feat: customer branch citizen

src/middlewares/customer-branch.ts

@@ -0,0 +1,33 @@
+import express from "express";
+import { RequestWithUser } from "../interfaces/user";
+import prisma from "../db";
+import { branchRelationPermInclude, createPermCheck } from "../services/permission";
+import { notFoundError } from "../utils/error";
+
+export function permissionCheck(globalAllow: (user: RequestWithUser["user"]) => boolean) {
+  const checker = createPermCheck(globalAllow);
+
+  return async (req: RequestWithUser, _res: express.Response, next: express.NextFunction) => {
+    if ("employeeId" in req.params && typeof req.params.employeeId === "string") {
+      const id = req.params.customerBranchId;
+      const employee = await prisma.customerBranch.findFirst({
+        where: { id },
+
+        include: {
+          customer: {
+            include: {
+              registeredBranch: {
+                include: branchRelationPermInclude(req.user),
+              },
+            },
+          },
+        },
+      });
+
+      if (!employee) throw notFoundError("Customer Branch");
+
+      await checker(req.user, employee.customer.registeredBranch);
+    }
+    next();
+  };
+}