From 848df4df8847d4d33057571cc95d59a269433420 Mon Sep 17 00:00:00 2001
From: Methapon2001 <61303214+Methapon2001@users.noreply.github.com>
Date: Wed, 2 Jul 2025 13:52:07 +0700
Subject: [PATCH] feat(perm): update api task permission

---
 src/controllers/07-task-controller.ts | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/controllers/07-task-controller.ts b/src/controllers/07-task-controller.ts
index da3c13d..bac70dd 100644
--- a/src/controllers/07-task-controller.ts
+++ b/src/controllers/07-task-controller.ts
@@ -44,11 +44,21 @@ import {
 } from "../utils/minio";
 import { queryOrNot, whereDateQuery } from "../utils/relation";
 
-const MANAGE_ROLES = ["system", "head_of_admin", "admin", "document_checker"];
+const MANAGE_ROLES = [
+  "system",
+  "head_of_admin",
+  "admin",
+  "executive",
+  "accountant",
+  "branch_admin",
+  "branch_manager",
+  "branch_accountant",
+  "data_entry",
+];
 
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = ["system", "head_of_admin"];
-  return allowList.some((v) => user.roles?.includes(v));
+  const listAllowed = ["system", "head_of_admin", "admin", "executive", "accountant"];
+  return user.roles?.some((v) => listAllowed.includes(v)) || false;
 }
 
 const permissionCondCompany = createPermCondition((_) => true);