XCKJ
/
irc-netcore-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

更改权限

Uat_Study
hang 2022-05-25 13:48:02 +08:00
parent 6e82b8ef0f
commit 98aa1543d0
14 changed files with 113 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
IRaCIS.Core.API/Controllers/FinancialChangeController.cs
View File

@ -12,6 +12,7 @@ using IRaCIS.Core.Application.Service.Inspection.DTO;
using IRaCIS.Core.Infra.EFCore; using IRaCIS.Core.Infra.EFCore;
using IRaCIS.Core.Application.Service.Inspection.Interface; using IRaCIS.Core.Application.Service.Inspection.Interface;
using IRaCIS.Core.Domain.Models; using IRaCIS.Core.Domain.Models;
using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.API.Controllers.Special namespace IRaCIS.Core.API.Controllers.Special
{ {
@ -53,7 +54,7 @@ namespace IRaCIS.Core.API.Controllers.Special
/// <param name="param"></param> /// <param name="param"></param>
/// <returns>新记录Id</returns> /// <returns>新记录Id</returns>
[HttpPost, Route("trial/addOrUpdateTrial")] [HttpPost, Route("trial/addOrUpdateTrial")]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput<Trial>> AddOrUpdateTrial(TrialCommand param) public async Task<IResponseOutput<Trial>> AddOrUpdateTrial(TrialCommand param)
{ {
var userId = Guid.Parse(User.FindFirst("id").Value); var userId = Guid.Parse(User.FindFirst("id").Value);

23
IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs
View File

@ -1,4 +1,5 @@
using IRaCIS.Core.Domain.Share; using IRaCIS.Core.Application.Auth;
using IRaCIS.Core.Domain.Share;
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
@ -11,27 +12,39 @@ namespace IRaCIS.Core.API
{ {
services.AddAuthorization(options => services.AddAuthorization(options =>
{ {
//影像质控策略 只允许 CRC QA进行操作 //影像质控策略 只允许 CRC IQC进行操作
options.AddPolicy("ImageQCPolicy", policyBuilder => options.AddPolicy(IRaCISPolicy.CRC_IQC, policyBuilder =>
{ {
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ClinicalResearchCoordinator).ToString(), ((int)UserTypeEnum.IQC).ToString()); policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ClinicalResearchCoordinator).ToString(), ((int)UserTypeEnum.IQC).ToString());
}); });
//一致性核查策略 只允许 CRC PM APM 进行操作 //一致性核查策略 只允许 CRC PM APM 进行操作
options.AddPolicy("ImageCheckPolicy", policyBuilder => options.AddPolicy(IRaCISPolicy.PM_APM_CRC, policyBuilder =>
{ {
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.ClinicalResearchCoordinator).ToString(), ((int)UserTypeEnum.APM).ToString()); policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.ClinicalResearchCoordinator).ToString(), ((int)UserTypeEnum.APM).ToString());
}); });
options.AddPolicy("PmAndApmPolicy", policyBuilder => options.AddPolicy(IRaCISPolicy.PMAndAPM, policyBuilder =>
{ {
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString()); policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString());
}); });
options.AddPolicy(IRaCISPolicy.PM, policyBuilder =>
{
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString());
});
//options.AddPolicy(IRaCISPolicy.PMAndAPM, policyBuilder =>
//{
// policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString());
//});
}); });
} }
} }
} }

28
IRaCIS.Core.Application/Auth/IRaCISPolicy.cs Normal file
View File

@ -0,0 +1,28 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace IRaCIS.Core.Application.Auth
{
public static class IRaCISPolicy
{
public const string PMAndAPM = "PMAndAPM";
public const string PM_APM_CRC = "PMAndAPMAndCRC";
public const string CRC_IQC = "CRC_IQC";
public const string CRC = "CRC";
public const string PM = "PM";
public const string IQC = "IQC";
public const string SPMAndCPM = "SPMAndCPM";
}
}

6
IRaCIS.Core.Application/Service/Document/TrialDocumentService.cs
View File

@ -7,7 +7,8 @@
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using IRaCIS.Core.Application.Contracts; using IRaCIS.Core.Application.Contracts;
using Microsoft.AspNetCore.Authorization;
using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application.Services namespace IRaCIS.Core.Application.Services
{ {
@ -397,6 +398,8 @@ namespace IRaCIS.Core.Application.Services
return ResponseOutput.Ok(result); return ResponseOutput.Ok(result);
} }
[Authorize(Policy = IRaCISPolicy.PM)]
public async Task<IResponseOutput> AddOrUpdateTrialDocument(AddOrEditTrialDocument addOrEditTrialDocument) public async Task<IResponseOutput> AddOrUpdateTrialDocument(AddOrEditTrialDocument addOrEditTrialDocument)
{ {
if (addOrEditTrialDocument.Id == null) if (addOrEditTrialDocument.Id == null)
@ -464,6 +467,7 @@ namespace IRaCIS.Core.Application.Services
/// <param name="trialId"></param> /// <param name="trialId"></param>
/// <returns></returns> /// <returns></returns>
[HttpDelete("{trialId:guid}/{trialDocumentId:guid}")] [HttpDelete("{trialId:guid}/{trialDocumentId:guid}")]
[Authorize(Policy = IRaCISPolicy.PM)]
public async Task<IResponseOutput> DeleteTrialDocument(Guid trialDocumentId, Guid trialId) public async Task<IResponseOutput> DeleteTrialDocument(Guid trialDocumentId, Guid trialId)
{ {
if (await _trialDocumentRepository.AsQueryable(true).Where(t => t.Id == trialDocumentId).AnyAsync(t => t.TrialDocConfirmedUserList.Any())) if (await _trialDocumentRepository.AsQueryable(true).Where(t => t.Id == trialDocumentId).AnyAsync(t => t.TrialDocConfirmedUserList.Any()))

