diff --git a/src/helper/roles.ts b/src/helper/roles.ts
index 690f29dd520df4c348a4520cfc75aee48540dca5..ebd5385ec59c130f5baf20939e9d5162ba647136 100644
--- a/src/helper/roles.ts
+++ b/src/helper/roles.ts
@@ -1,7 +1,12 @@
import { RoleEnum } from "src/entities/pengguna.entity";
export const HIGH_AUTHORITY_ROLES = [RoleEnum.ADMIN, RoleEnum.S2_TIM_TESIS];
+export const DOSEN = [RoleEnum.S2_PEMBIMBING, RoleEnum.S2_PENGUJI];
export function isHighAuthority(roles: RoleEnum[]) {
return roles.some((role) => HIGH_AUTHORITY_ROLES.includes(role));
}
+
+export function isDosen(roles: RoleEnum[]) {
+ return roles.some((role) => DOSEN.includes(role));
+}
diff --git a/src/registrasi-sidsem/registrasi-sidsem.controller.ts b/src/registrasi-sidsem/registrasi-sidsem.controller.ts
index 2891d5a5e5d92bb43835500a05789ef98e0b0ac2..3cc510a800f8d1434f56374cf78aee03bbee5d07 100644
--- a/src/registrasi-sidsem/registrasi-sidsem.controller.ts
+++ b/src/registrasi-sidsem/registrasi-sidsem.controller.ts
@@ -1,6 +1,7 @@
import {
Body,
Controller,
+ ForbiddenException,
Get,
Param,
Patch,
@@ -32,7 +33,12 @@ import { RegistrasiSidsemService } from "./registrasi-sidsem.service";
import { Request } from "express";
import { AuthDto } from "src/auth/auth.dto";
import { RoleEnum } from "src/entities/pengguna.entity";
-import { HIGH_AUTHORITY_ROLES } from "src/helper/roles";
+import {
+ DOSEN,
+ HIGH_AUTHORITY_ROLES,
+ isDosen,
+ isHighAuthority,
+} from "src/helper/roles";
@ApiTags("Registrasi Sidang Seminar")
@ApiBearerAuth()
@@ -51,19 +57,53 @@ export class RegistrasiSidsemController {
}
@ApiOkResponse({ type: GetAllPengajuanSidangRespDto })
+ @Roles(...HIGH_AUTHORITY_ROLES, ...DOSEN)
@Get()
- async findAll(@Query() query: GetAllPengajuanSidangReqQueryDto) {
- return this.regisSidsemService.findAll(query);
+ async findAll(
+ @Req() req: Request,
+ @Query() query: GetAllPengajuanSidangReqQueryDto,
+ ) {
+ const { id, roles } = req.user as AuthDto;
+
+ if (!roles.includes(query.view)) {
+ throw new ForbiddenException();
+ }
+
+ return this.regisSidsemService.findAll(
+ query,
+ query.view === RoleEnum.S2_PEMBIMBING ? id : undefined,
+ query.view === RoleEnum.S2_PENGUJI ? id : undefined,
+ );
}
- @ApiOperation({
- summary: "Update status sidang seminar. Roles: ADMIN, S2_TIM_TESIS",
- })
@ApiOkResponse({ type: PengajuanSidsemIdDto })
- // @Roles(...HIGH_AUTHORITY_ROLES)
+ @Roles(...HIGH_AUTHORITY_ROLES, ...DOSEN, RoleEnum.S2_MAHASISWA)
@Get("/mahasiswa/:mhsId")
- async findOne(@Param() param: SidsemMhsIdParamDto) {
- return this.regisSidsemService.findOne(param.mhsId);
+ async findOne(@Req() req: Request, @Param() param: SidsemMhsIdParamDto) {
+ let idPenguji = undefined;
+ let idPembimbing = undefined;
+
+ const { roles, id } = req.user as AuthDto;
+
+ if (!isHighAuthority(roles)) {
+ if (roles.includes(RoleEnum.S2_PEMBIMBING)) {
+ idPembimbing = id;
+ }
+
+ if (roles.includes(RoleEnum.S2_PENGUJI)) {
+ idPenguji = id;
+ }
+
+ if (!isDosen(roles) && id !== param.mhsId) {
+ // user is mahasiswa
+ throw new ForbiddenException("Ini bukan data Anda.");
+ }
+ }
+ return this.regisSidsemService.findOne(
+ param.mhsId,
+ idPembimbing,
+ idPenguji,
