ManageTeam, loggedInEmployee.Id);
if (!hasPermission)
foreach (var allocation in allocationsDto)
{
_logger.LogWarning("Access DENIED for user {UserId} trying to manage assignments for employee {TargetEmployeeId}.", loggedInEmployee.Id, employeeId);
return ApiResponse<List<ProjectAllocationVM>>.ErrorResponse("Access Denied.", "You do not have permission to manage this employee's assignments.", 403);
if (!await _permission.HasPermission(PermissionsMaster.ManageTeam, loggedInEmployee.Id, allocation.ProjectId))
{
_logger.LogWarning("Access DENIED for user {UserId} trying to manage assignments for employee {TargetEmployeeId}.", loggedInEmployee.Id, employeeId);
return ApiResponse<List<ProjectAllocationVM>>.ErrorResponse("Access Denied.", "You do not have permission to manage this employee's assignments.", 403);
}
}
// --- Step 2: Fetch all relevant existing data in ONE database call ---
var projectIdsInDto = allocationsDto.Select(p => p.ProjectId).ToList();
@ -1038,18 +1055,34 @@ namespace Marco.Pms.Services.Service
try
{
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- Step 1: Run independent permission checks in PARALLEL ---
var projectPermissionTask = _permission.HasProjectPermission(loggedInEmployee, projectId);
var viewInfraPermissionTask = _permission.HasPermission(PermissionsMaster.ViewProjectInfra, loggedInEmployee.Id, projectId);
var viewInfraPermissionTask = Task.Run(async () =>
{
using var newScope = _serviceScopeFactory.CreateScope();
var permission = newScope.ServiceProvider.GetRequiredService<PermissionServices>();
return await permission.HasPermission(PermissionsMaster.ViewProjectInfra, loggedInEmployee.Id, projectId);
});
var manageInfraPermissionTask = Task.Run(async () =>
{
using var newScope = _serviceScopeFactory.CreateScope();
var permission = newScope.ServiceProvider.GetRequiredService<PermissionServices>();
return await permission.HasPermission(PermissionsMaster.ManageProjectInfra, loggedInEmployee.Id, projectId);
});
await Task.WhenAll(projectPermissionTask, viewInfraPermissionTask);
await Task.WhenAll(projectPermissionTask, viewInfraPermissionTask, manageInfraPermissionTask);
if (!await projectPermissionTask)
var hasProjectPermission = projectPermissionTask.Result;
var hasViewInfraPermission = viewInfraPermissionTask.Result;
var hasManageInfraPermission = manageInfraPermissionTask.Result;
if (!hasProjectPermission)
{
_logger.LogWarning("Project access denied for EmployeeId: {EmployeeId} on ProjectId: {ProjectId}", loggedInEmployee.Id, projectId);
return ApiResponse<object>.ErrorResponse("Access denied", "You don't have access to this project", 403);
}
if (!await viewInfraPermissionTask)
if (!hasViewInfraPermission && !hasManageInfraPermission)
{
_logger.LogWarning("ViewInfra permission denied for EmployeeId: {EmployeeId}", loggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("Access denied", "You don't have access to view this project's infrastructure", 403);
@ -1097,6 +1130,7 @@ namespace Marco.Pms.Services.Service
try
{
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- Step 1: Cache-First Strategy ---
var cachedWorkItems = await _cache.GetWorkItemDetailsByWorkArea(workAreaId);
if (cachedWorkItems != null)
@ -1335,6 +1369,8 @@ namespace Marco.Pms.Services.Service
using var scope = _serviceScopeFactory.CreateScope();
var _firebase = scope.ServiceProvider.GetRequiredService<IFirebaseService>();
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// --- Step 1: Input Validation ---
if (workItemDtos == null || !workItemDtos.Any())
{
@ -1472,7 +1508,6 @@ namespace Marco.Pms.Services.Service
