refactor: update access control checks for customer view permissions

2025-07-04 14:08:04 +07:00 · 2025-07-04 14:08:04 +07:00 · e957672c91
commit e957672c91
parent 436bfa41bb
2 changed files with 6 additions and 6 deletions
--- a/src/pages/08_request-list/MainPage.vue
+++ b/src/pages/08_request-list/MainPage.vue
@ -473,7 +473,7 @@ watch(
            "
          >
            <TableRequestList
-              :no-link="!canAccess('related', 'edit')"
+              :no-link="!canAccess('customer', 'view')"
              :columns="column"
              :rows="data"
              :grid="pageState.gridView"
@ -575,7 +575,7 @@ watch(
      v-if="requestListActionData"
      v-model="pageState.requestListActionDialog"
      :request-list="requestListActionData"
-      :no-link="!canAccess('related', 'edit')"
+      :no-link="!canAccess('customer', 'view')"
      @submit="submitRequestListAction"
    />
  </div>
--- a/src/pages/08_request-list/RequestListView.vue
+++ b/src/pages/08_request-list/RequestListView.vue
@ -460,7 +460,7 @@ async function submitRejectCancel() {
 }

 function toCustomer(customer: RequestData['quotation']['customerBranch']) {
-  if (!canAccess('related', 'edit')) return;
+  if (!canAccess('customer', 'view')) return;
  const url = new URL(
    `/customer-management?tab=customer&id=${customer.customerId}`,
    window.location.origin,
@ -470,7 +470,7 @@ function toCustomer(customer: RequestData['quotation']['customerBranch']) {
 }

 function toEmployee(employee: RequestData['employee']) {
-  if (!canAccess('related', 'edit')) return;
+  if (!canAccess('customer', 'view')) return;
  const url = new URL(
    `/customer-management?tab=employee&id=${employee.id}`,
    window.location.origin,
@ -745,7 +745,7 @@ function toEmployee(employee: RequestData['employee']) {
                  }"
                >
                  <DataDisplay
-                    :clickable="canAccess('related', 'edit')"
+                    :clickable="canAccess('customer', 'view')"
                    class="col"
                    icon="mdi-account-settings-outline"
                    :label="$t('customer.employer')"
@ -758,7 +758,7 @@ function toEmployee(employee: RequestData['employee']) {
                    @label-click="toCustomer(data.quotation.customerBranch)"
                  />
                  <DataDisplay
-                    :clickable="canAccess('related', 'edit')"
+                    :clickable="canAccess('customer', 'view')"
                    class="col"
                    icon="mdi-account-settings-outline"
                    :label="$t('customer.employee')"