admin/marco.pms.api
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

Getting the employee list of user's organization only

Browse Source
This commit is contained in:
ashutosh.nehete 2025-09-24 17:23:32 +05:30
parent 42da1f12cf
commit fe1dfd7293
3 changed files with 143 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
Marco.Pms.Services/Controllers/EmployeeController.cs
View File

@ -19,6 +19,7 @@ using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.SignalR; using Microsoft.AspNetCore.SignalR;
using Microsoft.CodeAnalysis;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using System.Data; using System.Data;
using System.Net; using System.Net;
@ -33,7 +34,7 @@ namespace MarcoBMS.Services.Controllers
{ {
private readonly ApplicationDbContext _context; private readonly ApplicationDbContext _context;
private readonly IServiceScopeFactory _serviceScope; private readonly IServiceScopeFactory _serviceScopeFactory;
private readonly UserManager<ApplicationUser> _userManager; private readonly UserManager<ApplicationUser> _userManager;
private readonly IEmailSender _emailSender; private readonly IEmailSender _emailSender;
private readonly EmployeeHelper _employeeHelper; private readonly EmployeeHelper _employeeHelper;
@ -49,7 +50,7 @@ namespace MarcoBMS.Services.Controllers
private readonly Guid organizationId; private readonly Guid organizationId;
public EmployeeController(IServiceScopeFactory serviceScope, public EmployeeController(IServiceScopeFactory serviceScopeFactory,
UserManager<ApplicationUser> userManager, UserManager<ApplicationUser> userManager,
IEmailSender emailSender, IEmailSender emailSender,
ApplicationDbContext context, ApplicationDbContext context,
@ -63,7 +64,7 @@ namespace MarcoBMS.Services.Controllers
IMapper mapper, IMapper mapper,
GeneralHelper generalHelper) GeneralHelper generalHelper)
{ {
_serviceScope = serviceScope; _serviceScopeFactory = serviceScopeFactory;
_context = context; _context = context;
_userManager = userManager; _userManager = userManager;
_emailSender = emailSender; _emailSender = emailSender;
@ -119,9 +120,8 @@ namespace MarcoBMS.Services.Controllers
} }
} }
[HttpGet] [HttpGet("list/{projectId?}")]
[Route("list/{projectid?}")] public async Task<IActionResult> GetEmployeesByProjectAsync(Guid? projectId, [FromQuery] bool showInactive = false)
public async Task<IActionResult> GetEmployeesByProject(Guid? projectid, [FromQuery] bool ShowInactive)
{ {
// Step 1: Validate incoming request model state // Step 1: Validate incoming request model state
if (!ModelState.IsValid) if (!ModelState.IsValid)
@ -135,55 +135,111 @@ namespace MarcoBMS.Services.Controllers
return BadRequest(ApiResponse<object>.ErrorResponse("Invalid data", errors, 400)); return BadRequest(ApiResponse<object>.ErrorResponse("Invalid data", errors, 400));
} }
// Step 2: Get logged-in employee List<EmployeeVM> result = new List<EmployeeVM>();
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); try
_logger.LogInfo("GetEmployeesByProject called by EmployeeId: {EmployeeId}, ProjectId: {ProjectId}, ShowInactive: {ShowInactive}", {
loggedInEmployee.Id, projectid ?? Guid.Empty, ShowInactive); // Dependency injection scope for services
using var scope = _serviceScopeFactory.CreateScope();
// Step 3: Fetch project access and permissions // Step 2: Get logged-in employee details
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
_logger.LogInfo("GetEmployeesByProject called. EmployeeId: {EmployeeId}, ProjectId: {ProjectId}, showInactive: {ShowInactive}",
loggedInEmployee.Id, projectId ?? Guid.Empty, showInactive);
// Step 3: Fetch permissions concurrently
var viewAllTask = Task.Run(async () =>
{
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
return await _permission.HasPermission(PermissionsMaster.ViewAllEmployees, loggedInEmployee.Id);
});
var viewTeamTask = Task.Run(async () =>
{
var _permission = scope.ServiceProvider.GetRequiredService<PermissionServices>();
return await _permission.HasPermission(PermissionsMaster.ViewTeamMembers, loggedInEmployee.Id);
});
await Task.WhenAll(viewAllTask, viewTeamTask);
var hasViewAllEmployeesPermission = viewAllTask.Result;
var hasViewTeamMembersPermission = viewTeamTask.Result;
List<Employee> employees = new List<Employee>();
// Step 4: Query based on permission
if (hasViewAllEmployeesPermission && !projectId.HasValue)
{
// OrganizationId needs to be retrieved from loggedInEmployee or context based on your app's structure
var employeeQuery = _context.Employees
.AsNoTracking() // Optimize EF query for read-only operation[web:1][web:13][web:18]
.Include(e => e.JobRole)
.Where(e => e.OrganizationId == organizationId);
employeeQuery = showInactive