47
IRaCIS.Core.Application/Service/QC/QCOperationService.cs
View File

@ -21,6 +21,7 @@ using IRaCIS.Core.Infrastructure;
using IRaCIS.Core.Application.Service.Inspection.DTO; using IRaCIS.Core.Application.Service.Inspection.DTO;
using Nito.AsyncEx; using Nito.AsyncEx;
using System.ComponentModel.DataAnnotations; using System.ComponentModel.DataAnnotations;
using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application.Image.QA namespace IRaCIS.Core.Application.Image.QA
{ {
@ -68,6 +69,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpGet("{trialId:guid}/{subjectVisitId:guid}/{currentQCType:int}")] [HttpGet("{trialId:guid}/{subjectVisitId:guid}/{currentQCType:int}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> VerifyQCCanAddChallenge(Guid subjectVisitId, [FromRoute] CurrentQC currentQCType) public async Task<IResponseOutput> VerifyQCCanAddChallenge(Guid subjectVisitId, [FromRoute] CurrentQC currentQCType)
{ {
await VerifyIsCanQCAsync(null, subjectVisitId); await VerifyIsCanQCAsync(null, subjectVisitId);
@ -90,7 +92,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPost("{trialId:guid}/{trialQCProcess:int}/{currentQCType:int}")] [HttpPost("{trialId:guid}/{trialQCProcess:int}/{currentQCType:int}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = "ImageQCPolicy")] [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> AddOrUpdateQCChallenge(QCChallengeCommand qaQuestionCommand, Guid trialId, [FromRoute] TrialQCProcess trialQCProcess, [FromRoute] CurrentQC currentQCType) public async Task<IResponseOutput> AddOrUpdateQCChallenge(QCChallengeCommand qaQuestionCommand, Guid trialId, [FromRoute] TrialQCProcess trialQCProcess, [FromRoute] CurrentQC currentQCType)
{ {
await VerifyIsCanQCAsync(null, qaQuestionCommand.SubjectVisitId); await VerifyIsCanQCAsync(null, qaQuestionCommand.SubjectVisitId);
@ -147,7 +149,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPut] [HttpPut]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[UnitOfWork] [UnitOfWork]
//[Authorize(Policy = "ImageQCPolicy")] [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> CloseQCChallenge(CloseQCChallengeInDto input) public async Task<IResponseOutput> CloseQCChallenge(CloseQCChallengeInDto input)
{ {
@ -199,7 +201,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpDelete("{trialId:guid}/{subjectVisitId:guid}/{qcChallengeId:guid}")] [HttpDelete("{trialId:guid}/{subjectVisitId:guid}/{qcChallengeId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = "ImageQCPolicy")] [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> DeleteQCChallenge(Guid qcChallengeId) public async Task<IResponseOutput> DeleteQCChallenge(Guid qcChallengeId)
{ {
@ -226,7 +228,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPost("{trialId:guid}")] [HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = "ImageQCPolicy")] [Authorize(Policy = IRaCISPolicy.CRC_IQC)]
public async Task<IResponseOutput> AddQCChallengeReply(QADialogCommand qaDialogCommand) public async Task<IResponseOutput> AddQCChallengeReply(QADialogCommand qaDialogCommand)
{ {
var qaReply = _mapper.Map<QCChallengeDialog>(qaDialogCommand); var qaReply = _mapper.Map<QCChallengeDialog>(qaDialogCommand);
@ -261,7 +263,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPost("{trialId:guid}")] [HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = "ImageCheckPolicy")] [Authorize(Policy = IRaCISPolicy.PM_APM_CRC)]
public async Task<IResponseOutput> AddCheckChallengeReply(CheckChallengeDialogCommand checkDialogCommand) public async Task<IResponseOutput> AddCheckChallengeReply(CheckChallengeDialogCommand checkDialogCommand)
{ {
@ -300,6 +302,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}")] [HttpPut("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> CloseCheckChallenge(CloseCheckChallengeDto input) public async Task<IResponseOutput> CloseCheckChallenge(CloseCheckChallengeDto input)
{ {
@ -333,7 +336,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}")] [HttpPut("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = "PmAndApmPolicy")] [Authorize(Policy = IRaCISPolicy.PMAndAPM )]
public async Task<IResponseOutput> SetCheckPass(SetCheckPassDt data) public async Task<IResponseOutput> SetCheckPass(SetCheckPassDt data)
{ {
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM) //if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@ -374,6 +377,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")] [HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.CRC)]
public async Task<IResponseOutput> CRCRequstCheckBack(Guid subjectVisitId) public async Task<IResponseOutput> CRCRequstCheckBack(Guid subjectVisitId)
{ {
var sv = (await _subjectVisitRepository.FirstOrDefaultAsync(t => t.Id == subjectVisitId)).IfNullThrowException(); var sv = (await _subjectVisitRepository.FirstOrDefaultAsync(t => t.Id == subjectVisitId)).IfNullThrowException();
@ -412,7 +416,7 @@ namespace IRaCIS.Core.Application.Image.QA
} }
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")] [HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
[Authorize(Policy = "PmAndApmPolicy")] [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> RejectCheckBack(Guid subjectVisitId) public async Task<IResponseOutput> RejectCheckBack(Guid subjectVisitId)
{ {
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM) //if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@ -444,7 +448,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")] [HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = "PmAndApmPolicy")] [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[UnitOfWork] [UnitOfWork]
public async Task<IResponseOutput> CheckBack(Guid subjectVisitId) public async Task<IResponseOutput> CheckBack(Guid subjectVisitId)
{ {
@ -518,7 +522,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPost("{trialId:guid}")] [HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = "PmAndApmPolicy")] [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> UploadVisitCheckExcel(IFormFile file, Guid trialId) public async Task<IResponseOutput> UploadVisitCheckExcel(IFormFile file, Guid trialId)
{ {
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM) //if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@ -715,6 +719,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// </summary> /// </summary>
[HttpPost("{trialId:guid}/{subjectVisitId:guid}/{trialQCProcess:int}/{currentQCType:int}")] [HttpPost("{trialId:guid}/{subjectVisitId:guid}/{trialQCProcess:int}/{currentQCType:int}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> AddOrUpdateQCQuestionAnswerList(QCQuestionAnswerCommand[] qcQuestionAnswerCommands, Guid trialId, Guid subjectVisitId, [FromRoute] TrialQCProcess trialQCProcess, [FromRoute] CurrentQC currentQCType) public async Task<IResponseOutput> AddOrUpdateQCQuestionAnswerList(QCQuestionAnswerCommand[] qcQuestionAnswerCommands, Guid trialId, Guid subjectVisitId, [FromRoute] TrialQCProcess trialQCProcess, [FromRoute] CurrentQC currentQCType)
{ {
//验证是否能操作 //验证是否能操作
@ -785,6 +790,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{studyId:guid}/{seriesId:guid}/{state:int}")] [HttpPut("{trialId:guid}/{subjectVisitId:guid}/{studyId:guid}/{seriesId:guid}/{state:int}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> SetSeriesState(Guid subjectVisitId, Guid studyId, Guid seriesId, int state) public async Task<IResponseOutput> SetSeriesState(Guid subjectVisitId, Guid studyId, Guid seriesId, int state)
{ {
@ -852,6 +858,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPost("{trialId:guid}")] [HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> UpdateModality(UpdateModalityCommand updateModalityCommand) public async Task<IResponseOutput> UpdateModality(UpdateModalityCommand updateModalityCommand)
{ {
@ -918,6 +925,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPost, Route("{trialId:guid}/{subjectVisitId:guid}")] [HttpPost, Route("{trialId:guid}/{subjectVisitId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[UnitOfWork] [UnitOfWork]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> DeleteStudyList(Guid[] ids, Guid subjectVisitId, Guid trialId) public async Task<IResponseOutput> DeleteStudyList(Guid[] ids, Guid subjectVisitId, Guid trialId)
{ {
@ -1013,6 +1021,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <summary>替换当前领取人 </summary> /// <summary>替换当前领取人 </summary>
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")] [HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> ReplaceQCTaskActionUser(Guid trialId, Guid subjectVisitId) public async Task<IResponseOutput> ReplaceQCTaskActionUser(Guid trialId, Guid subjectVisitId)
{ {
var dbSubjectVisit = (await _subjectVisitRepository.FirstOrDefaultAsync(t => t.Id == subjectVisitId)).IfNullThrowException(); var dbSubjectVisit = (await _subjectVisitRepository.FirstOrDefaultAsync(t => t.Id == subjectVisitId)).IfNullThrowException();
@ -1045,6 +1054,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{obtaionOrCancel:bool}")] [HttpPut("{trialId:guid}/{subjectVisitId:guid}/{obtaionOrCancel:bool}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> ObtainOrCancelQCTask(Guid trialId, Guid subjectVisitId, bool obtaionOrCancel) public async Task<IResponseOutput> ObtainOrCancelQCTask(Guid trialId, Guid subjectVisitId, bool obtaionOrCancel)
{ {
@ -1248,6 +1258,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.CRC)]
public async Task<IResponseOutput> CRCRequestToQC(CRCRequestToQCCommand cRCRequestToQCCommand) public async Task<IResponseOutput> CRCRequestToQC(CRCRequestToQCCommand cRCRequestToQCCommand)
{ {
var trialConfig = (await _trialRepository var trialConfig = (await _trialRepository
@ -1374,6 +1385,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPost("{trialId:guid}/{subjectVisitId:guid}/{auditState:int}")] [HttpPost("{trialId:guid}/{subjectVisitId:guid}/{auditState:int}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> QCPassedOrFailed(Guid trialId, Guid subjectVisitId, [FromRoute] AuditStateEnum auditState) public async Task<IResponseOutput> QCPassedOrFailed(Guid trialId, Guid subjectVisitId, [FromRoute] AuditStateEnum auditState)
{ {
@ -1556,6 +1568,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{setOrCancel:bool}")] [HttpPut("{trialId:guid}/{subjectVisitId:guid}/{setOrCancel:bool}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> SetVisitUrgent(Guid trialId, Guid subjectVisitId, bool setOrCancel) public async Task<IResponseOutput> SetVisitUrgent(Guid trialId, Guid subjectVisitId, bool setOrCancel)
{ {
var sv = (await _subjectVisitRepository.FirstOrDefaultAsync(t => t.Id == subjectVisitId)).IfNullThrowException(); var sv = (await _subjectVisitRepository.FirstOrDefaultAsync(t => t.Id == subjectVisitId)).IfNullThrowException();
@ -1592,13 +1605,9 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{qcChallengeId:guid}")] [HttpPut("{trialId:guid}/{subjectVisitId:guid}/{qcChallengeId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> SetNeedReupload(Guid trialId, Guid qcChallengeId) public async Task<IResponseOutput> SetNeedReupload(Guid trialId, Guid qcChallengeId)
{ {
if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.IQC)
{
return ResponseOutput.NotOk("重传 只允许QA 设置!");
}
//获取项目配置 //获取项目配置
var trialConfig = await _repository.Where<Trial>(t => t.Id == trialId).Select(t => new { TrialId = t.Id, t.QCProcessEnum, t.IsImageConsistencyVerification }) var trialConfig = await _repository.Where<Trial>(t => t.Id == trialId).Select(t => new { TrialId = t.Id, t.QCProcessEnum, t.IsImageConsistencyVerification })
@ -1693,14 +1702,10 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.CRC)]
public async Task<IResponseOutput> SetReuploadFinished(CRCReuploadFinishedCommand cRCReuploadFinishedCommand) public async Task<IResponseOutput> SetReuploadFinished(CRCReuploadFinishedCommand cRCReuploadFinishedCommand)
{ {
if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ClinicalResearchCoordinator)
{
throw new BusinessValidationFailedException("重传完成 只允许CRC 设置!");
}
var qcChallenge = (await _qcChallengeRepository.FirstOrDefaultAsync(t => t.Id == cRCReuploadFinishedCommand.QCChallengeId)).IfNullThrowException(); var qcChallenge = (await _qcChallengeRepository.FirstOrDefaultAsync(t => t.Id == cRCReuploadFinishedCommand.QCChallengeId)).IfNullThrowException();
if (qcChallenge.ReuploadEnum != QCChanllengeReuploadEnum.QCAgreeUpload) if (qcChallenge.ReuploadEnum != QCChanllengeReuploadEnum.QCAgreeUpload)
@ -1772,6 +1777,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{qcChallengeId:guid}")] [HttpPut("{trialId:guid}/{subjectVisitId:guid}/{qcChallengeId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.CRC)]
public async Task<IResponseOutput> CRCRequestReUpload(Guid qcChallengeId) public async Task<IResponseOutput> CRCRequestReUpload(Guid qcChallengeId)
{ {
var qcChallenge = (await _qcChallengeRepository.FirstOrDefaultAsync(t => t.Id == qcChallengeId)).IfNullThrowException(); var qcChallenge = (await _qcChallengeRepository.FirstOrDefaultAsync(t => t.Id == qcChallengeId)).IfNullThrowException();
@ -1852,6 +1858,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPost("{trialId:guid}")] [HttpPost("{trialId:guid}")]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> ForwardSVDicomImage(Guid[] subjectVisitIdList) public async Task<IResponseOutput> ForwardSVDicomImage(Guid[] subjectVisitIdList)
{ {

