From: Vincent Vanwaelscappel Date: Wed, 14 Feb 2024 15:06:58 +0000 (+0100) Subject: wip #6727 @0.5 X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=651654c8eca9b2a8bdcf19150a0622161c7a3730;p=fluidbook-toolbox.git wip #6727 @0.5 --- diff --git a/app/Http/Controllers/Admin/Operations/ChangeownerOperation.php b/app/Http/Controllers/Admin/Operations/ChangeownerOperation.php index 6b5889edc..4fc89be47 100644 --- a/app/Http/Controllers/Admin/Operations/ChangeownerOperation.php +++ b/app/Http/Controllers/Admin/Operations/ChangeownerOperation.php @@ -2,7 +2,8 @@ namespace App\Http\Controllers\Admin\Operations; -use Cubist\Backpack\Magic\Controllers\CubistMagicController; +use App\Models\Base\ToolboxModel; +use Cubedesigners\UserDatabase\Models\User; use Illuminate\Support\Facades\Route; use Prologue\Alerts\Facades\Alert; @@ -15,10 +16,14 @@ trait ChangeownerOperation protected function changeOwner($id, $owner) { - /** @var $this CubistMagicController */ + /** @var $this ToolboxModel */ $class = $this->getModelInstance(); - if (!$this->getModelInstance()->canAdmin(backpack_user())) { - abort(401); + + if (!$class::hasPermission($id, 'read')) { + abort(401, __('Vous n\'ête pas autorisé à modifier le propriétaire')); + } + if (null === User::find($owner)) { + abort(401, __('Impossible d\'attribuer la propriété à cet utilisateur')); } $instance = $class::find($id); $instance->setOwner($owner); diff --git a/resources/views/columns/owner.blade.php b/resources/views/columns/owner.blade.php index c51c51585..38cfdb0d4 100644 --- a/resources/views/columns/owner.blade.php +++ b/resources/views/columns/owner.blade.php @@ -61,16 +61,16 @@ getOption('name')}}-{{$column['name']}}="{{$values}}"> {!! $v !!} - @if(backpack_user()->isOwner($entry->owner)) + @if($entry->owner!=backpack_user()->id && backpack_user()->isOwner($entry->owner)) @endif