filter users for clients

src/user/user.controller.ts

@@ -84,7 +84,7 @@ export async function getUserHandler(req: FastifyRequest, res: FastifyReply) {
 
 export async function listUserHandler(req: FastifyRequest, res: FastifyReply) {
   try {
-    const users = await listUsers(req.user.tenantId);
+    const users = await listUsers(req.user);
     return res.code(200).send({ users: users });
   } catch (err) {
     return err;

src/user/user.service.ts

@@ -120,9 +120,23 @@ export async function getUserByEmail(email: string) {
   return await userModel.findOne({ email: email });
 }
 
-export async function listUsers(tenantId: string) {
+export async function listUsers(user: AuthenticatedUser) {
+  if (user.role === "client") {
+    return await userModel
+      .find({
+        $and: [
+          { tenantId: user.tenantId, orgId: user.orgId },
+          { dev: { $ne: true } },
+        ],
+      })
+      .select(
+        "_id pid orgId firstName lastName name email role avatar status createdAt createdBy lastLogin"
+      )
+      .populate({ path: "orgId", select: "_id pid name avatar" });
+  }
+
   return await userModel
-    .find({ $and: [{ tenantId: tenantId }, { dev: { $ne: true } }] })
+    .find({ $and: [{ tenantId: user.tenantId }, { dev: { $ne: true } }] })
     .select(
       "_id pid orgId firstName lastName name email role avatar status createdAt createdBy lastLogin"
     )