return ApiResponse<List<WorkItemVM>>.SuccessResponse(responseList, message, 200);
}
public async Task<ServiceResponse> DeleteProjectTaskAsync(Guid id, Guid tenantId, Employee loggedInEmployee)
{
using var scope = _serviceScopeFactory.CreateScope();
@ -1586,6 +1621,9 @@ namespace Marco.Pms.Services.Service
_logger.LogInfo("ManageProjectLevelPermissionAsync started for EmployeeId: {EmployeeId}, ProjectId: {ProjectId}, TenantId: {TenantId}",
model.EmployeeId, model.ProjectId, tenantId);
using var scope = _serviceScopeFactory.CreateScope();
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
var hasTeamPermission = await _permission.HasPermission(PermissionsMaster.ManageTeam, loggedInEmployee.Id, model.ProjectId);
if (!hasTeamPermission)
{
@ -1724,31 +1762,30 @@ namespace Marco.Pms.Services.Service
employeeId, projectId, tenantId, loggedInEmployee.Id);
// Query the database for relevant project-level permission mappings
var permissionMappings = await _context.ProjectLevelPermissionMappings
.Include(p => p.Employee)
.ThenInclude(e => e!.JobRole)
.Include(p => p.Project)
.Include(p => p.Permission)
.ThenInclude(fp => fp!.Feature)
.AsNoTracking()
.Where(p => p.EmployeeId == employeeId
&& p.ProjectId == projectId
&& p.TenantId == tenantId)
.ToListAsync();
if (permissionMappings == null || !permissionMappings.Any())
var employeeTask = Task.Run(async () =>
{
_logger.LogWarning("No project-level permissions found for EmployeeId: {EmployeeId}, ProjectId: {ProjectId}, TenantId: {TenantId}",
employeeId, projectId, tenantId);
return ApiResponse<object>.ErrorResponse("Project-Level Permissions not found", "Project-Level Permissions not found in database", 404);
}
await using var context = await _dbContextFactory.CreateDbContextAsync();
return await context.Employees.FirstOrDefaultAsync(e => e.Id == employeeId);
});
var projectTask = Task.Run(async () =>
{
await using var context = await _dbContextFactory.CreateDbContextAsync();
return await context.Projects.FirstOrDefaultAsync(p => p.Id == projectId && p.TenantId == tenantId);
});
var permissionIdsTask = Task.Run(async () =>
{
return await GetPermissionIdsByProject(projectId, employeeId, tenantId);
});
// Map the employee, project, and permissions.
var employee = _mapper.Map<BasicEmployeeVM>(permissionMappings.First().Employee);
var project = _mapper.Map<BasicProjectVM>(permissionMappings.First().Project);
var permissions = permissionMappings
.Select(p => _mapper.Map<FeaturePermissionVM>(p.Permission))
.ToList();
await Task.WhenAll(employeeTask, projectTask, permissionIdsTask);
var employee = employeeTask.Result;
var project = projectTask.Result;
var permissionIds = permissionIdsTask.Result;
var permissions = await _context.FeaturePermissions
.Include(fp => fp.Feature)
.Where(fp => permissionIds.Contains(fp.Id)).ToListAsync();
if (employee == null)
{
@ -1761,12 +1798,26 @@ namespace Marco.Pms.Services.Service
return ApiResponse<object>.ErrorResponse("Project not found", "Project not found in database", 404);
}
if (permissions == null || !permissions.Any())
{
_logger.LogWarning("No project-level permissions found for EmployeeId: {EmployeeId}, ProjectId: {ProjectId}, TenantId: {TenantId}",
employeeId, projectId, tenantId);
return ApiResponse<object>.ErrorResponse("Project-Level Permissions not found", "Project-Level Permissions not found in database", 404);
}
// Map the employee, project, and permissions.
var employeeVm = _mapper.Map<BasicEmployeeVM>(employee);
var projectVm = _mapper.Map<BasicProjectVM>(project);
var permissionVms = permissions
.Select(p => _mapper.Map<FeaturePermissionVM>(p))
.ToList();
// Prepare the result object.
var result = new
{
Employee = employee,
Project = project,
Permissions = permissions
Employee = employeeVm,
Project = projectVm,
Permissions = permissionVms
};
_logger.LogInfo("Project-level permissions fetched successfully for EmployeeId: {EmployeeId}, ProjectId: {ProjectId}, TenantId: {TenantId}",
@ -1791,7 +1842,6 @@ namespace Marco.Pms.Services.Service
{
Guid.Parse("53176ebf-c75d-42e5-839f-4508ffac3def"),
Guid.Parse("9d4b5489-2079-40b9-bd77-6e1bf90bc19f"),
Guid.Parse("81ab8a87-8ccd-4015-a917-0627cee6a100"),
Guid.Parse("52c9cf54-1eb2-44d2-81bb-524cf29c0a94"),
Guid.Parse("a8cf4331-8f04-4961-8360-a3f7c3cc7462")
};
@ -1871,6 +1921,11 @@ namespace Marco.Pms.Services.Service
return ApiResponse<object>.ErrorResponse("An error occurred while retrieving employees with project-level permissions.", 500);
}
}
public async Task<ApiResponse<object>> GetAllPermissionFroProjectAsync(Guid projectId, Employee loggedInEmployee, Guid tenantId)
{
var featurePermissionIds = await GetPermissionIdsByProject(projectId, loggedInEmployee.Id, tenantId);
return ApiResponse<object>.SuccessResponse(featurePermissionIds, "Successfully featched the permission ids", 200);
}
#endregion
#region =================================================================== Helper Functions ===================================================================
@ -1880,13 +1935,11 @@ namespace Marco.Pms.Services.Service
List<Project> alloc = await _context.Projects.Where(c => c.TenantId == tanentId).ToListAsync();
return alloc;
}
public async Task<List<ProjectAllocation>> GetProjectByEmployeeID(Guid employeeId)
{
List<ProjectAllocation> alloc = await _context.ProjectAllocations.Where(c => c.EmployeeId == employeeId && c.IsActive == true).Include(c => c.Project).ToListAsync();
return alloc;
}
public async Task<List<ProjectAllocation>> GetTeamByProject(Guid TenantId, Guid ProjectId, bool IncludeInactive)
{
if (IncludeInactive)
@ -1903,9 +1956,11 @@ namespace Marco.Pms.Services.Service
return employees;
}
}
public async Task<List<Guid>> GetMyProjects(Guid tenantId, Employee LoggedInEmployee)
{
using var scope = _serviceScopeFactory.CreateScope();
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
var projectIds = await _cache.GetProjects(LoggedInEmployee.Id);
if (projectIds == null)
@ -1929,9 +1984,11 @@ namespace Marco.Pms.Services.Service
}
return projectIds;
}
public async Task<List<Guid>> GetMyProjectIdsAsync(Guid tenantId, Employee loggedInEmployee)
{
using var scope = _serviceScopeFactory.CreateScope();
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
// 1. Attempt to retrieve the list of project IDs from the cache first.
// This is the "happy path" and should be as fast as possible.
List<Guid>? projectIds = await _cache.GetProjects(loggedInEmployee.Id);
@ -1978,7 +2035,6 @@ namespace Marco.Pms.Services.Service
return newProjectIds;
}
/// <summary>
/// Retrieves a list of ProjectInfoVMs by their IDs, using an efficient partial cache-hit strategy.
/// It fetches what it can from the cache (as ProjectMongoDB), gets the rest from the
@ -2029,7 +2085,6 @@ namespace Marco.Pms.Services.Service
return finalViewModels;
}
private async Task<ProjectDetailsVM> GetProjectViewModel(Guid? id, Project project)
{
ProjectDetailsVM vm = new ProjectDetailsVM();
@ -2179,7 +2234,6 @@ namespace Marco.Pms.Services.Service
// Map from the database entity to the response ViewModel.
return dbProject;
}
private async Task UpdateCacheInBackground(Project project)
{
try
@ -2197,7 +2251,6 @@ namespace Marco.Pms.Services.Service
_logger.LogError(ex, "Background cache update failed for project {ProjectId} ", project.Id);
}
}
private async Task UpdateCacheAndNotify(Dictionary<Guid, (double Planned, double Completed)> workDelta, List<WorkItem> affectedItems)
{
try
@ -2219,7 +2272,6 @@ namespace Marco.Pms.Services.Service
_logger.LogError(ex, "An error occurred during background cache update/notification.");
}
}
private void ProcessBuilding(BuildingDto dto, Guid tenantId, InfraVM responseData, List<string> messages, ISet<Guid> projectIds, List<Task> cacheTasks, Employee loggedInEmployee)
{
using var scope = _serviceScopeFactory.CreateScope();
