From 862b905981177170a4ea786f4f13f993b3dd16f3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=BCneyt=20=C5=9Eent=C3=BCrk?= <cneytsenturk@gmail.com>
Date: Tue, 6 Sep 2022 13:42:04 +0300
Subject: [PATCH] Fixed setting api permission

---
 app/Http/Controllers/Api/Settings/Settings.php | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/Api/Settings/Settings.php b/app/Http/Controllers/Api/Settings/Settings.php
index 5ef7af136..29210cb3c 100644
--- a/app/Http/Controllers/Api/Settings/Settings.php
+++ b/app/Http/Controllers/Api/Settings/Settings.php
@@ -6,6 +6,8 @@ use App\Abstracts\Http\ApiController;
 use App\Http\Requests\Setting\Setting as Request;
 use App\Http\Resources\Setting\Setting as Resource;
 use App\Models\Setting\Setting;
+use Laratrust\Middleware\LaratrustMiddleware;
+
 
 class Settings extends ApiController
 {
@@ -15,9 +17,10 @@ class Settings extends ApiController
     public function __construct()
     {
         // Add CRUD permission check
-        $this->middleware('permission:create-settings-settings')->only('create', 'store', 'duplicate', 'import');
-        $this->middleware('permission:read-settings-settings')->only('index', 'show', 'edit', 'export');
-        $this->middleware('permission:update-settings-settings')->only('update', 'enable', 'disable', 'destroy');
+        // We've added base 3 permission then get all setting thsi permissions
+        $this->middleware('permission:create-settings-company|create-settings-defaults|create-settings-localisation')->only('create', 'store', 'duplicate', 'import');
+        $this->middleware('permission:read-settings-company|read-settings-defaults|read-settings-localisation')->only('index', 'show', 'edit', 'export');
+        $this->middleware('permission:update-settings-company|update-settings-defaults|update-settings-localisation')->only('update', 'enable', 'disable', 'destroy');
     }
 
     /**