Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-31 12:44:35 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for project form request authorization

Browse Source
This commit is contained in:
David Bomba 2023-02-27 22:38:10 +11:00
parent ec67d019c7
commit 83c3b3d923
4 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Requests/Project/CreateProjectRequest.php
View File

@ -11,6 +11,7 @@
namespace App\Http\Requests\Project; namespace App\Http\Requests\Project;
use App\Models\Project;
use App\Http\Requests\Request; use App\Http\Requests\Request;
class CreateProjectRequest extends Request class CreateProjectRequest extends Request
@ -22,6 +23,7 @@ class CreateProjectRequest extends Request
*/ */
public function authorize() : bool public function authorize() : bool
{ {
return auth()->user()->isAdmin(); return auth()->user()->can('create', Project::class);
} }
} }

2
app/Http/Requests/Project/DestroyProjectRequest.php
View File

@ -22,6 +22,6 @@ class DestroyProjectRequest extends Request
*/ */
public function authorize() : bool public function authorize() : bool
{ {
return auth()->user()->isAdmin(); return auth()->user()->can('edit', $this->project);
} }
} }

2
app/Http/Requests/Project/EditProjectRequest.php
View File

@ -22,7 +22,7 @@ class EditProjectRequest extends Request
*/ */
public function authorize() : bool public function authorize() : bool
{ {
return auth()->user()->isAdmin(); return auth()->user()->can('edit', $this->project);
} }
/** /**

4
app/Http/Requests/Project/ShowProjectRequest.php
View File

@ -22,7 +22,9 @@ class ShowProjectRequest extends Request
*/ */
public function authorize() : bool public function authorize() : bool
{ {
return auth()->user()->isAdmin(); // return auth()->user()->isAdmin();
return auth()->user()->can('view', $this->project);
} }
/** /**