From 7e1dbec1101b2a4551a6f600a24f6b123f311051 Mon Sep 17 00:00:00 2001 From: Aaron Parecki Date: Wed, 23 Sep 2015 11:25:11 -0700 Subject: [PATCH] fix permission check for viewing map --- compass/app/Http/Controllers/Controller.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/compass/app/Http/Controllers/Controller.php b/compass/app/Http/Controllers/Controller.php index ac8c9f9..226090b 100644 --- a/compass/app/Http/Controllers/Controller.php +++ b/compass/app/Http/Controllers/Controller.php @@ -78,7 +78,10 @@ class Controller extends BaseController // Verify this user has access to the database $db = DB::table('databases') - ->where('created_by','=',session('user_id')) + ->join('database_users', function($join){ + $join->on('databases.id','=','database_users.database_id'); + }) + ->where('user_id','=',session('user_id')) ->where('name','=',$name) ->first(); if(!$db)