Compare commits
18 Commits
bb76c45195
...
56161d302b
| Author | SHA1 | Date | |
|---|---|---|---|
| 56161d302b | |||
| 8e3eedbfa7 | |||
| 3c8a044d66 | |||
| ff722503d5 | |||
| 669500e57e | |||
| 3e316ef388 | |||
| 3ec4bd762f | |||
| 0be200e77a | |||
| 3646163593 | |||
| cbcc3398c3 | |||
| d8cf87aee4 | |||
| 3d8e91d58d | |||
| 129ccf7fae | |||
| 3e8ef856d4 | |||
| de3fa6b929 | |||
| 183d72017d | |||
| 2304912bf8 | |||
| 5c1dcd89b5 |
28
Marco.Pms.Model/Entitlements/PermissionsMaster.cs
Normal file
28
Marco.Pms.Model/Entitlements/PermissionsMaster.cs
Normal file
@ -0,0 +1,28 @@
|
||||
namespace Marco.Pms.Model.Entitlements
|
||||
{
|
||||
public static class PermissionsMaster
|
||||
{
|
||||
public static readonly Guid DirectoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda");
|
||||
public static readonly Guid DirectoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5");
|
||||
public static readonly Guid DirectoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb");
|
||||
public static readonly Guid ViewProject = Guid.Parse("6ea44136-987e-44ba-9e5d-1cf8f5837ebc");
|
||||
public static readonly Guid ManageProject = Guid.Parse("172fc9b6-755b-4f62-ab26-55c34a330614");
|
||||
public static readonly Guid ManageTeam = Guid.Parse("b94802ce-0689-4643-9e1d-11c86950c35b");
|
||||
public static readonly Guid ViewProjectInfra = Guid.Parse("8d7cc6e3-9147-41f7-aaa7-fa507e450bd4");
|
||||
public static readonly Guid ManageProjectInfra = Guid.Parse("cf2825ad-453b-46aa-91d9-27c124d63373");
|
||||
public static readonly Guid ViewTask = Guid.Parse("9fcc5f87-25e3-4846-90ac-67a71ab92e3c");
|
||||
public static readonly Guid AddAndEditTask = Guid.Parse("08752f33-3b29-4816-b76b-ea8a968ed3c5");
|
||||
public static readonly Guid AssignAndReportProgress = Guid.Parse("6a32379b-8b3f-49a6-8c48-4b7ac1b55dc2");
|
||||
public static readonly Guid ApproveTask = Guid.Parse("db4e40c5-2ba9-4b6d-b8a6-a16a250ff99c");
|
||||
public static readonly Guid ViewAllEmployees = Guid.Parse("60611762-7f8a-4fb5-b53f-b1139918796b");
|
||||
public static readonly Guid ViewTeamMembers = Guid.Parse("b82d2b7e-0d52-45f3-997b-c008ea460e7f");
|
||||
public static readonly Guid AddAndEditEmployee = Guid.Parse("a97d366a-c2bb-448d-be93-402bd2324566");
|
||||
public static readonly Guid AssignRoles = Guid.Parse("fbd213e0-0250-46f1-9f5f-4b2a1e6e76a3");
|
||||
public static readonly Guid TeamAttendance = Guid.Parse("915e6bff-65f6-4e3f-aea8-3fd217d3ea9e");
|
||||
public static readonly Guid RegularizeAttendance = Guid.Parse("57802c4a-00aa-4a1f-a048-fd2f70dd44b6");
|
||||
public static readonly Guid SelfAttendance = Guid.Parse("ccb0589f-712b-43de-92ed-5b6088e7dc4e");
|
||||
public static readonly Guid ViewMasters = Guid.Parse("5ffbafe0-7ab0-48b1-bb50-c1bf76b65f9d");
|
||||
public static readonly Guid ManageMasters = Guid.Parse("588a8824-f924-4955-82d8-fc51956cf323");
|
||||
}
|
||||
}
|
||||
|
||||
@ -38,8 +38,6 @@ namespace MarcoBMS.Services.Controllers
|
||||
private readonly IHubContext<MarcoHub> _signalR;
|
||||
private readonly PermissionServices _permission;
|
||||
private readonly ProjectsHelper _projectsHelper;
|
||||
private readonly Guid ViewAllEmployees;
|
||||
private readonly Guid ViewTeamMembers;
|
||||
private readonly Guid tenantId;
|
||||
|
||||
|
||||
@ -56,8 +54,6 @@ namespace MarcoBMS.Services.Controllers
|
||||
_logger = logger;
|
||||
_signalR = signalR;
|
||||
_permission = permission;
|
||||
ViewAllEmployees = Guid.Parse("60611762-7f8a-4fb5-b53f-b1139918796b");
|
||||
ViewTeamMembers = Guid.Parse("b82d2b7e-0d52-45f3-997b-c008ea460e7f");
|
||||
_projectsHelper = projectsHelper;
|
||||
tenantId = _userHelper.GetTenantId();
|
||||
}
|
||||
@ -126,8 +122,8 @@ namespace MarcoBMS.Services.Controllers
|
||||
List<Project> projects = await _projectsHelper.GetMyProjects(tenantId, loggedInEmployee);
|
||||
var projectIds = projects.Select(p => p.Id).ToList();
|
||||
|
||||
var hasViewAllEmployeesPermission = await _permission.HasPermission(ViewAllEmployees, loggedInEmployee.Id);
|
||||