+ );
}
@ApiOperation({
diff --git a/src/registrasi-sidsem/registrasi-sidsem.dto.ts b/src/registrasi-sidsem/registrasi-sidsem.dto.ts
index 6c8cbc8e9855c5c283db2af2b09bde080da84c37..46b28569e4da5770cfd5449a1b4561a6c46e3b50 100644
--- a/src/registrasi-sidsem/registrasi-sidsem.dto.ts
+++ b/src/registrasi-sidsem/registrasi-sidsem.dto.ts
@@ -22,8 +22,31 @@ import {
TipeSidsemEnum,
} from "src/entities/pendaftaranSidsem";
import { JalurEnum } from "src/entities/pendaftaranTesis.entity";
+import { RoleEnum } from "src/entities/pengguna.entity";
+
+export class SidsemViewQueryDto {
+ @IsEnum([
+ RoleEnum.S2_PEMBIMBING,
+ RoleEnum.ADMIN,
+ RoleEnum.S2_TIM_TESIS,
+ RoleEnum.S2_PENGUJI,
+ ])
+ @ApiProperty({
+ enum: [
+ RoleEnum.S2_PEMBIMBING,
+ RoleEnum.ADMIN,
+ RoleEnum.S2_TIM_TESIS,
+ RoleEnum.S2_PENGUJI,
+ ],
+ })
+ view:
+ | RoleEnum.S2_PEMBIMBING
+ | RoleEnum.ADMIN
+ | RoleEnum.S2_TIM_TESIS
+ | RoleEnum.S2_PENGUJI;
+}
-export class GetAllPengajuanSidangReqQueryDto {
+export class GetAllPengajuanSidangReqQueryDto extends SidsemViewQueryDto {
@ApiPropertyOptional()
@IsString()
@IsOptional()
@@ -100,8 +123,6 @@ export class GetOnePengajuanSidangRespDto extends GetAllPengajuanSidangItemDto {
dosenPenguji: string[];
}
-export class UpdateAlokasiRuanganRespDto extends GetAllPengajuanSidangItemDto {}
-
class BerkasSidsemWithoutId extends OmitType(BerkasSidsem, ["id"] as const) {}
export class CreatePengajuanSidsemDto extends PickType(PendaftaranSidsem, [
diff --git a/src/registrasi-sidsem/registrasi-sidsem.service.ts b/src/registrasi-sidsem/registrasi-sidsem.service.ts
index 7daa85328b03ef5a6f1285eab47943671749fd34..0c25202e31029b46f99720233f165c0677fda919 100644
--- a/src/registrasi-sidsem/registrasi-sidsem.service.ts
+++ b/src/registrasi-sidsem/registrasi-sidsem.service.ts
@@ -1,5 +1,6 @@
import {
BadRequestException,
+ ForbiddenException,
Injectable,
InternalServerErrorException,
NotFoundException,
@@ -232,13 +233,43 @@ export class RegistrasiSidsemService {
return { data, total };
}
- async findOne(mhsId: string): Promise<GetOnePengajuanSidangRespDto> {
+ async findOne(
+ mhsId: string,
+ idPembimbing?: string,
+ idPenguji?: string,
+ ): Promise<GetOnePengajuanSidangRespDto> {
const latest = await this.getLatestPendaftaranSidsem(mhsId);
if (!latest) {
throw new NotFoundException("Pendaftaran sidsem tidak ditemukan");
}
+ function isPembimbing() {
+ return latest.pendaftaranTesis.dosenBimbingan.some(
+ ({ dosen: { id } }) => id === idPembimbing,
+ );
+ }
+
+ function isPenguji() {
+ return latest.penguji.some(({ dosen: { id } }) => id === idPenguji);
+ }
+
+ if (idPembimbing && idPenguji) {
+ if (!isPembimbing() && !isPenguji()) {
+ throw new ForbiddenException(
+ "Anda tidak terdaftar sebagai pembimbing atau penguji",
+ );
+ }
+ } else if (idPembimbing) {
+ if (!isPembimbing()) {
+ throw new ForbiddenException("Anda tidak terdaftar sebagai pembimbing");
+ }
+ } else if (idPenguji) {
+ if (!isPenguji()) {
+ throw new ForbiddenException("Anda tidak terdaftar sebagai penguji");
+ }
+ }
+
const data: GetOnePengajuanSidangRespDto = {
idPengajuanSidsem: latest.id,
idMahasiswa: latest.pendaftaranTesis.mahasiswa.id,