fix gitlab tests
This commit is contained in:
@@ -3,9 +3,9 @@
|
||||
namespace App\Http\Controllers\Api\Parents;
|
||||
|
||||
use App\Http\Controllers\Api\Core\BaseApiController;
|
||||
use App\Http\Requests\Parents\ParentAttendanceReportCheckRequest;
|
||||
use App\Http\Requests\Parents\ParentAttendanceReportListRequest;
|
||||
use App\Http\Requests\Parents\ParentAttendanceReportSubmitRequest;
|
||||
use App\Http\Requests\Parents\ParentAttendanceReportListRequest;
|
||||
use App\Http\Requests\Parents\ParentAttendanceReportCheckRequest;
|
||||
use App\Http\Requests\Parents\ParentAttendanceReportUpdateRequest;
|
||||
use App\Http\Resources\Parents\ParentAttendanceReportResource;
|
||||
use App\Services\Parents\ParentAttendanceReportService;
|
||||
@@ -116,6 +116,9 @@ class ParentAttendanceReportController extends BaseApiController
|
||||
return response()->json(['ok' => true]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return int|JsonResponse
|
||||
*/
|
||||
private function parentIdOrUnauthorized(): int|JsonResponse
|
||||
{
|
||||
$parentId = (int) (auth()->id() ?? 0);
|
||||
|
||||
@@ -4,18 +4,18 @@ namespace App\Http\Controllers\Api\Parents;
|
||||
|
||||
use App\Http\Controllers\Api\Core\BaseApiController;
|
||||
use App\Http\Requests\Parents\ParentAttendanceRequest;
|
||||
use App\Http\Requests\Parents\ParentEmergencyContactRequest;
|
||||
use App\Http\Requests\Parents\ParentEnrollmentActionRequest;
|
||||
use App\Http\Requests\Parents\ParentEnrollmentRequest;
|
||||
use App\Http\Requests\Parents\ParentEmergencyContactRequest;
|
||||
use App\Http\Requests\Parents\ParentEventParticipationRequest;
|
||||
use App\Http\Requests\Parents\ParentInvoiceRequest;
|
||||
use App\Http\Requests\Parents\ParentProfileUpdateRequest;
|
||||
use App\Http\Requests\Parents\ParentRegistrationRequest;
|
||||
use App\Http\Requests\Parents\ParentStudentUpdateRequest;
|
||||
use App\Http\Resources\Invoices\InvoiceResource;
|
||||
use App\Http\Resources\Parents\ParentAttendanceResource;
|
||||
use App\Http\Resources\Parents\ParentEmergencyContactResource;
|
||||
use App\Http\Resources\Parents\ParentStudentResource;
|
||||
use App\Http\Resources\Invoices\InvoiceResource;
|
||||
use App\Services\Parents\ParentAttendanceService;
|
||||
use App\Services\Parents\ParentEmergencyContactService;
|
||||
use App\Services\Parents\ParentEnrollmentService;
|
||||
|
||||
@@ -140,21 +140,20 @@ class ParentPromotionController extends BaseApiController
|
||||
private function loadOwnedRecord(int $promotionId, int $parentId): StudentPromotionRecord|JsonResponse
|
||||
{
|
||||
$record = StudentPromotionRecord::query()->find($promotionId);
|
||||
if (! $record) {
|
||||
if (!$record) {
|
||||
return response()->json(['ok' => false, 'message' => 'Promotion record not found.'], Response::HTTP_NOT_FOUND);
|
||||
}
|
||||
|
||||
$owns = (int) $record->parent_id === $parentId;
|
||||
if (! $owns) {
|
||||
if (!$owns) {
|
||||
$studentParentId = (int) (Student::query()
|
||||
->where('id', $record->student_id)
|
||||
->value('parent_id') ?? 0);
|
||||
$owns = $studentParentId === $parentId;
|
||||
}
|
||||
if (! $owns) {
|
||||
if (!$owns) {
|
||||
return response()->json(['ok' => false, 'message' => 'You are not authorised to view this promotion record.'], Response::HTTP_FORBIDDEN);
|
||||
}
|
||||
|
||||
return $record;
|
||||
}
|
||||
|
||||
@@ -169,7 +168,6 @@ class ParentPromotionController extends BaseApiController
|
||||
if ($parentId <= 0) {
|
||||
return response()->json(['ok' => false, 'message' => 'Unauthorized.'], Response::HTTP_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
return $parentId;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user