diff --git a/src/main/java/com/ffii/tsms/modules/data/service/DashboardService.kt b/src/main/java/com/ffii/tsms/modules/data/service/DashboardService.kt index 795823a..745e22f 100644 --- a/src/main/java/com/ffii/tsms/modules/data/service/DashboardService.kt +++ b/src/main/java/com/ffii/tsms/modules/data/service/DashboardService.kt @@ -19,6 +19,7 @@ open class DashboardService( private val customerTypeRepository: CustomerTypeRepository, private val customerSubsidiaryService: CustomerSubsidiaryService, private val customerContactService: CustomerContactService, + private val staffsService: StaffsService, private val jdbcDao: JdbcDao ) { @@ -43,6 +44,7 @@ open class DashboardService( + " from customer c" + " left join project p on c.id = p.customerId" + " left join subsidiary s on p.customerSubsidiaryId = s.id" + + " left join team t on t.teamLead = p.teamLead" + " where c.deleted = 0" + " and p.status not in (\"Pending to Start\",\"Completed\",\"Deleted\")" ) @@ -52,6 +54,14 @@ open class DashboardService( if (args.containsKey("customerCode")) sql.append(" AND c.code = :customerCode"); } + + if (viewDashboardAuthority() == "self") { + val teamId = staffsService.currentStaff()?.team?.id + if (teamId != null) { + sql.append(" AND t.id = $teamId") + } + } + sql.append(" group by c.id, c.name, c.code, c.address, c.district, c.brNo, c.typeId, s.id, s.name, s.code, s.address, s.district, s.brNo, s.typeId"); return jdbcDao.queryForList(sql.toString(), args) } @@ -93,9 +103,16 @@ open class DashboardService( + " where p.customerId = :customerId" + " and p.customerSubsidiaryId = :subsidiaryId" + " and p.status not in (\"Pending to Start\",\"Completed\",\"Deleted\")" - + " group by p.id, p.code, p.name, te.code, s.name, tg.name, p.totalManhour, milestonePayment.comingPaymentMilestone" ) + if (viewDashboardAuthority() == "self") { + val teamId = staffsService.currentStaff()?.team?.id + if (teamId != null) { + sql.append(" and te.id = $teamId") + } + } + + sql.append(" group by p.id, p.code, p.name, te.code, s.name, tg.name, p.totalManhour, milestonePayment.comingPaymentMilestone") return jdbcDao.queryForList(sql.toString(), args) } @@ -236,9 +253,16 @@ open class DashboardService( + " left join project p on s.id = p.teamLead" + " where t.deleted = 0" + " and p.status not in (\"Pending to Start\",\"Completed\",\"Deleted\")" - + " group by t.id,t.teamLead,t.code,t.name" ) + if (viewDashboardAuthority() == "self") { + val teamId = staffsService.currentStaff()?.team?.id + if (teamId != null) { + sql.append(" and t.id = $teamId") + } + } + + sql.append(" group by t.id,t.teamLead,t.code,t.name") return jdbcDao.queryForList(sql.toString(), args) } @@ -339,6 +363,14 @@ open class DashboardService( + " where t.deleted = 0" + " and p.status = 'On-going'" ) + + if (viewDashboardAuthority() == "self") { + val teamId = staffsService.currentStaff()?.team?.id + if (teamId != null) { + sql.append(" and t.id = $teamId") + } + } + sql.append(" group by t.id, t.name") return jdbcDao.queryForList(sql.toString(), args) @@ -565,6 +597,13 @@ open class DashboardService( + " and p.status = 'On-going'" ) + if (viewDashboardAuthority() == "self") { + val teamId = staffsService.currentStaff()?.team?.id + if (teamId != null) { + sql.append(" and t.id = $teamId") + } + } + return jdbcDao.queryForList(sql.toString(), args) } fun CashFlowMonthlyIncomeByMonth(args: Map): List> { @@ -977,6 +1016,13 @@ open class DashboardService( + " and