var hasViewTeamMembersPermission = await _permission.HasPermission(ViewTeamMembers, loggedInEmployee.Id);
|
||||
var hasViewAllEmployeesPermission = await _permission.HasPermission(PermissionsMaster.ViewAllEmployees, loggedInEmployee.Id);
|
||||
var hasViewTeamMembersPermission = await _permission.HasPermission(PermissionsMaster.ViewTeamMembers, loggedInEmployee.Id);
|
||||
|
||||
List<EmployeeVM> result = new();
|
||||
|
||||
|
||||
@ -32,9 +32,6 @@ namespace MarcoBMS.Services.Controllers
|
||||
private readonly ILoggingService _logger;
|
||||
private readonly IHubContext<MarcoHub> _signalR;
|
||||
private readonly PermissionServices _permissionServices;
|
||||
private readonly CacheUpdateHelper _cache;
|
||||
private readonly Guid Approve_Task;
|
||||
private readonly Guid Assign_Report_Task;
|
||||
|
||||
public TaskController(ApplicationDbContext context, UserHelper userHelper, S3UploadService s3Service, ILoggingService logger, PermissionServices permissionServices,
|
||||
IHubContext<MarcoHub> signalR, CacheUpdateHelper cache)
|
||||
@ -45,9 +42,6 @@ namespace MarcoBMS.Services.Controllers
|
||||
_logger = logger;
|
||||
_signalR = signalR;
|
||||
_permissionServices = permissionServices;
|
||||
_cache = cache;
|
||||
Approve_Task = Guid.Parse("db4e40c5-2ba9-4b6d-b8a6-a16a250ff99c");
|
||||
Assign_Report_Task = Guid.Parse("6a32379b-8b3f-49a6-8c48-4b7ac1b55dc2");
|
||||
}
|
||||
|
||||
private Guid GetTenantId()
|
||||
@ -75,7 +69,7 @@ namespace MarcoBMS.Services.Controllers
|
||||
var employee = await _userHelper.GetCurrentEmployeeAsync();
|
||||
|
||||
// Check for permission to approve tasks
|
||||
var hasPermission = await _permissionServices.HasPermission(Assign_Report_Task, employee.Id);
|
||||
var hasPermission = await _permissionServices.HasPermission(PermissionsMaster.AssignAndReportProgress, employee.Id);
|
||||
if (!hasPermission)
|
||||
{
|
||||
_logger.LogWarning("Employee {EmployeeId} attempted to assign Task without permission", employee.Id);
|
||||
@ -141,7 +135,7 @@ namespace MarcoBMS.Services.Controllers
|
||||
var tenantId = GetTenantId();
|
||||
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||
|
||||
var hasPermission = await _permissionServices.HasPermission(Assign_Report_Task, loggedInEmployee.Id);
|
||||
var hasPermission = await _permissionServices.HasPermission(PermissionsMaster.AssignAndReportProgress, loggedInEmployee.Id);
|
||||
if (!hasPermission)
|
||||
{
|
||||
_logger.LogWarning("Unauthorized task report attempt by Employee {EmployeeId} for Task {TaskId}", loggedInEmployee.Id, reportTask.Id);
|
||||
@ -711,7 +705,7 @@ namespace MarcoBMS.Services.Controllers
|
||||
}
|
||||
|
||||
// Check for permission to approve tasks
|
||||
var hasPermission = await _permissionServices.HasPermission(Approve_Task, loggedInEmployee.Id);
|
||||
var hasPermission = await _permissionServices.HasPermission(PermissionsMaster.ApproveTask, loggedInEmployee.Id);
|
||||
if (!hasPermission)
|
||||
{
|
||||
_logger.LogWarning("Employee {EmployeeId} attempted to approve Task {TaskId} without permission", loggedInEmployee.Id, approveTask.Id);
|
||||
|
||||
@ -22,7 +22,7 @@ namespace MarcoBMS.Services.Controllers
|
||||
private readonly ProjectsHelper _projectsHelper;
|
||||
private readonly RolesHelper _rolesHelper;
|
||||
|
||||
public UserController(EmployeeHelper employeeHelper, ProjectsHelper projectsHelper, UserHelper userHelper, RolesHelper rolesHelper)
|
||||
public UserController(EmployeeHelper employeeHelper, ProjectsHelper projectsHelper, UserHelper userHelper, RolesHelper rolesHelper)
|
||||
{
|
||||
_userHelper = userHelper;
|
||||
_employeeHelper = employeeHelper;
|
||||
@ -45,7 +45,7 @@ namespace MarcoBMS.Services.Controllers
|
||||
|
||||
var user = await _userHelper.GetCurrentUserAsync();
|
||||
Employee emp = new Employee { };
|
||||
if(user != null)
|
||||
if (user != null)
|
||||
{
|
||||
emp = await _employeeHelper.GetEmployeeByApplicationUserID(user.Id);
|
||||
}
|
||||
@ -54,9 +54,10 @@ namespace MarcoBMS.Services.Controllers
|
||||
string[] projectsId = [];
|
||||
|
||||
