From 103a9c2df29c0c47983ea5faec8d75fe373884c0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Wed, 23 Jul 2025 17:57:05 +0200
Subject: [PATCH] fix(policy): update delete method to check for admin status
 in S3StoragePolicy

---
 app/Policies/S3StoragePolicy.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/Policies/S3StoragePolicy.php b/app/Policies/S3StoragePolicy.php
index 28f5f8426..4f837a3dd 100644
--- a/app/Policies/S3StoragePolicy.php
+++ b/app/Policies/S3StoragePolicy.php
@@ -21,7 +21,7 @@ class S3StoragePolicy
      */
     public function view(User $user, S3Storage $storage): bool
     {
-        return $user->teams()->where('id', $storage->team_id)->exists();
+        return $user->teams()->get()->firstWhere('id', $storage->team_id)->exists();
     }
 
     /**
@@ -37,7 +37,7 @@ class S3StoragePolicy
      */
     public function update(User $user, Server $server): bool
     {
-        return $user->teams()->get()->firstWhere('id', $server->team_id) !== null;
+        return $user->teams()->get()->firstWhere('id', $server->team_id)->exists() && $user->isAdmin();
     }
 
     /**
@@ -45,7 +45,7 @@ class S3StoragePolicy
      */
     public function delete(User $user, S3Storage $storage): bool
     {
-        return $user->teams()->where('id', $storage->team_id)->exists();
+        return $user->teams()->get()->firstWhere('id', $storage->team_id)->exists() && $user->isAdmin();
     }
 
     /**