diff --git a/app/Filament/Server/Pages/Settings.php b/app/Filament/Server/Pages/Settings.php index a917e411a..811aeb151 100644 --- a/app/Filament/Server/Pages/Settings.php +++ b/app/Filament/Server/Pages/Settings.php @@ -64,7 +64,7 @@ class Settings extends ServerFormPage Textarea::make('description') ->label(trans('server/setting.server_info.description')) ->hidden(!config('panel.editable_server_descriptions')) - ->disabled(fn (Server $server) => !user()?->can(Permission::ACTION_SETTINGS_RENAME, $server)) + ->disabled(fn (Server $server) => !user()?->can(Permission::ACTION_SETTINGS_DESCRIPTION, $server)) ->columnSpan([ 'default' => 1, 'sm' => 2, @@ -277,7 +277,7 @@ class Settings extends ServerFormPage public function updateDescription(string $description, Server $server): void { - abort_unless(user()?->can(Permission::ACTION_SETTINGS_RENAME, $server) && config('panel.editable_server_descriptions'), 403); + abort_unless(user()?->can(Permission::ACTION_SETTINGS_DESCRIPTION, $server) && config('panel.editable_server_descriptions'), 403); $original = $server->description; diff --git a/app/Http/Controllers/Api/Client/Servers/ScheduleTaskController.php b/app/Http/Controllers/Api/Client/Servers/ScheduleTaskController.php index c0088c9b3..1a43bba19 100644 --- a/app/Http/Controllers/Api/Client/Servers/ScheduleTaskController.php +++ b/app/Http/Controllers/Api/Client/Servers/ScheduleTaskController.php @@ -170,7 +170,7 @@ class ScheduleTaskController extends ClientApiController throw new NotFoundHttpException(); } - if (!$request->user()->can(Permission::ACTION_SCHEDULE_UPDATE, $server)) { + if (!$request->user()->can(Permission::ACTION_SCHEDULE_DELETE, $server)) { throw new HttpForbiddenException('You do not have permission to perform this action.'); }