Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/UsersController.php
Show All 40 Lines | public static function logonResponse(User $user) | ||||
]); | ]); | ||||
} | } | ||||
/** | /** | ||||
* Display a listing of the resources. | * Display a listing of the resources. | ||||
* | * | ||||
* The user themself, and other user entitlements. | * The user themself, and other user entitlements. | ||||
* | * | ||||
* @return \Illuminate\Http\Response | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
public function index() | public function index() | ||||
{ | { | ||||
$user = Auth::user(); | $user = Auth::user(); | ||||
if (!$user) { | if (!$user) { | ||||
return response()->json(['error' => 'unauthorized'], 401); | return response()->json(['error' => 'unauthorized'], 401); | ||||
} | } | ||||
▲ Show 20 Lines • Show All 78 Lines • ▼ Show 20 Lines | protected function respondWithToken($token) | ||||
'access_token' => $token, | 'access_token' => $token, | ||||
'token_type' => 'bearer', | 'token_type' => 'bearer', | ||||
'expires_in' => $this->guard()->factory()->getTTL() * 60 | 'expires_in' => $this->guard()->factory()->getTTL() * 60 | ||||
] | ] | ||||
); | ); | ||||
} | } | ||||
/** | /** | ||||
* Display the specified resource. | * Display information on the user account specified by $id. | ||||
* | * | ||||
* @param int $id The account to show information for. | * @param int $id The account to show information for. | ||||
* | * | ||||
* @return \Illuminate\Http\Response | * @return \Illuminate\Http\JsonResponse|void | ||||
*/ | */ | ||||
public function show($id) | public function show($id) | ||||
{ | { | ||||
$user = Auth::user(); | $user = Auth::user(); | ||||
if (!$user) { | if (!$user) { | ||||
return abort(403); | return abort(403); | ||||
} | } | ||||
$result = false; | // TODO: check whether or not the user is allowed | ||||
// for now, only allow self. | |||||
$user->entitlements()->each( | if ($user->id != $id) { | ||||
function ($entitlement) { | |||||
if ($entitlement->user_id == $id) { | |||||
$result = true; | |||||
} | |||||
} | |||||
); | |||||
if ($user->id == $id) { | |||||
$result = true; | |||||
} | |||||
if (!$result) { | |||||
return abort(404); | return abort(404); | ||||
} | } | ||||
return \App\User::find($id); | return response()->json($user); | ||||
} | } | ||||
/** | /** | ||||
* User status (extended) information | * User status (extended) information | ||||
* | * | ||||
* @param \App\User $user User object | * @param \App\User $user User object | ||||
* | * | ||||
* @return array Status information | * @return array Status information | ||||
▲ Show 20 Lines • Show All 63 Lines • Show Last 20 Lines |