diff --git a/BACKEND/Modules/Admin/routes/api.php b/BACKEND/Modules/Admin/routes/api.php index dc549ed..901f01e 100755 --- a/BACKEND/Modules/Admin/routes/api.php +++ b/BACKEND/Modules/Admin/routes/api.php @@ -140,7 +140,7 @@ Route::middleware('api') Route::group([ 'prefix' => 'ticket', ], function () { - Route::get('/all', [TicketController::class, 'getAll'])->middleware('check.permission:admin'); + Route::get('/all', [TicketController::class, 'getAll'])->middleware('check.permission:admin.hr'); Route::get('/getByUserId', [TicketController::class, 'getByUserId'])->middleware('check.permission:admin.hr.staff'); Route::post('/create', [TicketController::class, 'createTicket'])->middleware('check.permission:admin.hr.staff'); Route::get('/delete', [TicketController::class, 'deleteTicket'])->middleware('check.permission:admin.hr.staff'); diff --git a/FRONTEND/src/components/Navbar/Navbar.tsx b/FRONTEND/src/components/Navbar/Navbar.tsx index b151a20..d3d1471 100755 --- a/FRONTEND/src/components/Navbar/Navbar.tsx +++ b/FRONTEND/src/components/Navbar/Navbar.tsx @@ -167,7 +167,7 @@ const Navbar = ({ display={ g.name === 'normal' ? 'block' - : user?.user?.permission.includes(g.name) + : user?.user?.permission.includes(g.name) || user?.user?.permission.includes('hr') ? 'block' : 'none' } @@ -181,7 +181,7 @@ const Navbar = ({ .filter((i) => { return ( i.group === g.name && - (user?.user?.permission.includes('admin') || g.name !== 'admin') + (user?.user?.permission.includes('admin') || user?.user?.permission.includes('hr') || g.name !== 'admin') ) }) .map((item) => (