diff --git a/Marco.Pms.Services/Controllers/EmployeeController.cs b/Marco.Pms.Services/Controllers/EmployeeController.cs index 42285e9..c46ec5b 100644 --- a/Marco.Pms.Services/Controllers/EmployeeController.cs +++ b/Marco.Pms.Services/Controllers/EmployeeController.cs @@ -233,83 +233,11 @@ namespace MarcoBMS.Services.Controllers _logger.LogInfo("GetEmployeesByProject called. EmployeeId: {EmployeeId}, ProjectId: {ProjectId}, showInactive: {ShowInactive}", loggedInEmployee.Id, projectId ?? Guid.Empty, showInactive); - // Step 3: Fetch permissions concurrently - var viewAllTask = Task.Run(async () => - { - var _permission = scope.ServiceProvider.GetRequiredService(); - return await _permission.HasPermission(PermissionsMaster.ViewAllEmployees, loggedInEmployee.Id); - }); - var viewTeamTask = Task.Run(async () => - { - var _permission = scope.ServiceProvider.GetRequiredService(); - return await _permission.HasPermission(PermissionsMaster.ViewTeamMembers, loggedInEmployee.Id); - }); - - await Task.WhenAll(viewAllTask, viewTeamTask); - - var hasViewAllEmployeesPermission = viewAllTask.Result; - var hasViewTeamMembersPermission = viewTeamTask.Result; - - List employees = new List(); - - // Step 4: Query based on permission - if (hasViewAllEmployeesPermission && !projectId.HasValue) - { - // OrganizationId needs to be retrieved from loggedInEmployee or context based on your app's structure - var employeeQuery = _context.Employees - .AsNoTracking() // Optimize EF query for read-only operation[web:1][web:13][web:18] - .Include(e => e.JobRole) - .Where(e => e.OrganizationId == organizationId); - - employeeQuery = showInactive - ? employeeQuery.Where(e => !e.IsActive) - : employeeQuery.Where(e => e.IsActive); - - employees = await employeeQuery.ToListAsync(); - _logger.LogInfo("Employee list fetched with full access. Count: {Count}", employees.Count); - } - else if (hasViewTeamMembersPermission && !showInactive && !projectId.HasValue) - { - // Only active team members with limited permission - var projectIds = await _projectServices.GetMyProjectIdsAsync(tenantId, loggedInEmployee); - - employees = await _context.ProjectAllocations - .AsNoTracking() - .Include(pa => pa.Employee) - .ThenInclude(e => e!.JobRole) - .Where(pa => - projectIds.Contains(pa.ProjectId) - && pa.IsActive - && pa.Employee != null - && pa.Employee.IsActive - && pa.TenantId == tenantId) - .Select(pa => pa.Employee!) - .Distinct() - .ToListAsync(); - - _logger.LogInfo("Employee list fetched with limited access (active only). Count: {Count}", employees.Count); - } - - // If a specific projectId is provided, override employee fetching to ensure strict project context - if (projectId.HasValue) - { - employees = await _context.ProjectAllocations - .AsNoTracking() - .Include(pa => pa.Employee) - .ThenInclude(e => e!.JobRole) - .Where(pa => - pa.ProjectId == projectId - && pa.IsActive - && pa.Employee != null - && pa.Employee.IsActive - && pa.TenantId == tenantId) - .Select(pa => pa.Employee!) - .Distinct() - .ToListAsync(); - - _logger.LogInfo("Employee list fetched for specific project. ProjectId: {ProjectId}. Count: {Count}", - projectId, employees.Count); - } + var employees = await _context.Employees + .Include(e => e.JobRole) + .Include(e => e.Organization) + .Where(e => e.OrganizationId == loggedInEmployee.OrganizationId && e.IsActive != showInactive) + .ToListAsync(); // Step 5: Map to view model result = employees.Select(e => _mapper.Map(e)).Distinct().ToList();