change: make user can view only user within branch

2024-08-30 10:20:51 +07:00 · 2024-08-30 10:20:51 +07:00 · e911695f3a
commit e911695f3a
parent cd153b062a
1 changed files with 6 additions and 0 deletions
--- a/src/controllers/user-controller.ts
+++ b/src/controllers/user-controller.ts
@ -196,6 +196,7 @@ export class UserController extends Controller {
  @Get()
  @Security("keycloak")
  async getUser(
+    @Request() req: RequestWithUser,
    @Query() userType?: UserType,
    @Query() zipCode?: string,
    @Query() includeBranch: boolean = false,
@ -223,6 +224,11 @@ export class UserController extends Controller {
      ],
      AND: {
        userRole: { not: "system" },
+        branch: !["system", "head_of_admin", "admin", "branch_admin"].some((v) =>
+          req.user.roles?.includes(v),
+        )
+          ? { some: { userId: req.user.sub } }
+          : undefined,
      },
    } satisfies Prisma.UserWhereInput;