From 57d02d2c49febf0c38c6d62d3b1a779095d4592e Mon Sep 17 00:00:00 2001
From: ROSHAN GARG <roshangarg28@gmail.com>
Date: Mon, 5 Aug 2024 14:07:06 +0530
Subject: [PATCH] updated the KYC

---
 resources/KYC/KycController.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/resources/KYC/KycController.js b/resources/KYC/KycController.js
index 5a92f14..295c54b 100644
--- a/resources/KYC/KycController.js
+++ b/resources/KYC/KycController.js
@@ -111,7 +111,7 @@ export const getAllKyc = async (req, res) => {
   try {
     // Fetch all KYC documents from the database
     // console.log("req came here ");
-    const kycs = await KYC.find()
+    const kycs = await KYC.find({ principal_distributer: req.user._id })
       .populate("principal_distributer", "name")
       .populate("addedBy");
     // console.log(kycs);
@@ -193,6 +193,9 @@ export const updateKycStatus = async (req, res) => {
     if (!kyc) {
       return res.status(404).json({ message: "KYC record not found" });
     }
+    if (kyc.principal_distributer.toString() !== req.user._id.toString()) {
+      return res.status(403).json({ message: "Access denied" });
+    }
 
     // Update the status
     if (status) {