6
IRaCIS.Core.Application/Service/QC/TrialQCQuestionService.cs
View File

@ -4,8 +4,10 @@
// 对此文件的更改可能会导致不正确的行为,并且如果重新生成代码,这些更改将会丢失。 // 对此文件的更改可能会导致不正确的行为,并且如果重新生成代码,这些更改将会丢失。
//-------------------------------------------------------------------- //--------------------------------------------------------------------
using IRaCIS.Core.Application.Auth;
using IRaCIS.Core.Infra.EFCore; using IRaCIS.Core.Infra.EFCore;
using IRaCIS.Core.Infrastructure; using IRaCIS.Core.Infrastructure;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
namespace IRaCIS.Core.Application.Contracts namespace IRaCIS.Core.Application.Contracts
@ -122,6 +124,7 @@ namespace IRaCIS.Core.Application.Contracts
/// <param name="trialId"></param> /// <param name="trialId"></param>
/// <returns></returns> /// <returns></returns>
[HttpPost("{trialId:guid}")] [HttpPost("{trialId:guid}")]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> BatchAddTrialQCQuestionConfigure(List<TrialQCQuestionConfigureBatchAdd> batchList, Guid trialId) public async Task<IResponseOutput> BatchAddTrialQCQuestionConfigure(List<TrialQCQuestionConfigureBatchAdd> batchList, Guid trialId)
{ {
@ -137,7 +140,7 @@ namespace IRaCIS.Core.Application.Contracts
return ResponseOutput.Result(success); return ResponseOutput.Result(success);
} }
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> AddOrUpdateTrialQCQuestionConfigure(TrialQCQuestionAddOrEdit addOrEditTrialQCQuestionConfigure) public async Task<IResponseOutput> AddOrUpdateTrialQCQuestionConfigure(TrialQCQuestionAddOrEdit addOrEditTrialQCQuestionConfigure)
{ {
await VerifyIsQCConfirmedAsync(addOrEditTrialQCQuestionConfigure.TrialId); await VerifyIsQCConfirmedAsync(addOrEditTrialQCQuestionConfigure.TrialId);
@ -149,6 +152,7 @@ namespace IRaCIS.Core.Application.Contracts
[HttpDelete("{trialId:guid}/{trialQCQuestionConfigureId:guid}")] [HttpDelete("{trialId:guid}/{trialQCQuestionConfigureId:guid}")]
[Authorize(Policy = IRaCISPolicy.IQC)]
public async Task<IResponseOutput> DeleteTrialQCQuestionConfigure(Guid trialQCQuestionConfigureId, Guid trialId) public async Task<IResponseOutput> DeleteTrialQCQuestionConfigure(Guid trialQCQuestionConfigureId, Guid trialId)
{ {
await VerifyIsQCConfirmedAsync(trialId); await VerifyIsQCConfirmedAsync(trialId);