? employeeQuery.Where(e => !e.IsActive)
: employeeQuery.Where(e => e.IsActive);
employees = await employeeQuery.ToListAsync();
_logger.LogInfo("Employee list fetched with full access. Count: {Count}", employees.Count);
}
else if (hasViewTeamMembersPermission && !showInactive && !projectId.HasValue)
{
// Only active team members with limited permission
var projectIds = await _projectServices.GetMyProjectIdsAsync(tenantId, loggedInEmployee); var projectIds = await _projectServices.GetMyProjectIdsAsync(tenantId, loggedInEmployee);
var hasViewAllEmployeesPermission = await _permission.HasPermission(PermissionsMaster.ViewAllEmployees, loggedInEmployee.Id); employees = await _context.ProjectAllocations
var hasViewTeamMembersPermission = await _permission.HasPermission(PermissionsMaster.ViewTeamMembers, loggedInEmployee.Id); .AsNoTracking()
.Include(pa => pa.Employee)
List<EmployeeVM> result = new(); .ThenInclude(e => e!.JobRole)
.Where(pa =>
// Step 4: Determine access level and fetch employees accordingly projectIds.Contains(pa.ProjectId)
if (hasViewAllEmployeesPermission || projectid != null) && pa.IsActive
{ && pa.Employee != null
result = await _employeeHelper.GetEmployeeByProjectId(tenantId, projectid, ShowInactive); && pa.Employee.IsActive
_logger.LogInfo("Employee list fetched using full access or specific project."); && pa.TenantId == tenantId)
} .Select(pa => pa.Employee!)
else if (hasViewTeamMembersPermission && !ShowInactive)
{
var employeeIds = await _context.ProjectAllocations
.Where(pa => projectIds.Contains(pa.ProjectId) && pa.IsActive && pa.TenantId == tenantId)
.Select(pa => pa.EmployeeId)
.Distinct() .Distinct()
.ToListAsync(); .ToListAsync();
var employees = await _context.Employees _logger.LogInfo("Employee list fetched with limited access (active only). Count: {Count}", employees.Count);
.Include(fp => fp.JobRole) }
.Where(e => employeeIds.Contains(e.Id) && e.JobRole != null && e.IsActive && e.TenantId == tenantId)
// If a specific projectId is provided, override employee fetching to ensure strict project context
if (projectId.HasValue)
{
employees = await _context.ProjectAllocations
.AsNoTracking()
.Include(pa => pa.Employee)
.ThenInclude(e => e!.JobRole)
.Where(pa =>
pa.ProjectId == projectId
&& pa.IsActive
&& pa.Employee != null
&& pa.Employee.IsActive
&& pa.TenantId == tenantId)
.Select(pa => pa.Employee!)
.Distinct() .Distinct()
.ToListAsync(); .ToListAsync();
result = employees.Select(e => e.ToEmployeeVMFromEmployee()).ToList(); _logger.LogInfo("Employee list fetched for specific project. ProjectId: {ProjectId}. Count: {Count}",
projectId, employees.Count);
_logger.LogInfo("Employee list fetched using limited access (active only).");
} }
else
// Step 5: Map to view model
result = employees.Select(e => _mapper.Map<EmployeeVM>(e)).Distinct().ToList();
_logger.LogInfo("Employees successfully fetched. EmployeeId: {EmployeeId} for ProjectId: {ProjectId}. Final Count: {Count}",
loggedInEmployee.Id, projectId ?? Guid.Empty, result.Count);
return Ok(ApiResponse<object>.SuccessResponse(result, "Filter applied.", 200));
}
catch (Exception ex)
{ {
_logger.LogWarning("Access denied for EmployeeId: {EmployeeId} - insufficient permissions.", loggedInEmployee.Id); // Step 6: Error logging and response[web:6]
return Ok(ApiResponse<object>.SuccessResponse(result, "Filter applied.", 200)); _logger.LogError(ex, "Exception occurred while getting the list of employees");
return StatusCode(500, ApiResponse<object>.ErrorResponse("Internal server error. Please try again later.", null, 500));
}
} }
// Step 5: Log and return results
_logger.LogInfo("Employees fetched successfully by EmployeeId: {EmployeeId} for ProjectId: {ProjectId}. Count: {Count}",
loggedInEmployee.Id, projectid ?? Guid.Empty, result.Count);
return Ok(ApiResponse<object>.SuccessResponse(result, "Filter applied.", 200));
}
[HttpGet("basic")] [HttpGet("basic")]
public async Task<IActionResult> GetEmployeesByProjectBasic(Guid? projectId, [FromQuery] string? searchString) public async Task<IActionResult> GetEmployeesByProjectBasic(Guid? projectId, [FromQuery] string? searchString)
@ -857,7 +913,7 @@ namespace MarcoBMS.Services.Controllers
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> SuspendEmployee(Guid id, [FromQuery] bool active = false) public async Task<IActionResult> SuspendEmployee(Guid id, [FromQuery] bool active = false)
{ {
using var scope = _serviceScope.CreateScope(); using var scope = _serviceScopeFactory.CreateScope();
Guid tenantId = _userHelper.GetTenantId(); Guid tenantId = _userHelper.GetTenantId();
var LoggedEmployee = await _userHelper.GetCurrentEmployeeAsync(); var LoggedEmployee = await _userHelper.GetCurrentEmployeeAsync();

