updated Employee and Access features

2024-05-03 10:31:21 +05:30 · 2024-05-03 10:31:21 +05:30 · 19158424a4
commit 19158424a4
parent d0cf999ebe
32 changed files with 704 additions and 237 deletions
--- a/Utils/jwtToken.js
+++ b/Utils/jwtToken.js
@ -16,6 +16,7 @@ const sendToken = (user, statusCode, res) => {
    success: true,
    userId: user._id,
    // userName: user.name,
    // userEmail: user.email,
    // userPhone: user.phone,
--- a/app.js
+++ b/app.js
@ -164,13 +164,14 @@ import AffiliateRoute from "./resources/Affiliate&Coupon/Affiliate/AffiliateRout
 //Blog Routes
 import BlogRoute from "./resources/Blog/BlogRoute.js";
 // Panel Routes
-import PanelRoute from "./resources/Panels/PanelRoutes.js"
+import PanelRoute from "./resources/Panels/PanelRoutes.js";
 //Coupon Routes
 import CouponRoute from "./resources/Affiliate&Coupon/Coupon/CouponRoute.js";
 //short urls
 // import ShortUrlRouter from "./resources/Businesses/Short_Urls/ShortUrlRoute.js";
 //support Ticket
 import SupportRouter from "./resources/Supports/supportRoute.js";
 import RegisterEmail from "./resources/EmailCMS/RegisterEmail/RegisterEmailRoutes.js";
 app.use("/api/v1/", user);
 //Product
@ -227,7 +228,6 @@ app.use("/api/v1/blog", BlogRoute);
 // panels
 app.use("/api/panel", PanelRoute);
 //config specialty
 // app.use("/api/config/specialty", SpecialtiesRouter);
 //specialties
@ -237,5 +237,8 @@ app.use("/api/panel", PanelRoute);
 //short urls
 // app.use("/api/shorturl", ShortUrlRouter);
 //Support
 // Email CMS
 app.use("/api", RegisterEmail);
 app.use("/api", SupportRouter);
 export default app;
--- a/middlewares/auth.js
+++ b/middlewares/auth.js
@ -110,6 +110,7 @@ export const isFranchiAuthenticated = async (req, res, next) => {
 // };
 export const authorizeRoles = (...roles) => {
  console.log("this is the roles ", roles);
  //pass admin
  return (req, res, next) => {
    if (!roles.includes(req.user.role)) {
--- a/resources/Affiliate&Coupon/Affiliate/AffiliateRoute.js
+++ b/resources/Affiliate&Coupon/Affiliate/AffiliateRoute.js
@ -20,49 +20,49 @@ const router = express.Router();
 router.post(
  "/create",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  createAffiliate
 );
 router.get(
  "/getall",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  listAllAffiliate
 );
 router.get(
  "/getone/:id",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  getOneAffiliate
 );
 router.patch(
  "/edit/:id",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  editAffiliate
 );
 router.patch(
  "/suspend",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  suspendAffiliate
 );
 router.post(
  "/pay/:id",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  payAffiliate
 );
 router.get(
  "/getpay/:id",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  getOneAffiliateForPay
 );
 router.get(
  "/history/:id",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  affiliatePayHistory
 );
--- a/resources/Affiliate&Coupon/Coupon/CouponRoute.js
+++ b/resources/Affiliate&Coupon/Coupon/CouponRoute.js
@ -20,38 +20,38 @@ const router = express.Router();
 router.get(
  "/getall",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  listAllCoupon
 );
 router.patch(
  "/create",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  createCoupon
 );
 router.get(
  "/getaffiliate",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  listAffiliateCoupon
 );
 router.patch(
  "/edit/:id",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  editCoupon
 );
 router.get(
  "/getone/:id",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  getOneCoupon
 );
 router.get("/validcoupon/:coupon", validateCoupon);
 router.patch(
  "/suspend",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  suspendCoupon
 );
 router.patch(
@ -69,7 +69,7 @@ router.patch(
 router.get(
  "/history/:id",
  isAuthenticatedUser,
-  authorizeRoles("admin"),
+  authorizeRoles("admin", "Employee"),
  couponPayHistory
 );
--- a/resources/Banner/BannerRouter.js
+++ b/resources/Banner/BannerRouter.js
@ -11,13 +11,21 @@ const router = express.Router();
 router
  .route("/add")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), addBanner);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), addBanner);
 router.route("/getBanners").get(getBanner);
 router
  .route("/update/:_id")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateBanner);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateBanner
  );
 router
  .route("/delete/:_id")
-  .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteBanner);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteBanner
  );
 export default router;
--- a/resources/Blog/BlogRoute.js
+++ b/resources/Blog/BlogRoute.js
@ -1,30 +1,33 @@
 import express from "express";
-import { createBlog, getAllBlog, getOneBlog, deleteBlog, deleteImageFromCloudinary, updateBlog } from "./BlogController.js";
+import {
  createBlog,
  getAllBlog,
  getOneBlog,
  deleteBlog,
  deleteImageFromCloudinary,
  updateBlog,
 } from "./BlogController.js";
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
 const router = express.Router();
 router
  .route("/create")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), createBlog);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), createBlog);
-router
+router.route("/getallblog").get(getAllBlog);
-  .route("/getallblog")
+router.route("/getoneblog/:id").get(getOneBlog);
