diff --git a/server/AyaNova/Controllers/QuoteController.cs b/server/AyaNova/Controllers/QuoteController.cs
index 71e20ab9..a25c9b2a 100644
--- a/server/AyaNova/Controllers/QuoteController.cs
+++ b/server/AyaNova/Controllers/QuoteController.cs
@@ -38,7 +38,7 @@ namespace AyaNova.Api.Controllers
             serverState = apiServerState;
         }
 
-   
+
         /*
              ██████╗ ██╗   ██╗ ██████╗ ████████╗███████╗
              ██╔═══██╗██║   ██║██╔═══██╗╚══██╔══╝██╔════╝
@@ -144,7 +144,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType) || biz.UserIsRestrictedType)
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.QuotePutAsync(updatedObject); 
+            var o = await biz.QuotePutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -230,7 +230,7 @@ namespace AyaNova.Api.Controllers
             if (!serverState.IsOpen)
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
-            if (!Authorized.HasCreateRole(HttpContext.Items, AyaType.QuoteStatus) || biz.UserIsSubContractorFull || biz.UserIsSubContractorRestricted)
+            if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType) || biz.UserIsSubContractorFull || biz.UserIsSubContractorRestricted)
                 return StatusCode(403, new ApiNotAuthorizedResponse());
             if (!ModelState.IsValid)
                 return BadRequest(new ApiErrorResponse(ModelState));
@@ -253,7 +253,7 @@ namespace AyaNova.Api.Controllers
             if (!serverState.IsOpen)
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
-            if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.QuoteStatus))
+            if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
                 return StatusCode(403, new ApiNotAuthorizedResponse());
             if (!ModelState.IsValid)
                 return BadRequest(new ApiErrorResponse(ModelState));
@@ -344,7 +344,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItem) || biz.UserIsRestrictedType)
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.ItemPutAsync(updatedObject); 
+            var o = await biz.ItemPutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -451,7 +451,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItemExpense) || biz.UserIsSubContractorFull || biz.UserIsSubContractorRestricted)
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.ExpensePutAsync(updatedObject); 
+            var o = await biz.ExpensePutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -559,7 +559,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItemLabor))
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.LaborPutAsync(updatedObject); 
+            var o = await biz.LaborPutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -667,7 +667,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItemLoan) || biz.UserIsRestrictedType)
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.LoanPutAsync(updatedObject); 
+            var o = await biz.LoanPutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -776,7 +776,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItemOutsideService) || biz.UserIsRestrictedType)
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.OutsideServicePutAsync(updatedObject); 
+            var o = await biz.OutsideServicePutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -883,7 +883,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItemPart) || biz.UserIsRestrictedType)
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.PartPutAsync(updatedObject); 
+            var o = await biz.PartPutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -990,7 +990,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItemScheduledUser) || biz.UserIsRestrictedType)
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.ScheduledUserPutAsync(updatedObject); 
+            var o = await biz.ScheduledUserPutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -1096,7 +1096,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItemTask))
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.TaskPutAsync(updatedObject); 
+            var o = await biz.TaskPutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -1202,7 +1202,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItemTravel))
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.TravelPutAsync(updatedObject); 
+            var o = await biz.TravelPutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
@@ -1308,7 +1308,7 @@ namespace AyaNova.Api.Controllers
             QuoteBiz biz = QuoteBiz.GetBiz(ct, HttpContext);
             if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.QuoteItemUnit) || biz.UserIsRestrictedType)
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            var o = await biz.UnitPutAsync(updatedObject); 
+            var o = await biz.UnitPutAsync(updatedObject);
             if (o == null)
             {
                 if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))