chamomind/jws-backend
chamomind/jws-backend
7
0
Fork 0
Code Issues Projects 1 Releases Packages 1 Wiki Activity Actions

feat: allow anybody to edit customer data if can manage

Browse source
This commit is contained in:
Methapon2001 2025-07-08 17:04:23 +07:00
parent 86085a74ba
commit 842d81026e
8 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/controllers/03-customer-branch-citizen-controller.ts
View file

@ -31,7 +31,7 @@ const MANAGE_ROLES = [
];
function globalAllow(user: RequestWithUser["user"]) {
const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
const listAllowed = MANAGE_ROLES;
return user.roles?.some((v) => listAllowed.includes(v)) || false;
}

2
src/controllers/03-customer-controller.ts
View file

@ -52,7 +52,7 @@ const MANAGE_ROLES = [
];
function globalAllow(user: RequestWithUser["user"]) {
const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
const listAllowed = MANAGE_ROLES;
return user.roles?.some((v) => listAllowed.includes(v)) || false;
}

2
src/controllers/03-employee-checkup-controller.ts
View file

@ -33,7 +33,7 @@ const MANAGE_ROLES = [
];
function globalAllow(user: RequestWithUser["user"]) {
const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
const listAllowed = MANAGE_ROLES;
return user.roles?.some((v) => listAllowed.includes(v)) || false;
}

2
src/controllers/03-employee-controller.ts
View file

@ -61,7 +61,7 @@ const MANAGE_ROLES = [
];
function globalAllow(user: RequestWithUser["user"]) {
const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
const listAllowed = MANAGE_ROLES;
return user.roles?.some((v) => listAllowed.includes(v)) || false;
}

2
src/controllers/03-employee-other-info-controller.ts
View file

@ -33,7 +33,7 @@ const MANAGE_ROLES = [
];
function globalAllow(user: RequestWithUser["user"]) {
const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
const listAllowed = MANAGE_ROLES;
return user.roles?.some((v) => listAllowed.includes(v)) || false;
}

2
src/controllers/03-employee-passport-controller.ts
View file

@ -32,7 +32,7 @@ const MANAGE_ROLES = [
];
function globalAllow(user: RequestWithUser["user"]) {
const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
const listAllowed = MANAGE_ROLES;
return user.roles?.some((v) => listAllowed.includes(v)) || false;
}

2
src/controllers/03-employee-visa-controller.ts
View file

@ -32,7 +32,7 @@ const MANAGE_ROLES = [
];
function globalAllow(user: RequestWithUser["user"]) {
const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
const listAllowed = MANAGE_ROLES;
return user.roles?.some((v) => listAllowed.includes(v)) || false;
}

2
src/controllers/03-employee-work-controller.ts
View file

@ -32,7 +32,7 @@ const MANAGE_ROLES = [
];
function globalAllow(user: RequestWithUser["user"]) {
const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
const listAllowed = MANAGE_ROLES;
return user.roles?.some((v) => listAllowed.includes(v)) || false;
}