  .get(getAllBlog);
 router
  .route("/getoneblog/:id")
  .get(getOneBlog);
 router
  .route("/deleteblog/:id")
-  .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteBlog);
+  .delete(isAuthenticatedUser, authorizeRoles("admin", "Employee"), deleteBlog);
 router
  .route("/deleteImage/jatinMor/Blog/:public_id")
  .delete(
    isAuthenticatedUser,
-    authorizeRoles("admin"),
+    authorizeRoles("admin", "Employee"),
    deleteImageFromCloudinary
  );
 router
  .route("/updateblog/:id")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateBlog);
+  .patch(isAuthenticatedUser, authorizeRoles("admin", "Employee"), updateBlog);
 export default router;
--- a/resources/Category/categoryRoutes.js
+++ b/resources/Category/categoryRoutes.js
@ -10,13 +10,21 @@ const router = express.Router();
 router
  .route("/add")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), addCategory);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), addCategory);
 router.route("/getCategories").get(getCategories);
 router
  .route("/update/:_id")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateCategory);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateCategory
  );
 router
  .route("/delete/:_id")
-  .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteCategory);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteCategory
  );
 export default router;
--- a/resources/Content/ContentRoutes.js
+++ b/resources/Content/ContentRoutes.js
@ -14,7 +14,7 @@ import {
  updateRefundPolicy,
  AddAboutUs,
  getAboutUs,
-  updateAboutUs
+  updateAboutUs,
 } from "./ContentController.js";
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
@ -22,45 +22,69 @@ const router = express.Router();
 router
  .route("/terms-and-conditions")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), AddTermsAndConditions);
+  .post(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    AddTermsAndConditions
  );
 router.route("/terms-and-conditions").get(getTermsAndCondition);
 router
  .route("/terms-and-condition-update")
  .patch(
    isAuthenticatedUser,
-    authorizeRoles("admin"),
+    authorizeRoles("admin", "Employee"),
    updateTermsAndConditions
  );
 router
  .route("/privacy-and-policy")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), AddPrivacyAndPolicy);
+  .post(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    AddPrivacyAndPolicy
  );
 router.route("/privacy-and-policy").get(getPrivacyPolicy);
 router
  .route("/privacy-and-policy-update")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updatePrivacyPolicy);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updatePrivacyPolicy
  );
 router
  .route("/shipping-and-policy")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), AddShipping);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), AddShipping);
 router.route("/shipping-and-policy").get(getShipping);
 router
  .route("/shipping-and-policy-update")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateShipping);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateShipping
  );
 //refund Policy
 router.route("/refund-policy").get(getRefundPolicy);
 router
  .route("/refund-policy")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), RefundPolicy);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), RefundPolicy);
 router
  .route("/refund-policy-update")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateRefundPolicy);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateRefundPolicy
  );
 //about us
 router
  .route("/about-us")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), AddAboutUs);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), AddAboutUs);
 router.route("/about-us").get(getAboutUs);
 router
  .route("/about-us-update")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateAboutUs);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateAboutUs
  );
 export default router;
--- a/resources/Departure/DepartureRoute.js
+++ b/resources/Departure/DepartureRoute.js
@ -1,18 +1,16 @@
-
+import express from "express";
 import express from 'express'
 import { AddNewFlight, FindAllFlight } from "./DepartureController.js";
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
-const router = express.Router()
+const router = express.Router();
 router.route("/flight/new").post(isAuthenticatedUser, authorizeRoles("admin"), AddNewFlight)
 router.route("/flight/getAll").get(isAuthenticatedUser, authorizeRoles("admin"), FindAllFlight)
 router
  .route("/flight/new")
  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), AddNewFlight);
 router
  .route("/flight/getAll")
  .get(isAuthenticatedUser, authorizeRoles("admin", "Employee"), FindAllFlight);
 // router.route("/product/getAll/").get(getAllProduct)
-export default router
+export default router;
--- a/resources/Design/designRouter.js
+++ b/resources/Design/designRouter.js
@ -11,14 +11,14 @@
 // router
 //   .route("/add")
-//   .post(isAuthenticatedUser, authorizeRoles("admin"), addDesign);
+//   .post(isAuthenticatedUser,authorizeRoles("admin", "Employee"), addDesign);
 // router.route("/getDesigns").get(getDesign);
 // router
 //   .route("/update/:_id")
-//   .patch(isAuthenticatedUser, authorizeRoles("admin"), updateDesign);
+//   .patch(isAuthenticatedUser,authorizeRoles("admin", "Employee"), updateDesign);
 // router
 //   .route("/delete/:_id")