26
Marco.Pms.Services/Controllers/OrganizationController.cs
View File

@ -357,6 +357,7 @@ namespace Marco.Pms.Services.Controllers
SPRID = organization.SPRID, SPRID = organization.SPRID,
AssignedDate = DateTime.UtcNow, AssignedDate = DateTime.UtcNow,
IsActive = true, IsActive = true,
AssignedById = loggedInEmployee.Id,
TenantId = project.TenantId TenantId = project.TenantId
}; };
_context.TenantOrgMappings.Add(newServiceProviderTenantMapping); _context.TenantOrgMappings.Add(newServiceProviderTenantMapping);
@ -365,20 +366,21 @@ namespace Marco.Pms.Services.Controllers
List<ProjectOrgMapping> projectOrgMappings = new List<ProjectOrgMapping>(); List<ProjectOrgMapping> projectOrgMappings = new List<ProjectOrgMapping>();
List<ProjectServiceMapping> projectServiceMappings = new List<ProjectServiceMapping>(); List<ProjectServiceMapping> projectServiceMappings = new List<ProjectServiceMapping>();
foreach (var serviceId in model.ServiceIds)
{
if (isPMC && model.OrganizationTypeId != ServiceProvider && model.OrganizationTypeId != SubContractorProvider) if (isPMC && model.OrganizationTypeId != ServiceProvider && model.OrganizationTypeId != SubContractorProvider)
{ {
continue; return StatusCode(403, ApiResponse<object>.ErrorResponse("Access Denied", "You don't have access to assign this type of organization", 403));
} }
if (isServiceProvider && model.OrganizationTypeId == ServiceProvider) if (isServiceProvider && model.OrganizationTypeId == ServiceProvider)
{ {
continue; return StatusCode(403, ApiResponse<object>.ErrorResponse("Access Denied", "You don't have access to assign this type of organization", 403));
} }
var isServiceExist = await _context.ServiceMasters.AnyAsync(s => s.Id == serviceId);
if (!isServiceExist) foreach (var serviceId in model.ServiceIds)
{ {
continue; var service = await _context.ServiceMasters.FirstOrDefaultAsync(s => s.Id == serviceId);
if (service == null)
{
return NotFound(ApiResponse<object>.ErrorResponse("Service not found", "Service not found in database", 404));
} }
var projectService = projectServices.FirstOrDefault(ps => ps.ServiceId == serviceId); var projectService = projectServices.FirstOrDefault(ps => ps.ServiceId == serviceId);
if (projectService == null) if (projectService == null)
@ -403,14 +405,17 @@ namespace Marco.Pms.Services.Controllers
OrganizationTypeId = model.OrganizationTypeId, OrganizationTypeId = model.OrganizationTypeId,
ParentOrganizationId = model.ParentOrganizationId ?? loggedInEmployee.OrganizationId, ParentOrganizationId = model.ParentOrganizationId ?? loggedInEmployee.OrganizationId,
AssignedDate = DateTime.UtcNow, AssignedDate = DateTime.UtcNow,
AssignedById = loggedInEmployee.Id,
TenantId = project.TenantId TenantId = project.TenantId
}; };
var projectOrganization = projectOrganizations var projectOrganization = projectOrganizations
.FirstOrDefault(po => po.ProjectService != null && po.ProjectService.ProjectId == project.Id && po.ProjectService.ServiceId == serviceId); .FirstOrDefault(po => po.ProjectService != null && po.ProjectService.ProjectId == project.Id && po.ProjectService.ServiceId == serviceId
if (projectOrganization == null) && po.OrganizationId == model.OrganizationId);
if (projectOrganization != null)
{ {
projectOrgMappings.Add(projectOrgMapping); return StatusCode(409, ApiResponse<object>.ErrorResponse("Organization is already assigned to this project", "Organization is already assigned to this project", 409));
} }
projectOrgMappings.Add(projectOrgMapping);
} }
if (projectServiceMappings.Any()) if (projectServiceMappings.Any())
@ -495,6 +500,7 @@ namespace Marco.Pms.Services.Controllers
SPRID = organization.SPRID, SPRID = organization.SPRID,
AssignedDate = DateTime.UtcNow, AssignedDate = DateTime.UtcNow,
IsActive = true, IsActive = true,
AssignedById = loggedInEmployee.Id,
TenantId = tenantId TenantId = tenantId
}; };
_context.TenantOrgMappings.Add(newServiceProviderTenantMapping); _context.TenantOrgMappings.Add(newServiceProviderTenantMapping);

