From 9dd509f60f6c3ab3a7b0aad165a43d75c93424e2 Mon Sep 17 00:00:00 2001
From: itinerare <adestus@gmail.com>
Date: Fri, 16 Oct 2020 21:43:19 -0400
Subject: [PATCH 1/2] Fix invisible characters being visible to logged-out and
 non-permissioned users.

---
 app/Http/Controllers/BrowseController.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/Http/Controllers/BrowseController.php b/app/Http/Controllers/BrowseController.php
index e57ca0d1ed..c7f752c9da 100644
--- a/app/Http/Controllers/BrowseController.php
+++ b/app/Http/Controllers/BrowseController.php
@@ -214,6 +214,8 @@ public function getCharacters(Request $request)
                 $query->orderBy('characters.number', 'DESC');
         }
 
+        if(!Auth::check() || !Auth::user()->hasPower('manage_characters')) $query->visible();
+
         return view('browse.masterlist', [  
             'isMyo' => false,
             'characters' => $query->paginate(24)->appends($request->query()),
@@ -307,6 +309,8 @@ public function getMyos(Request $request)
                 break;
         }
 
+        if(!Auth::check() || !Auth::user()->hasPower('manage_characters')) $query->visible();
+
         return view('browse.myo_masterlist', [  
             'isMyo' => true,
             'slots' => $query->paginate(30)->appends($request->query()),

From 756a6b9d0b3925eb6ce8be68c31de0bcfd77145a Mon Sep 17 00:00:00 2001
From: itinerare <adestus@gmail.com>
Date: Sun, 25 Oct 2020 15:52:17 -0400
Subject: [PATCH 2/2] Fix error on trying to view a purchase log relating to a
 deleted shop

---
 resources/views/shops/_purchase_history_row.blade.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/views/shops/_purchase_history_row.blade.php b/resources/views/shops/_purchase_history_row.blade.php
index 37cb7b39d1..23c7819ca6 100644
--- a/resources/views/shops/_purchase_history_row.blade.php
+++ b/resources/views/shops/_purchase_history_row.blade.php
@@ -1,6 +1,6 @@
 <tr class="outflow">
     <td>{!! $log->item ? $log->item->displayName : '(Deleted Item)' !!}</td>
-    <td>{!! $log->shop->displayName !!}</td>
+    <td>{!! $log->shop ? $log->shop->displayName : '(Deleted Shop)' !!}</td>
     <td>{!! $log->character_id ? $log->character->displayName : '' !!}</td>
     <td>{!! $log->currency ? $log->currency->display($log->cost) : $log->cost . ' (Deleted Currency)' !!}</td>
     <td>{!! format_date($log->created_at) !!}</td>