-//   .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteDesign);
+//   .delete(isAuthenticatedUser,authorizeRoles("admin", "Employee"), deleteDesign);
 // export default router;
 import express from "express";
@ -61,13 +61,21 @@ const imageStorage = multer.diskStorage({
 router
  .route("/add")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), addDesign);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), addDesign);
 router.route("/getDesigns").get(getDesign);
 router
  .route("/update/:_id")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateDesign);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateDesign
  );
 router
  .route("/delete/:_id")
-  .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteDesign);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteDesign
  );
 export default router;
--- a/resources/EmailCMS/RegisterEmail/RegisterEmailRoutes.js
+++ b/resources/EmailCMS/RegisterEmail/RegisterEmailRoutes.js
@ -0,0 +1,21 @@
 import {
  authorizeRoles,
  isAuthenticatedUser,
 } from "../../../middlewares/auth.js";
 import {
  GetRegisterEamilData,
  RegisterEmailSend,
 } from "./registerEmailController.js";
 import express from "express";
 const router = express.Router();
 router
  .route("/register-email")
  .post(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    RegisterEmailSend
  );
 router.route("/get-email-data").get(GetRegisterEamilData);
 export default router;
--- a/resources/EmailCMS/RegisterEmail/registerEmailController.js
+++ b/resources/EmailCMS/RegisterEmail/registerEmailController.js
@ -0,0 +1,64 @@
 import { RegisterEmail } from "./registerEmailModal.js";
 export const RegisterEmailSend = async (req, res) => {
  try {
    if (!req?.user) return res.status(400).json({ message: "please login !" });
    // console.log(req?.user)
    req.body.user = req.user._id;
    const registerEmailFindDoc = await RegisterEmail.find();
    if (registerEmailFindDoc.length === 0) {
      const registerEmaildata = await RegisterEmail.create({
        subject: req.body.subject,
        description: req.body.description,
        addedBy: req.user._id,
      });
      if (registerEmaildata) {
        return res.status(200).json({
          success: true,
          registerEmaildata,
          message: "Added successfully",
        });
      }
    } else {
      const updateEmailData = await RegisterEmail.updateOne({
        subject: req.body.subject,
        description: req.body.description,
        addedBy: req.user._id,
      });
      if (updateEmailData) {
        return res.status(200).json({
          success: true,
          RegisterEmaildata: updateEmailData,
          message: "updated successfully ",
        });
      }
    }
  } catch (error) {
    res.status(500).json({
      success: false,
      message: error.message ? error.message : "Something went Wrong",
    });
  }
 };
 export const GetRegisterEamilData = async (req, res) => {
  try {
    // if (!req?.user) return res.status(400).json({ message: "please login !" });
    // console.log(req?.user)
    const registerEmaildata = await RegisterEmail.find();
    res.status(200).json({
      success: true,
      registerEmaildata,
      message: "Found successfully ",
    });
  } catch (error) {
    res.status(500).json({
      success: false,
      message: error.message ? error.message : "Something went Wrong",
    });
  }
 };
--- a/resources/EmailCMS/RegisterEmail/registerEmailModal.js
+++ b/resources/EmailCMS/RegisterEmail/registerEmailModal.js
@ -0,0 +1,26 @@
 import mongoose from "mongoose";
 const { Schema, model } = mongoose;
 const registerEmailData = new mongoose.Schema(
  {
    subject: {
      type: String,
      required: [true, "Please Enter title "],
    },
    description: {
      type: String,
      maxLength: [500, "description cannot exceed 500 characters"],
      required: [true, "Please Enter  description"],
    },
    addedBy: {
      type: mongoose.Schema.ObjectId,
      ref: "User",
      required: true,
    },
  },
  { timestamps: true, versionKey: false }
 );
 export const RegisterEmail = mongoose.model("RegisterEmail", registerEmailData);
--- a/resources/Informations/InformationRoute.js
+++ b/resources/Informations/InformationRoute.js
@ -1,18 +1,27 @@
-
+import express from "express";
 import express from 'express'
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
-import { AddNewnIformation, FindAllInformation } from './InformationController.js';
+import {
-
+  AddNewnIformation,
-const router = express.Router()
+  FindAllInformation,
-
+} from "./InformationController.js";
 router.route("/new").post(isAuthenticatedUser, authorizeRoles("admin"), AddNewnIformation)
 router.route("/getAll").get(isAuthenticatedUser, authorizeRoles("admin"), FindAllInformation)
 const router = express.Router();
 router
  .route("/new")
  .post(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    AddNewnIformation
  );
 router
  .route("/getAll")
  .get(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    FindAllInformation
  );
 // router.route("/product/getAll/").get(getAllProduct)
-export default router
+export default router;
--- a/resources/LoginImage/LoginImageRoute.js
+++ b/resources/LoginImage/LoginImageRoute.js
@ -2,18 +2,27 @@ import express from "express";
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
