admin/marco.pms.api
1
0
Fork 0
Code Issues Pull Requests 4 Actions Packages Projects Releases Wiki Activity

Compare commits

base: admin:56161d302bdf8a11d186c4649dd282623e355fa5
Branches Tags
admin:main
admin:Upgrade_Expense
admin:Project_Report_Datewise
admin:Ashutosh_Task#1622
admin:Ashutosh_Task#1612
admin:Ashutosh_Task#1609
admin:Inventory_Management
admin:Payment_Gatway_Management
admin:Payment_Gatway_Management_OFW
admin:Collection_Management
admin:OnFieldWork_V1
admin:Ashutosh_Bug#1498
admin:Ashutosh_AllowCredentials
admin:Ashutosh_Bug#1461
admin:Ashutosh_Enhancement#1452
admin:Organization_Management
admin:Ashutosh_Task_#1362
admin:Ashutosh_Task#1360
admin:Ashutosh_Enhancement_#1355
admin:Ashutosh_Enhancement#1347
admin:Ashutosh_Enhancement_#1297
admin:Ashutosh_Enhancement_#1293
admin:Firebase_Implementation
admin:Ashutosh_Task#1246
admin:Ashutosh_Task#1239
admin:Ashutosh_Task#1225
admin:Ashutosh_Subscription_Plan
admin:Ashutosh_Get_All_Permission
admin:Document_Manager
admin:Directory_Refactor
admin:Mobile_Logger_Feature
admin:Brevo_Mailling
admin:Ashutosh_Task#1036
admin:Ashutosh_Task#1029
admin:Ashutosh_Task#1027
admin:Ashutosh_Task#1026
admin:Ashutosh_Task#1025
admin:Ashutosh_Task#1013
admin:Ashutosh_Task#1010
admin:Ashutosh_Task#1011
admin:Ashutosh_Task#1009
admin:Ashutosh_Task#1019
admin:Ashutosh_Task#1018
admin:Ashutosh_Task#980
admin:Tenant_Management
admin:AppMenu
admin:Issues_Aug_1W
admin:Activity_Hierarchy
admin:Ashutosh_Bug#935
admin:profile_page
admin:Expanses_Management_Feature
admin:contact_import
admin:Issues_July_4W
admin:Change_MPIN_Digits
admin:Ashutosh_Refactor
admin:Ashutosh_Task#767
admin:Attendance_Weidget_feature
admin:ProjectDetails_Split_API
admin:Ashutosh_JWT_Token
admin:vikas#387_code_review
admin:Image_Gallery
admin:Ashutosh_Task#663
admin:Ashutosh_Enhancement_#631
admin:Issues_July_1W
admin:Issues_June_3W
admin:Ashutosh_Enhancement_#622
admin:Ashutosh_Task_#237
admin:Ashutosh_Task#513
admin:Approve_Task_Feature
admin:Ashutosh_Bug#529
admin:SingalR_Integration
admin:Approve_Task
admin:Acititvity_Images
admin:GlobalSelectProject
admin:Feature_Directory
admin:Ashutosh_Enhancement#496_ShortName
admin:pramod_Task#455
admin:pramod_Task#474
admin:Issue_Jun_1W_2
admin:Issue_Jun_2W
admin:Ashutosh_Task#484_Login_MPIN
admin:Ashutosh_Task#483_Login_OTP
admin:pramod_Task#448
admin:Ashutosh_Task#480_Send_OTP
admin:Ashutosh_Task#471_Create_MPIN
admin:Ashutosh_Task#469_Mobile_Login
admin:pramod_Task#465
admin:Issue_Jun_1W
admin:Ashutosh_Enhancement#456_Self_Attendance
admin:Ashutosh_Enhancement#276_TodaysPlanned
admin:Issue_May_5W
admin:Ashutosh_Enhancement#413_Manage_Employee
admin:Ashutosh_Task#269_Delete_Bucket
admin:Ashutosh_Task#387_Assign_Bucket
admin:Ashutosh_#375_To_#381
admin:Issue_May_4W
admin:Ashutosh_Task#316_Daily_Project_Report
admin:Ashutosh_Task#356_Directory_Management
admin:Ashutosh_Task#348_Activities_Report
admin:Ashutosh_Task#347_Project_Attendance_Report
admin:Ashutosh_Task#346_Pending_Attendance
admin:Ashutosh_Task#233_Update_Contact_Category
admin:Ashutosh_Task#250_Update_Bucket
admin:AshutoshEnhancement#332_Added_Filter_To_Contact_List
admin:Ashutosh_Task#263_Delete_Contact
admin:Ashutosh_Task#317_Get_Organization_List
admin:Ashutosh_Task#230_Get_Contact_By_Id
admin:pramod_Task-#237_Update_Contact_Tag
admin:Issue_May_3W
admin:Ashutosh_AppSettings_Changes
admin:Ashutosh_Contact_Note_CRUD
admin:Ashutosh_Task#234_Get_COntact_Category_By_Id
admin:Ashutosh_Task#246_Get_Note_List_By_ContactID
admin:Ashutosh_Task#266_Delete_Contact_Tag
admin:Ashutosh_Task#231_Get_Contact_By_BucketId
admin:Ashtush_Task#265_Delete_Contact_Category
admin:Ashutosh_Task#249_Create_Bucket
admin:Ashutosh_Tasl#236_Create_ContactTag
admin:pramod_Task#238
admin:Ashutosh_Task#228_Update_Contact
admin:Ashutosh_Task#235_Get_Contact_Category_List
admin:Ashutosh_Task#229_Create_Contact_Category
admin:Ashutosh_Task#226_Create_Contact
admin:pramod_Task#282
admin:Ashutosh_Task#124_Models_And_Dto
admin:Ashutosh_Feature_Permission
admin:Issues_May_2W
