From 4a54586690b2ef6340d780e4fdb6cdb7b5b5189f Mon Sep 17 00:00:00 2001
From: Brady Wetherington <bwetherington@grokability.com>
Date: Thu, 26 Jan 2023 11:56:06 -0800
Subject: [PATCH] Add to Accessories#index an additional gate-check against
 reports.view

---
 app/Http/Controllers/Api/AccessoriesController.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Api/AccessoriesController.php b/app/Http/Controllers/Api/AccessoriesController.php
index a894dc3760..f822509680 100644
--- a/app/Http/Controllers/Api/AccessoriesController.php
+++ b/app/Http/Controllers/Api/AccessoriesController.php
@@ -26,7 +26,10 @@ class AccessoriesController extends Controller
      */
     public function index(Request $request)
     {
-        $this->authorize('view', Accessory::class);
+        if ($request->user()->cannot('reports.view')) {
+            $this->authorize('view', Accessory::class);
+        }
+
 
         // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
         // Relations will be handled in query scopes a little further down.