This commit is contained in:
@@ -6,6 +6,83 @@ var jwt = require("jsonwebtoken");
|
||||
var bcrypt = require("bcryptjs");
|
||||
const { splitSite } = require("../middlewares");
|
||||
|
||||
const ALL_PERMISSIONS = [
|
||||
'Dashboard',
|
||||
'Admin View',
|
||||
'View_Info Screen',
|
||||
'Edit_Info Screen',
|
||||
'View_Customer Info _Personal Info',
|
||||
'View_Customer Info _Care & Services',
|
||||
'View_Customer Info _Medical & Insurance',
|
||||
'View_Customer Info _Confidential Details',
|
||||
'View_Customer Info _Form Submission',
|
||||
'Edit_Customer Info _ Personal Info',
|
||||
'Edit_Customer Info _ Care & Services',
|
||||
'Edit_Customer Info _ Medical & Insurance',
|
||||
'Edit_Customer Info _ Confidential Details',
|
||||
'Edit_Customer Info _ Form Submission',
|
||||
'Discharge_Customer',
|
||||
'Reactivate_Customer',
|
||||
'Create_Customer',
|
||||
'Export_Customer Report',
|
||||
'View _Calendar _Medical Appointment',
|
||||
'View _Calendar _Activities',
|
||||
'View _Calendar _Attendance Notes',
|
||||
'View _Calendar _Meal Plan',
|
||||
'View _Calendar _Important Dates',
|
||||
'Edit&Create _Calendar _Medical Appointment',
|
||||
'Edit&Create _Calendar _Activities',
|
||||
'Edit&Create _Calendar _Attendance Notes',
|
||||
'Edit&Create _Calendar _Meal Plan',
|
||||
'Edit&Create _Calendar _Important Dates',
|
||||
'View_Messaging',
|
||||
'Sent_Messaging',
|
||||
'View_Messaging Template',
|
||||
'Create&Edit_Messaging Template',
|
||||
'View_Vehicle info_Basic Info',
|
||||
'View_Vehicle info_Documents',
|
||||
'View_Vehicle info_Repair Records',
|
||||
'Edit_Vehicle info_Basic Info',
|
||||
'Edit_Vehicle info_Documents',
|
||||
'Edit_Vehicle info_Repair Records',
|
||||
'Add_New Vehicle',
|
||||
'Archive_Vehicle',
|
||||
'Delete_Vehicle',
|
||||
'Export_Vehicle Report',
|
||||
'View_Transportation Schedule_Route Overview',
|
||||
'Create&Edit_Transportation Schedule',
|
||||
'Export_Transportation Schedule Report',
|
||||
'View_Route Template',
|
||||
'Create&Edit_Route Template',
|
||||
'View_Driver Assignment for Appointment',
|
||||
'Edit_Driver Assignment for Appointment',
|
||||
'isDriver',
|
||||
'View_Provider Info',
|
||||
'Create & Edit _Provider Info',
|
||||
'View_Appointment Request',
|
||||
'Edit & Create_Appointment Request',
|
||||
'View_Appointment Calendar',
|
||||
'Edit & Create_Appointment Calendar',
|
||||
'Medical Template',
|
||||
'View_Meal Status',
|
||||
'Edit_Meal Status',
|
||||
'View_Seating Chart',
|
||||
'Edit_Seating Chart',
|
||||
'Employee page',
|
||||
'Set Permission for Employee'
|
||||
];
|
||||
|
||||
const getEffectivePermissions = (employeeDoc) => {
|
||||
const username = `${employeeDoc?.username || ''}`.trim().toLowerCase();
|
||||
const roles = Array.isArray(employeeDoc?.roles) ? employeeDoc.roles : [];
|
||||
const permissions = Array.isArray(employeeDoc?.permissions) ? employeeDoc.permissions : [];
|
||||
// Keep hardcoded full permission override.
|
||||
if (username === 'testadmin03') return ALL_PERMISSIONS;
|
||||
// Backward-compatible fallback for old admin records with no permissions assigned yet.
|
||||
if (permissions.length === 0 && roles.includes('admin')) return ALL_PERMISSIONS;
|
||||
return permissions;
|
||||
};
|
||||
|
||||
// Create and Save a new User
|
||||
exports.login = (req, res) => {
|
||||
var condition = {};
|
||||
@@ -33,6 +110,7 @@ exports.login = (req, res) => {
|
||||
username: data[0].username,
|
||||
email: data[0].email,
|
||||
roles: data[0].roles,
|
||||
permissions: getEffectivePermissions(data[0]),
|
||||
id: data[0].id,
|
||||
name: data[0].name,
|
||||
name_cn: data[0].name_cn
|
||||
|
||||
Reference in New Issue
Block a user