admin:Ashutosh_Enhancement#206_Added_WorkCategory_In_WorkItem
admin:Ashutosh_Enhancement_#214_Report_Task_At_Zero
admin:Ashutosh_Feature#208_WorkCategory_Master_Table
admin:Ashutosh_Enhancement#199_Manage_Employee_FromBody
admin:Ashtuosh_Bug#191_Incorrect_Success_Message
admin:Ashutosh_Enhancement#198_Added_IsSystem
admin:Ashutosh_Enhancement#172_Show_InactiveEmployees
admin:Ashutosh_Feature#183_Get_AttendanceLogs_By_EmployeeId
admin:Ashutosh_ApprovedBy_In_Attendes
admin:Ashutosh_Feature#174_Suspend_Employee
admin:Ashutosh_Feature#170_Task_Deletion
admin:Feature_Forum
admin:tmp-releae-head
admin:Ashutosh_Bug#127_Regularization_Time_Validation
admin:Ashutosh_Bug#125_Unable_To_Add_Checklist_Item
admin:Ashutosh_Bug#117_Null_Validation_In_Attendance_Log
admin:Ashutosh_Enhancement_#123_Possible_Null_Reference
admin:Ashutosh_Bug#119_Remove_CheckList_Item
admin:Ashutosh_Bug#114_Email_Template_Not_Found
admin:Ashutosh_Task#106_Upload_Whitelist_Only
admin:Ashutosh_Forum_APIs
admin:Ashutosh_Bug#108_Attendance_log
admin:Ashutosh_Enhancement_#104_Store_Images_In_AmazonS3
admin:TenantManagementV1
admin:Feature_Task_management
admin:Issues_April_4W
admin:Ashutosh_Task_#67_Request_Demo
admin:Ashutosh_Task_#79_Get_Industries_API
admin:Ashutosh_Bug_#75_Employee_duplicatation
admin:Ashutosh_Bug_#74_Attendance_Regularization_Date
admin:Feature_Image_Gallary
admin:Ashutosh_ActivityMaster_managenment
admin:Ashutosh_Dashboard
admin:Ashutosh_Null_Refrenance_Warning_Fixed
admin:Ashutosh_AddServerHeade_False
admin:Vaibhav_Resolved_Issues
admin:Issuses
admin:Ashutosh_Employee_Update_Validation
admin:vikas_38_featurepermission_issue
admin:Ashutosh_User_Validations
admin:Ashutosh_Bug#37_Attendance_Issues
admin:TeanantManagement
admin:pramod_Refactoring#12_UniqueApplicationRole
admin:Ashutosh_Task#16_UpdateTenant
admin:Ashutosh_Bug#18_Project_Duplicate
admin:Ashutosh_Task#14_TenantProfile
admin:Ashutosh_Bug#1_Cors_Configuration
admin:UserRights
admin:Ashutosh_SCRUM-58_Time_Discrepancies_Attendance
admin:Ashutosh_SCRUM-62_Decodeing_Token_Reset_password
admin:Ashutosh_CreateNewTenant
..
compare: admin:bb76c45195aee9d63c6412224055f0e1709a34c9
Branches Tags
admin:Upgrade_Expense
admin:Project_Report_Datewise
admin:Ashutosh_Task#1622
admin:Ashutosh_Task#1612
admin:Ashutosh_Task#1609
admin:Inventory_Management
admin:Payment_Gatway_Management
admin:Payment_Gatway_Management_OFW
admin:Collection_Management
admin:main
admin:OnFieldWork_V1
admin:Ashutosh_Bug#1498
admin:Ashutosh_AllowCredentials
admin:Ashutosh_Bug#1461
admin:Ashutosh_Enhancement#1452
admin:Organization_Management
admin:Ashutosh_Task_#1362
admin:Ashutosh_Task#1360
admin:Ashutosh_Enhancement_#1355
admin:Ashutosh_Enhancement#1347
admin:Ashutosh_Enhancement_#1297
admin:Ashutosh_Enhancement_#1293
admin:Firebase_Implementation
admin:Ashutosh_Task#1246
admin:Ashutosh_Task#1239
admin:Ashutosh_Task#1225
admin:Ashutosh_Subscription_Plan
admin:Ashutosh_Get_All_Permission
admin:Document_Manager
admin:Directory_Refactor
admin:Mobile_Logger_Feature
admin:Brevo_Mailling
admin:Ashutosh_Task#1036
admin:Ashutosh_Task#1029
admin:Ashutosh_Task#1027
admin:Ashutosh_Task#1026
admin:Ashutosh_Task#1025
admin:Ashutosh_Task#1013
admin:Ashutosh_Task#1010
admin:Ashutosh_Task#1011
admin:Ashutosh_Task#1009
admin:Ashutosh_Task#1019
admin:Ashutosh_Task#1018
admin:Ashutosh_Task#980
admin:Tenant_Management
admin:AppMenu
admin:Issues_Aug_1W
admin:Activity_Hierarchy
admin:Ashutosh_Bug#935
admin:profile_page
admin:Expanses_Management_Feature
admin:contact_import
admin:Issues_July_4W
admin:Change_MPIN_Digits
admin:Ashutosh_Refactor
admin:Ashutosh_Task#767
admin:Attendance_Weidget_feature
admin:ProjectDetails_Split_API
admin:Ashutosh_JWT_Token
admin:vikas#387_code_review
admin:Image_Gallery
admin:Ashutosh_Task#663
admin:Ashutosh_Enhancement_#631
admin:Issues_July_1W
admin:Issues_June_3W
admin:Ashutosh_Enhancement_#622
admin:Ashutosh_Task_#237
admin:Ashutosh_Task#513
admin:Approve_Task_Feature
admin:Ashutosh_Bug#529
admin:SingalR_Integration
admin:Approve_Task
admin:Acititvity_Images
