mirror of
https://github.com/snipe/snipe-it.git
synced 2024-09-20 15:57:41 -07:00
Fix logic to use gate instead of asking if superuser
This commit is contained in:
parent
3b5b19848c
commit
d1e360d64d
|
@ -425,17 +425,12 @@ class UsersController extends Controller
|
||||||
|
|
||||||
// Check if we are not trying to delete ourselves
|
// Check if we are not trying to delete ourselves
|
||||||
if ($user->id === Auth::user()->id) {
|
if ($user->id === Auth::user()->id) {
|
||||||
// Prepare the error message
|
|
||||||
$error = trans('admin/users/message.error.delete');
|
|
||||||
|
|
||||||
// Redirect to the user management page
|
// Redirect to the user management page
|
||||||
return redirect()->route('users')->with('error', $error);
|
return redirect()->route('users')->with('error', trans('admin/users/message.error.delete'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// Do we have permission to delete this user?
|
// Do we have permission to delete this user?
|
||||||
if ((!Auth::user()->isSuperUser()) || (config('app.lock_passwords'))) {
|
if ((Gate::denies('users.delete') || (config('app.lock_passwords')))) {
|
||||||
// Redirect to the user management page
|
|
||||||
return redirect()->route('users')->with('error', 'Insufficient permissions!');
|
return redirect()->route('users')->with('error', 'Insufficient permissions!');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -459,18 +454,11 @@ class UsersController extends Controller
|
||||||
|
|
||||||
// Delete the user
|
// Delete the user
|
||||||
$user->delete();
|
$user->delete();
|
||||||
|
|
||||||
// Prepare the success message
|
|
||||||
$success = trans('admin/users/message.success.delete');
|
$success = trans('admin/users/message.success.delete');
|
||||||
|
|
||||||
// Redirect to the user management page
|
|
||||||
return redirect()->route('users')->with('success', $success);
|
return redirect()->route('users')->with('success', $success);
|
||||||
} catch (UserNotFoundException $e) {
|
|
||||||
// Prepare the error message
|
|
||||||
$error = trans('admin/users/message.user_not_found', compact('id'));
|
|
||||||
|
|
||||||
// Redirect to the user management page
|
} catch (UserNotFoundException $e) {
|
||||||
return redirect()->route('users')->with('error', $error);
|
return redirect()->route('users')->with('error', trans('admin/users/message.user_not_found', compact('id')));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -865,7 +853,6 @@ class UsersController extends Controller
|
||||||
'permissions' => '{"user":1}',
|
'permissions' => '{"user":1}',
|
||||||
'notes' => 'Imported user'
|
'notes' => 'Imported user'
|
||||||
);
|
);
|
||||||
//dd($newuser);
|
|
||||||
|
|
||||||
DB::table('users')->insert($newuser);
|
DB::table('users')->insert($newuser);
|
||||||
|
|
||||||
|
@ -1107,7 +1094,6 @@ class UsersController extends Controller
|
||||||
$user = User::find($userId);
|
$user = User::find($userId);
|
||||||
$destinationPath = config('app.private_uploads').'/users';
|
$destinationPath = config('app.private_uploads').'/users';
|
||||||
|
|
||||||
// the license is valid
|
|
||||||
if (isset($user->id)) {
|
if (isset($user->id)) {
|
||||||
|
|
||||||
if (!Company::isCurrentUserHasAccess($user)) {
|
if (!Company::isCurrentUserHasAccess($user)) {
|
||||||
|
|
Loading…
Reference in a new issue