diff --git a/src/Discussion/DiscussionPolicy.php b/src/Discussion/DiscussionPolicy.php index d59e37637..d2bbd74f1 100644 --- a/src/Discussion/DiscussionPolicy.php +++ b/src/Discussion/DiscussionPolicy.php @@ -92,7 +92,7 @@ class DiscussionPolicy extends AbstractPolicy if (! $actor->hasPermission('discussion.hide')) { $query->where(function ($query) use ($actor) { $query->whereNull('discussions.hidden_at') - ->orWhere('user_id', $actor->id) + ->orWhere('discussions.user_id', $actor->id) ->orWhere(function ($query) use ($actor) { $this->events->fire( new ScopeModelVisibility($query, $actor, 'hide') @@ -105,8 +105,8 @@ class DiscussionPolicy extends AbstractPolicy // current user, or the user is allowed to edit the discussion's posts. if (! $actor->hasPermission('discussion.editPosts')) { $query->where(function ($query) use ($actor) { - $query->where('comment_count', '>', 0) - ->orWhere('user_id', $actor->id) + $query->where('discussions.comment_count', '>', 0) + ->orWhere('discussions.user_id', $actor->id) ->orWhere(function ($query) use ($actor) { $this->events->dispatch( new ScopeModelVisibility($query, $actor, 'editPosts') diff --git a/src/Post/PostPolicy.php b/src/Post/PostPolicy.php index 0370e775c..162343101 100644 --- a/src/Post/PostPolicy.php +++ b/src/Post/PostPolicy.php @@ -82,7 +82,7 @@ class PostPolicy extends AbstractPolicy if (! $actor->hasPermission('discussion.editPosts')) { $query->where(function ($query) use ($actor) { $query->whereNull('posts.hidden_at') - ->orWhere('user_id', $actor->id) + ->orWhere('posts.user_id', $actor->id) ->orWhereExists(function ($query) use ($actor) { $query->selectRaw('1') ->from('discussions')