admin:GlobalSelectProject
admin:Feature_Directory
admin:Ashutosh_Enhancement#496_ShortName
admin:pramod_Task#455
admin:pramod_Task#474
admin:Issue_Jun_1W_2
admin:Issue_Jun_2W
admin:Ashutosh_Task#484_Login_MPIN
admin:Ashutosh_Task#483_Login_OTP
admin:pramod_Task#448
admin:Ashutosh_Task#480_Send_OTP
admin:Ashutosh_Task#471_Create_MPIN
admin:Ashutosh_Task#469_Mobile_Login
admin:pramod_Task#465
admin:Issue_Jun_1W
admin:Ashutosh_Enhancement#456_Self_Attendance
admin:Ashutosh_Enhancement#276_TodaysPlanned
admin:Issue_May_5W
admin:Ashutosh_Enhancement#413_Manage_Employee
admin:Ashutosh_Task#269_Delete_Bucket
admin:Ashutosh_Task#387_Assign_Bucket
admin:Ashutosh_#375_To_#381
admin:Issue_May_4W
admin:Ashutosh_Task#316_Daily_Project_Report
admin:Ashutosh_Task#356_Directory_Management
admin:Ashutosh_Task#348_Activities_Report
admin:Ashutosh_Task#347_Project_Attendance_Report
admin:Ashutosh_Task#346_Pending_Attendance
admin:Ashutosh_Task#233_Update_Contact_Category
admin:Ashutosh_Task#250_Update_Bucket
admin:AshutoshEnhancement#332_Added_Filter_To_Contact_List
admin:Ashutosh_Task#263_Delete_Contact
admin:Ashutosh_Task#317_Get_Organization_List
admin:Ashutosh_Task#230_Get_Contact_By_Id
admin:pramod_Task-#237_Update_Contact_Tag
admin:Issue_May_3W
admin:Ashutosh_AppSettings_Changes
admin:Ashutosh_Contact_Note_CRUD
admin:Ashutosh_Task#234_Get_COntact_Category_By_Id
admin:Ashutosh_Task#246_Get_Note_List_By_ContactID
admin:Ashutosh_Task#266_Delete_Contact_Tag
admin:Ashutosh_Task#231_Get_Contact_By_BucketId
admin:Ashtush_Task#265_Delete_Contact_Category
admin:Ashutosh_Task#249_Create_Bucket
admin:Ashutosh_Tasl#236_Create_ContactTag
admin:pramod_Task#238
admin:Ashutosh_Task#228_Update_Contact
admin:Ashutosh_Task#235_Get_Contact_Category_List
admin:Ashutosh_Task#229_Create_Contact_Category
admin:Ashutosh_Task#226_Create_Contact
admin:pramod_Task#282
admin:Ashutosh_Task#124_Models_And_Dto
admin:Ashutosh_Feature_Permission
admin:Issues_May_2W
admin:Ashutosh_Enhancement#206_Added_WorkCategory_In_WorkItem
admin:Ashutosh_Enhancement_#214_Report_Task_At_Zero
admin:Ashutosh_Feature#208_WorkCategory_Master_Table
admin:Ashutosh_Enhancement#199_Manage_Employee_FromBody
admin:Ashtuosh_Bug#191_Incorrect_Success_Message
admin:Ashutosh_Enhancement#198_Added_IsSystem
admin:Ashutosh_Enhancement#172_Show_InactiveEmployees
admin:Ashutosh_Feature#183_Get_AttendanceLogs_By_EmployeeId
admin:Ashutosh_ApprovedBy_In_Attendes
admin:Ashutosh_Feature#174_Suspend_Employee
admin:Ashutosh_Feature#170_Task_Deletion
admin:Feature_Forum
admin:tmp-releae-head
admin:Ashutosh_Bug#127_Regularization_Time_Validation
admin:Ashutosh_Bug#125_Unable_To_Add_Checklist_Item
admin:Ashutosh_Bug#117_Null_Validation_In_Attendance_Log
admin:Ashutosh_Enhancement_#123_Possible_Null_Reference
admin:Ashutosh_Bug#119_Remove_CheckList_Item
admin:Ashutosh_Bug#114_Email_Template_Not_Found
admin:Ashutosh_Task#106_Upload_Whitelist_Only
admin:Ashutosh_Forum_APIs
admin:Ashutosh_Bug#108_Attendance_log
admin:Ashutosh_Enhancement_#104_Store_Images_In_AmazonS3
admin:TenantManagementV1
admin:Feature_Task_management
admin:Issues_April_4W
admin:Ashutosh_Task_#67_Request_Demo
admin:Ashutosh_Task_#79_Get_Industries_API
admin:Ashutosh_Bug_#75_Employee_duplicatation
admin:Ashutosh_Bug_#74_Attendance_Regularization_Date
admin:Feature_Image_Gallary
admin:Ashutosh_ActivityMaster_managenment
admin:Ashutosh_Dashboard
admin:Ashutosh_Null_Refrenance_Warning_Fixed
admin:Ashutosh_AddServerHeade_False
admin:Vaibhav_Resolved_Issues
admin:Issuses
admin:Ashutosh_Employee_Update_Validation
admin:vikas_38_featurepermission_issue
admin:Ashutosh_User_Validations
admin:Ashutosh_Bug#37_Attendance_Issues
admin:TeanantManagement
admin:pramod_Refactoring#12_UniqueApplicationRole
admin:Ashutosh_Task#16_UpdateTenant
admin:Ashutosh_Bug#18_Project_Duplicate
admin:Ashutosh_Task#14_TenantProfile
admin:Ashutosh_Bug#1_Cors_Configuration
admin:UserRights
admin:Ashutosh_SCRUM-58_Time_Discrepancies_Attendance
admin:Ashutosh_SCRUM-62_Decodeing_Token_Reset_password
admin:Ashutosh_CreateNewTenant

No commits in common. "56161d302bdf8a11d186c4649dd282623e355fa5" and "bb76c45195aee9d63c6412224055f0e1709a34c9" have entirely different histories.
56161d302b ... bb76c45195

6 changed files with 57 additions and 66 deletions
Show Stats Expand all files Collapse all files

28
Marco.Pms.Model/Entitlements/PermissionsMaster.cs
View File

@ -1,28 +0,0 @@
namespace Marco.Pms.Model.Entitlements
{
public static class PermissionsMaster
{
public static readonly Guid DirectoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda");
public static readonly Guid DirectoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5");
public static readonly Guid DirectoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb");
public static readonly Guid ViewProject = Guid.Parse("6ea44136-987e-44ba-9e5d-1cf8f5837ebc");
public static readonly Guid ManageProject = Guid.Parse("172fc9b6-755b-4f62-ab26-55c34a330614");
public static readonly Guid ManageTeam = Guid.Parse("b94802ce-0689-4643-9e1d-11c86950c35b");
public static readonly Guid ViewProjectInfra = Guid.Parse("8d7cc6e3-9147-41f7-aaa7-fa507e450bd4");
public static readonly Guid ManageProjectInfra = Guid.Parse("cf2825ad-453b-46aa-91d9-27c124d63373");
public static readonly Guid ViewTask = Guid.Parse("9fcc5f87-25e3-4846-90ac-67a71ab92e3c");
public static readonly Guid AddAndEditTask = Guid.Parse("08752f33-3b29-4816-b76b-ea8a968ed3c5");
public static readonly Guid AssignAndReportProgress = Guid.Parse("6a32379b-8b3f-49a6-8c48-4b7ac1b55dc2");
public static readonly Guid ApproveTask = Guid.Parse("db4e40c5-2ba9-4b6d-b8a6-a16a250ff99c");
public static readonly Guid ViewAllEmployees = Guid.Parse("60611762-7f8a-4fb5-b53f-b1139918796b");
public static readonly Guid ViewTeamMembers = Guid.Parse("b82d2b7e-0d52-45f3-997b-c008ea460e7f");
public static readonly Guid AddAndEditEmployee = Guid.Parse("a97d366a-c2bb-448d-be93-402bd2324566");
public static readonly Guid AssignRoles = Guid.Parse("fbd213e0-0250-46f1-9f5f-4b2a1e6e76a3");
public static readonly Guid TeamAttendance = Guid.Parse("915e6bff-65f6-4e3f-aea8-3fd217d3ea9e");
public static readonly Guid RegularizeAttendance = Guid.Parse("57802c4a-00aa-4a1f-a048-fd2f70dd44b6");
public static readonly Guid SelfAttendance = Guid.Parse("ccb0589f-712b-43de-92ed-5b6088e7dc4e");
public static readonly Guid ViewMasters = Guid.Parse("5ffbafe0-7ab0-48b1-bb50-c1bf76b65f9d");
public static readonly Guid ManageMasters = Guid.Parse("588a8824-f924-4955-82d8-fc51956cf323");
}
}