/* User with permission manage project can see all projects */
|
||||
if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614")) {
|
||||
if (featurePermission != null && featurePermission.Exists(c => c.Id.ToString() == "172fc9b6-755b-4f62-ab26-55c34a330614"))
|
||||
{
|
||||
List<Project> projects = await _projectsHelper.GetAllProjectByTanentID(emp.TenantId);
|
||||
projectsId = projects.Select(c=>c.Id.ToString()).ToArray();
|
||||
projectsId = projects.Select(c => c.Id.ToString()).ToArray();
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
using Marco.Pms.DataAccess.Data;
|
||||
using Marco.Pms.Model.Directory;
|
||||
using Marco.Pms.Model.Dtos.Directory;
|
||||
using Marco.Pms.Model.Entitlements;
|
||||
using Marco.Pms.Model.Mapper;
|
||||
using Marco.Pms.Model.Projects;
|
||||
using Marco.Pms.Model.Utilities;
|
||||
@ -20,9 +21,6 @@ namespace Marco.Pms.Services.Helpers
|
||||
private readonly ILoggingService _logger;
|
||||
private readonly UserHelper _userHelper;
|
||||
private readonly PermissionServices _permissionServices;
|
||||
private readonly Guid directoryAdmin;
|
||||
private readonly Guid directoryManager;
|
||||
private readonly Guid directoryUser;
|
||||
|
||||
public DirectoryHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices)
|
||||
{
|
||||
@ -30,13 +28,8 @@ namespace Marco.Pms.Services.Helpers
|
||||
_logger = logger;
|
||||
_userHelper = userHelper;
|
||||
_permissionServices = permissionServices;
|
||||
directoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda");
|
||||
directoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5");
|
||||
directoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb");
|
||||
}
|
||||
|
||||
|
||||
|
||||
public async Task<ApiResponse<object>> GetListOfContacts(string? search, bool active, ContactFilterDto? filterDto, Guid? projectId)
|
||||
{
|
||||
Guid tenantId = _userHelper.GetTenantId();
|
||||
@ -45,12 +38,12 @@ namespace Marco.Pms.Services.Helpers
|
||||
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
|
||||
List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync();
|
||||
List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList();
|
||||
if (permissionIds.Contains(directoryAdmin))
|
||||
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
|
||||
{
|
||||
var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync();
|
||||
bucketIds = buckets.Select(b => b.Id).ToList();
|
||||
}
|
||||
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser))
|
||||
{
|
||||
var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
|
||||
var createdBucketIds = buckets.Select(b => b.Id).ToList();
|
||||
@ -199,11 +192,11 @@ namespace Marco.Pms.Services.Helpers
|
||||
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
|
||||
|
||||
EmployeeBucketMapping? employeeBucket = null;
|
||||
if (permissionIds.Contains(directoryAdmin))
|
||||
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
|
||||
{
|
||||
employeeBucket = employeeBuckets.FirstOrDefault();
|
||||
}
|
||||
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser))
|
||||
{
|
||||
employeeBucket = employeeBuckets.FirstOrDefault(eb => eb.EmployeeId == LoggedInEmployee.Id);
|
||||
}
|
||||
@ -483,12 +476,12 @@ namespace Marco.Pms.Services.Helpers
|
||||
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
|
||||
List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync();
|
||||
List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList();
|
||||
if (permissionIds.Contains(directoryAdmin))
|
||||
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
|
||||
{
|
||||
var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync();
|
||||
bucketIds = buckets.Select(b => b.Id).ToList();
|
||||
}
|
||||
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser))
|
||||
{
|
||||
var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
|
||||
var createdBucketIds = buckets.Select(b => b.Id).ToList();
|
||||
@ -919,9 +912,9 @@ namespace Marco.Pms.Services.Helpers
|
||||
}
|
||||
|
||||
// --- Permission Checks ---
|
||||
