Fixed broken banning logic
This commit is contained in:
@@ -13,7 +13,7 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can view any models.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param User $user
|
||||
* @return mixed
|
||||
*/
|
||||
public function viewAny(User $user)
|
||||
@@ -24,8 +24,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can view the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function view(User $user, Appointment $appointment)
|
||||
@@ -36,7 +36,7 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can create models.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param User $user
|
||||
* @return mixed
|
||||
*/
|
||||
public function create(User $user)
|
||||
@@ -47,8 +47,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can update the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function update(User $user, Appointment $appointment)
|
||||
@@ -59,8 +59,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can delete the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function delete(User $user, Appointment $appointment)
|
||||
@@ -71,8 +71,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can restore the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function restore(User $user, Appointment $appointment)
|
||||
@@ -83,8 +83,8 @@ class AppointmentPolicy
|
||||
/**
|
||||
* Determine whether the user can permanently delete the model.
|
||||
*
|
||||
* @param \App\User $user
|
||||
* @param \App\Appointment $appointment
|
||||
* @param User $user
|
||||
* @param Appointment $appointment
|
||||
* @return mixed
|
||||
*/
|
||||
public function forceDelete(User $user, Appointment $appointment)
|
||||
|
||||
@@ -5,6 +5,8 @@ namespace App\Policies;
|
||||
use App\Ban;
|
||||
use App\User;
|
||||
use Illuminate\Auth\Access\HandlesAuthorization;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
|
||||
class BanPolicy
|
||||
{
|
||||
@@ -41,7 +43,13 @@ class BanPolicy
|
||||
*/
|
||||
public function create(User $user)
|
||||
{
|
||||
return $user->hasRole('admin') && $user->isNot(Auth::user());
|
||||
Log::debug("Authorization check started", [
|
||||
'requiredRoles' => 'admin',
|
||||
'currentRoles' => $user->roles(),
|
||||
'hasRequiredRole' => $user->hasRole('admin'),
|
||||
'isCurrentUser' => Auth::user()->is($user)
|
||||
]);
|
||||
return $user->hasRole('admin') && Auth::user()->isNot($user);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user