feat(perm): update api account related permission
All checks were successful
Spell Check / Spell Check with Typos (push) Successful in 4s
All checks were successful
Spell Check / Spell Check with Typos (push) Successful in 4s
This commit is contained in:
Methapon2001
parent
d08327afb6
commit
68025aad08
5 changed files with 44 additions and 30 deletions
|
|
@ -26,11 +26,20 @@ import flowAccount from "../services/flowaccount";
|
|||
import HttpError from "../interfaces/http-error";
|
||||
import HttpStatus from "../interfaces/http-status";
|
||||
|
||||
const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_accountant", "accountant"];
|
||||
const MANAGE_ROLES = [
|
||||
"system",
|
||||
"head_of_admin",
|
||||
"admin",
|
||||
"executive",
|
||||
"accountant",
|
||||
"branch_admin",
|
||||
"branch_manager",
|
||||
"branch_accountant",
|
||||
];
|
||||
|
||||
function globalAllow(user: RequestWithUser["user"]) {
|
||||
const allowList = ["system", "head_of_admin", "head_of_accountant"];
|
||||
return allowList.some((v) => user.roles?.includes(v));
|
||||
const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
|
||||
return user.roles?.some((v) => listAllowed.includes(v)) || false;
|
||||
}
|
||||
|
||||
const permissionCondCompany = createPermCondition((_) => true);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue