diff --git a/src/controllers/05-quotation-controller.ts b/src/controllers/05-quotation-controller.ts
index 80a0b95..92e096c 100644
--- a/src/controllers/05-quotation-controller.ts
+++ b/src/controllers/05-quotation-controller.ts
@@ -150,15 +150,16 @@ const MANAGE_ROLES = [
   "system",
   "head_of_admin",
   "admin",
+  "executive",
   "accountant",
+  "branch_admin",
+  "branch_manager",
   "branch_accountant",
-  "head_of_sale",
-  "sale",
 ];
 
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = ["system", "head_of_admin", "accountant", "head_of_sale"];
-  return allowList.some((v) => user.roles?.includes(v));
+  const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
+  return user.roles?.some((v) => listAllowed.includes(v)) || false;
 }
 
 const permissionCheckCompany = createPermCheck((_) => true);