 // import { addImage, deleteImage, getImage, updateImage } from "./RegistrationImageController.js";
-import { addImage, deleteImage, getImage, updateImage } from "./LoginImageController.js";
+import {
  addImage,
  deleteImage,
  getImage,
  updateImage,
 } from "./LoginImageController.js";
 const router = express.Router();
 router
  .route("/add")
-    .post(isAuthenticatedUser, authorizeRoles("admin"), addImage);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), addImage);
 router.route("/getImage").get(getImage);
 router
  .route("/update/:_id")
-    .patch(isAuthenticatedUser, authorizeRoles("admin"), updateImage);
+  .patch(isAuthenticatedUser, authorizeRoles("admin", "Employee"), updateImage);
 router
  .route("/delete/:_id")
-    .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteImage);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteImage
  );
 export default router;
--- a/resources/Orders/orderRoute.js
+++ b/resources/Orders/orderRoute.js
@ -46,18 +46,26 @@ router.route("/user/self").get(isAuthenticatedUser, getUserSelf);
 //admin route
 router
  .route("/getAll/:status")
-  .get(isAuthenticatedUser, authorizeRoles("admin"), getAllOrder);
+  .get(isAuthenticatedUser, authorizeRoles("admin", "Employee"), getAllOrder);
 router
  .route("/getAll/")
-  .get(isAuthenticatedUser, authorizeRoles("admin"), getOrders);
+  .get(isAuthenticatedUser, authorizeRoles("admin", "Employee"), getOrders);
 router.route("/getOne/:id").get(isAuthenticatedUser, getSingleOrder);
 router
  .route("/change/status/:id")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateOrderStatusById);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateOrderStatusById
  );
 router
  .route("/delete/:id")
-  .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteOneOrder);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteOneOrder
  );
 //RAZERPAY checkout
 router.route("/getRzpKey/").get(isAuthenticatedUser, getRzpkey);
--- a/resources/Panels/PanelRoutes.js
+++ b/resources/Panels/PanelRoutes.js
@ -1,59 +1,81 @@
 import express from "express";
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
-import { AddPanel1, AddPanel2, AddPanel3, AddPanel4, deleteImageFromCloudinary, getPanel1, getPanel2, getPanel3, getPanel4, updatePanel1, updatePanel2, updatePanel3, updatePanel4 } from "./PanelController.js";
+import {
  AddPanel1,
  AddPanel2,
  AddPanel3,
  AddPanel4,
  deleteImageFromCloudinary,
  getPanel1,
  getPanel2,
  getPanel3,
  getPanel4,
  updatePanel1,
  updatePanel2,
  updatePanel3,
  updatePanel4,
 } from "./PanelController.js";
 const router = express.Router();
 router
  .route("/panel1/add")
-    .post(isAuthenticatedUser, authorizeRoles("admin"), AddPanel1);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), AddPanel1);
-router
+router.route("/panel1/get").get(getPanel1);
    .route("/panel1/get")
    .get(getPanel1);
 router
  .route("/panel1/update/:id")
-    .patch(isAuthenticatedUser, authorizeRoles("admin"), updatePanel1);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updatePanel1
  );
 router
  .route("/panel2/add")
-    .post(isAuthenticatedUser, authorizeRoles("admin"), AddPanel2);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), AddPanel2);
-router
+router.route("/panel2/get").get(getPanel2);
    .route("/panel2/get")
    .get(getPanel2);
 router
  .route("/panel2/update/:id")
-    .patch(isAuthenticatedUser, authorizeRoles("admin"), updatePanel2);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updatePanel2
  );
 router
  .route("/panel3/add")
-    .post(isAuthenticatedUser, authorizeRoles("admin"), AddPanel3);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), AddPanel3);
-router
+router.route("/panel3/get").get(getPanel3);
    .route("/panel3/get")
    .get(getPanel3);
 router
  .route("/panel3/update/:id")
-    .patch(isAuthenticatedUser, authorizeRoles("admin"), updatePanel3);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updatePanel3
  );
 router
  .route("/panel4/add")
-    .post(isAuthenticatedUser, authorizeRoles("admin"), AddPanel4);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), AddPanel4);
-router
+router.route("/panel4/get").get(getPanel4);
    .route("/panel4/get")
    .get(getPanel4);
 router
  .route("/panel4/update/:id")
-    .patch(isAuthenticatedUser, authorizeRoles("admin"), updatePanel4);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updatePanel4
  );
 router
  .route("/deleteImage/jatinMor/panel/:public_id")
  .delete(
    isAuthenticatedUser,
-        authorizeRoles("admin"),
+    authorizeRoles("admin", "Employee"),
    deleteImageFromCloudinary
  );
 export default router;
--- a/resources/Products/ProductRoute.js
+++ b/resources/Products/ProductRoute.js
@ -15,10 +15,18 @@ const router = express.Router();
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
 router
  .route("/product/create/")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), createProduct);
+  .post(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    createProduct
  );
 router
  .route("/product/getAll/admin/")
-  .get(isAuthenticatedUser, authorizeRoles("admin"), getAllProductAdmin);
+  .get(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    getAllProductAdmin
  );
 //change Product status
 router.route("/product/admin/status/:id").patch(ChangeProductStatus);
@ -30,15 +38,23 @@ router
 router.route("/product/getOne/:id").get(getOneProduct);
 router
  .route("/product/update/:id")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateProduct);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateProduct
  );
 router
  .route("/product/delete/:id")
-  .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteProduct);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteProduct
  );
 router
  .route("/product/deleteImage/jatinMor/product/:public_id")
  .delete(
    isAuthenticatedUser,
-    authorizeRoles("admin"),
+    authorizeRoles("admin", "Employee"),
    deleteImageFromCloudinary
  );
 router.route("/products/category/:categoryName").get(getProductsByCategory);
--- a/resources/RegistrationImage/RegistrationImageRoute.js
+++ b/resources/RegistrationImage/RegistrationImageRoute.js
@ -1,18 +1,27 @@
 import express from "express";
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
-import { addImage, deleteImage, getImage, updateImage } from "./RegistrationImageController.js";
+import {
  addImage,
  deleteImage,
  getImage,
  updateImage,
 } from "./RegistrationImageController.js";
 const router = express.Router();
 router
  .route("/add")
-    .post(isAuthenticatedUser, authorizeRoles("admin"), addImage);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), addImage);
 router.route("/getImage").get(getImage);
 router
  .route("/update/:_id")
-    .patch(isAuthenticatedUser, authorizeRoles("admin"), updateImage);
+  .patch(isAuthenticatedUser, authorizeRoles("admin", "Employee"), updateImage);
 router
  .route("/delete/:_id")
-    .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteImage);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteImage
  );
 export default router;
--- a/resources/SEO&Analytics/SEORouter.js
+++ b/resources/SEO&Analytics/SEORouter.js
@ -6,7 +6,10 @@ const router = express.Router();
 router
  .route("/new")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), AddNewSeoRequest);
+  .post(
-
+    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    AddNewSeoRequest
  );
 export default router;
--- a/resources/ShippingAddresses/ShippingAddressRoute.js
+++ b/resources/ShippingAddresses/ShippingAddressRoute.js
@ -16,7 +16,7 @@ router
  .route("/admin/new/:_id")
  .post(
    isAuthenticatedUser,
-    authorizeRoles("admin"),
+    authorizeRoles("admin", "Employee"),
    AddshippingAddressByAdmin
  );
@ -28,7 +28,7 @@ router
  .route("/user/address/:_id")
  .get(
    isAuthenticatedUser,
-    authorizeRoles("admin"),
+    authorizeRoles("admin", "Employee"),
    getSingleUserSippingAddressForAdmin
  );
--- a/resources/ShopPageImage/ShopPageImageRoute.js
+++ b/resources/ShopPageImage/ShopPageImageRoute.js
@ -1,6 +1,11 @@
 import express from "express";
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
-import { addImage, deleteImage, getImage, updateImage } from "./ShopPageImageController.js";
+import {
  addImage,
  deleteImage,
  getImage,
  updateImage,
 } from "./ShopPageImageController.js";
 // import { addImage, deleteImage, getImage, updateImage } from "./RegistrationImageController.js";
 // import { addImage, deleteImage, getImage, updateImage } from "./LoginImageController.js";
@ -8,13 +13,17 @@ const router = express.Router();
 router
  .route("/add")
-    .post(isAuthenticatedUser, authorizeRoles("admin"), addImage);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), addImage);
 router.route("/getImage").get(getImage);
 router
  .route("/update/:_id")
-    .patch(isAuthenticatedUser, authorizeRoles("admin"), updateImage);
+  .patch(isAuthenticatedUser, authorizeRoles("admin", "Employee"), updateImage);
 router
  .route("/delete/:_id")
-    .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteImage);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteImage
  );
 export default router;
--- a/resources/Supports/supportRoute.js
+++ b/resources/Supports/supportRoute.js
@ -1,5 +1,13 @@
 import bodyParser from "body-parser";
-import { createSupport, deleteImageFromCloudinary, deleteSupport, getAllSupportTicket, getAllSupportTicketofuser, getOneSupportTicket, updateSupport } from "./supportController.js";
+import {
  createSupport,
  deleteImageFromCloudinary,
  deleteSupport,
  getAllSupportTicket,
  getAllSupportTicketofuser,
  getOneSupportTicket,
  updateSupport,
 } from "./supportController.js";
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
 import express from "express";
@ -11,20 +19,26 @@ app.use(bodyParser.raw({ type: "application/json" }));
 const router = express.Router();
 //checkout Routes-------------------------//
 router.route("/support/create/").post(isAuthenticatedUser, createSupport);
 router.route("/support/getAll/").get(isAuthenticatedUser, authorizeRoles("admin"),getAllSupportTicket);
 router.route("/support/userticket/").get(isAuthenticatedUser,getAllSupportTicketofuser);
 router
-  .route("/support/delete/:id")
+  .route("/support/getAll/")
-  .delete( deleteSupport);
+  .get(
-  router.route("/support/getOne/:id").get(isAuthenticatedUser, getOneSupportTicket);
+    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    getAllSupportTicket
  );
 router
-  .route("/support/update/:id")
+  .route("/support/userticket/")
-  .patch(isAuthenticatedUser, updateSupport);
+  .get(isAuthenticatedUser, getAllSupportTicketofuser);
 router.route("/support/delete/:id").delete(deleteSupport);
 router
