From: Vincent Vanwaelscappel <vincent@cubedesigners.com>
Date: Fri, 20 Nov 2020 09:33:57 +0000 (+0100)
Subject: fix #4082 @1
X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=1c718eceb97fd23bd012b721209ccce3b226de04;p=fluidbook-toolbox.git

fix #4082 @1
---

diff --git a/app/Http/Controllers/Admin/Operations/LogOperation.php b/app/Http/Controllers/Admin/Operations/LogOperation.php
index f3d727e3c..cdf8b4b8b 100644
--- a/app/Http/Controllers/Admin/Operations/LogOperation.php
+++ b/app/Http/Controllers/Admin/Operations/LogOperation.php
@@ -3,6 +3,8 @@
 
 namespace App\Http\Controllers\Admin\Operations;
 
+use App\Http\Middleware\Authenticate;
+use App\Http\Middleware\CheckIfAdmin;
 use App\Http\Middleware\VerifyCsrfToken;
 use App\Models\QuizAttempt;
 use DateTime;
@@ -13,7 +15,7 @@ trait LogOperation
 {
     protected function setupLogRoutes($segment, $routeName, $controller)
     {
-        Route::match(['post'], $segment . '/{id}/log', $controller . '@log')->withoutMiddleware([VerifyCsrfToken::class]);
+        Route::match(['post'], $segment . '/{id}/log', $controller . '@log')->withoutMiddleware([VerifyCsrfToken::class, Authenticate::class, CheckIfAdmin::class]);
     }
 
     protected function log($id)