From c02c0cacc42ec53288679d222a063aeef5cf9501 Mon Sep 17 00:00:00 2001
From: Daeng Deni Mardaeni <ddeni05@gmail.com>
Date: Sun, 29 Dec 2024 20:41:22 +0700
Subject: [PATCH] Filter data permohonan berdasarkan cabang pengguna
 non-administrator

- Menambahkan pengecekan role pengguna menggunakan `Auth`.
- Membatasi data permohonan hanya untuk cabang yang sesuai dengan pengguna non-administrator.
- Menghindari akses data lintas cabang untuk meningkatkan keamanan dan relevansi data.
---
 app/Http/Controllers/PermohonanController.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/app/Http/Controllers/PermohonanController.php b/app/Http/Controllers/PermohonanController.php
index 8774786..45ce083 100644
--- a/app/Http/Controllers/PermohonanController.php
+++ b/app/Http/Controllers/PermohonanController.php
@@ -23,6 +23,7 @@
     use Modules\Lpj\Models\StatusPermohonan;
     use Modules\Lpj\Models\TujuanPenilaian;
     use Modules\Lpj\Services\PermohonanHistoryService;
+    use Illuminate\Support\Facades\Auth;
 
     class PermohonanController extends Controller
     {
@@ -180,6 +181,11 @@
 
             // Retrieve data from the database
             $query = Permohonan::query();
+
+            if(!Auth::user()->hasAnyRole(['administrator'])) {
+                $query = $query->where('branch_id', Auth::user()->branch_id);
+            }
+
             $query = $query->orderBy('nomor_registrasi', 'desc');
             // Apply search filter if provided
             if ($request->has('search') && !empty($request->get('search'))) {