From 20b26effdb6dbd08c9a1eed2eaccffd3042168f4 Mon Sep 17 00:00:00 2001 From: snipe Date: Fri, 19 Oct 2018 16:46:46 -0700 Subject: [PATCH] Fixed #6349 - add view permission for print all assigned --- app/Http/Controllers/Users/UsersController.php | 1 + resources/views/users/view.blade.php | 8 +++++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/app/Http/Controllers/Users/UsersController.php b/app/Http/Controllers/Users/UsersController.php index 89a92f4ac7..f89f831e3b 100755 --- a/app/Http/Controllers/Users/UsersController.php +++ b/app/Http/Controllers/Users/UsersController.php @@ -613,6 +613,7 @@ class UsersController extends Controller */ public function printInventory($id) { + $this->authorize('view', User::class); $show_user = User::where('id', $id)->withTrashed()->first(); $assets = Asset::where('assigned_to', $id)->where('assigned_type', User::class)->with('model', 'model.category')->get(); $accessories = $show_user->accessories()->get(); diff --git a/resources/views/users/view.blade.php b/resources/views/users/view.blade.php index 09a572c055..37c4580476 100755 --- a/resources/views/users/view.blade.php +++ b/resources/views/users/view.blade.php @@ -233,12 +233,19 @@
{{ trans('admin/users/general.edit') }}
+ @endcan + + @can('create', $user)
{{ trans('admin/users/general.clone') }}
+ @endcan + + @can('view', $user)
{{ trans('admin/users/general.print_assigned') }}
+ @endcan @can('delete', $user) @if ($user->deleted_at=='') @@ -263,7 +270,6 @@ @endif @endcan - @endcan