refactor: fix BelongsToTenant trait to exempt candidates globally - removes all withoutGlobalScopes() workarounds
This commit is contained in:
jeremy bayse
@@ -48,12 +48,8 @@ class AttemptController extends Controller
|
|||||||
abort(403);
|
abort(403);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
public function show(int $quizId)
|
public function show(Quiz $quiz)
|
||||||
{
|
{
|
||||||
// Bypass tenant global scope: candidates have no tenant_id
|
|
||||||
// but should still access their assigned quizzes
|
|
||||||
$quiz = Quiz::withoutGlobalScopes()->findOrFail($quizId);
|
|
||||||
|
|
||||||
$candidate = auth()->user()->candidate;
|
$candidate = auth()->user()->candidate;
|
||||||
|
|
||||||
if (!$candidate) {
|
if (!$candidate) {
|
||||||
@@ -142,21 +138,12 @@ class AttemptController extends Controller
|
|||||||
|
|
||||||
private function recalculateScore(Attempt $attempt)
|
private function recalculateScore(Attempt $attempt)
|
||||||
{
|
{
|
||||||
// Bypass tenant scope: candidates have no tenant_id
|
$attempt->load(['quiz.questions.options', 'answers.option']);
|
||||||
$quiz = Quiz::withoutGlobalScopes()
|
|
||||||
->with(['questions.options'])
|
|
||||||
->find($attempt->quiz_id);
|
|
||||||
|
|
||||||
$attempt->load(['answers.option']);
|
|
||||||
|
|
||||||
$score = 0;
|
$score = 0;
|
||||||
$maxScore = 0;
|
$maxScore = 0;
|
||||||
|
|
||||||
if (!$quiz) {
|
foreach ($attempt->quiz->questions as $question) {
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
foreach ($quiz->questions as $question) {
|
|
||||||
$maxScore += $question->points;
|
$maxScore += $question->points;
|
||||||
$userAnswer = $attempt->answers->where('question_id', $question->id)->first();
|
$userAnswer = $attempt->answers->where('question_id', $question->id)->first();
|
||||||
|
|
||||||
|
|||||||
@@ -13,8 +13,14 @@ trait BelongsToTenant
|
|||||||
if (Auth::check()) {
|
if (Auth::check()) {
|
||||||
$user = Auth::user();
|
$user = Auth::user();
|
||||||
|
|
||||||
|
// Super admins see everything
|
||||||
if ($user->role === 'super_admin') {
|
if ($user->role === 'super_admin') {
|
||||||
// Super admins see everything
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Candidates don't have a tenant_id but must access
|
||||||
|
// quizzes/job positions linked to their position
|
||||||
|
if ($user->role === 'candidate') {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -51,18 +51,7 @@ Route::get('/dashboard', function () {
|
|||||||
$candidate = auth()->user()->candidate;
|
$candidate = auth()->user()->candidate;
|
||||||
|
|
||||||
if ($candidate) {
|
if ($candidate) {
|
||||||
// Load without global tenant scope so candidates (who may have no tenant_id)
|
$candidate->load('jobPosition.quizzes');
|
||||||
// can still see the quizzes linked to their job position
|
|
||||||
$candidate->load(['jobPosition' => function($query) {
|
|
||||||
$query->withoutGlobalScopes();
|
|
||||||
}]);
|
|
||||||
|
|
||||||
if ($candidate->jobPosition) {
|
|
||||||
$candidate->jobPosition->setRelation(
|
|
||||||
'quizzes',
|
|
||||||
$candidate->jobPosition->quizzes()->withoutGlobalScopes()->get()
|
|
||||||
);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$quizzes = ($candidate && $candidate->jobPosition)
|
$quizzes = ($candidate && $candidate->jobPosition)
|
||||||
|
|||||||
Reference in New Issue
Block a user