soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Enforce tenant member permissions
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (push) Has been cancelled
Details
tests / ui (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Codex Agent
2026-01-16 13:33:36 +01:00
parent df60be826d
commit 7aa0a4c847
22 changed files with 592 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/Http/Resources/Tenant/EventResource.php
View File

@@ -3,6 +3,7 @@
namespace App\Http\Resources\Tenant;
use App\Services\Packages\PackageLimitEvaluator;
use App\Support\TenantMemberPermissions;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
use Illuminate\Http\Resources\MissingValue;
@@ -18,6 +19,12 @@ class EventResource extends JsonResource
$showSensitive = $this->tenant_id === $tenantId;
$settings = is_array($this->settings) ? $this->settings : [];
$eventPackage = null;
$memberPermissions = null;
$user = $request->user();
if ($user && $user->role === 'member') {
$memberPermissions = TenantMemberPermissions::resolveEventPermissions($request, $this->resource);
}
if ($this->relationLoaded('eventPackages')) {
$related = $this->getRelation('eventPackages');
@@ -86,6 +93,7 @@ class EventResource extends JsonResource
? $limitEvaluator->summarizeEventPackage($eventPackage)
: null,
'addons' => $eventPackage ? $this->formatAddons($eventPackage) : [],
'member_permissions' => $memberPermissions,
];
}