39
Marco.Pms.Services/Helpers/EmployeeHelper.cs
View File

@ -1,4 +1,5 @@
 
using AutoMapper;
using Marco.Pms.DataAccess.Data; using Marco.Pms.DataAccess.Data;
using Marco.Pms.Model.Employees; using Marco.Pms.Model.Employees;
using Marco.Pms.Model.Mapper; using Marco.Pms.Model.Mapper;
@ -13,10 +14,12 @@ namespace MarcoBMS.Services.Helpers
{ {
private readonly ApplicationDbContext _context; private readonly ApplicationDbContext _context;
private readonly ILoggingService _logger; private readonly ILoggingService _logger;
public EmployeeHelper(ApplicationDbContext context, ILoggingService logger) private readonly IMapper _mapper;
public EmployeeHelper(ApplicationDbContext context, ILoggingService logger, IMapper mapper)
{ {
_context = context; _context = context;
_logger = logger; _logger = logger;
_mapper = mapper;
} }
public async Task<Employee> GetEmployeeByID(Guid EmployeeID) public async Task<Employee> GetEmployeeByID(Guid EmployeeID)
{ {
@ -72,38 +75,36 @@ namespace MarcoBMS.Services.Helpers
} }
} }
public async Task<List<EmployeeVM>> GetEmployeeByProjectId(Guid tenantId, Guid? projectId, bool ShowInActive) public async Task<List<EmployeeVM>> GetEmployeeByProjectId(Guid organizationId, Guid tenantId, Guid? projectId, bool ShowInActive)
{ {
try try
{ {
List<EmployeeVM> result = new List<EmployeeVM>(); List<Employee> employees = new List<Employee>();
if (projectId.HasValue) if (projectId.HasValue)
{ {
var employeeIds = await _context.ProjectAllocations employees = await _context.ProjectAllocations
.Where(pa => projectId == pa.ProjectId && pa.IsActive && pa.TenantId == tenantId) .Include(pa => pa.Employee)
.Select(pa => pa.EmployeeId) .ThenInclude(e => e!.JobRole)
.Where(pa => projectId == pa.ProjectId && pa.IsActive && pa.TenantId == tenantId && pa.Employee != null && pa.Employee.IsActive)
.Select(pa => pa.Employee!)
.Distinct() .Distinct()
.ToListAsync(); .ToListAsync();
var employees = await _context.Employees
.Include(fp => fp.JobRole)
.Where(e => employeeIds.Contains(e.Id) && e.JobRole != null && e.IsActive && e.TenantId == tenantId)
.Distinct()
.ToListAsync();
result = employees.Select(e => e.ToEmployeeVMFromEmployee()).ToList();
} }
else if (ShowInActive) else if (ShowInActive)
{ {
result = await _context.Employees.Where(c => c.TenantId == tenantId && c.IsActive == false).Include(fp => fp.JobRole) employees = await _context.Employees
.Select(c => c.ToEmployeeVMFromEmployee()).ToListAsync(); .Include(fp => fp.JobRole)
.Where(c => c.OrganizationId == organizationId && c.IsActive == false)
.ToListAsync();
} }
else else
{ {
result = await _context.Employees.Where(c => c.TenantId == tenantId && c.IsActive == true).Include(fp => fp.JobRole) employees = await _context.Employees
.Select(c => c.ToEmployeeVMFromEmployee()).ToListAsync(); .Include(fp => fp.JobRole)
.Where(c => c.OrganizationId == organizationId && c.IsActive == true)
.ToListAsync();
} }
var result = employees.Select(e => _mapper.Map<EmployeeVM>(e)).Distinct().ToList();
return result; return result;
} }
catch (Exception ex) catch (Exception ex)