From 2cf915aed813c666fadb43bc8e2376c460ffcaf9 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Sat, 27 Dec 2025 16:37:48 +0100
Subject: [PATCH] fix(user): use $this instead of Auth::user() in User model
 methods
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fix isInstanceAdmin(), currentTeam(), otherTeams(), and role() methods
to operate on the actual User instance instead of always using the
authenticated user. This ensures correct behavior when these methods
are called on non-authenticated user instances (e.g., in ActivityMonitor).

Also fix settings route check to use routeIs() instead of path matching.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 app/Http/Middleware/DecideWhatToDoWithUser.php |  2 +-
 app/Models/User.php                            | 14 +++++++-------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/app/Http/Middleware/DecideWhatToDoWithUser.php b/app/Http/Middleware/DecideWhatToDoWithUser.php
index 64952533f..b62e874cc 100644
--- a/app/Http/Middleware/DecideWhatToDoWithUser.php
+++ b/app/Http/Middleware/DecideWhatToDoWithUser.php
@@ -27,7 +27,7 @@ public function handle(Request $request, Closure $next): Response
             return $next($request);
         }
         // Instance admins can access settings and admin routes regardless of subscription
-        if (isInstanceAdmin() && (Str::startsWith($request->path(), 'settings') || $request->path() === 'admin')) {
+        if (isInstanceAdmin() && ($request->routeIs('settings.*') || $request->routeIs('settings.index') || $request->path() === 'admin')) {
             return $next($request);
         }
         if (! auth()->user()->hasVerifiedEmail()) {
diff --git a/app/Models/User.php b/app/Models/User.php
index bbc4e603c..0b0666c1a 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -295,7 +295,7 @@ public function isAdminFromSession()
 
     public function isInstanceAdmin()
     {
-        $found_root_team = Auth::user()->teams->filter(function ($team) {
+        $found_root_team = $this->teams->filter(function ($team) {
             if ($team->id == 0) {
                 $role = $team->pivot->role;
                 if ($role !== 'admin' && $role !== 'owner') {
@@ -313,9 +313,9 @@ public function isInstanceAdmin()
 
     public function currentTeam()
     {
-        return Cache::remember('team:'.Auth::id(), 3600, function () {
-            if (is_null(data_get(session('currentTeam'), 'id')) && Auth::user()->teams->count() > 0) {
-                return Auth::user()->teams[0];
+        return Cache::remember('team:'.$this->id, 3600, function () {
+            if (is_null(data_get(session('currentTeam'), 'id')) && $this->teams->count() > 0) {
+                return $this->teams[0];
             }
 
             return Team::find(session('currentTeam')->id);
@@ -324,7 +324,7 @@ public function currentTeam()
 
     public function otherTeams()
     {
-        return Auth::user()->teams->filter(function ($team) {
+        return $this->teams->filter(function ($team) {
             return $team->id != currentTeam()->id;
         });
     }
@@ -334,9 +334,9 @@ public function role()
         if (data_get($this, 'pivot')) {
             return $this->pivot->role;
         }
-        $user = Auth::user()->teams->where('id', currentTeam()->id)->first();
+        $team = $this->teams->where('id', currentTeam()->id)->first();
 
-        return data_get($user, 'pivot.role');
+        return data_get($team, 'pivot.role');
     }
 
     /**