From 6926d9367cf16d6d86caf933bee6ffa2d7bb830e Mon Sep 17 00:00:00 2001 From: Methapon Metanipat Date: Mon, 9 Sep 2024 09:10:41 +0700 Subject: [PATCH] feat: customer permission --- src/controllers/03-customer-controller.ts | 42 +++++++++++++++++++++-- 1 file changed, 40 insertions(+), 2 deletions(-) diff --git a/src/controllers/03-customer-controller.ts b/src/controllers/03-customer-controller.ts index 0e9f8de..d3c0a8f 100644 --- a/src/controllers/03-customer-controller.ts +++ b/src/controllers/03-customer-controller.ts @@ -78,10 +78,36 @@ function imageLocation(id: string) { export class CustomerController extends Controller { @Get("type-stats") @Security("keycloak") - async stat() { + async stat(@Request() req: RequestWithUser) { const list = await prisma.customer.groupBy({ by: "customerType", _count: true, + where: { + registeredBranch: isSystem(req.user) + ? undefined + : { + OR: [ + { + user: { some: { userId: req.user.sub } }, + }, + { + branch: globalAllow(req.user) + ? { some: { user: { some: { userId: req.user.sub } } } } + : undefined, + }, + { + headOffice: globalAllow(req.user) + ? { branch: { some: { user: { some: { userId: req.user.sub } } } } } + : undefined, + }, + { + headOffice: globalAllow(req.user) + ? { user: { some: { userId: req.user.sub } } } + : undefined, + }, + ], + }, + }, }); return list.reduce>( @@ -126,12 +152,24 @@ export class CustomerController extends Controller { ? undefined : { OR: [ - { user: { some: { userId: req.user.sub } } }, + { + user: { some: { userId: req.user.sub } }, + }, { branch: globalAllow(req.user) ? { some: { user: { some: { userId: req.user.sub } } } } : undefined, }, + { + headOffice: globalAllow(req.user) + ? { branch: { some: { user: { some: { userId: req.user.sub } } } } } + : undefined, + }, + { + headOffice: globalAllow(req.user) + ? { user: { some: { userId: req.user.sub } } } + : undefined, + }, ], }, },