  .route("/support/getOne/:id")
  .get(isAuthenticatedUser, getOneSupportTicket);
 router.route("/support/update/:id").patch(isAuthenticatedUser, updateSupport);
 router
  .route("/support/deleteImage/jatinMor/CustomerSupport/:public_id")
  .delete(
    isAuthenticatedUser,
-    authorizeRoles("admin"),
+    authorizeRoles("admin", "Employee"),
    deleteImageFromCloudinary
  );
 // ---------------------------------------------------------
--- a/resources/Tax/tax_routes.js
+++ b/resources/Tax/tax_routes.js
@ -9,9 +9,15 @@ import {
 } from "./tax_controller.js";
 const router = Router();
-router.route("/add_tax").post(isAuthenticatedUser, authorizeRoles("admin"), addTax);
+router
-router.route("/update_tax/:id").patch(isAuthenticatedUser, authorizeRoles("admin"), updateTax);
+  .route("/add_tax")
-router.route("/delete_tax/:id").delete(isAuthenticatedUser, authorizeRoles("admin"), deleteTax);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), addTax);
 router
  .route("/update_tax/:id")
  .patch(isAuthenticatedUser, authorizeRoles("admin", "Employee"), updateTax);
 router
  .route("/delete_tax/:id")
  .delete(isAuthenticatedUser, authorizeRoles("admin", "Employee"), deleteTax);
 router.route("/view_tax/:id").get(isAuthenticatedUser, getTax);
 router.route("/view_tax").get(isAuthenticatedUser, getTaxes);
 export default router;
--- a/resources/Temple/FranchiseeRoute.js
+++ b/resources/Temple/FranchiseeRoute.js
@ -18,7 +18,11 @@ import {
  getFransiDetails,
  EditFranchiseeProfile,
 } from "./Franchisee_controller.js";
-import { authorizeRoles, isAuthenticatedUser, isFranchiAuthenticated } from "../../middlewares/auth.js";
+import {
  authorizeRoles,
  isAuthenticatedUser,
  isFranchiAuthenticated,
 } from "../../middlewares/auth.js";
 import { FranchiseeVarificationFromAdmin } from "./Franchisee_controller.js";
 import { FranchiseePriceLevelProduct } from "./Franchisee_controller.js";
 import { createOrder } from "./Franchisee_controller.js";
@ -29,44 +33,62 @@ import { getAllOrder } from "./Franchisee_controller.js";
 router.get("/", getAllFranchisees);
 router.get("/withpopulate", isAuthenticatedUser, getAllFranchiseesPopulated);
 // router.get("/withpopulate/:option", getAllFranchiseesPopulatedWithOption);
-router.get("/withoutpopulate/:id", isAuthenticatedUser, getFranchiseeByIdWithoutPopulate);
+router.get(
-
+  "/withoutpopulate/:id",
-
+  isAuthenticatedUser,
-
+  getFranchiseeByIdWithoutPopulate
 );
 router.get("/:id", isAuthenticatedUser, getFranchiseeById);
 router.get("/arrayspopulate/:id", getFranchiseeByIdPopulated);
-router.post("/", isAuthenticatedUser, authorizeRoles("admin"), addFranchisee);
+router.post(
  "/",
  isAuthenticatedUser,
  authorizeRoles("admin", "Employee"),
  addFranchisee
 );
 router.patch("/product/:id", isAuthenticatedUser, addProductToFranchisee);
 // router.patch("/grade/:id", addGradeToFranchisee);
-router.patch("/:id", isAuthenticatedUser, authorizeRoles("admin"), updateFranchisee);
+router.patch(
-router.delete("/:id", isAuthenticatedUser, authorizeRoles("admin"), deleteFranchiseeById);
+  "/:id",
  isAuthenticatedUser,
  authorizeRoles("admin", "Employee"),
  updateFranchisee
 );
 router.delete(
  "/:id",
  isAuthenticatedUser,
  authorizeRoles("admin", "Employee"),
  deleteFranchiseeById
 );
 //varify
-router.get("/admin/verify/:id", isAuthenticatedUser, authorizeRoles("admin"), FranchiseeVarificationFromAdmin);
+router.get(
-
+  "/admin/verify/:id",
  isAuthenticatedUser,
  authorizeRoles("admin", "Employee"),
  FranchiseeVarificationFromAdmin
 );
 // ---------franchisee Auth ----------------------////////
-franchiseeForgotPassword
+franchiseeForgotPassword;
 router.post("/login", FranchiseeLogin);
-router.post("/password/forgot", franchiseeForgotPassword)
+router.post("/password/forgot", franchiseeForgotPassword);
 router.get("/getDetails/me", isFranchiAuthenticated, getFransiDetails);
 router.patch("/edit/self", isFranchiAuthenticated, EditFranchiseeProfile);
-
+router
-router.route("/password/update").put(isFranchiAuthenticated, franchiseeUpdatePassword);
+  .route("/password/update")
  .put(isFranchiAuthenticated, franchiseeUpdatePassword);
 //fetch product franchisee Wise
-router.route("/product/price_level").get(isFranchiAuthenticated, FranchiseePriceLevelProduct);
+router
  .route("/product/price_level")
  .get(isFranchiAuthenticated, FranchiseePriceLevelProduct);
 //product order
-router.route("/order/create").post(isFranchiAuthenticated, createOrder)
+router.route("/order/create").post(isFranchiAuthenticated, createOrder);
-router.route("/order/getAll").get(isFranchiAuthenticated, getAllOrder)
+router.route("/order/getAll").get(isFranchiAuthenticated, getAllOrder);
-router.route("/order/getOne/:id").get(isFranchiAuthenticated, getSingleOrder)
+router.route("/order/getOne/:id").get(isFranchiAuthenticated, getSingleOrder);
-router.route("/order/edit/:id").put(isFranchiAuthenticated, EditOrderBeforePayment)
+router
-
+  .route("/order/edit/:id")
-
+  .put(isFranchiAuthenticated, EditOrderBeforePayment);
 export default router;
--- a/resources/Testimonials/TestimonialRoute.js
+++ b/resources/Testimonials/TestimonialRoute.js
@ -12,21 +12,27 @@ import {
 const router = express.Router();
 router.route("/new").post(isAuthenticatedUser, AddNewTestimonial);
-router
+router.route("/getAll").get(FindAllTestimonial);
  .route("/getAll")
