From 126e00baf15a9c4ae51bd24afe5de2ea2cccb11a Mon Sep 17 00:00:00 2001
From: Methapon2001 <61303214+Methapon2001@users.noreply.github.com>
Date: Wed, 9 Jul 2025 16:34:00 +0700
Subject: [PATCH 1/2] fix: stats does not account for permission

---
 src/controllers/07-task-controller.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/controllers/07-task-controller.ts b/src/controllers/07-task-controller.ts
index bac70dd..6707781 100644
--- a/src/controllers/07-task-controller.ts
+++ b/src/controllers/07-task-controller.ts
@@ -70,8 +70,9 @@ const permissionCheckCompany = createPermCheck((_) => true);
 @Tags("Task Order")
 export class TaskController extends Controller {
   @Get("stats")
-  async getTaskOrderStats() {
+  async getTaskOrderStats(@Request() req: RequestWithUser) {
     const task = await prisma.taskOrder.groupBy({
+      where: { registeredBranch: { OR: permissionCondCompany(req.user) } },
       by: ["taskOrderStatus"],
       _count: true,
     });

From 1f63089363b675e42c6cdb40f7abf01d38edf27d Mon Sep 17 00:00:00 2001
From: Kanjana <kanjana@chamomind.com>
Date: Wed, 9 Jul 2025 17:40:24 +0700
Subject: [PATCH 2/2] fest: add page

---
 src/controllers/10-business-type-controller.ts | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/controllers/10-business-type-controller.ts b/src/controllers/10-business-type-controller.ts
index 2cd80a6..6d7373c 100644
--- a/src/controllers/10-business-type-controller.ts
+++ b/src/controllers/10-business-type-controller.ts
@@ -44,6 +44,8 @@ export class businessTypeController extends Controller {
     const [result, total] = await prisma.$transaction([
       prisma.businessType.findMany({
         where,
+        take: pageSize,
+        skip: (page - 1) * pageSize,
       }),
       prisma.businessType.count({ where }),
     ]);
@@ -84,7 +86,7 @@ export class businessTypeController extends Controller {
       });
 
       if (!record) throw notFoundError("BusinessType");
-      return await prisma.businessType.update({
+      return await tx.businessType.update({
         where: { id: businessTypeId },
         data: {
           ...body,
@@ -103,7 +105,7 @@ export class businessTypeController extends Controller {
       });
 
       if (!record) throw notFoundError("BusinessType");
-      return await prisma.businessType.delete({
+      return await tx.businessType.delete({
         where: { id: businessTypeId },
       });
     });