8
Marco.Pms.Services/Controllers/EmployeeController.cs
View File

@ -38,6 +38,8 @@ namespace MarcoBMS.Services.Controllers
private readonly IHubContext<MarcoHub> _signalR; private readonly IHubContext<MarcoHub> _signalR;
private readonly PermissionServices _permission; private readonly PermissionServices _permission;
private readonly ProjectsHelper _projectsHelper; private readonly ProjectsHelper _projectsHelper;
private readonly Guid ViewAllEmployees;
private readonly Guid ViewTeamMembers;
private readonly Guid tenantId; private readonly Guid tenantId;
@ -54,6 +56,8 @@ namespace MarcoBMS.Services.Controllers
_logger = logger; _logger = logger;
_signalR = signalR; _signalR = signalR;
_permission = permission; _permission = permission;
ViewAllEmployees = Guid.Parse("60611762-7f8a-4fb5-b53f-b1139918796b");
ViewTeamMembers = Guid.Parse("b82d2b7e-0d52-45f3-997b-c008ea460e7f");
_projectsHelper = projectsHelper; _projectsHelper = projectsHelper;
tenantId = _userHelper.GetTenantId(); tenantId = _userHelper.GetTenantId();
} }
@ -122,8 +126,8 @@ namespace MarcoBMS.Services.Controllers
List<Project> projects = await _projectsHelper.GetMyProjects(tenantId, loggedInEmployee); List<Project> projects = await _projectsHelper.GetMyProjects(tenantId, loggedInEmployee);
var projectIds = projects.Select(p => p.Id).ToList(); var projectIds = projects.Select(p => p.Id).ToList();
var hasViewAllEmployeesPermission = await _permission.HasPermission(PermissionsMaster.ViewAllEmployees, loggedInEmployee.Id); var hasViewAllEmployeesPermission = await _permission.HasPermission(ViewAllEmployees, loggedInEmployee.Id);
var hasViewTeamMembersPermission = await _permission.HasPermission(PermissionsMaster.ViewTeamMembers, loggedInEmployee.Id); var hasViewTeamMembersPermission = await _permission.HasPermission(ViewTeamMembers, loggedInEmployee.Id);
List<EmployeeVM> result = new(); List<EmployeeVM> result = new();

12
Marco.Pms.Services/Controllers/TaskController.cs
View File

@ -32,6 +32,9 @@ namespace MarcoBMS.Services.Controllers
private readonly ILoggingService _logger; private readonly ILoggingService _logger;
private readonly IHubContext<MarcoHub> _signalR; private readonly IHubContext<MarcoHub> _signalR;
private readonly PermissionServices _permissionServices; private readonly PermissionServices _permissionServices;
private readonly CacheUpdateHelper _cache;
private readonly Guid Approve_Task;
private readonly Guid Assign_Report_Task;
public TaskController(ApplicationDbContext context, UserHelper userHelper, S3UploadService s3Service, ILoggingService logger, PermissionServices permissionServices, public TaskController(ApplicationDbContext context, UserHelper userHelper, S3UploadService s3Service, ILoggingService logger, PermissionServices permissionServices,
IHubContext<MarcoHub> signalR, CacheUpdateHelper cache) IHubContext<MarcoHub> signalR, CacheUpdateHelper cache)
@ -42,6 +45,9 @@ namespace MarcoBMS.Services.Controllers
_logger = logger; _logger = logger;
_signalR = signalR; _signalR = signalR;
_permissionServices = permissionServices; _permissionServices = permissionServices;
_cache = cache;
Approve_Task = Guid.Parse("db4e40c5-2ba9-4b6d-b8a6-a16a250ff99c");
Assign_Report_Task = Guid.Parse("6a32379b-8b3f-49a6-8c48-4b7ac1b55dc2");
} }
private Guid GetTenantId() private Guid GetTenantId()
@ -69,7 +75,7 @@ namespace MarcoBMS.Services.Controllers
var employee = await _userHelper.GetCurrentEmployeeAsync(); var employee = await _userHelper.GetCurrentEmployeeAsync();
// Check for permission to approve tasks // Check for permission to approve tasks
var hasPermission = await _permissionServices.HasPermission(PermissionsMaster.AssignAndReportProgress, employee.Id); var hasPermission = await _permissionServices.HasPermission(Assign_Report_Task, employee.Id);
if (!hasPermission) if (!hasPermission)
{ {
_logger.LogWarning("Employee {EmployeeId} attempted to assign Task without permission", employee.Id); _logger.LogWarning("Employee {EmployeeId} attempted to assign Task without permission", employee.Id);
@ -135,7 +141,7 @@ namespace MarcoBMS.Services.Controllers
var tenantId = GetTenantId(); var tenantId = GetTenantId();
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
var hasPermission = await _permissionServices.HasPermission(PermissionsMaster.AssignAndReportProgress, loggedInEmployee.Id); var hasPermission = await _permissionServices.HasPermission(Assign_Report_Task, loggedInEmployee.Id);
if (!hasPermission) if (!hasPermission)
{ {
_logger.LogWarning("Unauthorized task report attempt by Employee {EmployeeId} for Task {TaskId}", loggedInEmployee.Id, reportTask.Id); _logger.LogWarning("Unauthorized task report attempt by Employee {EmployeeId} for Task {TaskId}", loggedInEmployee.Id, reportTask.Id);
@ -705,7 +711,7 @@ namespace MarcoBMS.Services.Controllers
} }
// Check for permission to approve tasks // Check for permission to approve tasks
var hasPermission = await _permissionServices.HasPermission(PermissionsMaster.ApproveTask, loggedInEmployee.Id); var hasPermission = await _permissionServices.HasPermission(Approve_Task, loggedInEmployee.Id);
if (!hasPermission) if (!hasPermission)
{ {
_logger.LogWarning("Employee {EmployeeId} attempted to approve Task {TaskId} without permission", loggedInEmployee.Id, approveTask.Id); _logger.LogWarning("Employee {EmployeeId} attempted to approve Task {TaskId} without permission", loggedInEmployee.Id, approveTask.Id);

