mirror of
https://github.com/Bubka/2FAuth.git
synced 2025-06-22 04:51:33 +02:00
Allow viewing of the All group, with matching twofaccount count
This commit is contained in:
parent
166b39beea
commit
98033bcc56
@ -60,10 +60,18 @@ class GroupController extends Controller
|
||||
*
|
||||
* @return \App\Api\v1\Resources\GroupResource
|
||||
*/
|
||||
public function show(Group $group)
|
||||
public function show(Request $request, Group $group)
|
||||
{
|
||||
$this->authorize('view', $group);
|
||||
|
||||
// group with id==0 is the 'All' virtual group.
|
||||
// Eloquent specifically returns a non-persisted Group instance
|
||||
// with just the name property. The twofaccounts_count has to be
|
||||
// set here.
|
||||
if ($group->id === 0) {
|
||||
$group->twofaccounts_count = $request->user()->twofaccounts->count();
|
||||
}
|
||||
|
||||
return new GroupResource($group);
|
||||
}
|
||||
|
||||
@ -108,11 +116,21 @@ class GroupController extends Controller
|
||||
*
|
||||
* @return \App\Api\v1\Resources\TwoFAccountCollection
|
||||
*/
|
||||
public function accounts(Group $group)
|
||||
public function accounts(Request $request, Group $group)
|
||||
{
|
||||
$this->authorize('view', $group);
|
||||
|
||||
return new TwoFAccountCollection($group->twofaccounts);
|
||||
// group with id==0 is the 'All' virtual group that lists
|
||||
// all the user's twofaccounts. From the db pov the accounts
|
||||
// are not assigned to any group record.
|
||||
if ($group->id === 0) {
|
||||
$twofaccounts = $request->user()->twofaccounts;
|
||||
}
|
||||
else {
|
||||
$twofaccounts = $group->twofaccounts;
|
||||
}
|
||||
|
||||
return new TwoFAccountCollection($twofaccounts);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -28,7 +28,7 @@ class GroupPolicy
|
||||
*/
|
||||
public function view(User $user, Group $group)
|
||||
{
|
||||
$can = $this->isOwnerOf($user, $group);
|
||||
$can = $this->isOwnerOf($user, $group) || $group->id === 0;
|
||||
|
||||
if (! $can) {
|
||||
Log::notice(sprintf('User ID #%s cannot view group %s (ID #%s)', $user->id, var_export($group->name, true), $group->id));
|
||||
|
Loading…
x
Reference in New Issue
Block a user