Shiloh/lasthourcloud
Shiloh/lasthourcloud
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

Add role-based authorization for updating teams

Browse Source
This commit is contained in:
Andras Bacsai 2024-04-05 16:48:06 +02:00
parent c223408c3c
commit 36c31dcd67
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/Models/Team.php
View File

@ -21,9 +21,11 @@ class Team extends Model implements SendsDiscord, SendsEmail
protected static function booted()
{
// static::saved(function () {
// refreshSession();
// });
static::saving(function ($team) {
if (auth()->user()->isMember()) {
throw new \Exception('You are not allowed to update this team.');
}
});
}
public function routeNotificationForDiscord()

4
app/Models/User.php
View File

@ -127,6 +127,10 @@ public function isOwner()
{
return $this->role() === 'owner';
}
public function isMember()
{
return $this->role() === 'member';
}
public function isAdminFromSession()
{
if (auth()->user()->id === 0) {