From 38c2caa657509797d006c56892a26229f0863407 Mon Sep 17 00:00:00 2001
From: Eugenia Poidenko <eugenia.poidenko@spryker.com>
Date: Thu, 27 Feb 2025 12:46:37 +0200
Subject: [PATCH] CC-34931 Fixed inverted permissions check on company user
 enable/disable actions. (#2572)

CC-34931 Fixed inverted permissions check on company user status change.
---
 .../CompanyPage/Controller/CompanyUserStatusController.php    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/SprykerShop/Yves/CompanyPage/Controller/CompanyUserStatusController.php b/src/SprykerShop/Yves/CompanyPage/Controller/CompanyUserStatusController.php
index fdb2131..a9e72a4 100644
--- a/src/SprykerShop/Yves/CompanyPage/Controller/CompanyUserStatusController.php
+++ b/src/SprykerShop/Yves/CompanyPage/Controller/CompanyUserStatusController.php
@@ -74,7 +74,7 @@ class CompanyUserStatusController extends AbstractCompanyController
      */
     public function enableAction(Request $request): RedirectResponse
     {
-        if ($this->can(static::PERMISSION_COMPANY_USER_STATUS_CHANGE)) {
+        if (!$this->can(static::PERMISSION_COMPANY_USER_STATUS_CHANGE)) {
             throw new AccessDeniedHttpException();
         }
 
@@ -107,7 +107,7 @@ public function enableAction(Request $request): RedirectResponse
      */
     public function disableAction(Request $request): RedirectResponse
     {
-        if ($this->can(static::PERMISSION_COMPANY_USER_STATUS_CHANGE)) {
+        if (!$this->can(static::PERMISSION_COMPANY_USER_STATUS_CHANGE)) {
             throw new AccessDeniedHttpException();
         }