12
IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteEquipmentSurveyService.cs
View File

@ -7,7 +7,6 @@
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using IRaCIS.Core.Application.Filter; using IRaCIS.Core.Application.Filter;
using IRaCIS.Core.Domain.Share; using IRaCIS.Core.Domain.Share;
using IRaCIS.Core.Infra.EFCore;
namespace IRaCIS.Core.Application.Contracts namespace IRaCIS.Core.Application.Contracts
{ {
@ -39,11 +38,7 @@ namespace IRaCIS.Core.Application.Contracts
[HttpPost("{trialId:guid}")] [HttpPost("{trialId:guid}")]
public async Task<IResponseOutput> AddOrUpdateTrialSiteEquipmentSurvey(TrialSiteEquipmentSurveyAddOrEdit addOrEditTrialSiteEquipmentSurvey) public async Task<IResponseOutput> AddOrUpdateTrialSiteEquipmentSurvey(TrialSiteEquipmentSurveyAddOrEdit addOrEditTrialSiteEquipmentSurvey)
{ {
if (_userInfo.UserTypeEnumInt == (int)UserTypeEnum.CPM || _userInfo.UserTypeEnumInt == (int)UserTypeEnum.APM)
{
return ResponseOutput.NotOk("CPM/APM 不允许操作");
}
if (addOrEditTrialSiteEquipmentSurvey.Id != null) if (addOrEditTrialSiteEquipmentSurvey.Id != null)
{ {
if (await _trialSiteEquipmentSurveyRepository.Where(t => t.Id == addOrEditTrialSiteEquipmentSurvey.Id).AnyAsync(t => t.TrialSiteSurvey.State==TrialSiteSurveyEnum.PMCreatedAndLock)) if (await _trialSiteEquipmentSurveyRepository.Where(t => t.Id == addOrEditTrialSiteEquipmentSurvey.Id).AnyAsync(t => t.TrialSiteSurvey.State==TrialSiteSurveyEnum.PMCreatedAndLock))
@ -63,11 +58,6 @@ namespace IRaCIS.Core.Application.Contracts
[HttpDelete("{trialSiteEquipmentSurveyId:guid}/{trialId:guid}")] [HttpDelete("{trialSiteEquipmentSurveyId:guid}/{trialId:guid}")]
public async Task<IResponseOutput> DeleteTrialSiteEquipmentSurvey(Guid trialSiteEquipmentSurveyId) public async Task<IResponseOutput> DeleteTrialSiteEquipmentSurvey(Guid trialSiteEquipmentSurveyId)
{ {
if (_userInfo.UserTypeEnumInt == (int)UserTypeEnum.CPM || _userInfo.UserTypeEnumInt == (int)UserTypeEnum.APM)
{
return ResponseOutput.NotOk("CPM/APM 不允许操作");
}
if (await _trialSiteEquipmentSurveyRepository.Where(t => t.Id == trialSiteEquipmentSurveyId).AnyAsync(t => t.TrialSiteSurvey.State==TrialSiteSurveyEnum.PMCreatedAndLock)) if (await _trialSiteEquipmentSurveyRepository.Where(t => t.Id == trialSiteEquipmentSurveyId).AnyAsync(t => t.TrialSiteSurvey.State==TrialSiteSurveyEnum.PMCreatedAndLock))
{ {
return ResponseOutput.NotOk("已锁定,不允许操作"); return ResponseOutput.NotOk("已锁定,不允许操作");

