diff --git a/src/components/CostAndExpenseReport/CostAndExpenseReport.tsx b/src/components/CostAndExpenseReport/CostAndExpenseReport.tsx
index da15baf..1b837ee 100644
--- a/src/components/CostAndExpenseReport/CostAndExpenseReport.tsx
+++ b/src/components/CostAndExpenseReport/CostAndExpenseReport.tsx
@@ -11,12 +11,13 @@ import { downloadFile } from "@/app/utils/commonUtil";
 interface Props {
   team: TeamResult[];
   customer: Customer[];
+  needAll: boolean | undefined;
 }
 
 type SearchQuery = Partial<Omit<CostAndExpenseReportFilter, "id">>;
 type SearchParamNames = keyof SearchQuery;
 
-const CostAndExpenseReport: React.FC<Props> = ({ team, customer }) => {
+const CostAndExpenseReport: React.FC<Props> = ({ team, customer, needAll }) => {
   const { t } = useTranslation("report");
   const teamCombo = team.map((t) => `${t.name} - ${t.code}`);
   const custCombo = customer.map(c => ({label: `${c.name} - ${c.code}`, value: c.id}))
@@ -28,7 +29,7 @@ const CostAndExpenseReport: React.FC<Props> = ({ team, customer }) => {
         paramName: "team",
         type: "select",
         options: teamCombo,
-        needAll: true,
+        needAll: needAll,
       },
       { 
         label: t("Client"), 
diff --git a/src/components/CostAndExpenseReport/CostAndExpenseReportWrapper.tsx b/src/components/CostAndExpenseReport/CostAndExpenseReportWrapper.tsx
index 2b32c99..15598cc 100644
--- a/src/components/CostAndExpenseReport/CostAndExpenseReportWrapper.tsx
+++ b/src/components/CostAndExpenseReport/CostAndExpenseReportWrapper.tsx
@@ -1,18 +1,30 @@
 import React from "react";
 import { fetchAllCustomers } from "@/app/api/customer";
-import { fetchTeam } from "@/app/api/team";
+import { fetchIndivTeam, fetchTeam } from "@/app/api/team";
 import CostAndExpenseReport from "./CostAndExpenseReport";
 import CostAndExpenseReportLoading from "./CostAndExpenseReportLoading";
-
+import { headers, cookies } from 'next/headers';
+import { getServerSession } from "next-auth";
+import { authOptions } from "@/config/authConfig";
+import { TEAM_LEAD } from "@/middleware";
 interface SubComponents {
   Loading: typeof CostAndExpenseReportLoading;
 }
 
 const CostAndExpenseReportWrapper: React.FC & SubComponents = async () => {
-    const customers = await fetchAllCustomers()
-    const teams = await fetchTeam ()
+    const session: any = await getServerSession(authOptions)
+    const teamId = session.staff?.team.id
+    const role = session!.role
+    let customers = await fetchAllCustomers()
+    let teams = await fetchTeam()
+    let needAll = true
+    
+    if (role === TEAM_LEAD) {
+      needAll = false
+      teams = teams.filter((team) => team.id === teamId);
+    } 
 
-    return <CostAndExpenseReport team={teams} customer={customers}/>
+    return <CostAndExpenseReport team={teams} customer={customers} needAll={needAll} />
 };
 
 CostAndExpenseReportWrapper.Loading = CostAndExpenseReportLoading;
diff --git a/src/config/authConfig.ts b/src/config/authConfig.ts
index 2c2b9da..65783d4 100644
--- a/src/config/authConfig.ts
+++ b/src/config/authConfig.ts
@@ -3,6 +3,8 @@ import CredentialsProvider from "next-auth/providers/credentials";
 import { LOGIN_API_PATH } from "./api";
 
 export interface SessionWithTokens extends Session {
+  staff?: any;
+  role?: String;
   abilities?: any[];
   accessToken?: string;
   refreshToken?: string;
@@ -52,12 +54,14 @@ export const authOptions: AuthOptions = {
     session({ session, token }) {
       const sessionWithToken: SessionWithTokens = {
         ...session,
+        role: token.role as String,
         // Add the data from the token to the session
         abilities: (token.abilities as ability[]).map(
           (item: ability) => item.actionSubjectCombo,
         ) as string[],
         accessToken: token.accessToken as string | undefined,
         refreshToken: token.refreshToken as string | undefined,
+        staff: token.staff as any
       };
       // console.log(sessionWithToken)
       return sessionWithToken;
diff --git a/src/middleware.ts b/src/middleware.ts
index e3927b1..f9c8602 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -3,6 +3,21 @@ import { ability, authOptions } from "@/config/authConfig";
 import { NextFetchEvent, NextResponse } from "next/server";
 import { getToken } from "next-auth/jwt";
 
+// user groups
+export const [
+  SUPER_ADMIN,
+  TOP_MANAGEMENT,
+  TEAM_LEAD,
+  NORMAL_STAFF,
+  SUPPORTING_STAFF
+] = [
+  "Super Admin",
+  "Top Management",
+  "Team Leader",
+  "Normal Staff",
+  "Supporting Staff"
+]
+
 // abilities
 export const [
   VIEW_USER,
@@ -61,7 +76,7 @@ export default async function middleware(
   event: NextFetchEvent,
 ) {
   const langPref = req.nextUrl.searchParams.get(LANG_QUERY_PARAM);
-  const token = await getToken({ req: req, secret: process.env.SECRET });
+  // const token = await getToken({ req: req, secret: process.env.SECRET });
   if (langPref) {
     // Redirect to same url without the lang query param + set cookies
     const newUrl = new URL(req.nextUrl);