munawwirul_jamal/simrsx-be
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat (patient): add guard for reg and sys

Browse Source
This commit is contained in:
dpurbosakti
2025-12-08 16:02:40 +07:00
parent 2cc7af845d
commit 9b4b6949df
2 changed files with 6 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/lib/auth/tycovar.go
+4
View File
@@ -107,3 +107,7 @@ func (a AuthInfo) HasEmployeePosition() bool {
func (a AuthInfo) IsReg() bool {
return a.Employee_Position_Code != nil && *a.Employee_Position_Code == string(ero.EPCReg)
}
func (a AuthInfo) IsSys() bool {
return a.User_ContractPosition_Code == string(ero.CSCSys)
}
internal/use-case/main-use-case/patient/case.go
+2 -13
View File
@@ -39,18 +39,7 @@ func Create(input e.CreateDto) (*d.Data, error) {
pl.SetLogInfo(&event, input, "started", "create")
mwRunner := newMiddlewareRunner(&event)
// check if user has employee position
if !input.AuthInfo.HasEmployeePosition() {
event.Status = "failed"
event.ErrInfo = pl.ErrorInfo{
Code: "auth-forbidden",
Detail: "user has no employee position",
Raw: errors.New("authentication failed"),
}
return nil, pl.SetLogError(&event, input)
}
if !input.AuthInfo.IsReg() {
if !input.AuthInfo.IsReg() || !input.AuthInfo.IsSys() {
event.Status = "failed"
event.ErrInfo = pl.ErrorInfo{
Code: "auth-forbidden",
@@ -266,7 +255,7 @@ func Update(input e.UpdateDto) (*d.Data, error) {
pl.SetLogInfo(&event, input, "started", "update")
mwRunner := newMiddlewareRunner(&event)
if !input.AuthInfo.IsReg() {
if !input.AuthInfo.IsReg() || !input.AuthInfo.IsSys() {
event.Status = "failed"
event.ErrInfo = pl.ErrorInfo{
Code: "auth-forbidden",