dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Add role-based authorization for updating teams

Browse Source
This commit is contained in:
Andras Bacsai
2024-04-05 16:48:06 +02:00
parent c223408c3c
commit 36c31dcd67
2 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/Models/Team.php
View File

@@ -21,9 +21,11 @@ class Team extends Model implements SendsDiscord, SendsEmail
protected static function booted() protected static function booted()
{ {
// static::saved(function () { static::saving(function ($team) {
// refreshSession(); if (auth()->user()->isMember()) {
// }); throw new \Exception('You are not allowed to update this team.');
}
});
} }
public function routeNotificationForDiscord() public function routeNotificationForDiscord()

4
app/Models/User.php
View File

@@ -127,6 +127,10 @@ class User extends Authenticatable implements SendsEmail
{ {
return $this->role() === 'owner'; return $this->role() === 'owner';
} }
public function isMember()
{
return $this->role() === 'member';
}
public function isAdminFromSession() public function isAdminFromSession()
{ {
if (auth()->user()->id === 0) { if (auth()->user()->id === 0) {