  .get(FindAllTestimonial);
 router.route("/getOne/:id").get(isAuthenticatedUser, FindOneTestimonial);
 router
  .route("/delete/:id")
-  .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteTestimonial);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteTestimonial
  );
 router
  .route("/update/:id")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updatetesTimonial);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updatetesTimonial
  );
 router
  .route("/deleteImage/GetSygnal/Testimonial/:public_id")
  .delete(
    isAuthenticatedUser,
-    authorizeRoles("admin"),
+    authorizeRoles("admin", "Employee"),
    deleteImageFromCloudinary
  );
 export default router;
--- a/resources/setting/Configration/Config_routes.js
+++ b/resources/setting/Configration/Config_routes.js
@ -14,8 +14,10 @@ import {
 } from "./Config_controller.js";
 import { upload } from "../../../Utils/cloudinary.js";
-import { authorizeRoles, isAuthenticatedUser } from "../../../middlewares/auth.js";
+import {
-
+  authorizeRoles,
  isAuthenticatedUser,
 } from "../../../middlewares/auth.js";
 const router = Router();
@ -25,21 +27,52 @@ const router = Router();
 //   { name: "Adminlogo", maxCount: 1 },
 // ]);
-// router.route("/gst").post(isAuthenticatedUser, authorizeRoles("admin"), addGST);
+// router.route("/gst").post(isAuthenticatedUser,authorizeRoles("admin", "Employee"), addGST);
-router.route("/social").post(isAuthenticatedUser, authorizeRoles("admin"), addSocialMedia);
+router
-router.route("/application/name").post(isAuthenticatedUser, authorizeRoles("admin"), addApplicationName);
+  .route("/social")
-router.route("/copyright/message").post(isAuthenticatedUser, authorizeRoles("admin"), addCopyRightMessage);
+  .post(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    addSocialMedia
  );
 router
  .route("/application/name")
  .post(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    addApplicationName
  );
 router
  .route("/copyright/message")
  .post(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    addCopyRightMessage
  );
-
+router
-
+  .route("/address")
-router.route("/address").post(isAuthenticatedUser, authorizeRoles("admin"), addAddress);
+  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), addAddress);
-// router.route("/scrollText").post(isAuthenticatedUser, authorizeRoles("admin"), addScrollText);
+// router.route("/scrollText").post(isAuthenticatedUser,authorizeRoles("admin", "Employee"), addScrollText);
-router.route("/logo").post(isAuthenticatedUser, authorizeRoles("admin"), addLogo);
+router
-router.route("/").get(getConfig).delete(isAuthenticatedUser, authorizeRoles("admin"), deleteConfig)
+  .route("/logo")
  .post(isAuthenticatedUser, authorizeRoles("admin", "Employee"), addLogo);
 router
  .route("/")
  .get(getConfig)
  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteConfig
  );
 router
  .route("/termsofuse")
-  .get(isAuthenticatedUser, authorizeRoles("admin"), getTermsOfUse)
+  .get(isAuthenticatedUser, authorizeRoles("admin", "Employee"), getTermsOfUse)
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), addTermsOfUse);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    addTermsOfUse
  );
 export default router;
--- a/resources/user/userController.js
+++ b/resources/user/userController.js
@ -7,10 +7,12 @@ import crypto from "crypto";
 import cloudinary from "cloudinary";
 import password from "secure-random-password";
 import { Order } from "../Orders/orderModel.js";
 import { RegisterEmail } from "../EmailCMS/RegisterEmail/registerEmailModal.js";
 import { Config } from "../setting/Configration/Config_model.js";
 // 1.Register a User
 export const registerUser = async (req, res) => {
  try {
-    const { name, email, password, phone } = req.body;
+    const { name, email, password, phone, accessTo, role } = req.body;
    // console.log("this is the password ", password, name, req.body);
    let findUser = await User.findOne({ email });
@ -37,30 +39,45 @@ export const registerUser = async (req, res) => {
      email,
      password,
      phone,
      role,
      accessTo,
      // avatar: {
      //     public_id: myCloud.public_id,
      //     url: myCloud.secure_url,
      // },
    });
    // const emailData = await RegisterEmail.find();
    // let emailSubject = emailData[0]?.subject;
    // let emailDescription = emailData[0]?.description;
    const config = await Config.find();
    let appName = config[0]?.appName;
    await sendEmail({
      to: `${email}`, // Change to your recipient
      from: `${process.env.SEND_EMAIL_FROM}`, // Change to your verified sender
      subject: `Welcome to Smellika - Let the Shopping Begin!`,
-      html: ` <h1 style="color: #333; text-align: left; font-family: Arial, sans-serif;">Welcome to Smellika - Let the Shopping Begin!</h1>
+      html: ` <h1 style="color: #333; text-align: left; font-family: Arial, sans-serif;">Welcome to ${appName} - Let the Shopping Begin!</h1>
       <strong style="color: #1b03a3; font-size: 16px"> Hey ${name},</strong>
-       <p style="color: #555; font-size: 15px;">Welcome to Smellika! We're thrilled to have you on board. Get ready for a world of exclusive deals, exciting products, and seamless shopping experiences. Start exploring now!</p>
+       <p style="color: #555; font-size: 15px;">
          Welcome to Smellika - Let the Shopping Begin!
