From 98033bcc567b4305a22549829d147e3a543c3085 Mon Sep 17 00:00:00 2001
From: Bubka <858858+Bubka@users.noreply.github.com>
Date: Wed, 19 Feb 2025 15:51:33 +0100
Subject: [PATCH] Allow viewing of the All group, with matching twofaccount
 count

---
 app/Api/v1/Controllers/GroupController.php | 24 +++++++++++++++++++---
 app/Policies/GroupPolicy.php               |  2 +-
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/app/Api/v1/Controllers/GroupController.php b/app/Api/v1/Controllers/GroupController.php
index 4131c6d2..b42b002a 100644
--- a/app/Api/v1/Controllers/GroupController.php
+++ b/app/Api/v1/Controllers/GroupController.php
@@ -60,10 +60,18 @@ class GroupController extends Controller
      *
      * @return \App\Api\v1\Resources\GroupResource
      */
-    public function show(Group $group)
+    public function show(Request $request, Group $group)
     {
         $this->authorize('view', $group);
 
+        // group with id==0 is the 'All' virtual group.
+        // Eloquent specifically returns a non-persisted Group instance
+        // with just the name property. The twofaccounts_count has to be
+        // set here.
+        if ($group->id === 0) {
+            $group->twofaccounts_count = $request->user()->twofaccounts->count();
+        }
+
         return new GroupResource($group);
     }
 
@@ -108,11 +116,21 @@ class GroupController extends Controller
      *
      * @return \App\Api\v1\Resources\TwoFAccountCollection
      */
-    public function accounts(Group $group)
+    public function accounts(Request $request, Group $group)
     {
         $this->authorize('view', $group);
 
-        return new TwoFAccountCollection($group->twofaccounts);
+        // group with id==0 is the 'All' virtual group that lists
+        // all the user's twofaccounts. From the db pov the accounts
+        // are not assigned to any group record.
+        if ($group->id === 0) {
+            $twofaccounts = $request->user()->twofaccounts;
+        }
+        else {
+            $twofaccounts = $group->twofaccounts;
+        }
+
+        return new TwoFAccountCollection($twofaccounts);
     }
 
     /**
diff --git a/app/Policies/GroupPolicy.php b/app/Policies/GroupPolicy.php
index 74b979ea..66f8674f 100644
--- a/app/Policies/GroupPolicy.php
+++ b/app/Policies/GroupPolicy.php
@@ -28,7 +28,7 @@ class GroupPolicy
      */
     public function view(User $user, Group $group)
     {
-        $can = $this->isOwnerOf($user, $group);
+        $can = $this->isOwnerOf($user, $group) || $group->id === 0;
 
         if (! $can) {
             Log::notice(sprintf('User ID #%s cannot view group %s (ID #%s)', $user->id, var_export($group->name, true), $group->id));