restore: bring back f8a1310 (security review) state
Restores all files to thef8a1310security-review snapshot as requested, plus the 2 boot-critical fixes froma24c8a2(config/session.php env() instead of app()->environment(), and removal of the duplicate $activeTab in ProjectMap.php) so the application actually boots. Forward commit, no history rewrite. The7d854ffstate remains in history. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -4,6 +4,7 @@ namespace App\Livewire;
|
||||
|
||||
use Livewire\Component;
|
||||
use App\Models\Phase;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
class PhaseProgress extends Component
|
||||
{
|
||||
@@ -13,12 +14,21 @@ class PhaseProgress extends Component
|
||||
|
||||
public function mount(Phase $phase)
|
||||
{
|
||||
$user = Auth::user();
|
||||
if (!$user->hasRole('Admin') && !$phase->project->users()->where('user_id', $user->id)->exists()) {
|
||||
abort(403);
|
||||
}
|
||||
$this->phase = $phase->load('progressUpdates');
|
||||
$this->progress = $phase->progress_percent;
|
||||
}
|
||||
|
||||
public function updateProgressManual()
|
||||
{
|
||||
$user = Auth::user();
|
||||
if (!$user->can('update progress') && !$user->hasRole('Admin')) {
|
||||
session()->flash('error', 'Sin permisos para actualizar el progreso.');
|
||||
return;
|
||||
}
|
||||
$this->validate(['progress' => 'required|integer|min:0|max:100']);
|
||||
$this->phase->progress_percent = $this->progress;
|
||||
$this->phase->save();
|
||||
|
||||
Reference in New Issue
Block a user