6
IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteUserSurveyService.cs
View File

@ -6,8 +6,6 @@
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using IRaCIS.Core.Domain.Share; using IRaCIS.Core.Domain.Share;
using IRaCIS.Core.Application.Filter; using IRaCIS.Core.Application.Filter;
using IRaCIS.Core.Infra.EFCore;
using IRaCIS.Core.Infrastructure;
namespace IRaCIS.Core.Application.Contracts namespace IRaCIS.Core.Application.Contracts
{ {
@ -41,7 +39,6 @@ namespace IRaCIS.Core.Application.Contracts
public async Task<IResponseOutput> AddOrUpdateTrialSiteUserSurvey(TrialSiteUserSurveyAddOrEdit addOrEditTrialSiteUserSurvey) public async Task<IResponseOutput> AddOrUpdateTrialSiteUserSurvey(TrialSiteUserSurveyAddOrEdit addOrEditTrialSiteUserSurvey)
{ {
if (await _trialSiteUserSurveyRepository.Where(t => t.Id == addOrEditTrialSiteUserSurvey.Id).AnyAsync(t => t.TrialSiteSurvey.State == TrialSiteSurveyEnum.PMCreatedAndLock)) if (await _trialSiteUserSurveyRepository.Where(t => t.Id == addOrEditTrialSiteUserSurvey.Id).AnyAsync(t => t.TrialSiteSurvey.State == TrialSiteSurveyEnum.PMCreatedAndLock))
{ {
return ResponseOutput.NotOk("已锁定,不允许操作"); return ResponseOutput.NotOk("已锁定,不允许操作");
@ -73,8 +70,7 @@ namespace IRaCIS.Core.Application.Contracts
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[HttpDelete("{trialSiteUserSurveyId:guid}/{trialId:guid}")] [HttpDelete("{trialSiteUserSurveyId:guid}/{trialId:guid}")]
public async Task<IResponseOutput> DeleteTrialSiteUserSurvey(Guid trialSiteUserSurveyId) public async Task<IResponseOutput> DeleteTrialSiteUserSurvey(Guid trialSiteUserSurveyId)
{ {
if (await _trialSiteUserSurveyRepository.Where(t => t.Id == trialSiteUserSurveyId).AnyAsync(t => t.TrialSiteSurvey.State == TrialSiteSurveyEnum.PMCreatedAndLock)) if (await _trialSiteUserSurveyRepository.Where(t => t.Id == trialSiteUserSurveyId).AnyAsync(t => t.TrialSiteSurvey.State == TrialSiteSurveyEnum.PMCreatedAndLock))
{ {

8
IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs
View File

@ -6,6 +6,8 @@ using Microsoft.AspNetCore.Http;
using IRaCIS.Core.Domain.Share; using IRaCIS.Core.Domain.Share;
using EasyCaching.Core; using EasyCaching.Core;
using IRaCIS.Core.Infrastructure; using IRaCIS.Core.Infrastructure;
using Microsoft.AspNetCore.Authorization;
using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application namespace IRaCIS.Core.Application
{ {
@ -68,6 +70,7 @@ namespace IRaCIS.Core.Application
/// 签名确认 包括项目的三组配置 + QC问题确认 后修改状态 (适用于不会回退的,项目废除、状态修改, 存在回退 不在这里弄,提供单独接口修改状态) /// 签名确认 包括项目的三组配置 + QC问题确认 后修改状态 (适用于不会回退的,项目废除、状态修改, 存在回退 不在这里弄,提供单独接口修改状态)
/// </summary> /// </summary>
/// <returns></returns> /// <returns></returns>
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> TrialConfigSignatureConfirm(SignConfirmDTO signConfirmDTO) public async Task<IResponseOutput> TrialConfigSignatureConfirm(SignConfirmDTO signConfirmDTO)
{ {
await VerifyOnlyInOngoingOrInitialIzingOptAsync(signConfirmDTO.TrialId); await VerifyOnlyInOngoingOrInitialIzingOptAsync(signConfirmDTO.TrialId);
@ -144,6 +147,7 @@ namespace IRaCIS.Core.Application
/// <param name="trialConfig"></param> /// <param name="trialConfig"></param>
/// <returns></returns> /// <returns></returns>
[HttpPut] [HttpPut]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> ConfigTrialBasicInfo(BasicTrialConfig trialConfig) public async Task<IResponseOutput> ConfigTrialBasicInfo(BasicTrialConfig trialConfig)
{ {
await VerifyOnlyInOngoingOrInitialIzingOptAsync(trialConfig.TrialId); await VerifyOnlyInOngoingOrInitialIzingOptAsync(trialConfig.TrialId);
@ -175,6 +179,7 @@ namespace IRaCIS.Core.Application
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}/{trialStatusStr}/{reason?}")] [HttpPut("{trialId:guid}/{trialStatusStr}/{reason?}")]
[UnitOfWork] [UnitOfWork]
[Authorize(Policy = IRaCISPolicy.PM)]
public async Task<IResponseOutput> UpdateTrialState(Guid trialId, string trialStatusStr, string? reason) public async Task<IResponseOutput> UpdateTrialState(Guid trialId, string trialStatusStr, string? reason)
{ {
@ -250,6 +255,7 @@ namespace IRaCIS.Core.Application
/// <param name="isAbandon"></param> /// <param name="isAbandon"></param>
/// <returns></returns> /// <returns></returns>
[HttpPut("{trialId:guid}/{isAbandon:bool}")] [HttpPut("{trialId:guid}/{isAbandon:bool}")]
[Authorize(Policy = IRaCISPolicy.PM)]
public async Task<IResponseOutput> AbandonTrial(Guid trialId, /*Guid? signId,*/ bool isAbandon) public async Task<IResponseOutput> AbandonTrial(Guid trialId, /*Guid? signId,*/ bool isAbandon)
{ {
@ -287,6 +293,7 @@ namespace IRaCIS.Core.Application
/// <param name="trialConfig"></param> /// <param name="trialConfig"></param>
/// <returns></returns> /// <returns></returns>
[HttpPut] [HttpPut]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> ConfigTrialProcessInfo(TrialProcessConfig trialConfig) public async Task<IResponseOutput> ConfigTrialProcessInfo(TrialProcessConfig trialConfig)
{ {
if (!await _trialRepository.Where(t => t.Id == trialConfig.TrialId).IgnoreQueryFilters().AnyAsync(t => t.TrialStatusStr == StaticData.TrialInitializing)) if (!await _trialRepository.Where(t => t.Id == trialConfig.TrialId).IgnoreQueryFilters().AnyAsync(t => t.TrialStatusStr == StaticData.TrialInitializing))
@ -311,6 +318,7 @@ namespace IRaCIS.Core.Application
/// <param name="trialConfig"></param> /// <param name="trialConfig"></param>
/// <returns></returns> /// <returns></returns>
[HttpPut] [HttpPut]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> ConfigTrialUrgentInfo(TrialUrgentConfig trialConfig) public async Task<IResponseOutput> ConfigTrialUrgentInfo(TrialUrgentConfig trialConfig)
{ {

