refactor: fix BelongsToTenant trait to exempt candidates globally - removes all withoutGlobalScopes() workarounds
This commit is contained in:
jeremy bayse
@@ -48,12 +48,8 @@ class AttemptController extends Controller
|
||||
abort(403);
|
||||
}
|
||||
}
|
||||
public function show(int $quizId)
|
||||
public function show(Quiz $quiz)
|
||||
{
|
||||
// Bypass tenant global scope: candidates have no tenant_id
|
||||
// but should still access their assigned quizzes
|
||||
$quiz = Quiz::withoutGlobalScopes()->findOrFail($quizId);
|
||||
|
||||
$candidate = auth()->user()->candidate;
|
||||
|
||||
if (!$candidate) {
|
||||
@@ -142,21 +138,12 @@ class AttemptController extends Controller
|
||||
|
||||
private function recalculateScore(Attempt $attempt)
|
||||
{
|
||||
// Bypass tenant scope: candidates have no tenant_id
|
||||
$quiz = Quiz::withoutGlobalScopes()
|
||||
->with(['questions.options'])
|
||||
->find($attempt->quiz_id);
|
||||
|
||||
$attempt->load(['answers.option']);
|
||||
$attempt->load(['quiz.questions.options', 'answers.option']);
|
||||
|
||||
$score = 0;
|
||||
$maxScore = 0;
|
||||
|
||||
if (!$quiz) {
|
||||
return;
|
||||
}
|
||||
|
||||
foreach ($quiz->questions as $question) {
|
||||
foreach ($attempt->quiz->questions as $question) {
|
||||
$maxScore += $question->points;
|
||||
$userAnswer = $attempt->answers->where('question_id', $question->id)->first();
|
||||
|
||||
|
||||
@@ -13,8 +13,14 @@ trait BelongsToTenant
|
||||
if (Auth::check()) {
|
||||
$user = Auth::user();
|
||||
|
||||
// Super admins see everything
|
||||
if ($user->role === 'super_admin') {
|
||||
// Super admins see everything
|
||||
return;
|
||||
}
|
||||
|
||||
// Candidates don't have a tenant_id but must access
|
||||
// quizzes/job positions linked to their position
|
||||
if ($user->role === 'candidate') {
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user