Allow viewing of the All group, with matching twofaccount count

This commit is contained in:
Bubka 2025-02-19 15:51:33 +01:00
parent 166b39beea
commit 98033bcc56
2 changed files with 22 additions and 4 deletions

View File

@ -60,10 +60,18 @@ class GroupController extends Controller
* *
* @return \App\Api\v1\Resources\GroupResource * @return \App\Api\v1\Resources\GroupResource
*/ */
public function show(Group $group) public function show(Request $request, Group $group)
{ {
$this->authorize('view', $group); $this->authorize('view', $group);
// group with id==0 is the 'All' virtual group.
// Eloquent specifically returns a non-persisted Group instance
// with just the name property. The twofaccounts_count has to be
// set here.
if ($group->id === 0) {
$group->twofaccounts_count = $request->user()->twofaccounts->count();
}
return new GroupResource($group); return new GroupResource($group);
} }
@ -108,11 +116,21 @@ class GroupController extends Controller
* *
* @return \App\Api\v1\Resources\TwoFAccountCollection * @return \App\Api\v1\Resources\TwoFAccountCollection
*/ */
public function accounts(Group $group) public function accounts(Request $request, Group $group)
{ {
$this->authorize('view', $group); $this->authorize('view', $group);
return new TwoFAccountCollection($group->twofaccounts); // group with id==0 is the 'All' virtual group that lists
// all the user's twofaccounts. From the db pov the accounts
// are not assigned to any group record.
if ($group->id === 0) {
$twofaccounts = $request->user()->twofaccounts;
}
else {
$twofaccounts = $group->twofaccounts;
}
return new TwoFAccountCollection($twofaccounts);
} }
/** /**

View File

@ -28,7 +28,7 @@ class GroupPolicy
*/ */
public function view(User $user, Group $group) public function view(User $user, Group $group)
{ {
$can = $this->isOwnerOf($user, $group); $can = $this->isOwnerOf($user, $group) || $group->id === 0;
if (! $can) { if (! $can) {
Log::notice(sprintf('User ID #%s cannot view group %s (ID #%s)', $user->id, var_export($group->name, true), $group->id)); Log::notice(sprintf('User ID #%s cannot view group %s (ID #%s)', $user->id, var_export($group->name, true), $group->id));