3
IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs
View File

@ -64,6 +64,7 @@ namespace IRaCIS.Core.Application.Service
/// </summary> /// </summary>
/// <param name="addOrEditTrialExternalUser"></param> /// <param name="addOrEditTrialExternalUser"></param>
/// <returns></returns> /// <returns></returns>
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> AddOrUpdateTrialExternalUser(TrialExternalUserAddAndSendEmail addOrEditTrialExternalUser) public async Task<IResponseOutput> AddOrUpdateTrialExternalUser(TrialExternalUserAddAndSendEmail addOrEditTrialExternalUser)
{ {
@ -197,6 +198,7 @@ namespace IRaCIS.Core.Application.Service
[HttpDelete("{trialExternalUserId:guid}/{isSystemUser:bool}/{systemUserId}")] [HttpDelete("{trialExternalUserId:guid}/{isSystemUser:bool}/{systemUserId}")]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> DeleteTrialExternalUser(Guid trialExternalUserId, bool isSystemUser, Guid systemUserId) public async Task<IResponseOutput> DeleteTrialExternalUser(Guid trialExternalUserId, bool isSystemUser, Guid systemUserId)
{ {
var success = await _trialExternalUseRepository.BatchDeleteNoTrackingAsync(t => t.Id == trialExternalUserId); var success = await _trialExternalUseRepository.BatchDeleteNoTrackingAsync(t => t.Id == trialExternalUserId);
@ -212,6 +214,7 @@ namespace IRaCIS.Core.Application.Service
//New 省掉邀请流程 //New 省掉邀请流程
[HttpPost] [HttpPost]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> SendExternalUserJoinEmail(TrialExternalUserSendEmail sendEmail) public async Task<IResponseOutput> SendExternalUserJoinEmail(TrialExternalUserSendEmail sendEmail)
{ {
var trialInfo = (await _repository.FirstOrDefaultAsync<Trial>(t => t.Id == sendEmail.TrialId)).IfNullThrowException(); var trialInfo = (await _repository.FirstOrDefaultAsync<Trial>(t => t.Id == sendEmail.TrialId)).IfNullThrowException();

3
IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs
View File

@ -7,6 +7,7 @@ using IRaCIS.Application.Interfaces;
using IRaCIS.Core.Application.Service; using IRaCIS.Core.Application.Service;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Application.Services namespace IRaCIS.Application.Services
{ {
@ -129,6 +130,7 @@ namespace IRaCIS.Application.Services
//[TrialAudit(AuditType.TrialAudit, AuditOptType.AddTrialStaff)] //[TrialAudit(AuditType.TrialAudit, AuditOptType.AddTrialStaff)]
[HttpPost] [HttpPost]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> AddTrialUsers(TrialUserAddCommand[] userTrialCommands) public async Task<IResponseOutput> AddTrialUsers(TrialUserAddCommand[] userTrialCommands)
{ {
@ -150,6 +152,7 @@ namespace IRaCIS.Application.Services
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[HttpPut] [HttpPut]
public async Task<IResponseOutput> UpdateTrialUser(UpdateTrialUserCommand updateTrialUserCommand) public async Task<IResponseOutput> UpdateTrialUser(UpdateTrialUserCommand updateTrialUserCommand)
{ {

