Update Student model to include year-based authentication checks

app/Models/Scopes/StudentScope.php

@@ -3,6 +3,7 @@
 namespace App\Models\Scopes;
 
 use App\Models\Student;
+use App\Models\Year;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Scope;
@@ -27,7 +28,7 @@ public function apply(Builder $builder, Model $model, ?Student $student = null):
                 return;
             } elseif (Auth::guard('web')->check()) {
                 if (auth()->user()->isSuperAdministrator() || auth()->user()->isAdministrator() || auth()->user()->isDirection()) {
-                    // $builder->where('level', '=', 'thirdYear');
+                    $builder->where('year_id', '=', Year::current()->id);
 
                     return;
                 } elseif (auth()->user()->isProgramCoordinator()) {
@@ -37,15 +38,17 @@ public function apply(Builder $builder, Model $model, ?Student $student = null):
                 } elseif (auth()->user()->isDepartmentHead()) {
                     $builder
                         ->whereHas('active_internship_agreement', function ($q) {
-                            $q->where('assigned_department', '=', auth()->user()->department);
+                            $q->where('assigned_department', '=', auth()->user()->department)
+                                ->where('year_id', '=', Year::current()->id);
                         });
 
                     return;
                 } elseif (auth()->user()->isProfessor()) {
                     $builder
                         ->whereHas('projects', function ($q) {
                             $q->whereHas('professors', function ($q) {
-                                $q->where('professor_id', '=', auth()->user()->id);
+                                $q->where('professor_id', '=', auth()->user()->id)
+                                    ->where('year_id', '=', Year::current()->id);
                             });
                         });
                 }

app/Models/Student.php

@@ -52,10 +52,28 @@ public function canBeImpersonated()
         return true;
     }
 
-    protected static function booted(): void
+    public static function boot()
     {
+        parent::boot();
         static::addGlobalScope(new Scopes\StudentScope());
 
+        // static::addGlobalScope(function ($query) {
+        //     if (auth()->check()) {
+        //         if (Auth::gate('students')) {
+        //             $query->where('year_id', Year::current()->id)
+        //                 ->where('is_active', true)
+        //                 ->where('id', Auth::user()->id);
+        //         } elseif (Auth::gate('web')) {
+        //             $query->where('year_id', Year::current()->id)
+        //                 ->where('is_active', true);
+        //         }
+        //     }
+
+        // });
+    }
+
+    protected static function booted(): void
+    {
         static::creating(function (Student $student) {
             $student->year_id = Year::current()->id;
             $student->name = $student->full_name;
@@ -146,24 +164,6 @@ protected function afterCreate(): void
         'password' => 'hashed',
     ];
 
-    public static function boot()
-    {
-        parent::boot();
-        static::addGlobalScope(function ($query) {
-            if (auth()->check()) {
-                if (Auth::gate('students')) {
-                    $query->where('year_id', Year::current()->id)
-                        ->where('is_active', true)
-                        ->where('id', Auth::user()->id);
-                } elseif (Auth::gate('web')) {
-                    $query->where('year_id', Year::current()->id)
-                        ->where('is_active', true);
-                }
-            }
-
-        });
-    }
-
     public function routeNotificationForMail(): array | string
     {
         // Return email address only...