var hasAdminPermission = await _permissionServices.HasPermission(directoryAdmin, loggedInEmployee.Id);
|
||||
var hasManagerPermission = await _permissionServices.HasPermission(directoryManager, loggedInEmployee.Id);
|
||||
var hasUserPermission = await _permissionServices.HasPermission(directoryUser, loggedInEmployee.Id);
|
||||
var hasAdminPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryAdmin, loggedInEmployee.Id);
|
||||
var hasManagerPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryAdmin, loggedInEmployee.Id);
|
||||
var hasUserPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryUser, loggedInEmployee.Id);
|
||||
|
||||
IQueryable<ContactNote> notesQuery = _context.ContactNotes
|
||||
.Include(cn => cn.UpdatedBy)
|
||||
@ -1166,11 +1159,11 @@ namespace Marco.Pms.Services.Helpers
|
||||
var bucketIds = employeeBuckets.Select(b => b.BucketId).ToList();
|
||||
List<EmployeeBucketMapping> employeeBucketVM = await _context.EmployeeBucketMappings.Where(b => bucketIds.Contains(b.BucketId)).ToListAsync();
|
||||
List<Bucket> bucketList = new List<Bucket>();
|
||||
if (permissionIds.Contains(directoryAdmin))
|
||||
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
|
||||
{
|
||||
bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => b.TenantId == tenantId).ToListAsync();
|
||||
}
|
||||
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser))
|
||||
{
|
||||
bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => bucketIds.Contains(b.Id) || b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
|
||||
}
|
||||
@ -1208,8 +1201,8 @@ namespace Marco.Pms.Services.Helpers
|
||||
{
|
||||
var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync();
|
||||
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
|
||||
var demo = !permissionIds.Contains(directoryUser);
|
||||
if (!permissionIds.Contains(directoryAdmin) && !permissionIds.Contains(directoryManager) && !permissionIds.Contains(directoryUser))
|
||||
var demo = !permissionIds.Contains(PermissionsMaster.DirectoryUser);
|
||||
if (!permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && !permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && !permissionIds.Contains(PermissionsMaster.DirectoryUser))
|
||||
{
|
||||
_logger.LogError("Employee {EmployeeId} attemped to create a bucket, but do not have permission", LoggedInEmployee.Id);
|
||||
return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401);
|
||||
@ -1266,15 +1259,15 @@ namespace Marco.Pms.Services.Helpers
|
||||
}
|
||||
|
||||
Bucket? accessableBucket = null;
|
||||
if (permissionIds.Contains(directoryAdmin))
|
||||
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
|
||||
{
|
||||
accessableBucket = bucket;
|
||||
}
|
||||
else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(id))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(id))
|
||||
{
|
||||
accessableBucket = bucket;
|
||||
}
|
||||
else if (permissionIds.Contains(directoryUser))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryUser))
|
||||
{
|
||||
if (bucket.CreatedByID == LoggedInEmployee.Id)
|
||||
{
|
||||
@ -1332,15 +1325,15 @@ namespace Marco.Pms.Services.Helpers
|
||||
var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList();
|
||||
var employeeBucketIds = employeeBuckets.Select(eb => eb.EmployeeId).ToList();
|
||||
Bucket? accessableBucket = null;
|
||||
if (permissionIds.Contains(directoryAdmin))
|
||||
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
|
||||
{
|
||||
accessableBucket = bucket;
|
||||
}
|
||||
else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(bucketId))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(bucketId))
|
||||
{
|
||||
accessableBucket = bucket;
|
||||
}
|
||||
else if (permissionIds.Contains(directoryUser))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryUser))
|
||||
{
|
||||
if (bucket.CreatedByID == LoggedInEmployee.Id)
|
||||
{
|
||||
@ -1433,15 +1426,15 @@ namespace Marco.Pms.Services.Helpers
|
||||
var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList();
|
||||
|
||||
Bucket? accessableBucket = null;