8
IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs
View File

@ -7,6 +7,7 @@ using IRaCIS.Core.Application.Contracts;
using IRaCIS.Core.Application.Interfaces; using IRaCIS.Core.Application.Interfaces;
using IRaCIS.Core.Application.Service; using IRaCIS.Core.Application.Service;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application.Services namespace IRaCIS.Core.Application.Services
{ {
@ -210,7 +211,7 @@ namespace IRaCIS.Core.Application.Services
/// <summary>Setting页面 Site批量添加</summary> /// <summary>Setting页面 Site批量添加</summary>
[HttpPost] [HttpPost]
[UnitOfWork] [UnitOfWork]
[TrialAudit(AuditType.TrialAudit, AuditOptType.AddTrialSite)] [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
public async Task<IResponseOutput> AddTrialSites(List<TrialSiteCommand> trialSites) public async Task<IResponseOutput> AddTrialSites(List<TrialSiteCommand> trialSites)
{ {
@ -224,13 +225,13 @@ namespace IRaCIS.Core.Application.Services
/// <summary> /// <summary>
/// 项目site 编辑接口 New 可以设置为启用不启用 不启用 不会验证Code 重复 /// 项目site 编辑接口 New 可以设置为启用不启用 不启用 不会验证Code 重复
/// </summary> /// </summary>
/// <param name="editTrialSiteCommand"></param> /// <param name="editTrialSiteCommand"></param>
/// <returns></returns> /// <returns></returns>
[HttpPut] [HttpPut]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> EditTrialSite(EditTrialSiteCommand editTrialSiteCommand) public async Task<IResponseOutput> EditTrialSite(EditTrialSiteCommand editTrialSiteCommand)
{ {
@ -282,8 +283,8 @@ namespace IRaCIS.Core.Application.Services
/// <summary> 批量添加Site下 CRC的负责人 </summary> /// <summary> 批量添加Site下 CRC的负责人 </summary>
[HttpPost] [HttpPost]
[TrialAudit(AuditType.TrialAudit, AuditOptType.AddTrialSiteCRC)]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> AssignSiteCRC(List<AssginSiteCRCCommand> trialSiteCRCList) public async Task<IResponseOutput> AssignSiteCRC(List<AssginSiteCRCCommand> trialSiteCRCList)
{ {
var addArray = _mapper.Map<List<TrialSiteUser>>(trialSiteCRCList); var addArray = _mapper.Map<List<TrialSiteUser>>(trialSiteCRCList);
@ -297,6 +298,7 @@ namespace IRaCIS.Core.Application.Services
/// <summary> 删除CRC人员</summary> /// <summary> 删除CRC人员</summary>
[HttpDelete, Route("{id:guid}/{trialId:guid}/{isDelete:bool}")] [HttpDelete, Route("{id:guid}/{trialId:guid}/{isDelete:bool}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> DeleteSiteCRC(Guid id, bool isDelete) public async Task<IResponseOutput> DeleteSiteCRC(Guid id, bool isDelete)
{ {

3
IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs
View File

@ -8,6 +8,7 @@ using IRaCIS.Core.Domain.Share;
using IRaCIS.Core.Application.Contracts; using IRaCIS.Core.Application.Contracts;
using IRaCIS.Core.Application.Interfaces; using IRaCIS.Core.Application.Interfaces;
using IRaCIS.Core.Infrastructure; using IRaCIS.Core.Infrastructure;
using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application.Services namespace IRaCIS.Core.Application.Services
{ {
@ -120,8 +121,10 @@ namespace IRaCIS.Core.Application.Services
} }
[HttpDelete, Route("{trialId:guid}/{id:guid}")] [HttpDelete, Route("{trialId:guid}/{id:guid}")]
[TypeFilter(typeof(TrialResourceFilter))] [TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.CRC)]
public async Task<IResponseOutput> DeleteSV(Guid id) public async Task<IResponseOutput> DeleteSV(Guid id)
{ {
if (await _repository.AnyAsync<DicomStudy>(t => t.SubjectVisitId == id)) if (await _repository.AnyAsync<DicomStudy>(t => t.SubjectVisitId == id))

6
IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs
View File

@ -9,7 +9,8 @@ using Magicodes.ExporterAndImporter.Core;
using Magicodes.ExporterAndImporter.Excel; using Magicodes.ExporterAndImporter.Excel;
using Magicodes.ExporterAndImporter.Excel.AspNetCore; using Magicodes.ExporterAndImporter.Excel.AspNetCore;
using IRaCIS.Core.Infrastructure; using IRaCIS.Core.Infrastructure;
using MassTransit; using Microsoft.AspNetCore.Authorization;
using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Application.Services namespace IRaCIS.Application.Services
{ {
@ -82,6 +83,7 @@ namespace IRaCIS.Application.Services
/// <summary> 添加或更新访视计划某项</summary> /// <summary> 添加或更新访视计划某项</summary>
[UnitOfWork] [UnitOfWork]
[HttpPost] [HttpPost]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> AddOrUpdateVisitStage(VisitPlanCommand visitPlan) public async Task<IResponseOutput> AddOrUpdateVisitStage(VisitPlanCommand visitPlan)
{ {
@ -212,7 +214,7 @@ namespace IRaCIS.Application.Services
[UnitOfWork] [UnitOfWork]
[HttpPost("{trialId:guid}")] [HttpPost("{trialId:guid}")]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task<IResponseOutput> ConfirmTrialVisitPlan(Guid trialId) public async Task<IResponseOutput> ConfirmTrialVisitPlan(Guid trialId)
{ {
if (!await _trialRepository.AnyAsync(t => t.Id == trialId && (t.TrialStatusStr == StaticData.TrialInitializing || t.TrialStatusStr == StaticData.TrialOngoing))) if (!await _trialRepository.AnyAsync(t => t.Id == trialId && (t.TrialStatusStr == StaticData.TrialInitializing || t.TrialStatusStr == StaticData.TrialOngoing)))