diff --git a/src/controllers/03-customer-branch-controller.ts b/src/controllers/03-customer-branch-controller.ts
index a9a371c..efc4992 100644
--- a/src/controllers/03-customer-branch-controller.ts
+++ b/src/controllers/03-customer-branch-controller.ts
@@ -25,9 +25,17 @@ if (!process.env.MINIO_BUCKET) {
 }
 
 const MINIO_BUCKET = process.env.MINIO_BUCKET;
-const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
+const MANAGE_ROLES = [
+  "system",
+  "head_of_admin",
+  "admin",
+  "head_of_account",
+  "account",
+  "head_of_sale",
+];
+
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = ["system", "head_of_admin", "admin", "head_of_account"];
+  const allowList = ["system", "head_of_admin", "admin", "head_of_account", "head_of_sale"];
   return allowList.some((v) => user.roles?.includes(v));
 }
 
diff --git a/src/controllers/03-customer-controller.ts b/src/controllers/03-customer-controller.ts
index 83bccfd..f95d3f4 100644
--- a/src/controllers/03-customer-controller.ts
+++ b/src/controllers/03-customer-controller.ts
@@ -25,10 +25,17 @@ if (!process.env.MINIO_BUCKET) {
 }
 
 const MINIO_BUCKET = process.env.MINIO_BUCKET;
-const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
+const MANAGE_ROLES = [
+  "system",
+  "head_of_admin",
+  "admin",
+  "head_of_account",
+  "account",
+  "head_of_sale",
+];
 
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = ["system", "head_of_admin", "admin", "head_of_account"];
+  const allowList = ["system", "head_of_admin", "admin", "head_of_account", "head_of_sale"];
   return allowList.some((v) => user.roles?.includes(v));
 }
 
diff --git a/src/controllers/03-employee-checkup-controller.ts b/src/controllers/03-employee-checkup-controller.ts
index e9b1a8d..0568b4a 100644
--- a/src/controllers/03-employee-checkup-controller.ts
+++ b/src/controllers/03-employee-checkup-controller.ts
@@ -22,21 +22,13 @@ const MANAGE_ROLES = [
   "system",
   "head_of_admin",
   "admin",
-  "branch_manager",
-  "head_of_sale",
-  "sale",
   "head_of_account",
   "account",
+  "head_of_sale",
 ];
+
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = [
-    "system",
-    "head_of_admin",
-    "admin",
-    "branch_manager",
-    "head_of_sale",
-    "head_of_account",
-  ];
+  const allowList = ["system", "head_of_admin", "admin", "head_of_account", "head_of_sale"];
   return allowList.some((v) => user.roles?.includes(v));
 }
 
diff --git a/src/controllers/03-employee-controller.ts b/src/controllers/03-employee-controller.ts
index d024d3d..70c7100 100644
--- a/src/controllers/03-employee-controller.ts
+++ b/src/controllers/03-employee-controller.ts
@@ -25,9 +25,17 @@ if (!process.env.MINIO_BUCKET) {
 }
 
 const MINIO_BUCKET = process.env.MINIO_BUCKET;
-const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
+const MANAGE_ROLES = [
+  "system",
+  "head_of_admin",
+  "admin",
+  "head_of_account",
+  "account",
+  "head_of_sale",
+];
+
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = ["system", "head_of_admin", "admin", "branch_manager", "head_of_account"];
+  const allowList = ["system", "head_of_admin", "admin", "head_of_account", "head_of_sale"];
   return allowList.some((v) => user.roles?.includes(v));
 }
 
diff --git a/src/controllers/03-employee-other-info-controller.ts b/src/controllers/03-employee-other-info-controller.ts
index c3a39ce..969a12e 100644
--- a/src/controllers/03-employee-other-info-controller.ts
+++ b/src/controllers/03-employee-other-info-controller.ts
@@ -19,9 +19,17 @@ import HttpStatus from "../interfaces/http-status";
 import { RequestWithUser } from "../interfaces/user";
 import { permissionCheck } from "../middlewares/employee";
 
-const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
+const MANAGE_ROLES = [
+  "system",
+  "head_of_admin",
+  "admin",
+  "head_of_account",
+  "account",
+  "head_of_sale",
+];
+
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = ["system", "head_of_admin", "admin", "branch_manager", "head_of_account"];
+  const allowList = ["system", "head_of_admin", "admin", "head_of_account", "head_of_sale"];
   return allowList.some((v) => user.roles?.includes(v));
 }
 
diff --git a/src/controllers/03-employee-work-controller.ts b/src/controllers/03-employee-work-controller.ts
index 298819a..ee84d8b 100644
--- a/src/controllers/03-employee-work-controller.ts
+++ b/src/controllers/03-employee-work-controller.ts
@@ -18,9 +18,17 @@ import HttpStatus from "../interfaces/http-status";
 import HttpError from "../interfaces/http-error";
 import { permissionCheck } from "../middlewares/employee";
 
-const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
+const MANAGE_ROLES = [
+  "system",
+  "head_of_admin",
+  "admin",
+  "head_of_account",
+  "account",
+  "head_of_sale",
+];
+
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = ["system", "head_of_admin", "admin", "branch_manager", "head_of_account"];
+  const allowList = ["system", "head_of_admin", "admin", "head_of_account", "head_of_sale"];
   return allowList.some((v) => user.roles?.includes(v));
 }