update_21.09.23

app/Http/Controllers/FormController.php

@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers;
 
+use App\Enums\User\RoleEnum;
 use App\Form;
 use App\PackageSubscription;
 use App\User;
@@ -143,9 +144,10 @@ class FormController extends Controller
         $request->session()->forget('validated_protected_form');
         $nav = false;
         $iframe_enabled = $request->get('iframe', false);
+        $action_by = auth()->user()->roles->first()->name;
 
         return view('form.show')
-            ->with(compact('form', 'nav', 'is_form_closed', 'form_closed_msg', 'iframe_enabled'));
+            ->with(compact('form', 'nav', 'is_form_closed', 'form_closed_msg', 'iframe_enabled', 'action_by'));
     }
 
     /**
@@ -168,7 +170,7 @@ class FormController extends Controller
 
         //check permission if user is not a creator
         $has_permission = ($form->created_by != $user_id) ? $this->doUserHavePermission($form->id, 'can_design_form') : true;
-        if (! $has_permission) {
+        if (!$form->created_by !== $user_id && !auth()->user()->hasRole([RoleEnum::ADMIN->value, RoleEnum::SUPERVISOR->value])) {
             abort(404);
         }