diff --git a/app/Http/Requests/Invoice/UploadInvoiceRequest.php b/app/Http/Requests/Invoice/UploadInvoiceRequest.php
index 070fb4443d1b..17af8468e9b3 100644
--- a/app/Http/Requests/Invoice/UploadInvoiceRequest.php
+++ b/app/Http/Requests/Invoice/UploadInvoiceRequest.php
@@ -23,7 +23,9 @@ class UploadInvoiceRequest extends Request
      */
     public function authorize() : bool
     {
-        return auth()->user()->can('edit', $this->invoice);
+        /** @var \App\Models\User $user */
+        $user = auth()->user();
+        return $user->can('edit', $this->invoice);
     }
 
     public function rules()
diff --git a/app/Http/Requests/Request.php b/app/Http/Requests/Request.php
index 789d723938c7..5d8577efa189 100644
--- a/app/Http/Requests/Request.php
+++ b/app/Http/Requests/Request.php
@@ -20,7 +20,7 @@ class Request extends FormRequest
     use MakesHash;
     use RuntimeFormRequest;
 
-    protected $file_validation = 'sometimes|file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx,webp|max:20000';
+    protected $file_validation = 'sometimes|file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx,webp,xml|max:20000';
     /**
      * Get the validation rules that apply to the request.
      *