@@ -3,10 +3,7 @@ import User from '#models/user'
33import { AuditService } from '#services/audit_service'
44
55export default class UsersController {
6- async index ( { auth, response } : HttpContext ) {
7- if ( ! auth . user ! . isAdmin ) {
8- return response . forbidden ( { message : 'You do not have permission to perform this action' } )
9- }
6+ async index ( { response } : HttpContext ) {
107 const users = await User . query ( ) . preload ( 'roles' )
118 return response . ok (
129 users . map ( user => ( {
@@ -19,10 +16,6 @@ export default class UsersController {
1916 async update ( { params, request, response, auth } : HttpContext ) {
2017 const user = await User . findOrFail ( params . id )
2118 const { fullName, email, roleIds, isActive } = request . all ( )
22- const currentUser = auth . user !
23- if ( ! currentUser . isAdmin ) {
24- return response . forbidden ( { message : 'You do not have permission to perform this action' } )
25- }
2619
2720 const previousData = user . toJSON ( )
2821
@@ -55,10 +48,6 @@ export default class UsersController {
5548
5649 async destroy ( { params, response, request, auth } : HttpContext ) {
5750 const user = await User . query ( ) . where ( 'id' , params . id ) . preload ( 'roles' ) . firstOrFail ( )
58- const currentUser = auth . user !
59- if ( ! currentUser . isAdmin ) {
60- return response . forbidden ( { message : 'You do not have permission to perform this action' } )
61- }
6251
6352 // Check if the user being deleted is an admin
6453 const isAdmin = user . roles . some ( role => role . slug === 'admin' )
0 commit comments