bypass password for admin

app/Http/Controllers/MediaController.php

@@ -6,6 +6,7 @@ use App\Helpers;
 use App\Models\Media;
 use Illuminate\Http\Request;
 use Illuminate\Http\UploadedFile;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
 
@@ -417,7 +418,7 @@ class MediaController extends Controller
             abort(404, 'File not found');
         }
 
-        if($media->password !== null) {
+        if($media->password !== null && !Auth::user()?->isAdmin()) {
             if(!$request->has('password')) {
                 return view('media-password');
             } else {

app/Models/Media.php

@@ -6,6 +6,7 @@ use App\Helpers;
 use App\Jobs\Media\GenerateVariants;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use function PHPUnit\Framework\stringStartsWith;
 
@@ -149,7 +150,7 @@ class Media extends Model
      */
     public function getThumbnailAttribute(): string
     {
-        if($this->password === null) {
+        if($this->password === null || Auth::user()?->isAdmin()) {
             if ($this->hasVariant('thumbnail')) {
                 $url = $this->url('thumbnail', true);
                 if ($url !== '') {

app/Models/User.php

@@ -192,4 +192,9 @@ class User extends Authenticatable implements MustVerifyEmail
     {
         return $this->emailUpdate()->exists();
     }
+
+    public function isAdmin(): bool
+    {
+        return $this->admin === 1;
+    }
 }