From 4210c836d379703cf13ee6d29ba7f4fa7914accf Mon Sep 17 00:00:00 2001
From: sanja <52755494+sanjacornelius@users.noreply.github.com>
Date: Tue, 31 Mar 2026 09:52:17 -0700
Subject: [PATCH] Restrict retention policy UI to admins

Update process edit view to only display the case retention policy card when the feature is enabled and the current user is an administrator. The Blade conditional in resources/views/processes/edit.blade.php now requires both config('app.case_retention_policy_enabled') and auth()->user()->is_administrator to prevent non-admins from seeing the retention settings.
---
 resources/views/processes/edit.blade.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/views/processes/edit.blade.php b/resources/views/processes/edit.blade.php
index efe5ffb8ec..41ff4adddf 100644
--- a/resources/views/processes/edit.blade.php
+++ b/resources/views/processes/edit.blade.php
@@ -347,7 +347,7 @@ class="invalid-feedback"
                                 </div>
                             </div>
 
-                            @if(config('app.case_retention_policy_enabled'))
+                            @if(config('app.case_retention_policy_enabled') && auth()->user()->is_administrator)
                             <div class="card card-custom-info">
                               <div class="card-header"
                                    id="headingCasesRetention">