From fdc72a7cafb79b25e4e8e7bb77c6fe958911f17a Mon Sep 17 00:00:00 2001
From: Methapon Metanipat <methapon@frappet.com>
Date: Fri, 11 Oct 2024 16:04:56 +0700
Subject: [PATCH] feat: add conditional company scope query

---
 src/controllers/03-customer-branch-controller.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/controllers/03-customer-branch-controller.ts b/src/controllers/03-customer-branch-controller.ts
index 59dfd06..f66cb6e 100644
--- a/src/controllers/03-customer-branch-controller.ts
+++ b/src/controllers/03-customer-branch-controller.ts
@@ -42,6 +42,7 @@ function globalAllow(user: RequestWithUser["user"]) {
   return allowList.some((v) => user.roles?.includes(v));
 }
 
+const permissionCondCompany = createPermCondition((_) => true);
 const permissionCond = createPermCondition(globalAllow);
 const permissionCheck = createPermCheck(globalAllow);
 
@@ -169,6 +170,7 @@ export class CustomerBranchController extends Controller {
   async list(
     @Request() req: RequestWithUser,
     @Query() zipCode?: string,
+    @Query() company?: boolean,
     @Query() customerId?: string,
     @Query() registeredBranchId?: string,
     @Query() status?: Status,
@@ -197,7 +199,7 @@ export class CustomerBranchController extends Controller {
           : {
               registeredBranch: {
                 AND: { id: registeredBranchId },
-                OR: permissionCond(req.user),
+                OR: company ? permissionCondCompany(req.user) : permissionCond(req.user),
               },
             },
         customerId,