9
Marco.Pms.Services/Controllers/UserController.cs
View File

@ -22,7 +22,7 @@ namespace MarcoBMS.Services.Controllers
private readonly ProjectsHelper _projectsHelper; private readonly ProjectsHelper _projectsHelper;
private readonly RolesHelper _rolesHelper; private readonly RolesHelper _rolesHelper;
public UserController(EmployeeHelper employeeHelper, ProjectsHelper projectsHelper, UserHelper userHelper, RolesHelper rolesHelper) public UserController(EmployeeHelper employeeHelper, ProjectsHelper projectsHelper, UserHelper userHelper, RolesHelper rolesHelper)
{ {
_userHelper = userHelper; _userHelper = userHelper;
_employeeHelper = employeeHelper; _employeeHelper = employeeHelper;
@ -45,7 +45,7 @@ namespace MarcoBMS.Services.Controllers
var user = await _userHelper.GetCurrentUserAsync(); var user = await _userHelper.GetCurrentUserAsync();
Employee emp = new Employee { }; Employee emp = new Employee { };
if (user != null) if(user != null)
{ {
emp = await _employeeHelper.GetEmployeeByApplicationUserID(user.Id); emp = await _employeeHelper.GetEmployeeByApplicationUserID(user.Id);
} }
@ -54,10 +54,9 @@ namespace MarcoBMS.Services.Controllers
string[] projectsId = []; string[] projectsId = [];
/* User with permission manage project can see all projects */ /* User with permission manage project can see all projects */
if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614")) if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614")) {
{
List<Project> projects = await _projectsHelper.GetAllProjectByTanentID(emp.TenantId); List<Project> projects = await _projectsHelper.GetAllProjectByTanentID(emp.TenantId);
projectsId = projects.Select(c => c.Id.ToString()).ToArray(); projectsId = projects.Select(c=>c.Id.ToString()).ToArray();
} }
else else
{ {

