Hoist the autorization higher in the stack so we’re not doing logic or math when the user isn’t authorized to touch this

Signed-off-by: snipe <snipe@snipe.net>

app/Http/Controllers/Accessories/AccessoriesController.php

@@ -63,6 +63,7 @@ class AccessoriesController extends Controller
     public function store(ImageUploadRequest $request)
     {
         $this->authorize(Accessory::class);
+        
         // create a new model instance
         $accessory = new Accessory();
 
@@ -82,7 +83,6 @@ class AccessoriesController extends Controller
         $accessory->supplier_id             = request('supplier_id');
         $accessory->notes                   = request('notes');
 
-
         $accessory = $request->handleImages($accessory);
 
         // Was the accessory created?
@@ -129,6 +129,8 @@ class AccessoriesController extends Controller
     {
         if ($accessory = Accessory::withCount('users as users_count')->find($accessoryId)) {
 
+            $this->authorize($accessory);
+
             $validator = Validator::make($request->all(), [
                 "qty" => "required|numeric|min:$accessory->users_count"
             ]);
@@ -139,7 +141,7 @@ class AccessoriesController extends Controller
                     ->withInput();
             }
 
-            $this->authorize($accessory);
+
 
             // Update the accessory data
             $accessory->name = request('name');