Sending list of projects of which employee has permission
This commit is contained in:
parent
47ad6231dd
commit
baa168ff8f
@ -137,6 +137,13 @@ namespace MarcoBMS.Services.Controllers
|
|||||||
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||||
var hasTeamAttendancePermission = await _permission.HasPermission(new Guid("915e6bff-65f6-4e3f-aea8-3fd217d3ea9e"), LoggedInEmployee.Id);
|
var hasTeamAttendancePermission = await _permission.HasPermission(new Guid("915e6bff-65f6-4e3f-aea8-3fd217d3ea9e"), LoggedInEmployee.Id);
|
||||||
var hasSelfAttendancePermission = await _permission.HasPermission(new Guid("ccb0589f-712b-43de-92ed-5b6088e7dc4e"), LoggedInEmployee.Id);
|
var hasSelfAttendancePermission = await _permission.HasPermission(new Guid("ccb0589f-712b-43de-92ed-5b6088e7dc4e"), LoggedInEmployee.Id);
|
||||||
|
var hasProjectPermission = await _permission.HasProjectPermission(LoggedInEmployee, projectId.ToString());
|
||||||
|
|
||||||
|
if (!hasProjectPermission)
|
||||||
|
{
|
||||||
|
_logger.LogWarning("Employee {EmployeeId} tries to access attendance of project {ProjectId}, but don't have access", LoggedInEmployee.Id, projectId);
|
||||||
|
return Unauthorized(ApiResponse<object>.ErrorResponse("Unauthorized access", "Unauthorized access", 404));
|
||||||
|
}
|
||||||
|
|
||||||
DateTime fromDate = new DateTime();
|
DateTime fromDate = new DateTime();
|
||||||
DateTime toDate = new DateTime();
|
DateTime toDate = new DateTime();
|
||||||
@ -246,6 +253,13 @@ namespace MarcoBMS.Services.Controllers
|
|||||||
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||||
var hasTeamAttendancePermission = await _permission.HasPermission(new Guid("915e6bff-65f6-4e3f-aea8-3fd217d3ea9e"), LoggedInEmployee.Id);
|
var hasTeamAttendancePermission = await _permission.HasPermission(new Guid("915e6bff-65f6-4e3f-aea8-3fd217d3ea9e"), LoggedInEmployee.Id);
|
||||||
var hasSelfAttendancePermission = await _permission.HasPermission(new Guid("ccb0589f-712b-43de-92ed-5b6088e7dc4e"), LoggedInEmployee.Id);
|
var hasSelfAttendancePermission = await _permission.HasPermission(new Guid("ccb0589f-712b-43de-92ed-5b6088e7dc4e"), LoggedInEmployee.Id);
|
||||||
|
var hasProjectPermission = await _permission.HasProjectPermission(LoggedInEmployee, projectId.ToString());
|
||||||
|
|
||||||
|
if (!hasProjectPermission)
|
||||||
|
{
|
||||||
|
_logger.LogWarning("Employee {EmployeeId} tries to access attendance of project {ProjectId}, but don't have access", LoggedInEmployee.Id, projectId);
|
||||||
|
return Unauthorized(ApiResponse<object>.ErrorResponse("Unauthorized access", "Unauthorized access", 404));
|
||||||
|
}
|
||||||
|
|
||||||
DateTime forDate = new DateTime();
|
DateTime forDate = new DateTime();
|
||||||
|
|
||||||
@ -341,7 +355,15 @@ namespace MarcoBMS.Services.Controllers
|
|||||||
public async Task<IActionResult> GetRequestRegularizeAttendance([FromQuery] Guid projectId, [FromQuery] bool IncludeInActive)
|
public async Task<IActionResult> GetRequestRegularizeAttendance([FromQuery] Guid projectId, [FromQuery] bool IncludeInActive)
|
||||||
{
|
{
|
||||||
Guid TenantId = GetTenantId();
|
Guid TenantId = GetTenantId();
|
||||||
|
Employee LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||||
var result = new List<EmployeeAttendanceVM>();
|
var result = new List<EmployeeAttendanceVM>();
|
||||||
|
var hasProjectPermission = await _permission.HasProjectPermission(LoggedInEmployee, projectId.ToString());
|
||||||
|
|
||||||
|
if (!hasProjectPermission)
|
||||||
|
{
|
||||||
|
_logger.LogWarning("Employee {EmployeeId} tries to access attendance of project {ProjectId}, but don't have access", LoggedInEmployee.Id, projectId);
|
||||||
|
return Unauthorized(ApiResponse<object>.ErrorResponse("Unauthorized access", "Unauthorized access", 404));
|
||||||
|
}
|
||||||
|
|
||||||
List<Attendance> lstAttendance = await _context.Attendes.Where(c => c.ProjectID == projectId && c.Activity == ATTENDANCE_MARK_TYPE.REQUEST_REGULARIZE && c.TenantId == TenantId).ToListAsync();
|
List<Attendance> lstAttendance = await _context.Attendes.Where(c => c.ProjectID == projectId && c.Activity == ATTENDANCE_MARK_TYPE.REQUEST_REGULARIZE && c.TenantId == TenantId).ToListAsync();
|
||||||
|
|
||||||
|
|||||||
@ -24,13 +24,17 @@ namespace MarcoBMS.Services.Controllers
|
|||||||
private readonly ApplicationDbContext _context;
|
private readonly ApplicationDbContext _context;
|
||||||
private readonly UserHelper _userHelper;
|
private readonly UserHelper _userHelper;
|
||||||
private readonly ILoggingService _logger;
|
private readonly ILoggingService _logger;
|
||||||
|
private readonly RolesHelper _rolesHelper;
|
||||||
|
private readonly ProjectsHelper _projectsHelper;
|
||||||
|
|
||||||
|
|
||||||
