From 7ee87d84098bc1527201ef59f9c58b2c8bd75464 Mon Sep 17 00:00:00 2001
From: Matthieu Haineault <matthieuh@targointernet.com>
Date: Mon, 3 Nov 2025 12:08:54 -0500
Subject: [PATCH] feat(timesheets): implement role guards for timesheets

---
 .../expenses/controllers/expense.controller.ts        |  3 +--
 .../controllers/leave-requests.controller.ts          | 11 +----------
 .../timesheets/controllers/timesheet.controller.ts    |  4 ++++
 3 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/src/time-and-attendance/expenses/controllers/expense.controller.ts b/src/time-and-attendance/expenses/controllers/expense.controller.ts
index 34b83e9..5f9a7ff 100644
--- a/src/time-and-attendance/expenses/controllers/expense.controller.ts
+++ b/src/time-and-attendance/expenses/controllers/expense.controller.ts
@@ -16,8 +16,7 @@ export class ExpenseController {
     }
 
     @Patch('update')
-    update(
-    @Body() body: { update :{ id: number; dto: updateExpenseDto }}): Promise<UpdateExpenseResult>{
+    update(@Body() body: { update :{ id: number; dto: updateExpenseDto }}): Promise<UpdateExpenseResult>{
         return this.upsert_service.updateExpense(body.update);
     }
 
diff --git a/src/time-and-attendance/leave-requests/controllers/leave-requests.controller.ts b/src/time-and-attendance/leave-requests/controllers/leave-requests.controller.ts
index 53c8e47..62a14c4 100644
--- a/src/time-and-attendance/leave-requests/controllers/leave-requests.controller.ts
+++ b/src/time-and-attendance/leave-requests/controllers/leave-requests.controller.ts
@@ -14,16 +14,7 @@ export class LeaveRequestController {
     async upsertLeaveRequest(@Body() dto: UpsertLeaveRequestDto) {
         const  { action, leave_requests } = await this.leave_service.handle(dto);
         return { action, leave_requests };
-    }q
-
-    //TODO:
-    /*
-    @Get('archive')
-    findAllArchived(){...}
-
-    @Get('archive/:id')
-    findOneArchived(id){...}
-    */
+    }
 
 }
 
diff --git a/src/time-and-attendance/time-tracker/timesheets/controllers/timesheet.controller.ts b/src/time-and-attendance/time-tracker/timesheets/controllers/timesheet.controller.ts
index 90cf522..220d068 100644
--- a/src/time-and-attendance/time-tracker/timesheets/controllers/timesheet.controller.ts
+++ b/src/time-and-attendance/time-tracker/timesheets/controllers/timesheet.controller.ts
@@ -1,11 +1,15 @@
 import { Controller, Get, ParseIntPipe, Query, Req, UnauthorizedException} from "@nestjs/common";
+import { RolesAllowed } from "src/common/decorators/roles.decorators";
 import { GetTimesheetsOverviewService } from "src/time-and-attendance/time-tracker/timesheets/services/timesheet-get-overview.service";
+import { Roles as RoleEnum } from '.prisma/client';
+
 
 @Controller('timesheets')
 export class TimesheetController {
     constructor( private readonly timesheetOverview: GetTimesheetsOverviewService ){}
 
     @Get()
+    @RolesAllowed(RoleEnum.SUPERVISOR, RoleEnum.HR, RoleEnum.ACCOUNTING, RoleEnum.ADMIN)
     async getTimesheetByIds( 
     @Req() req,
     @Query('year', ParseIntPipe)           year:           number,