diff --git a/src/Http/Controllers/CP/Navigation/NavigationController.php b/src/Http/Controllers/CP/Navigation/NavigationController.php index 4df03b6411..d5f8928f22 100644 --- a/src/Http/Controllers/CP/Navigation/NavigationController.php +++ b/src/Http/Controllers/CP/Navigation/NavigationController.php @@ -39,7 +39,7 @@ public function edit($nav) { $nav = Nav::find($nav); - $this->authorize('edit', $nav, __('You are not authorized to configure navs.')); + $this->authorize('configure', $nav, __('You are not authorized to configure navs.')); $values = [ 'title' => $nav->title(), diff --git a/src/Policies/NavPolicy.php b/src/Policies/NavPolicy.php index 8614dc0db4..9b63a6ad26 100644 --- a/src/Policies/NavPolicy.php +++ b/src/Policies/NavPolicy.php @@ -41,6 +41,11 @@ public function store($user) // handled by before() } + public function configure($user) + { + // handled by before() + } + public function view($user, $nav) { $user = User::fromUser($user); diff --git a/tests/Feature/Navigation/EditNavigationTest.php b/tests/Feature/Navigation/EditNavigationTest.php index bbd9db838c..f29e9e4bc3 100644 --- a/tests/Feature/Navigation/EditNavigationTest.php +++ b/tests/Feature/Navigation/EditNavigationTest.php @@ -15,13 +15,13 @@ class EditNavigationTest extends TestCase use PreventSavingStacheItemsToDisk; /** @test */ - public function it_shows_the_edit_form_if_user_has_edit_permission() + public function it_shows_the_edit_form_if_user_has_configure_permission() { $nav = $this->createNav('foo'); Nav::shouldReceive('all')->andReturn(collect([$nav])); Nav::shouldReceive('find')->andReturn($nav); - $this->setTestRoles(['test' => ['access cp', 'edit foo nav']]); + $this->setTestRoles(['test' => ['access cp', 'configure navs']]); $user = Facades\User::make()->assignRole('test')->save(); $response = $this @@ -32,7 +32,7 @@ public function it_shows_the_edit_form_if_user_has_edit_permission() } /** @test */ - public function it_denies_access_if_user_doesnt_have_edit_permission() + public function it_denies_access_if_user_doesnt_have_configure_permission() { $nav = $this->createNav('foo'); Nav::shouldReceive('all')->andReturn(collect([$nav]));