update: verifyRole

middleware/verifyRole.js

@@ -0,0 +1,28 @@
+const { ErrorHandler } = require("../helpers/error");
+
+const verifyRole = (allowedRoles) => {
+  return (req, res, next) => {
+    try {
+      const user = req.user;
+
+      if (!user) {
+        throw new ErrorHandler(401, "Unauthorized: User not found");
+      }
+
+      // Super Admin bypass semua role
+      if (user.is_sa) {
+        return next();
+      }
+
+      if (!allowedRoles.includes(user.role_id)) {
+        throw new ErrorHandler(403, "Forbidden: Access denied");
+      }
+
+      next();
+    } catch (err) {
+      next(err);
+    }
+  };
+};
+
+module.exports = verifyRole;