Added a check for accessibility permission to the project.
This commit is contained in:
parent
b6e1c50486
commit
78e6a1e396
@ -20,6 +20,13 @@ public function handle(Request $request, \Closure $next): Response
|
|||||||
\abort(Response::HTTP_NOT_FOUND);
|
\abort(Response::HTTP_NOT_FOUND);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (
|
||||||
|
$project->is_public === false
|
||||||
|
&& ( $request->user() === null || $request->user()->cannot('view', $project) )
|
||||||
|
) {
|
||||||
|
\abort(Response::HTTP_FORBIDDEN);
|
||||||
|
}
|
||||||
|
|
||||||
return $next($request);
|
return $next($request);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user