public ProjectController(ApplicationDbContext context, UserHelper userHelper, ILoggingService logger)
|
public ProjectController(ApplicationDbContext context, UserHelper userHelper, ILoggingService logger, RolesHelper rolesHelper, ProjectsHelper projectHelper)
|
||||||
{
|
{
|
||||||
_context = context;
|
_context = context;
|
||||||
_userHelper = userHelper;
|
_userHelper = userHelper;
|
||||||
_logger = logger;
|
_logger = logger;
|
||||||
|
_rolesHelper = rolesHelper;
|
||||||
|
_projectsHelper = projectHelper;
|
||||||
}
|
}
|
||||||
[HttpGet("list")]
|
[HttpGet("list")]
|
||||||
public async Task<IActionResult> GetAll()
|
public async Task<IActionResult> GetAll()
|
||||||
@ -45,7 +49,22 @@ namespace MarcoBMS.Services.Controllers
|
|||||||
|
|
||||||
}
|
}
|
||||||
Guid tenantId = _userHelper.GetTenantId();
|
Guid tenantId = _userHelper.GetTenantId();
|
||||||
List<Project> projects = await _context.Projects.Where(c => c.TenantId == tenantId).ToListAsync();
|
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||||
|
List<FeaturePermission> featurePermission = await _rolesHelper.GetFeaturePermissionByEmployeeID(LoggedInEmployee.Id);
|
||||||
|
string[] projectsId = [];
|
||||||
|
List<Project> projects = new List<Project>();
|
||||||
|
|
||||||
|
/* User with permission manage project can see all projects */
|
||||||
|
if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614"))
|
||||||
|
{
|
||||||
|
projects = await _projectsHelper.GetAllProjectByTanentID(LoggedInEmployee.TenantId);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
List<ProjectAllocation> allocation = await _projectsHelper.GetProjectByEmployeeID(LoggedInEmployee.Id);
|
||||||
|
projectsId = allocation.Select(c => c.ProjectId.ToString()).ToArray();
|
||||||
|
projects = await _context.Projects.Where(c => projectsId.Contains(c.Id.ToString()) && c.TenantId == tenantId).ToListAsync();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
List<ProjectListVM> response = new List<ProjectListVM>();
|
List<ProjectListVM> response = new List<ProjectListVM>();
|
||||||
|
|||||||
@ -1,4 +1,8 @@
|
|||||||
using Marco.Pms.DataAccess.Data;
|
using Marco.Pms.DataAccess.Data;
|
||||||
|
using Marco.Pms.Model.Employees;
|
||||||
|
using Marco.Pms.Model.Entitlements;
|
||||||
|
using Marco.Pms.Model.Projects;
|
||||||
|
using MarcoBMS.Services.Helpers;
|
||||||
using Microsoft.EntityFrameworkCore;
|
using Microsoft.EntityFrameworkCore;
|
||||||
|
|
||||||
namespace Marco.Pms.Services.Service
|
namespace Marco.Pms.Services.Service
|
||||||
@ -6,9 +10,13 @@ namespace Marco.Pms.Services.Service
|
|||||||
public class PermissionServices
|
public class PermissionServices
|
||||||
{
|
{
|
||||||
private readonly ApplicationDbContext _context;
|
private readonly ApplicationDbContext _context;
|
||||||
public PermissionServices(ApplicationDbContext context)
|
private readonly RolesHelper _rolesHelper;
|
||||||
|
private readonly ProjectsHelper _projectsHelper;
|
||||||
|
public PermissionServices(ApplicationDbContext context, RolesHelper rolesHelper, ProjectsHelper projectsHelper)
|
||||||
{
|
{
|
||||||
_context = context;
|
_context = context;
|
||||||
|
_rolesHelper = rolesHelper;
|
||||||
|
_projectsHelper = projectsHelper;
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<bool> HasPermission(Guid featurePermissionId, Guid employeeId)
|
public async Task<bool> HasPermission(Guid featurePermissionId, Guid employeeId)
|
||||||
@ -21,5 +29,24 @@ namespace Marco.Pms.Services.Service
|
|||||||
.Any(rp => rp.FeaturePermissionId == featurePermissionId && rp.ApplicationRoleId == roleId));
|
.Any(rp => rp.FeaturePermissionId == featurePermissionId && rp.ApplicationRoleId == roleId));
|
||||||
return hasPermission;
|
return hasPermission;
|
||||||
}
|
}
|
||||||
|
public async Task<bool> HasProjectPermission(Employee emp, string projectId)
|
||||||
|
{
|
||||||
|
List<FeaturePermission> featurePermission = await _rolesHelper.GetFeaturePermissionByEmployeeID(emp.Id);
|
||||||
|
string[] projectsId = [];
|
||||||
|
|
||||||
|
/* User with permission manage project can see all projects */
|
||||||
|
if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614"))
|
||||||
|
{
|
||||||
|
List<Project> projects = await _projectsHelper.GetAllProjectByTanentID(emp.TenantId);
|
||||||
|
projectsId = projects.Select(c => c.Id.ToString()).ToArray();
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
List<ProjectAllocation> allocation = await _projectsHelper.GetProjectByEmployeeID(emp.Id);
|
||||||
|
projectsId = allocation.Select(c => c.ProjectId.ToString()).ToArray();
|
||||||
|
}
|
||||||
|
bool response = projectsId.Contains(projectId);
|
||||||
|
return response;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user