From dec272267067e253f0c89bd80c90193519b1cde8 Mon Sep 17 00:00:00 2001
From: Methapon Metanipat <methapon@frappet.com>
Date: Fri, 6 Sep 2024 11:47:07 +0700
Subject: [PATCH] feat: remove some roles from manage some endpoints

---
 .../03-customer-branch-controller.ts          | 20 ++-----------------
 src/controllers/03-customer-controller.ts     | 20 ++-----------------
 src/controllers/03-employee-controller.ts     | 20 ++-----------------
 .../03-employee-other-info-controller.ts      | 20 ++-----------------
 .../03-employee-work-controller.ts            | 20 ++-----------------
 5 files changed, 10 insertions(+), 90 deletions(-)

diff --git a/src/controllers/03-customer-branch-controller.ts b/src/controllers/03-customer-branch-controller.ts
index a4cacd0..a9a371c 100644
--- a/src/controllers/03-customer-branch-controller.ts
+++ b/src/controllers/03-customer-branch-controller.ts
@@ -25,25 +25,9 @@ if (!process.env.MINIO_BUCKET) {
 }
 
 const MINIO_BUCKET = process.env.MINIO_BUCKET;
-const MANAGE_ROLES = [
-  "system",
-  "head_of_admin",
-  "admin",
-  "branch_manager",
-  "head_of_sale",
-  "sale",
-  "head_of_account",
-  "account",
-];
+const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = [
-    "system",
-    "head_of_admin",
-    "admin",
-    "branch_manager",
-    "head_of_sale",
-    "head_of_account",
-  ];
+  const allowList = ["system", "head_of_admin", "admin", "head_of_account"];
   return allowList.some((v) => user.roles?.includes(v));
 }
 
diff --git a/src/controllers/03-customer-controller.ts b/src/controllers/03-customer-controller.ts
index a30de2c..83bccfd 100644
--- a/src/controllers/03-customer-controller.ts
+++ b/src/controllers/03-customer-controller.ts
@@ -25,26 +25,10 @@ if (!process.env.MINIO_BUCKET) {
 }
 
 const MINIO_BUCKET = process.env.MINIO_BUCKET;
-const MANAGE_ROLES = [
-  "system",
-  "head_of_admin",
-  "admin",
-  "branch_manager",
-  "head_of_sale",
-  "sale",
-  "head_of_account",
-  "account",
-];
+const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
 
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = [
-    "system",
-    "head_of_admin",
-    "admin",
-    "branch_manager",
-    "head_of_sale",
-    "head_of_account",
-  ];
+  const allowList = ["system", "head_of_admin", "admin", "head_of_account"];
   return allowList.some((v) => user.roles?.includes(v));
 }
 
diff --git a/src/controllers/03-employee-controller.ts b/src/controllers/03-employee-controller.ts
index 3933284..d024d3d 100644
--- a/src/controllers/03-employee-controller.ts
+++ b/src/controllers/03-employee-controller.ts
@@ -25,25 +25,9 @@ if (!process.env.MINIO_BUCKET) {
 }
 
 const MINIO_BUCKET = process.env.MINIO_BUCKET;
-const MANAGE_ROLES = [
-  "system",
-  "head_of_admin",
-  "admin",
-  "branch_manager",
-  "head_of_sale",
-  "sale",
-  "head_of_account",
-  "account",
-];
+const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = [
-    "system",
-    "head_of_admin",
-    "admin",
-    "branch_manager",
-    "head_of_sale",
-    "head_of_account",
-  ];
+  const allowList = ["system", "head_of_admin", "admin", "branch_manager", "head_of_account"];
   return allowList.some((v) => user.roles?.includes(v));
 }
 
diff --git a/src/controllers/03-employee-other-info-controller.ts b/src/controllers/03-employee-other-info-controller.ts
index ed84c7b..c3a39ce 100644
--- a/src/controllers/03-employee-other-info-controller.ts
+++ b/src/controllers/03-employee-other-info-controller.ts
@@ -19,25 +19,9 @@ import HttpStatus from "../interfaces/http-status";
 import { RequestWithUser } from "../interfaces/user";
 import { permissionCheck } from "../middlewares/employee";
 
-const MANAGE_ROLES = [
-  "system",
-  "head_of_admin",
-  "admin",
-  "branch_manager",
-  "head_of_sale",
-  "sale",
-  "head_of_account",
-  "account",
-];
+const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = [
-    "system",
-    "head_of_admin",
-    "admin",
-    "branch_manager",
-    "head_of_sale",
-    "head_of_account",
-  ];
+  const allowList = ["system", "head_of_admin", "admin", "branch_manager", "head_of_account"];
   return allowList.some((v) => user.roles?.includes(v));
 }
 
diff --git a/src/controllers/03-employee-work-controller.ts b/src/controllers/03-employee-work-controller.ts
index ec4e984..298819a 100644
--- a/src/controllers/03-employee-work-controller.ts
+++ b/src/controllers/03-employee-work-controller.ts
@@ -18,25 +18,9 @@ import HttpStatus from "../interfaces/http-status";
 import HttpError from "../interfaces/http-error";
 import { permissionCheck } from "../middlewares/employee";
 
-const MANAGE_ROLES = [
-  "system",
-  "head_of_admin",
-  "admin",
-  "branch_manager",
-  "head_of_sale",
-  "sale",
-  "head_of_account",
-  "account",
-];
+const MANAGE_ROLES = ["system", "head_of_admin", "admin", "head_of_account", "account"];
 function globalAllow(user: RequestWithUser["user"]) {
-  const allowList = [
-    "system",
-    "head_of_admin",
-    "admin",
-    "branch_manager",
-    "head_of_sale",
-    "head_of_account",
-  ];
+  const allowList = ["system", "head_of_admin", "admin", "branch_manager", "head_of_account"];
   return allowList.some((v) => user.roles?.includes(v));
 }