       </p>
       <br/> 
-       <p style="color: #555; font-size: 15px;">You can login into : https://smellika.com</p>
+       <p style="color: #555; font-size: 15px;">You can login into :${
         role === "Employee" || role === "admin"
           ? `https://admin.smellika.com/`
           : `https://smellika.com`
       } </p>
        <br/>
        <p style="color: #555; font-size: 15px;">Below are your login credentials:</p>
  <p style="color: #555; font-size: 15px;">Email: ${email}</p>
  <p style="color: #555; font-size: 15px;">Password: ${password}</p>
        <span style="color: #555; font-size: 13px;">Happy shopping,</span><br/>
-        <span style="color: #555; font-size: 13px;">Team Smellika</span>`,
+        <span style="color: #555; font-size: 13px;">Team ${appName}</span>`,
    });
    sendToken(user, 201, res);
  } catch (e) {
@ -353,3 +370,81 @@ export const getAllUser = catchAsyncErrors(async (req, res, next) => {
    users,
  });
 });
 export const getAllEmployee = catchAsyncErrors(async (req, res, next) => {
  // Assuming your User model is imported as 'User'
  const employee = await User.find({ role: "Employee" });
  res.status(200).json({
    success: true,
    employee,
  });
 });
 export const deleteEmployeeById = catchAsyncErrors(async (req, res, next) => {
  // console.log("request came here", req.params);
  // Extract the employee ID from the request parameters
  const { id } = req.params;
  try {
    // Find the employee by ID and delete it
    const deletedEmployee = await User.findByIdAndDelete(id);
    if (!deletedEmployee) {
      // If the employee with the provided ID is not found, return an error
      return res.status(404).json({
        success: false,
        message: "Employee not found",
      });
    }
    // If deletion is successful, return success response
    res.status(200).json({
      success: true,
      message: "Employee deleted successfully",
    });
  } catch (error) {
    // Handle any errors that occur during deletion
    return res.status(500).json({
      success: false,
      message: "Error deleting employee",
      error: error.message,
    });
  }
 });
 // Update employee
 // Import necessary modules and set up your User model
 export const updateEmployeeById = catchAsyncErrors(async (req, res, next) => {
  // Extract the employee ID from the request parameters
  const { id } = req.params;
  try {
    // Find the employee by ID and update its fields
    const updatedEmployee = await User.findByIdAndUpdate(
      id,
      { $set: req.body }, // Update fields based on the request body
      { new: true } // Return the updated document
    );
    if (!updatedEmployee) {
      // If the employee with the provided ID is not found, return an error
      return res.status(404).json({
        success: false,
        message: "Employee not found",
      });
    }
    // If update is successful, return success response with updated employee data
    res.status(200).json({
      success: true,
      message: "Employee updated successfully",
      employee: updatedEmployee,
    });
  } catch (error) {
    // Handle any errors that occur during update
    return res.status(500).json({
      success: false,
      message: "Error updating employee",
      error: error.message,
    });
  }
 });
--- a/resources/user/userModel.js
+++ b/resources/user/userModel.js
@ -46,6 +46,7 @@ const userSchema = new mongoose.Schema(
      type: String,
      default: "user",
    },
    accessTo: {},
    // createdAt: {
    //     type: Date,
    //     default: Date.now,
--- a/resources/user/userRoute.js
+++ b/resources/user/userRoute.js
@ -11,6 +11,9 @@ import {
  getSingleUser,
  getAllUser,
  getUserOrderForAdmin,
  getAllEmployee,
  deleteEmployeeById,
  updateEmployeeById,
 } from "./userController.js";
 import { isAuthenticatedUser, authorizeRoles } from "../../middlewares/auth.js";
@ -30,14 +33,39 @@ router.route("/user/details").get(isAuthenticatedUser, getUserDetails);
 router
  .route("/admin/users")
-  .get(isAuthenticatedUser, authorizeRoles("admin"), getAllUser);
+  .get(isAuthenticatedUser, authorizeRoles("admin", "Employee"), getAllUser);
 router
  .route("/admin/delete-employee/:id")
  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteEmployeeById
  );
 router
  .route("/admin/employee")
  .get(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    getAllEmployee
  );
 router
  .route("/admin/update-employee/:id")
  .put(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateEmployeeById
  );
 router
  .route("/admin/users/orders/:id")
-  .get(isAuthenticatedUser, authorizeRoles("admin"), getUserOrderForAdmin);
+  .get(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    getUserOrderForAdmin
  );
 router
  .route("/admin/user/:id")
-  .get(isAuthenticatedUser, authorizeRoles("admin"), getSingleUser);
+  .get(isAuthenticatedUser, authorizeRoles("admin", "Employee"), getSingleUser);
 router.route("/user/password/update").put(isAuthenticatedUser, updatePassword);
--- a/resources/userAddress/useAddressRoute.js
+++ b/resources/userAddress/useAddressRoute.js
@ -12,14 +12,26 @@ const router = express.Router();
 router
  .route("/addAddress")
-  .post(isAuthenticatedUser, authorizeRoles("admin"), addUserAddress);
+  .post(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    addUserAddress
  );
 router.route("/getAddressess").get(getUserAddress);
 router.route("/getOneAddress/:_id").get(getOneAddress);
 router
  .route("/updateAddress/:_id")
-  .patch(isAuthenticatedUser, authorizeRoles("admin"), updateAddress);
+  .patch(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    updateAddress
  );
 router
  .route("/deleteAddress/:_id")
-  .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteUserAddress);
+  .delete(
    isAuthenticatedUser,
    authorizeRoles("admin", "Employee"),
    deleteUserAddress
  );
 export default router;