YoLo Trust me, I'm an engineer!... What the f*ck did just happened here?
This commit is contained in:
parent
5361185173
commit
b5c329481b
3 changed files with 26 additions and 1 deletions
|
|
@ -4,6 +4,7 @@ namespace App\Http\Controllers\API;
|
|||
|
||||
use App\Entity\Token;
|
||||
use App\Exceptions\HTTPException;
|
||||
use App\Exceptions\NoPermissionException;
|
||||
use App\Exceptions\NotLoggedInException;
|
||||
use App\Exceptions\ResourceNotFound;
|
||||
use App\Http\Resources\API\AppAccessDetails;
|
||||
|
|
@ -105,7 +106,7 @@ class oAuthController extends BaseController
|
|||
}
|
||||
public function listAccess(Response $response) {
|
||||
if(!Auth::check()) {
|
||||
abort(401);
|
||||
throw new NotLoggedInException();
|
||||
}
|
||||
|
||||
$access = AppAccess::query()->where("user_id", "=", Auth::user()->id)->get();
|
||||
|
|
@ -118,4 +119,26 @@ class oAuthController extends BaseController
|
|||
|
||||
return $response->withData(AppAccessDetails::collection(collect($visibleAccess)));
|
||||
}
|
||||
public function removeAccess($id, Response $response) {
|
||||
if(!Auth::check()) {
|
||||
throw new NotLoggedInException();
|
||||
}
|
||||
|
||||
$access = AppAccess::query()->where("id", "=", $id)->firstOrFail();
|
||||
if($access->user_id != Auth::user()->id) {
|
||||
throw new NoPermissionException();
|
||||
}
|
||||
|
||||
if($access->getApp()->user_cant_remove_app) {
|
||||
throw new NoPermissionException();
|
||||
}
|
||||
|
||||
RefreshToken::query()->where("access_id", "=", $access->id)->delete();
|
||||
\App\Models\AccessToken::query()->where("access_id", "=", $access->id)->delete();
|
||||
AppCode::query()->where("access_id", "=", $access->id)->delete();
|
||||
$access->delete();
|
||||
|
||||
|
||||
return $response;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ class AppAccessDetails extends JsonResource
|
|||
{
|
||||
$app = $this->getApp();
|
||||
return [
|
||||
'id' => $this->id,
|
||||
'app' => new App($app),
|
||||
'status' => $this->status,
|
||||
'created' => $this->created_at->format('Y-m-d H:i:s e'),
|
||||
|
|
|
|||
|
|
@ -62,6 +62,7 @@ $router->group(['prefix' => 'api'], function () use ($router) {
|
|||
});
|
||||
$router->group(["prefix" => "access"], function () use ($router) {
|
||||
$router->get("", ["uses" => "API\oAuthController@listAccess"]);
|
||||
$router->delete("/{id}", ["uses" => "API\oAuthController@removeAccess"]);
|
||||
});
|
||||
$router->group(['prefix' => 'account'], function () use ($router) {
|
||||
$router->get("/", ['uses' => 'API\AccountController@getUsers']);
|
||||
|
|
|
|||
Reference in a new issue