From 098333018788ffb17e239607fbcef434ce9fcdea Mon Sep 17 00:00:00 2001
From: paulwer <paul@wer-ner.de>
Date: Mon, 25 Mar 2024 07:18:32 +0100
Subject: [PATCH] minor fixes

---
 app/Http/Controllers/BrevoController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/BrevoController.php b/app/Http/Controllers/BrevoController.php
index 6a1e8ddfc0b4..c8db34674645 100644
--- a/app/Http/Controllers/BrevoController.php
+++ b/app/Http/Controllers/BrevoController.php
@@ -192,8 +192,8 @@ class BrevoController extends BaseController
                 return response()->json(['message' => 'Unauthorized'], 403);
 
             $company = MultiDB::findAndSetDbByCompanyId($request->has('company'));
-            $company_brevo_secret = $company->settings?->email_sending_method === 'client_brevo' && $company->settings?->brevo_secret ? $company->settings?->brevo_secret : null;
-            if (!$company || $request->get('token') !== $company_brevo_secret)
+            $company_brevo_secret = $company?->settings?->email_sending_method === 'client_brevo' && $company?->settings?->brevo_secret ? $company->settings->brevo_secret : null;
+            if (!$company || !$company_brevo_secret || $request->get('token') !== $company_brevo_secret)
                 return response()->json(['message' => 'Unauthorized'], 403);
 
         } else if (!($request->has('token') && $request->get('token') == config('services.brevo.secret')))