mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-24 05:04:07 -08:00
check if user is allowed to view assets (#4845)
This commit is contained in:
parent
f4e9d245d0
commit
0fb8dc3418
|
@ -286,6 +286,7 @@ class UsersController extends Controller
|
|||
{
|
||||
$this->authorize('view', User::class);
|
||||
$assets = Asset::where('assigned_to', '=', $id)->with('model')->get();
|
||||
if ($assets) $this->authorize('view', $assets[0]);
|
||||
return (new AssetsTransformer)->transformAssets($assets, $assets->count());
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue