From 55a12291d57fb6e7f3eb4cfa0dc97cbc52eada3d Mon Sep 17 00:00:00 2001
From: Nurmuhammet Allanov <nurmuhammet@mail.com>
Date: Wed, 6 Nov 2024 14:50:30 +0500
Subject: [PATCH] protect apis

---
 app/Modules/LoanOrder/Controllers/LoanOrderController.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/app/Modules/LoanOrder/Controllers/LoanOrderController.php b/app/Modules/LoanOrder/Controllers/LoanOrderController.php
index a8903c8..6a8787d 100644
--- a/app/Modules/LoanOrder/Controllers/LoanOrderController.php
+++ b/app/Modules/LoanOrder/Controllers/LoanOrderController.php
@@ -83,6 +83,10 @@ class LoanOrderController extends Controller
      */
     public function show(LoanOrder $loanOrder)
     {
+        if ($loanOrder->user_id === auth()->id()) {
+            return response()->status(403);
+        }
+
         return response()->json(new LoanOrderShowResource($loanOrder));
     }
 
@@ -99,6 +103,10 @@ class LoanOrderController extends Controller
      */
     public function destroy(LoanOrder $loanOrder): void
     {
+        if ($loanOrder->user_id === auth()->id()) {
+            return response()->status(403);
+        }
+
         $loanOrder->delete();
     }
 }