YoLo Trust me, I'm an engineer!... What the f*ck did just happened here?
This commit is contained in:
parent
5361185173
commit
b5c329481b
3 changed files with 26 additions and 1 deletions
|
|
@ -4,6 +4,7 @@ namespace App\Http\Controllers\API;
|
||||||
|
|
||||||
use App\Entity\Token;
|
use App\Entity\Token;
|
||||||
use App\Exceptions\HTTPException;
|
use App\Exceptions\HTTPException;
|
||||||
|
use App\Exceptions\NoPermissionException;
|
||||||
use App\Exceptions\NotLoggedInException;
|
use App\Exceptions\NotLoggedInException;
|
||||||
use App\Exceptions\ResourceNotFound;
|
use App\Exceptions\ResourceNotFound;
|
||||||
use App\Http\Resources\API\AppAccessDetails;
|
use App\Http\Resources\API\AppAccessDetails;
|
||||||
|
|
@ -105,7 +106,7 @@ class oAuthController extends BaseController
|
||||||
}
|
}
|
||||||
public function listAccess(Response $response) {
|
public function listAccess(Response $response) {
|
||||||
if(!Auth::check()) {
|
if(!Auth::check()) {
|
||||||
abort(401);
|
throw new NotLoggedInException();
|
||||||
}
|
}
|
||||||
|
|
||||||
$access = AppAccess::query()->where("user_id", "=", Auth::user()->id)->get();
|
$access = AppAccess::query()->where("user_id", "=", Auth::user()->id)->get();
|
||||||
|
|
@ -118,4 +119,26 @@ class oAuthController extends BaseController
|
||||||
|
|
||||||
return $response->withData(AppAccessDetails::collection(collect($visibleAccess)));
|
return $response->withData(AppAccessDetails::collection(collect($visibleAccess)));
|
||||||
}
|
}
|
||||||
|
public function removeAccess($id, Response $response) {
|
||||||
|
if(!Auth::check()) {
|
||||||
|
throw new NotLoggedInException();
|
||||||
|
}
|
||||||
|
|
||||||
|
$access = AppAccess::query()->where("id", "=", $id)->firstOrFail();
|
||||||
|
if($access->user_id != Auth::user()->id) {
|
||||||
|
throw new NoPermissionException();
|
||||||
|
}
|
||||||
|
|
||||||
|
if($access->getApp()->user_cant_remove_app) {
|
||||||
|
throw new NoPermissionException();
|
||||||
|
}
|
||||||
|
|
||||||
|
RefreshToken::query()->where("access_id", "=", $access->id)->delete();
|
||||||
|
\App\Models\AccessToken::query()->where("access_id", "=", $access->id)->delete();
|
||||||
|
AppCode::query()->where("access_id", "=", $access->id)->delete();
|
||||||
|
$access->delete();
|
||||||
|
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -16,6 +16,7 @@ class AppAccessDetails extends JsonResource
|
||||||
{
|
{
|
||||||
$app = $this->getApp();
|
$app = $this->getApp();
|
||||||
return [
|
return [
|
||||||
|
'id' => $this->id,
|
||||||
'app' => new App($app),
|
'app' => new App($app),
|
||||||
'status' => $this->status,
|
'status' => $this->status,
|
||||||
'created' => $this->created_at->format('Y-m-d H:i:s e'),
|
'created' => $this->created_at->format('Y-m-d H:i:s e'),
|
||||||
|
|
|
||||||
|
|
@ -62,6 +62,7 @@ $router->group(['prefix' => 'api'], function () use ($router) {
|
||||||
});
|
});
|
||||||
$router->group(["prefix" => "access"], function () use ($router) {
|
$router->group(["prefix" => "access"], function () use ($router) {
|
||||||
$router->get("", ["uses" => "API\oAuthController@listAccess"]);
|
$router->get("", ["uses" => "API\oAuthController@listAccess"]);
|
||||||
|
$router->delete("/{id}", ["uses" => "API\oAuthController@removeAccess"]);
|
||||||
});
|
});
|
||||||
$router->group(['prefix' => 'account'], function () use ($router) {
|
$router->group(['prefix' => 'account'], function () use ($router) {
|
||||||
$router->get("/", ['uses' => 'API\AccountController@getUsers']);
|
$router->get("/", ['uses' => 'API\AccountController@getUsers']);
|
||||||
|
|
|
||||||
Reference in a new issue