From 7dfda9ffb67a0b39158a963cee5651fc4764a8d8 Mon Sep 17 00:00:00 2001
From: Daeng Deni Mardaeni <ddeni05@gmail.com>
Date: Tue, 24 Dec 2024 11:51:48 +0700
Subject: [PATCH] Update role-based query conditions in controllers

- Menambahkan pengecekan peran 'administrator' sebelum menerapkan filter pada relasi `penilaian.userPenilai`.
- Memastikan hanya pengguna non-administrator yang dibatasi berdasarkan `user_id` dan `role`.
---
 app/Http/Controllers/PenilaiController.php  | 11 +++++++----
 app/Http/Controllers/SurveyorController.php | 10 ++++++----
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/app/Http/Controllers/PenilaiController.php b/app/Http/Controllers/PenilaiController.php
index ece6ab7..01c1bbd 100644
--- a/app/Http/Controllers/PenilaiController.php
+++ b/app/Http/Controllers/PenilaiController.php
@@ -242,10 +242,13 @@ class PenilaiController extends Controller
         }
 
 
-        $query->whereHas('penilaian.userPenilai', function ($q) {
-            $q->where('role', 'penilai')
-              ->where('user_id', Auth::user()->id);
-        });
+        if(!Auth::user()->hasRole('administrator')) {
+            $query->whereHas('penilaian.userPenilai', function ($q) {
+                $q
+                    ->where('role', 'penilai')
+                    ->where('user_id', Auth::user()->id);
+            });
+        }
 
         // Apply sorting if provided
         if ($request->has('sortOrder') && !empty($request->get('sortOrder'))) {
diff --git a/app/Http/Controllers/SurveyorController.php b/app/Http/Controllers/SurveyorController.php
index cdf6f97..d74c0a7 100644
--- a/app/Http/Controllers/SurveyorController.php
+++ b/app/Http/Controllers/SurveyorController.php
@@ -1412,10 +1412,12 @@ class SurveyorController extends Controller
 
         $query->whereRaw('LOWER(status) = ?', ['assign']);
 
-        $query->whereHas('penilaian.userPenilai', function ($q) {
-            $q->where('user_id', Auth::user()->id);
-            $q->where('role', 'surveyor');
-        });
+        if(!Auth::user()->hasRole('administrator')) {
+            $query->whereHas('penilaian.userPenilai', function ($q) {
+                $q->where('user_id', Auth::user()->id);
+                $q->where('role', 'surveyor');
+            });
+        }
 
 
         if ($request->has('sortOrder') && !empty($request->get('sortOrder'))) {