From c405f875f25bafe40033b0b3202ce9a47b5fa32e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=EA=B9=80=EB=B3=B4=EA=B3=A4?=
 <lightone2017@codebridge-x.com>
Date: Sat, 14 Mar 2026 16:16:21 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20[demo]=20findAndAuthorize=20=EA=B6=8C?=
 =?UTF-8?q?=ED=95=9C=20=EB=A1=9C=EC=A7=81=EC=9D=84=20index()=EC=99=80=20?=
 =?UTF-8?q?=EC=9D=BC=EC=B9=98=EC=8B=9C=ED=82=B4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 파트너 없는 HQ 멤버(본사 직원)도 데모 상세 조회 허용
- 파트너인 경우에만 소유권 체크
---
 app/Http/Controllers/Sales/DemoTenantController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Sales/DemoTenantController.php b/app/Http/Controllers/Sales/DemoTenantController.php
index a7c5a8df..1922909e 100644
--- a/app/Http/Controllers/Sales/DemoTenantController.php
+++ b/app/Http/Controllers/Sales/DemoTenantController.php
@@ -280,7 +280,7 @@ private function findAndAuthorize(int $id): Tenant
         $isAdmin = auth()->user()->isHqAdmin ?? false;
         if (! $isAdmin) {
             $partner = SalesPartner::where('user_id', auth()->id())->first();
-            if (! $partner || $tenant->demo_source_partner_id !== $partner->id) {
+            if ($partner && $tenant->demo_source_partner_id !== $partner->id) {
                 abort(403, '권한이 없습니다.');
             }
         }