|
||||
if (permissionIds.Contains(directoryAdmin))
|
||||
if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
|
||||
{
|
||||
accessableBucket = bucket;
|
||||
}
|
||||
else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(id))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(id))
|
||||
{
|
||||
accessableBucket = bucket;
|
||||
}
|
||||
else if (permissionIds.Contains(directoryUser))
|
||||
else if (permissionIds.Contains(PermissionsMaster.DirectoryUser))
|
||||
{
|
||||
if (bucket.CreatedByID == LoggedInEmployee.Id)
|
||||
{
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
using Marco.Pms.Model.Directory;
|
||||
using Marco.Pms.Model.Dtos.Master;
|
||||
using Marco.Pms.Model.Employees;
|
||||
using Marco.Pms.Model.Entitlements;
|
||||
using Marco.Pms.Model.Mapper;
|
||||
using Marco.Pms.Model.Master;
|
||||
using Marco.Pms.Model.Utilities;
|
||||
@ -19,8 +20,6 @@ namespace Marco.Pms.Services.Helpers
|
||||
private readonly ILoggingService _logger;
|
||||
private readonly UserHelper _userHelper;
|
||||
private readonly PermissionServices _permissionService;
|
||||
private readonly Guid View_Master;
|
||||
private readonly Guid Manage_Master;
|
||||
|
||||
|
||||
public MasterHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices)
|
||||
@ -29,8 +28,6 @@ namespace Marco.Pms.Services.Helpers
|
||||
_logger = logger;
|
||||
_userHelper = userHelper;
|
||||
_permissionService = permissionServices;
|
||||
View_Master = Guid.Parse("5ffbafe0-7ab0-48b1-bb50-c1bf76b65f9d");
|
||||
Manage_Master = Guid.Parse("588a8824-f924-4955-82d8-fc51956cf323");
|
||||
}
|
||||
// -------------------------------- Contact Category --------------------------------
|
||||
public async Task<ApiResponse<object>> CreateContactCategory(CreateContactCategoryDto contactCategoryDto)
|
||||
@ -267,7 +264,7 @@ namespace Marco.Pms.Services.Helpers
|
||||
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||
|
||||
// Step 2: Check permission to view master data
|
||||
bool hasViewPermission = await _permissionService.HasPermission(View_Master, loggedInEmployee.Id);
|
||||
bool hasViewPermission = await _permissionService.HasPermission(PermissionsMaster.ViewMasters, loggedInEmployee.Id);
|
||||
if (!hasViewPermission)
|
||||
{
|
||||
_logger.LogWarning("Access denied for employeeId: {EmployeeId}", loggedInEmployee.Id);
|
||||
@ -312,7 +309,7 @@ namespace Marco.Pms.Services.Helpers
|
||||
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||
|
||||
// Step 2: Check if user has permission to manage master data
|
||||
var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id);
|
||||
var hasManageMasterPermission = await _permissionService.HasPermission(PermissionsMaster.ManageMasters, loggedInEmployee.Id);
|
||||
if (!hasManageMasterPermission)
|
||||
{
|
||||
_logger.LogWarning("Access denied for employeeId: {EmployeeId}", loggedInEmployee.Id);
|
||||
@ -368,7 +365,7 @@ namespace Marco.Pms.Services.Helpers
|
||||
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||
|
||||
// Step 3: Check permissions
|
||||
var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id);
|
||||
var hasManageMasterPermission = await _permissionService.HasPermission(PermissionsMaster.ManageMasters, loggedInEmployee.Id);
|
||||
if (!hasManageMasterPermission)
|
||||
{
|
||||
_logger.LogWarning("Access denied. EmployeeId: {EmployeeId} does not have Manage Master permission.", loggedInEmployee.Id);
|
||||
@ -421,7 +418,7 @@ namespace Marco.Pms.Services.Helpers
|
||||
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
|
||||
|
||||
// Step 2: Check permission to manage master data
|
||||
var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id);
|
||||
var hasManageMasterPermission = await _permissionService.HasPermission(PermissionsMaster.ManageMasters, loggedInEmployee.Id);
|
||||
if (!hasManageMasterPermission)
|
||||
{
|
||||
_logger.LogWarning("Delete denied. EmployeeId: {EmployeeId} lacks Manage_Master permission.", loggedInEmployee.Id);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user