1.6.2 (#63)

* Security issue regarding missingRefreshTokens
Horizon does not interact with queue and therefore implemented delete
and fail did not stop the job to be processed. Only throw does.

Now `isQualified` will ignore potential affiliations from a user with
missing refresh token.

* set missing main_character attribute.

* prevent managed-groups from throwing null object exceptions because
of missing main character

* update dependency requirements

* Version 1.5.1 version bump and changelog update

* correct reference

* Add notifications for seat-notifications package

* Remove the screenshots

* change `hasRole()` to `has()`

CHANGELOG.md

@@ -1,12 +1,12 @@
+# Version 1.6.2
+Refactoring some of the logic regarding permission checks. 
+
 # Version 1.6.1
 This update brings some minor refactoring of some logic `beforeStart()` to better catch superusers and do not strip their roles.
 Also notifications have been added for anyone using [seat-notifications](https://github.com/herpaderpaldent/seat-notifications)
 
 You are going to be notified if a group receives new roles, if a group loses a role or an error happens:
 
-| ![slack](https://i.imgur.com/OLCC3Ph.png) | ![discord](https://i.imgur.com/99zDASY.png) |
-|-------------------------------------------|---------------------------------------------|
-
 # Version 1.6.0
 This version is suited for the latest release of eveseat/web 3.0.10 and higher. SeAT now uses a newer version of datatables and therefore raw columns need to be enabled to show its html content.
 Also the dependency on form generator in edit blade was removed.

src/Http/Controllers/SeatGroupUserController.php

@@ -169,7 +169,7 @@ public function update(Request $request, $id)
 
         //Handle hidden group
         if ($seatgroup->type == 'hidden') {
-            if (auth()->user()->hasRole('seatgroups.create')) {
+            if (auth()->user()->has('seatgroups.create', false)) {
                 $this->validate(request(), [
                     'groups' => 'required|array',
                 ]);

src/Models/SeatGroup.php

@@ -100,7 +100,7 @@ public function isManager(Group $group)
     public function isAllowedToSeeSeatGroup()
     {
 
-        if (auth()->user()->hasSuperUser() || auth()->user()->hasRole('seatgroups.edit') || $this->isManager(auth()->user()->group) || $this->isMember(auth()->user()->group))
+        if (auth()->user()->hasSuperUser() || auth()->user()->has('seatgroups.edit', false) || $this->isManager(auth()->user()->group) || $this->isMember(auth()->user()->group))
             return true;
 
         if($this->type === 'hidden')

src/config/seatgroups.config.php

@@ -6,7 +6,7 @@
  * Time: 10:24.
  */
 return [
-    'version'   => '1.6.1',
+    'version'   => '1.6.2',
 ];
 
 //TODO: Update Version

src/resources/views/about.blade.php

@@ -41,7 +41,7 @@
     </div>
   </div>
 
-  @if(auth()->user()->hasRole('seatgroups.create'))
+  @if(auth()->user()->has('seatgroups.create', false))
     <div class="box box-default">
       <div class="box-header with-border">
         <i class="fa fa-refresh"></i>

src/resources/views/index.blade.php

@@ -13,7 +13,7 @@
       @if($seatgroups->where('type', 'hidden')->count()>0)
         <li><a href="#hidden_group" data-toggle="tab">{{ trans('seatgroups::seat.seat_groups_hiddengroup')}}  <i class="fa fa-info" data-toggle="tooltip" data-title="Only Members of a hidden SeAT Group can see this tab"></i></a></li>
       @endif
-      @includeWhen(auth()->user()->hasRole('seatgroups.create'),'seatgroups::partials.create-modal')
+      @includeWhen(auth()->user()->has('seatgroups.create', false),'seatgroups::partials.create-modal')
     </ul>
     <div class="tab-content">
       <div class="tab-pane " id="auto_group">

src/resources/views/partials/auto-group.blade.php

@@ -3,7 +3,7 @@
     <div class="box-header with-border">
       <h3 class="box-title">{{$seatgroup->name}}</h3>
 
-    @includeWhen(auth()->user()->hasRole('seatgroups.create'),'seatgroups::partials.edit-button')
+    @includeWhen(auth()->user()->has('seatgroups.create', false),'seatgroups::partials.edit-button')
     <!-- /.box-tools -->
     </div>
     <!-- /.box-header -->

src/resources/views/partials/hidden-group.blade.php

@@ -1,7 +1,7 @@
 <div class="col-md-4">
     <div class="box box-danger">
       <div class="box-header with-border">
-        @includeWhen(auth()->user()->hasRole('seatgroups.create'),'seatgroups::partials.edit-button')
+        @includeWhen(auth()->user()->has('seatgroups.create', false),'seatgroups::partials.edit-button')
         <h3 class="box-title"> {{$seatgroup->name}} </h3>
       </div>
       <div class="box-body">

src/resources/views/partials/managed-group.blade.php

@@ -2,13 +2,13 @@
 
   <div class="box box-warning">
     <div class="box-header with-border">
-      @includeWhen(auth()->user()->hasRole('seatgroups.create'),'seatgroups::partials.edit-button')
+      @includeWhen(auth()->user()->has('seatgroups.create', false),'seatgroups::partials.edit-button')
       <h3 class="box-title">{{$seatgroup->name}}</h3>
     </div>
     <div class="box-body">
       @includeWhen($seatgroup->isQualified(auth()->user()->group),'seatgroups::partials.join-button')
       {{$seatgroup->description}} <br>
-      @if($seatgroup->isMember(auth()->user()->group) || auth()->user()->hasRole('seatgroups.create'))
+      @if($seatgroup->isMember(auth()->user()->group) || auth()->user()->has('seatgroups.create', false))
         Members: {{$seatgroup->member->map(function($group) { return optional($group->main_character)->name;})->implode(', ')}}
       @endif
 

src/resources/views/partials/open-group.blade.php

@@ -3,7 +3,7 @@
     <div class="box-header with-border">
       <h3 class="box-title">{{$seatgroup->name}}</h3>
 
-    @includeWhen(auth()->user()->hasRole('seatgroups.create'),'seatgroups::partials.edit-button')
+    @includeWhen(auth()->user()->has('seatgroups.create', false),'seatgroups::partials.edit-button')
     <!-- /.box-tools -->
     </div>
     <!-- /.box-header -->