53
Marco.Pms.Services/Helpers/DirectoryHelper.cs
View File

@ -1,7 +1,6 @@
using Marco.Pms.DataAccess.Data; using Marco.Pms.DataAccess.Data;
using Marco.Pms.Model.Directory; using Marco.Pms.Model.Directory;
using Marco.Pms.Model.Dtos.Directory; using Marco.Pms.Model.Dtos.Directory;
using Marco.Pms.Model.Entitlements;
using Marco.Pms.Model.Mapper; using Marco.Pms.Model.Mapper;
using Marco.Pms.Model.Projects; using Marco.Pms.Model.Projects;
using Marco.Pms.Model.Utilities; using Marco.Pms.Model.Utilities;
@ -21,6 +20,9 @@ namespace Marco.Pms.Services.Helpers
private readonly ILoggingService _logger; private readonly ILoggingService _logger;
private readonly UserHelper _userHelper; private readonly UserHelper _userHelper;
private readonly PermissionServices _permissionServices; private readonly PermissionServices _permissionServices;
private readonly Guid directoryAdmin;
private readonly Guid directoryManager;
private readonly Guid directoryUser;
public DirectoryHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices) public DirectoryHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices)
{ {
@ -28,8 +30,13 @@ namespace Marco.Pms.Services.Helpers
_logger = logger; _logger = logger;
_userHelper = userHelper; _userHelper = userHelper;
_permissionServices = permissionServices; _permissionServices = permissionServices;
directoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda");
directoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5");
directoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb");
} }
public async Task<ApiResponse<object>> GetListOfContacts(string? search, bool active, ContactFilterDto? filterDto, Guid? projectId) public async Task<ApiResponse<object>> GetListOfContacts(string? search, bool active, ContactFilterDto? filterDto, Guid? projectId)
{ {
Guid tenantId = _userHelper.GetTenantId(); Guid tenantId = _userHelper.GetTenantId();
@ -38,12 +45,12 @@ namespace Marco.Pms.Services.Helpers
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync(); List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync();
List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList(); List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList();
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) if (permissionIds.Contains(directoryAdmin))
{ {
var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync(); var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync();
bucketIds = buckets.Select(b => b.Id).ToList(); bucketIds = buckets.Select(b => b.Id).ToList();
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser)) else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
{ {
var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync(); var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
var createdBucketIds = buckets.Select(b => b.Id).ToList(); var createdBucketIds = buckets.Select(b => b.Id).ToList();
@ -192,11 +199,11 @@ namespace Marco.Pms.Services.Helpers
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
EmployeeBucketMapping? employeeBucket = null; EmployeeBucketMapping? employeeBucket = null;
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) if (permissionIds.Contains(directoryAdmin))
{ {
employeeBucket = employeeBuckets.FirstOrDefault(); employeeBucket = employeeBuckets.FirstOrDefault();
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser)) else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
{ {
employeeBucket = employeeBuckets.FirstOrDefault(eb => eb.EmployeeId == LoggedInEmployee.Id); employeeBucket = employeeBuckets.FirstOrDefault(eb => eb.EmployeeId == LoggedInEmployee.Id);
} }
@ -476,12 +483,12 @@ namespace Marco.Pms.Services.Helpers
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync(); List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync();
List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList(); List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList();
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) if (permissionIds.Contains(directoryAdmin))
{ {
var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync(); var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync();
bucketIds = buckets.Select(b => b.Id).ToList(); bucketIds = buckets.Select(b => b.Id).ToList();
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser)) else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
{ {
var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync(); var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
var createdBucketIds = buckets.Select(b => b.Id).ToList(); var createdBucketIds = buckets.Select(b => b.Id).ToList();
@ -912,9 +919,9 @@ namespace Marco.Pms.Services.Helpers
} }
// --- Permission Checks --- // --- Permission Checks ---
var hasAdminPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryAdmin, loggedInEmployee.Id); var hasAdminPermission = await _permissionServices.HasPermission(directoryAdmin, loggedInEmployee.Id);
var hasManagerPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryAdmin, loggedInEmployee.Id); var hasManagerPermission = await _permissionServices.HasPermission(directoryManager, loggedInEmployee.Id);
var hasUserPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryUser, loggedInEmployee.Id); var hasUserPermission = await _permissionServices.HasPermission(directoryUser, loggedInEmployee.Id);
IQueryable<ContactNote> notesQuery = _context.ContactNotes IQueryable<ContactNote> notesQuery = _context.ContactNotes
.Include(cn => cn.UpdatedBy) .Include(cn => cn.UpdatedBy)
@ -1159,11 +1166,11 @@ namespace Marco.Pms.Services.Helpers
var bucketIds = employeeBuckets.Select(b => b.BucketId).ToList(); var bucketIds = employeeBuckets.Select(b => b.BucketId).ToList();
List<EmployeeBucketMapping> employeeBucketVM = await _context.EmployeeBucketMappings.Where(b => bucketIds.Contains(b.BucketId)).ToListAsync(); List<EmployeeBucketMapping> employeeBucketVM = await _context.EmployeeBucketMappings.Where(b => bucketIds.Contains(b.BucketId)).ToListAsync();
List<Bucket> bucketList = new List<Bucket>(); List<Bucket> bucketList = new List<Bucket>();
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) if (permissionIds.Contains(directoryAdmin))
{ {
bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => b.TenantId == tenantId).ToListAsync(); bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => b.TenantId == tenantId).ToListAsync();
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser)) else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
{ {
bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => bucketIds.Contains(b.Id) || b.CreatedByID == LoggedInEmployee.Id).ToListAsync(); bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => bucketIds.Contains(b.Id) || b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
} }
@ -1201,8 +1208,8 @@ namespace Marco.Pms.Services.Helpers
{ {
var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync(); var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync();
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
var demo = !permissionIds.Contains(PermissionsMaster.DirectoryUser); var demo = !permissionIds.Contains(directoryUser);
if (!permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && !permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && !permissionIds.Contains(PermissionsMaster.DirectoryUser)) if (!permissionIds.Contains(directoryAdmin) && !permissionIds.Contains(directoryManager) && !permissionIds.Contains(directoryUser))
{ {
_logger.LogError("Employee {EmployeeId} attemped to create a bucket, but do not have permission", LoggedInEmployee.Id); _logger.LogError("Employee {EmployeeId} attemped to create a bucket, but do not have permission", LoggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401); return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401);
@ -1259,15 +1266,15 @@ namespace Marco.Pms.Services.Helpers
} }
Bucket? accessableBucket = null; Bucket? accessableBucket = null;
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) if (permissionIds.Contains(directoryAdmin))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(id)) else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(id))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryUser)) else if (permissionIds.Contains(directoryUser))
{ {
if (bucket.CreatedByID == LoggedInEmployee.Id) if (bucket.CreatedByID == LoggedInEmployee.Id)
{ {
@ -1325,15 +1332,15 @@ namespace Marco.Pms.Services.Helpers
var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList(); var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList();
var employeeBucketIds = employeeBuckets.Select(eb => eb.EmployeeId).ToList(); var employeeBucketIds = employeeBuckets.Select(eb => eb.EmployeeId).ToList();
Bucket? accessableBucket = null; Bucket? accessableBucket = null;
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) if (permissionIds.Contains(directoryAdmin))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(bucketId)) else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(bucketId))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryUser)) else if (permissionIds.Contains(directoryUser))
{ {
if (bucket.CreatedByID == LoggedInEmployee.Id) if (bucket.CreatedByID == LoggedInEmployee.Id)
{ {
@ -1426,15 +1433,15 @@ namespace Marco.Pms.Services.Helpers
var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList(); var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList();
Bucket? accessableBucket = null; Bucket? accessableBucket = null;
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin)) if (permissionIds.Contains(directoryAdmin))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(id)) else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(id))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(PermissionsMaster.DirectoryUser)) else if (permissionIds.Contains(directoryUser))
{ {
if (bucket.CreatedByID == LoggedInEmployee.Id) if (bucket.CreatedByID == LoggedInEmployee.Id)
{ {

