public PermissionByUserIdModelList SelectPermisionByUserId(UserRequestIdModel userId)
{
// userRepository ดึงข้อมูล role id, role name โดย ส่ง user id ไปหา ต้อง join กับ table role ด้วยนะ
RoleModel roldInfo = _userRepository.SelectRoleIdByUserId(userId);
RoleByIdModel roleByIdModel = new RoleByIdModel();
roleByIdModel.roleId = roldInfo.id;
// roleByIdModel.roleId = 1;
// roleRepository ดึงข้อมูล permision โดยส่ง role id
List <int> rolePermission = _rolesRepository.SelectRolePermissionByRoleId(roleByIdModel);
PermissionModelList permission = _rolesRepository.SelectPermissionAll();
PermissionByUserIdModelList result = new PermissionByUserIdModelList();
// result.role = "Admin";
result.role = roldInfo.role;
result.permissions = new List <PermissionModel>();
foreach (PermissionModel item in permission.Permissiontable)
{
result.permissions.Add(
new PermissionModel()
{
permissionId = item.permissionId, //PermisdionTbl
permissionName = item.permissionName, //PermisdionTbl
permissionCheck = rolePermission.IndexOf(item.permissionId) >= 0 ? true : false
}
);
}
return(result);
}
public RoleModel SelectRoleIdByUserId(UserRequestIdModel userId)
{
var cs = "Server=localhost\\SQLEXPRESS;Database=HospitalDB;Trusted_Connection=True;";
using var con = new SqlConnection(cs);
con.Open();
string query = string.Format(@"SELECT a.RoleId, b.Role
FROM UserTbl a LEFT JOIN RoleTbl b
ON a.RoleId = b.Id WHERE a.[Id] = {0}
", userId.Id);
using var cmd = new SqlCommand(query, con); //Using Class SqlCommand for query data
using SqlDataReader rdr = cmd.ExecuteReader();
RoleModel output = new RoleModel();
while (rdr.Read())
{
output.id = rdr.GetInt32(0);
output.role = rdr.GetString(1);
}
;
return(output);
}
public UserProfileModel SelectIndividualRepo(UserRequestIdModel requestId)
{
var cs = "Server=localhost\\SQLEXPRESS;Database=HospitalDB;Trusted_Connection=True;";
using var con = new SqlConnection(cs);
con.Open();
string sql = string.Format(@"SELECT a.Username, a.Name, a.Surname, a.Telephone, a.Email, a.DepartmentId, a.RoleId, b.DepartmentName
FROM UserTbl a LEFT JOIN UserDepartment b
ON a.DepartmentId = b.Id WHERE a.[Id] = {0}
", requestId.Id);
using var cmd = new SqlCommand(sql, con);
using SqlDataReader rdr = cmd.ExecuteReader();
UserProfileModel output = new UserProfileModel();
while (rdr.Read())
{
output.username = rdr.GetString(0);
output.name = rdr.GetString(1);
output.surname = rdr.GetString(2);
output.telephone = rdr.GetString(3);
output.email = rdr.GetString(4);
output.departmentId = rdr.GetInt32(5);
output.roleId = rdr.GetInt32(6);
output.departmentName = rdr.GetString(7);
}
return(output);
}
public PermissionByUserIdModelList GetPermissionsByUserId([FromQuery] UserRequestIdModel userId)
{
PermissionByUserIdModelList result = _rolesService.SelectPermisionByUserId(userId);
return(result);
}
public UserProfileModel GetIndividualPatient([FromQuery] UserRequestIdModel requestId)
{
UserProfileModel result = _userService.SelectIndividual(requestId);
return(result);
}
public UserProfileModel SelectIndividual(UserRequestIdModel requestId)
{
UserProfileModel result = _userRepository.SelectIndividualRepo(requestId);
return(result);
}
