feat: customer permission role

2024-07-02 17:29:51 +07:00 · 2024-07-02 17:29:51 +07:00 · 6c521c1b09
commit 6c521c1b09
parent 6113b56f93
1 changed files with 6 additions and 1 deletions
--- a/src/controllers/customer-controller.ts
+++ b/src/controllers/customer-controller.ts
@ -117,9 +117,9 @@ function imageLocation(id: string) {

@Route("api/v1/customer")
@Tags("Customer")
-@Security("keycloak")
 export class CustomerController extends Controller {
  @Get("type-stats")
+  @Security("keycloak")
  async stat() {
    const list = await prisma.customer.groupBy({
      by: "customerType",
@ -139,6 +139,7 @@ export class CustomerController extends Controller {
  }

  @Get()
+  @Security("keycloak")
  async list(
    @Query() customerType?: CustomerType,
    @Query() query: string = "",
@ -203,6 +204,7 @@ export class CustomerController extends Controller {
  }

  @Get("{customerId}")
+  @Security("keycloak")
  async getById(@Path() customerId: string) {
    const record = await prisma.customer.findFirst({
      include: {
@ -230,6 +232,7 @@ export class CustomerController extends Controller {
  }

  @Post()
+  @Security("keycloak", ["system", "head_of_admin", "admin", "head_of_sale", "sale"])
  async create(@Request() req: RequestWithUser, @Body() body: CustomerCreate) {
    const { customerBranch, ...payload } = body;

@ -341,6 +344,7 @@ export class CustomerController extends Controller {
  }

  @Put("{customerId}")
+  @Security("keycloak", ["system", "head_of_admin", "admin", "head_of_sale", "sale"])
  async editById(
    @Path() customerId: string,
    @Request() req: RequestWithUser,
@ -500,6 +504,7 @@ export class CustomerController extends Controller {
  }

  @Delete("{customerId}")
+  @Security("keycloak", ["system", "head_of_admin", "admin", "head_of_sale", "sale"])
  async deleteById(@Path() customerId: string) {
    const record = await prisma.customer.findFirst({ where: { id: customerId } });