@ -2256,8 +2308,8 @@ namespace Marco.Pms.Services.Service
});
}
private void ProcessFloor(FloorDto dto, Guid tenantId, InfraVM responseData, List<string> messages, ISet<Guid> projectIds, List<Task> cacheTasks, IDictionary<Guid, Building> buildings, Employee loggedInEmployee)
private void ProcessFloor(FloorDto dto, Guid tenantId, InfraVM responseData, List<string> messages, ISet<Guid> projectIds, List<Task> cacheTasks, IDictionary<Guid, Building> buildings,
Employee loggedInEmployee)
{
using var scope = _serviceScopeFactory.CreateScope();
var _firebase = scope.ServiceProvider.GetRequiredService<IFirebaseService>();
@ -2297,8 +2349,8 @@ namespace Marco.Pms.Services.Service
});
}
private void ProcessWorkArea(WorkAreaDto dto, Guid tenantId, InfraVM responseData, List<string> messages, ISet<Guid> projectIds, List<Task> cacheTasks, IDictionary<Guid, Floor> floors, Employee loggedInEmployee)
private void ProcessWorkArea(WorkAreaDto dto, Guid tenantId, InfraVM responseData, List<string> messages, ISet<Guid> projectIds, List<Task> cacheTasks, IDictionary<Guid, Floor> floors,
Employee loggedInEmployee)
{
using var scope = _serviceScopeFactory.CreateScope();
var _firebase = scope.ServiceProvider.GetRequiredService<IFirebaseService>();
@ -2339,6 +2391,62 @@ namespace Marco.Pms.Services.Service
});
}
private async Task<List<Guid>> GetPermissionIdsByProject(Guid projectId, Guid EmployeeId, Guid tenantId)
{
await using var context = await _dbContextFactory.CreateDbContextAsync();
using var scope = _serviceScopeFactory.CreateScope();
var _rolesHelper = scope.ServiceProvider.GetRequiredService<RolesHelper>();
// 1. Try fetching permissions from cache (fast-path lookup).
var featurePermissionIds = await _cache.GetPermissions(EmployeeId);
// If not found in cache, fallback to database (slower).
if (featurePermissionIds == null)
{
var featurePermissions = await _rolesHelper.GetFeaturePermissionByEmployeeId(EmployeeId);
featurePermissionIds = featurePermissions.Select(fp => fp.Id).ToList();
}
// 2. Handle project-level permission overrides if a project is specified.
if (projectId != Guid.Empty)
{
// Fetch permissions explicitly assigned to this employee in the project.
var projectLevelPermissionIds = await context.ProjectLevelPermissionMappings
.Where(pl => pl.ProjectId == projectId && pl.EmployeeId == EmployeeId && pl.TenantId == tenantId)
.Select(pl => pl.PermissionId)
.ToListAsync();
if (projectLevelPermissionIds?.Any() ?? false)
{
// Define modules where project-level overrides apply.
var projectLevelModuleIds = new HashSet<Guid>
{
Guid.Parse("53176ebf-c75d-42e5-839f-4508ffac3def"),
Guid.Parse("9d4b5489-2079-40b9-bd77-6e1bf90bc19f"),
Guid.Parse("52c9cf54-1eb2-44d2-81bb-524cf29c0a94"),
Guid.Parse("a8cf4331-8f04-4961-8360-a3f7c3cc7462")
};
// Get all feature permissions under those modules where the user didn't have explicit project-level grants.
var allOverriddenPermissions = await context.FeaturePermissions
.Where(fp => projectLevelModuleIds.Contains(fp.FeatureId) &&
!projectLevelPermissionIds.Contains(fp.Id))
.Select(fp => fp.Id)
.ToListAsync();
// Apply overrides:
// - Remove global permissions overridden by project-level rules.
// - Add explicit project-level permissions.
featurePermissionIds = featurePermissionIds
.Except(allOverriddenPermissions) // Remove overridden
.Concat(projectLevelPermissionIds) // Add project-level
.Distinct() // Ensure no duplicates
.ToList();
}
}
return featurePermissionIds;
}
#endregion
}

1
Marco.Pms.Services/Service/ServiceInterfaces/IProjectServices.cs
View File

@ -40,6 +40,7 @@ namespace Marco.Pms.Services.Service.ServiceInterfaces
Task<ApiResponse<object>> GetAssignedProjectLevelPermissionAsync(Guid employeeId, Guid projectId, Guid tenantId, Employee loggedInEmployee);
Task<ApiResponse<object>> AssignProjectLevelModulesAsync(Guid tenantId, Employee loggedInEmployee);
Task<ApiResponse<object>> GetEmployeeToWhomProjectLevelAssignedAsync(Guid projectId, Guid tenantId, Employee loggedInEmployee);
Task<ApiResponse<object>> GetAllPermissionFroProjectAsync(Guid projectId, Employee loggedInEmployee, Guid tenantId);
}
}