13
Marco.Pms.Services/Helpers/MasterHelper.cs
View File

@ -2,7 +2,6 @@
using Marco.Pms.Model.Directory; using Marco.Pms.Model.Directory;
using Marco.Pms.Model.Dtos.Master; using Marco.Pms.Model.Dtos.Master;
using Marco.Pms.Model.Employees; using Marco.Pms.Model.Employees;
using Marco.Pms.Model.Entitlements;
using Marco.Pms.Model.Mapper; using Marco.Pms.Model.Mapper;
using Marco.Pms.Model.Master; using Marco.Pms.Model.Master;
using Marco.Pms.Model.Utilities; using Marco.Pms.Model.Utilities;
@ -20,6 +19,8 @@ namespace Marco.Pms.Services.Helpers
private readonly ILoggingService _logger; private readonly ILoggingService _logger;
private readonly UserHelper _userHelper; private readonly UserHelper _userHelper;
private readonly PermissionServices _permissionService; private readonly PermissionServices _permissionService;
private readonly Guid View_Master;
private readonly Guid Manage_Master;
public MasterHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices) public MasterHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices)
@ -28,6 +29,8 @@ namespace Marco.Pms.Services.Helpers
_logger = logger; _logger = logger;
_userHelper = userHelper; _userHelper = userHelper;
_permissionService = permissionServices; _permissionService = permissionServices;
View_Master = Guid.Parse("5ffbafe0-7ab0-48b1-bb50-c1bf76b65f9d");
Manage_Master = Guid.Parse("588a8824-f924-4955-82d8-fc51956cf323");
} }
// -------------------------------- Contact Category -------------------------------- // -------------------------------- Contact Category --------------------------------
public async Task<ApiResponse<object>> CreateContactCategory(CreateContactCategoryDto contactCategoryDto) public async Task<ApiResponse<object>> CreateContactCategory(CreateContactCategoryDto contactCategoryDto)
@ -264,7 +267,7 @@ namespace Marco.Pms.Services.Helpers
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
// Step 2: Check permission to view master data // Step 2: Check permission to view master data
bool hasViewPermission = await _permissionService.HasPermission(PermissionsMaster.ViewMasters, loggedInEmployee.Id); bool hasViewPermission = await _permissionService.HasPermission(View_Master, loggedInEmployee.Id);
if (!hasViewPermission) if (!hasViewPermission)
{ {
_logger.LogWarning("Access denied for employeeId: {EmployeeId}", loggedInEmployee.Id); _logger.LogWarning("Access denied for employeeId: {EmployeeId}", loggedInEmployee.Id);
@ -309,7 +312,7 @@ namespace Marco.Pms.Services.Helpers
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
// Step 2: Check if user has permission to manage master data // Step 2: Check if user has permission to manage master data
var hasManageMasterPermission = await _permissionService.HasPermission(PermissionsMaster.ManageMasters, loggedInEmployee.Id); var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id);
if (!hasManageMasterPermission) if (!hasManageMasterPermission)
{ {
_logger.LogWarning("Access denied for employeeId: {EmployeeId}", loggedInEmployee.Id); _logger.LogWarning("Access denied for employeeId: {EmployeeId}", loggedInEmployee.Id);
@ -365,7 +368,7 @@ namespace Marco.Pms.Services.Helpers
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
// Step 3: Check permissions // Step 3: Check permissions
var hasManageMasterPermission = await _permissionService.HasPermission(PermissionsMaster.ManageMasters, loggedInEmployee.Id); var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id);
if (!hasManageMasterPermission) if (!hasManageMasterPermission)
{ {
_logger.LogWarning("Access denied. EmployeeId: {EmployeeId} does not have Manage Master permission.", loggedInEmployee.Id); _logger.LogWarning("Access denied. EmployeeId: {EmployeeId} does not have Manage Master permission.", loggedInEmployee.Id);
@ -418,7 +421,7 @@ namespace Marco.Pms.Services.Helpers
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
// Step 2: Check permission to manage master data // Step 2: Check permission to manage master data
var hasManageMasterPermission = await _permissionService.HasPermission(PermissionsMaster.ManageMasters, loggedInEmployee.Id); var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id);
if (!hasManageMasterPermission) if (!hasManageMasterPermission)
{ {
_logger.LogWarning("Delete denied. EmployeeId: {EmployeeId} lacks Manage_Master permission.", loggedInEmployee.Id); _logger.LogWarning("Delete denied. EmployeeId: {EmployeeId} lacks Manage_Master permission.", loggedInEmployee.Id);