From 4cd79ca7fb396e56090f951fdac9d4aa5286bf8b Mon Sep 17 00:00:00 2001
From: Tony Murray <murraytony@gmail.com>
Date: Wed, 8 Jul 2020 18:04:48 -0500
Subject: [PATCH] Fix settings access (#11915)

normal users could access
---
 routes/web.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routes/web.php b/routes/web.php
index 7985cbe7e3..6b8fc2e01c 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -43,7 +43,7 @@ Route::group(['middleware' => ['auth'], 'guard' => 'auth'], function () {
     });
 
     // admin pages
-    Route::group(['guard' => 'admin'], function () {
+    Route::group(['middleware' => ['can:admin']], function () {
         Route::get('settings/{tab?}/{section?}', 'SettingsController@index')->name('settings');
         Route::put('settings/{name}', 'SettingsController@update')->name('settings.update');
         Route::delete('settings/{name}', 'SettingsController@destroy')->name('settings.destroy');