Update ban logic

2020-09-07 23:33:35 +01:00 · 2020-09-07 23:33:35 +01:00 · 4d2595dd39
parent 4e81a41210
commit 4d2595dd39
2 changed files with 5 additions and 4 deletions
--- a/app/Http/Controllers/BanController.php
+++ b/app/Http/Controllers/BanController.php
@ -15,7 +15,7 @@ class BanController extends Controller
    public function insert(BanUserRequest $request, User $user)
    {

-        $this->authorize('create', Ban::class);
+        $this->authorize('create', [Ban::class, $user]);

        if (is_null($user->bans))
        {
--- a/app/Policies/BanPolicy.php
+++ b/app/Policies/BanPolicy.php
@ -41,15 +41,16 @@ class BanPolicy
     * @param  \App\User  $user
     * @return mixed
     */
-    public function create(User $user)
+    public function create(User $user, User $targetUser)
    {
        Log::debug("Authorization check started", [
            'requiredRoles' => 'admin',
-            'currentRoles' => $user->roles(),
+            'currentRoles' => $user->roles,
            'hasRequiredRole' => $user->hasRole('admin'),
+            'targetUser' => $user->username,
            'isCurrentUser' => Auth::user()->is($user)
        ]);
-        return $user->hasRole('admin') && Auth::user()->isNot($user);
+        return $user->hasRole('admin') && $user->isNot($targetUser);
    }

    /**