From aa4501637ea443d3cdc8a714c116ad1c5cf5dfc6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Denis=20Duli=C3=A7i?= <denisdulici@gmail.com>
Date: Mon, 5 Oct 2020 11:11:59 +0300
Subject: [PATCH 1/2] allow user to update profile

---
 app/Http/Controllers/Auth/Users.php |  2 +-
 app/Http/Requests/Auth/User.php     | 17 +++++++++++------
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/app/Http/Controllers/Auth/Users.php b/app/Http/Controllers/Auth/Users.php
index 1d4459182..1bb8f6067 100644
--- a/app/Http/Controllers/Auth/Users.php
+++ b/app/Http/Controllers/Auth/Users.php
@@ -145,7 +145,7 @@ class Users extends Controller
         $response = $this->ajaxDispatch(new UpdateUser($user, $request));
 
         if ($response['success']) {
-            $response['redirect'] = route('users.index');
+            $response['redirect'] = $user->can('read-auth-users') ? route('users.index') : route('users.edit', $user->id);
 
             $message = trans('messages.success.updated', ['type' => $user->name]);
 
diff --git a/app/Http/Requests/Auth/User.php b/app/Http/Requests/Auth/User.php
index 83a6303df..189aace21 100644
--- a/app/Http/Requests/Auth/User.php
+++ b/app/Http/Requests/Auth/User.php
@@ -29,21 +29,26 @@ class User extends FormRequest
             $picture = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024;
         }
 
-        // Check if store or update
         if ($this->getMethod() == 'PATCH') {
+            // Updating user
             $id = is_numeric($this->user) ? $this->user : $this->user->getAttribute('id');
-            $required = '';
+            $password = '';
+            $companies = $this->user->can('read-common-companies') ? 'required' : '';
+            $roles = $this->user->can('read-auth-roles') ? 'required' : '';
         } else {
+            // Creating user
             $id = null;
-            $required = 'required|';
+            $password = 'required|';
+            $companies = 'required';
+            $roles = 'required';
         }
 
         return [
             'name' => 'required|string',
             'email' => 'required|email|unique:users,email,' . $id . ',id,deleted_at,NULL',
-            'password' => $required . 'confirmed',
-            'companies' => 'required',
-            'roles' => 'required',
+            'password' => $password . 'confirmed',
+            'companies' => $companies,
+            'roles' => $roles,
             'picture' => $picture,
         ];
     }

From 3a706ceb5511ab3e299c59472b11865164e2ebf0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Denis=20Duli=C3=A7i?= <denisdulici@gmail.com>
Date: Mon, 5 Oct 2020 11:31:18 +0300
Subject: [PATCH 2/2] fixed redirect

---
 app/Http/Controllers/Auth/Users.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Auth/Users.php b/app/Http/Controllers/Auth/Users.php
index 1bb8f6067..c43aac6e7 100644
--- a/app/Http/Controllers/Auth/Users.php
+++ b/app/Http/Controllers/Auth/Users.php
@@ -145,7 +145,7 @@ class Users extends Controller
         $response = $this->ajaxDispatch(new UpdateUser($user, $request));
 
         if ($response['success']) {
-            $response['redirect'] = $user->can('read-auth-users') ? route('users.index') : route('users.edit', $user->id);
+            $response['redirect'] = user()->can('read-auth-users') ? route('users.index') : route('users.edit', $user->id);
 
             $message = trans('messages.success.updated', ['type' => $user->name]);