admin/marco.pms.api
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

user profile api returns duplicate FeaturePermissions. This makes permission checks impossible, as multiple permissions return the same feature ID. Instead it will return the permissionID, also now passing the list featureid's in the response

Browse Source
This commit is contained in:
Vikas Nale 2025-04-02 15:58:48 +05:30
parent 2e19d2fe54
commit c4952825fe
2 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Marco.Pms.Model/ViewModels/Employee/EmployeeProfile.cs
View File

@ -1,15 +1,10 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Marco.Pms.Model.ViewModels.Employee
namespace Marco.Pms.Model.ViewModels.Employee
{
public class EmployeeProfile
{
public EmployeeVM EmployeeInfo { get; set; }
public string[] Projects { get; set; }
public string[] FeaturePermissions { get; set; }
public string[] FeaturePermissions { get; set; }
public string[] Features { get; set; }
}
}

7
Marco.Pms.Services/Controllers/UserController.cs
View File

@ -43,7 +43,8 @@ namespace MarcoBMS.Services.Controllers
List<FeaturePermission> featurePermission = await _rolesHelper.GetFeaturePermissionByEmployeeID(emp.Id);
string[] projectsId = [];
if (featurePermission != null && featurePermission.Exists(c => c.FeatureId.ToString() == "53176ebf-c75d-42e5-839f-4508ffac3def")) {
/* User with permission manage project can see all projects */
if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614")) {
List<Project> projects = await _projectsHelper.GetAllProjectByTanentID(emp.TenantId);
projectsId = projects.Select(c=>c.Id.ToString()).ToArray();
}
@ -59,9 +60,11 @@ namespace MarcoBMS.Services.Controllers
{
EmployeeInfo = employeeVM,
Projects = projectsId,
FeaturePermissions = featurePermission.Select(c => c.FeatureId.ToString()).ToArray(),
FeaturePermissions = featurePermission.Select(c => c.Id.ToString()).Distinct().ToArray(),
Features = featurePermission.Select(c => c.FeatureId.ToString()).Distinct().ToArray(),
};
return Ok(profile);
}
}