mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-25 13:44:06 -08:00
Fix access control - https://huntr.dev/bounties/19453ef1-4d77-4cff-b7e8-1bc8f3af0862/
This commit is contained in:
parent
86afe6c4b1
commit
918e7c8dae
|
@ -269,6 +269,7 @@ class AssetModelsController extends Controller
|
|||
*/
|
||||
public function getClone($modelId = null)
|
||||
{
|
||||
$this->authorize('view', AssetModel::class);
|
||||
// Check if the model exists
|
||||
if (is_null($model_to_clone = AssetModel::find($modelId))) {
|
||||
return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
|
||||
|
|
Loading…
Reference in a new issue