diff --git a/hesabixCore/src/Controller/MoadiyanController.php b/hesabixCore/src/Controller/MoadiyanController.php
new file mode 100644
index 0000000..c83a1b2
--- /dev/null
+++ b/hesabixCore/src/Controller/MoadiyanController.php
@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Controller;
+
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+
+class MoadiyanController extends AbstractController
+{
+    #[Route('api/moadiyan', name: 'app_moadiyan')]
+    public function index(): Response
+    {
+        return $this->render('moadiyan/index.html.twig', [
+            'controller_name' => 'MoadiyanController',
+        ]);
+    }
+}
diff --git a/hesabixCore/src/Controller/SellController.php b/hesabixCore/src/Controller/SellController.php
index 2889387..9bbd7c2 100644
--- a/hesabixCore/src/Controller/SellController.php
+++ b/hesabixCore/src/Controller/SellController.php
@@ -20,7 +20,7 @@ class SellController extends AbstractController
     public function app_buy_can_edit(Request $request,Access $access,Log $log,EntityManagerInterface $entityManager, string $code): JsonResponse
     {
         $canEdit = true;
-        $acc = $access->hasRole('buy');
+        $acc = $access->hasRole('sell');
         if(!$acc)
             throw $this->createAccessDeniedException();
 
@@ -44,7 +44,7 @@ class SellController extends AbstractController
     #[Route('/api/sell/get/info/{code}', name: 'app_buy_get_info')]
     public function app_buy_get_info(Request $request,Access $access,Log $log,EntityManagerInterface $entityManager, string $code): JsonResponse
     {
-        $acc = $access->hasRole('buy');
+        $acc = $access->hasRole('sell');
         if(!$acc)
             throw $this->createAccessDeniedException();
         $doc = $entityManager->getRepository(HesabdariDoc::class)->findOneBy([