p.deleted = 0" ) + if (viewDashboardAuthority() == "self") { + val teamLeadId = staffsService.currentStaff()?.id + if (teamLeadId != null) { + sql.append(" and p.teamLead = $teamLeadId") + } + } + return jdbcDao.queryForList(sql.toString(), args) } fun projectResourceSummaryInformation(args: Map): List> { @@ -1384,11 +1430,20 @@ open class DashboardService( + " where g.deleted = 0" + " and t.recordDate >= :startdate" + " and t.recordDate < DATE_FORMAT(:enddate, '%Y-%m-%d 23:59:59')" - + " group by g.id" - + " ) as records on records.gid = g.id" - + " group by g.id, g.name,records.manhours" + ) + if (viewDashboardAuthority() == "self") { + val teamId = staffsService.currentStaff()?.team?.id + if (teamId != null) { + sql.append(" and s.teamId = $teamId") + } + } + + sql.append(" group by g.id" + + " ) as records on records.gid = g.id" + + " group by g.id, g.name,records.manhours") + return jdbcDao.queryForList(sql.toString(), args) } fun staffGradeTotalPlannedManhours(args: Map): List> { @@ -1417,9 +1472,17 @@ open class DashboardService( + " where p.status = 'On-going'" + " and p.planEnd > :startdate" + " and p.planStart < :enddate" - + " order by g.id" ) + if (viewDashboardAuthority() == "self") { + val teamLeadId = staffsService.currentStaff()?.id + if (teamLeadId != null) { + sql.append(" and p.teamLead = $teamLeadId") + } + } + + sql.append(" order by g.id") + return jdbcDao.queryForList(sql.toString(), args) } fun IndividualStaffManhoursSpentByMonth(args: Map): List> { @@ -1606,8 +1669,30 @@ open class DashboardService( + " where s.deleted = 0" ) + if (viewDashboardAuthority() == "self") { + val teamId = staffsService.currentStaff()?.team?.id + if (teamId != null) { + sql.append(" and s.teamId = $teamId") + } + } + return jdbcDao.queryForList(sql.toString(), args) } + + fun viewDashboardAuthority(): String { + val authorities = staffsService.currentAuthorities() ?: return "no_authority" + + val authorityViewDashboardAll = authorities.stream().anyMatch { it.authority.equals("VIEW_DASHBOARD_ALL") } + val authorityViewDashboardSelf = authorities.stream().anyMatch { it.authority.equals("VIEW_DASHBOARD_SELF") } + + return if (authorityViewDashboardAll) { + "all" + } else if (authorityViewDashboardSelf) { + "self" + } else { + "no_authority" + } + } } diff --git a/src/main/java/com/ffii/tsms/modules/data/service/StaffsService.kt b/src/main/java/com/ffii/tsms/modules/data/service/StaffsService.kt index ad3b6bf..1d7cc01 100644 --- a/src/main/java/com/ffii/tsms/modules/data/service/StaffsService.kt +++ b/src/main/java/com/ffii/tsms/modules/data/service/StaffsService.kt @@ -9,6 +9,7 @@ import com.ffii.tsms.modules.data.entity.projections.StaffSearchInfo import com.ffii.tsms.modules.data.web.models.NewStaffRequest import com.ffii.tsms.modules.user.entity.User import com.ffii.tsms.modules.user.entity.UserRepository +import org.springframework.security.core.GrantedAuthority import org.springframework.security.crypto.password.PasswordEncoder import org.springframework.stereotype.Service import org.springframework.transaction.annotation.Transactional @@ -94,12 +95,7 @@ open class StaffsService( } open fun getCurrentStaff(userId: Long): Optional>? { - val staff = staffRepository.findByUserId(userId).orElse(null) - logger.info(staff) - - if (staff == null) { - return Optional.ofNullable(null) - } + val staff = staffRepository.findByUserId(userId).orElse(null) ?: return Optional.ofNullable(null) val sql = StringBuilder("select " + " s.id as id, " + @@ -255,4 +251,8 @@ open class StaffsService( staffRepository.findByUserId(user.id).getOrNull() } } + + open fun currentAuthorities(): Collection? { + return SecurityUtils.getUser().getOrNull()?.authorities + } } \ No newline at end of file diff --git a/src/main/java/com/ffii/tsms/modules/data/web/DashboardController.kt b/src/main/java/com/ffii/tsms/modules/data/web/DashboardController.kt index 80f1055..3d068a5 100644 --- a/src/main/java/com/ffii/tsms/modules/data/web/DashboardController.kt +++ b/src/main/java/com/ffii/tsms/modules/data/web/DashboardController.kt @@ -2,10 +2,6 @@ package com.ffii.tsms.modules.data.web import com.ffii.tsms.modules.data.entity.Customer import com.ffii.tsms.modules.data.entity.CustomerType -import com.ffii.tsms.modules.data.service.CustomerContactService -import com.ffii.tsms.modules.data.service.CustomerService -import com.ffii.tsms.modules.data.service.CustomerSubsidiaryService -import com.ffii.tsms.modules.data.service.DashboardService import com.ffii.tsms.modules.data.web.models.CustomerResponse import com.ffii.tsms.modules.data.web.models.SaveCustomerResponse import com.ffii.tsms.modules.project.web.models.SaveCustomerRequest @@ -22,6 +18,7 @@ import org.springframework.web.bind.annotation.DeleteMapping import org.springframework.web.bind.annotation.ResponseStatus import com.ffii.core.response.RecordsRes import com.ffii.core.utils.CriteriaArgsBuilder +import com.ffii.tsms.modules.data.service.* @RestController @RequestMapping("/dashboard") @@ -29,7 +26,8 @@ class DashboardController( private val customerService: CustomerService, private val customerSubsidiaryService: CustomerSubsidiaryService, private val customerContactService: CustomerContactService, - private val dashboardService: DashboardService + private val dashboardService: DashboardService, + private val staffsService: StaffsService, ) { @GetMapping("/searchCustomerSubsidiary") fun searchCustomerSubsidiary(request: HttpServletRequest?): List> { @@ -94,13 +92,19 @@ class DashboardController( } @GetMapping("/searchFinancialSummaryCard") fun searchFinancialSummaryCard(request: HttpServletRequest?): List> { - val args = mutableMapOf() - val allTeamCardData = dashboardService.searchFinancialSummaryAllTeamCard(args) - val cardData = dashboardService.searchFinancialSummaryCard(args) + val authority = dashboardService.viewDashboardAuthority() + val args = mutableMapOf() val result = mutableListOf>() - result.addAll(allTeamCardData) - result.addAll(cardData) + if (authority == "all") { + val allTeamCardData = dashboardService.searchFinancialSummaryAllTeamCard(args) + val cardData = dashboardService.searchFinancialSummaryCard(args) + result.addAll(allTeamCardData) + result.addAll(cardData) + } else if (authority == "self") { + val cardData = dashboardService.searchFinancialSummaryCard(args) + result.addAll(cardData) + } return result } diff --git a/src/main/java/com/ffii/tsms/modules/project/entity/ProjectTask.kt b/src/main/java/com/ffii/tsms/modules/project/entity/ProjectTask.kt index 3715a43..820df0c 100644 --- a/src/main/java/com/ffii/tsms/modules/project/entity/ProjectTask.kt +++ b/src/main/java/com/ffii/tsms/modules/project/entity/ProjectTask.kt @@ -11,7 +11,7 @@ open class ProjectTask : IdEntity() { @ManyToOne open var project: Project? = null - @ManyToOne(cascade = [CascadeType.ALL]) + @ManyToOne @JoinColumn(name = "milestoneId") open var milestone: Milestone? = null