feat: do not allow sale to delete data
All checks were successful
Spell Check / Spell Check with Typos (push) Successful in 5s
All checks were successful
Spell Check / Spell Check with Typos (push) Successful in 5s
This commit is contained in:
Methapon2001
parent
ced55b9518
commit
2b255ff355
3 changed files with 4 additions and 10 deletions
|
|
@ -155,8 +155,6 @@ const MANAGE_ROLES = [
|
|||
"branch_admin",
|
||||
"branch_manager",
|
||||
"branch_accountant",
|
||||
"head_of_sale",
|
||||
"sale",
|
||||
];
|
||||
|
||||
function globalAllow(user: RequestWithUser["user"]) {
|
||||
|
|
@ -418,7 +416,7 @@ export class QuotationController extends Controller {
|
|||
}
|
||||
|
||||
@Post()
|
||||
@Security("keycloak", MANAGE_ROLES)
|
||||
@Security("keycloak", MANAGE_ROLES.concat(["head_of_sale", "sale"]))
|
||||
async createQuotation(@Request() req: RequestWithUser, @Body() body: QuotationCreate) {
|
||||
const ids = {
|
||||
employee: body.worker.filter((v) => typeof v === "string"),
|
||||
|
|
@ -669,7 +667,7 @@ export class QuotationController extends Controller {
|
|||
}
|
||||
|
||||
@Put("{quotationId}")
|
||||
@Security("keycloak")
|
||||
@Security("keycloak", MANAGE_ROLES.concat(["head_of_sale", "sale"]))
|
||||
async editQuotation(
|
||||
@Request() req: RequestWithUser,
|
||||
@Path() quotationId: string,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue