From 9527147c32baaaf187e6c6c6bcbcd5fdbdc51433 Mon Sep 17 00:00:00 2001
From: Joel Wedemire <jwedemire@vancs.org>
Date: Thu, 9 Apr 2026 21:33:47 -0700
Subject: [PATCH] fix: replace role check with permission check in
 TicketingSettingsController

isSiteAdmin() used the dropped role field. Now checks is_super_admin
or ticketing.settings permission. Closes #2.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
---
 src/Http/Controllers/TicketingSettingsController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Http/Controllers/TicketingSettingsController.php b/src/Http/Controllers/TicketingSettingsController.php
index 3760136..5f50036 100644
--- a/src/Http/Controllers/TicketingSettingsController.php
+++ b/src/Http/Controllers/TicketingSettingsController.php
@@ -29,8 +29,8 @@ class TicketingSettingsController extends Controller
      */
     private function isSiteAdmin(): bool
     {
-        $role = Auth::user()?->role;
-        return in_array($role, ['admin', 'super_admin']);
+        $user = Auth::user();
+        return $user && ($user->is_super_admin || $user->can('ticketing.settings'));
     }
 
     /**