Fix access control in Admin Index and Navbar components

2024-02-08 13:40:26 +01:00 · 2024-02-08 13:40:26 +01:00 · d7001937ac
commit d7001937ac
parent 3fe58ec66b
2 changed files with 2 additions and 2 deletions
--- a/app/Livewire/Admin/Index.php
+++ b/app/Livewire/Admin/Index.php
@ -11,7 +11,7 @@ class Index extends Component
    public $users = [];
    public function mount()
    {
-        if (isInstanceAdmin() && session('adminToken') === null) {
+        if (!isInstanceAdmin() && session('adminToken') === null) {
            return redirect()->route('dashboard');
        }
        $this->users = User::whereHas('teams', function ($query) {
--- a/resources/views/components/navbar.blade.php
+++ b/resources/views/components/navbar.blade.php
@ -142,7 +142,7 @@ class="{{ request()->is('settings*') ? 'text-warning icon' : 'icon' }}"

                </ul>
            </details>
-            @if (isCloud())
+            @if (isCloud() && isInstanceAdmin())
                <li title="Admin">
                    <a class="hover:bg-transparent" href="/admin">
                        <svg class="text-pink-600 icon" viewBox="0 0 256 256" xmlns="http://www.w3.org/2000/svg">