Update frontend login page.jsx และ backend
This commit is contained in:
admin
@@ -1,36 +1,71 @@
|
||||
// src/routes/map.js
|
||||
import { Router } from 'express';
|
||||
import sql from '../db/index.js';
|
||||
import { requirePerm } from '../middleware/requirePerm.js';
|
||||
import { buildScopeWhere, ownerResolvers } from '../utils/scope.js';
|
||||
import PERM from '../config/permissions.js';
|
||||
// FILE: src/routes/maps.js
|
||||
// Maps routes
|
||||
// - Manage relationships between RFAs and Drawings, Correspondences and Documents
|
||||
// - Requires appropriate permissions via requirePerm middleware
|
||||
// - Uses project scope for RFA-Drawing maps and Correspondence-Document maps
|
||||
// - rfa:update for RFA-Drawing maps
|
||||
// - correspondence:update for Correspondence-Document maps
|
||||
|
||||
import { Router } from "express";
|
||||
import sql from "../db/index.js";
|
||||
import { requirePerm } from "../middleware/requirePerm.js";
|
||||
import { buildScopeWhere, ownerResolvers } from "../utils/scope.js";
|
||||
import PERM from "../config/permissions.js";
|
||||
|
||||
const r = Router();
|
||||
const OWN = ownerResolvers(sql, 'entity_maps', 'id');
|
||||
const OWN = ownerResolvers(sql, "entity_maps", "id");
|
||||
|
||||
// LIST
|
||||
r.get('/',
|
||||
requirePerm(PERM.map.read, { scope: 'global' }),
|
||||
r.get(
|
||||
"/",
|
||||
requirePerm(PERM.map.read, { scope: "global" }),
|
||||
async (req, res) => {
|
||||
const { project_id, org_id, module, src_type, dst_type, limit = 100, offset = 0 } = req.query;
|
||||
const {
|
||||
project_id,
|
||||
org_id,
|
||||
module,
|
||||
src_type,
|
||||
dst_type,
|
||||
limit = 100,
|
||||
offset = 0,
|
||||
} = req.query;
|
||||
|
||||
const base = buildScopeWhere(req.principal, {
|
||||
tableAlias: 'm',
|
||||
orgColumn: 'm.org_id',
|
||||
projectColumn: 'm.project_id',
|
||||
tableAlias: "m",
|
||||
orgColumn: "m.org_id",
|
||||
projectColumn: "m.project_id",
|
||||
permCode: PERM.map.read,
|
||||
preferProject: true,
|
||||
});
|
||||
|
||||
const extra = [];
|
||||
const params = { ...base.params, limit: Number(limit), offset: Number(offset) };
|
||||
if (project_id) { extra.push('m.project_id = :project_id'); params.project_id = Number(project_id); }
|
||||
if (org_id) { extra.push('m.org_id = :org_id'); params.org_id = Number(org_id); }
|
||||
if (module) { extra.push('m.module = :module'); params.module = module; }
|
||||
if (src_type) { extra.push('m.src_type = :src_type'); params.src_type = src_type; }
|
||||
if (dst_type) { extra.push('m.dst_type = :dst_type'); params.dst_type = dst_type; }
|
||||
const params = {
|
||||
...base.params,
|
||||
limit: Number(limit),
|
||||
offset: Number(offset),
|
||||
};
|
||||
if (project_id) {
|
||||
extra.push("m.project_id = :project_id");
|
||||
params.project_id = Number(project_id);
|
||||
}
|
||||
if (org_id) {
|
||||
extra.push("m.org_id = :org_id");
|
||||
params.org_id = Number(org_id);
|
||||
}
|
||||
if (module) {
|
||||
extra.push("m.module = :module");
|
||||
params.module = module;
|
||||
}
|
||||
if (src_type) {
|
||||
extra.push("m.src_type = :src_type");
|
||||
params.src_type = src_type;
|
||||
}
|
||||
if (dst_type) {
|
||||
extra.push("m.dst_type = :dst_type");
|
||||
params.dst_type = dst_type;
|
||||
}
|
||||
|
||||
const where = [base.where, ...extra].filter(Boolean).join(' AND ');
|
||||
const where = [base.where, ...extra].filter(Boolean).join(" AND ");
|
||||
const [rows] = await sql.query(
|
||||
`SELECT m.* FROM entity_maps m
|
||||
WHERE ${where}
|
||||
@@ -42,25 +77,49 @@ r.get('/',
|
||||
);
|
||||
|
||||
// CREATE
|
||||
r.post('/',
|
||||
requirePerm(PERM.map.create, { scope: 'org', getOrgId: async req => req.body?.org_id ?? null }),
|
||||
r.post(
|
||||
"/",
|
||||
requirePerm(PERM.map.create, {
|
||||
scope: "org",
|
||||
getOrgId: async (req) => req.body?.org_id ?? null,
|
||||
}),
|
||||
async (req, res) => {
|
||||
const { org_id, project_id, module, src_type, src_id, dst_type, dst_id, remark } = req.body;
|
||||
const {
|
||||
org_id,
|
||||
project_id,
|
||||
module,
|
||||
src_type,
|
||||
src_id,
|
||||
dst_type,
|
||||
dst_id,
|
||||
remark,
|
||||
} = req.body;
|
||||
const [rs] = await sql.query(
|
||||
`INSERT INTO entity_maps (org_id, project_id, module, src_type, src_id, dst_type, dst_id, remark, created_by)
|
||||
VALUES (?,?,?,?,?,?,?,?,?)`,
|
||||
[org_id, project_id, module, src_type, Number(src_id), dst_type, Number(dst_id), remark ?? null, req.principal.userId]
|
||||
[
|
||||
org_id,
|
||||
project_id,
|
||||
module,
|
||||
src_type,
|
||||
Number(src_id),
|
||||
dst_type,
|
||||
Number(dst_id),
|
||||
remark ?? null,
|
||||
req.principal.userId,
|
||||
]
|
||||
);
|
||||
res.json({ id: rs.insertId });
|
||||
}
|
||||
);
|
||||
|
||||
// DELETE (by id)
|
||||
r.delete('/:id',
|
||||
requirePerm(PERM.map.delete, { scope: 'org', getOrgId: OWN.getOrgIdById }),
|
||||
r.delete(
|
||||
"/:id",
|
||||
requirePerm(PERM.map.delete, { scope: "org", getOrgId: OWN.getOrgIdById }),
|
||||
async (req, res) => {
|
||||
const id = Number(req.params.id);
|
||||
await sql.query('DELETE FROM entity_maps WHERE id=?', [id]);
|
||||
await sql.query("DELETE FROM entity_maps WHERE id=?", [id]);
|
||||
res.json({ ok: 1 });
|
||||
}
|
||||
);
|
||||
|
||||
Reference in New Issue
Block a user