diff --git a/Marco.Pms.Services/Controllers/EmployeeController.cs b/Marco.Pms.Services/Controllers/EmployeeController.cs index d5d7f3d..c558de4 100644 --- a/Marco.Pms.Services/Controllers/EmployeeController.cs +++ b/Marco.Pms.Services/Controllers/EmployeeController.cs @@ -1,4 +1,5 @@ -using Marco.Pms.DataAccess.Data; +using AutoMapper; +using Marco.Pms.DataAccess.Data; using Marco.Pms.Model.Dtos.Attendance; using Marco.Pms.Model.Dtos.Employees; using Marco.Pms.Model.Employees; @@ -6,6 +7,7 @@ using Marco.Pms.Model.Entitlements; using Marco.Pms.Model.Mapper; using Marco.Pms.Model.Projects; using Marco.Pms.Model.Utilities; +using Marco.Pms.Model.ViewModels.Activities; using Marco.Pms.Model.ViewModels.Employee; using Marco.Pms.Services.Hubs; using Marco.Pms.Services.Service; @@ -38,13 +40,14 @@ namespace MarcoBMS.Services.Controllers private readonly ILoggingService _logger; private readonly IHubContext _signalR; private readonly PermissionServices _permission; + private readonly IMapper _mapper; private readonly IProjectServices _projectServices; private readonly Guid tenantId; public EmployeeController(UserManager userManager, IEmailSender emailSender, ApplicationDbContext context, EmployeeHelper employeeHelper, UserHelper userHelper, IConfiguration configuration, ILoggingService logger, - IHubContext signalR, PermissionServices permission, IProjectServices projectServices) + IHubContext signalR, PermissionServices permission, IProjectServices projectServices, IMapper mapper) { _context = context; _userManager = userManager; @@ -56,6 +59,7 @@ namespace MarcoBMS.Services.Controllers _signalR = signalR; _permission = permission; _projectServices = projectServices; + _mapper = mapper; tenantId = _userHelper.GetTenantId(); } @@ -162,6 +166,30 @@ namespace MarcoBMS.Services.Controllers return Ok(ApiResponse.SuccessResponse(result, "Filter applied.", 200)); } + [HttpGet("basic")] + public async Task GetEmployeesByProjectBasic(Guid? projectId, [FromQuery] string? searchString) + { + var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); + var employeeQuery = _context.Employees.Where(e => e.TenantId == tenantId); + if (projectId != null && projectId == Guid.Empty) + { + var hasProjectPermission = await _permission.HasProjectPermission(loggedInEmployee, projectId.Value); + if (!hasProjectPermission) + { + _logger.LogWarning("User {EmployeeId} attempts to get employee for project {ProjectId}, but not have access to the project", loggedInEmployee.Id, projectId); + return StatusCode(403, ApiResponse.ErrorResponse("Access denied", "User do not have access to view the list for this project", 403)); + } + var employeeIds = await _context.ProjectAllocations.Where(pa => pa.ProjectId == projectId && pa.IsActive && pa.TenantId == tenantId).Select(p => p.EmployeeId).ToListAsync(); + employeeQuery = employeeQuery.Where(e => employeeIds.Contains(e.Id)); + } + if (!string.IsNullOrWhiteSpace(searchString)) + { + var searchStringLower = searchString.ToLower(); + employeeQuery = employeeQuery.Where(e => (e.FirstName + " " + e.LastName).ToLower().Contains(searchStringLower)); + } + var response = await employeeQuery.Select(e => _mapper.Map(e)).ToListAsync(); + return Ok(ApiResponse.SuccessResponse(response, $"{response.Count} records of employees fetched successfully", 200)); + } [HttpGet] [Route("search/{name}/{projectid?}")] public async Task SearchEmployee(string name, Guid? projectid)