protected $query;
protected $request;
protected $fields;
+ protected $hiddenFields;
protected $filterOperators = [
'eq' => '=',
/**
* ListingResponseBuilder constructor.
*/
- public function __construct(Builder $query, Request $request, array $fields)
+ public function __construct(Builder $query, Request $request, array $fields, array $hiddenFields )
{
$this->query = $query;
$this->request = $request;
$this->fields = $fields;
+ $this->hiddenFields = $hiddenFields;
}
/**
$total = $filteredQuery->count();
$data = $this->fetchData($filteredQuery);
+ $data = $data->makeVisible($this->hiddenFields);
return response()->json([
'data' => $data,
return User::query()->with('roles', 'avatar')->orderBy('name', 'asc')->get();
}
+ /**
+ * Get all users as Builder for API
+ */
+ public function getUsersBuilder(int $id = null ) : Builder
+ {
+ $query = User::query()->select(['*'])
+ ->withLastActivityAt()
+ ->with(['roles', 'avatar']);
+ return $query;
+ }
/**
* Get all the users with their permissions in a paginated format.
* Note: Due to the use of email search this should only be used when
abstract class ApiController extends Controller
{
protected $rules = [];
+ protected $printHidden = [];
/**
* Provide a paginated listing JSON response in a standard format
* taking into account any pagination parameters passed by the user.
*/
- protected function apiListingResponse(Builder $query, array $fields): JsonResponse
+ protected function apiListingResponse(Builder $query, array $fields, array $protectedFieldsToPrint = []): JsonResponse
{
- $listing = new ListingResponseBuilder($query, request(), $fields);
+ $listing = new ListingResponseBuilder($query, request(), $fields, $protectedFieldsToPrint);
return $listing->toResponse();
}
--- /dev/null
+<?php
+
+namespace BookStack\Http\Controllers\Api;
+
+use BookStack\Exceptions\PermissionsException;
+use BookStack\Auth\User;
+use BookStack\Auth\UserRepo;
+use Exception;
+use Illuminate\Http\Request;
+
+class UserApiController extends ApiController
+{
+ protected $user;
+ protected $userRepo;
+
+ protected $printHidden = [
+ 'email', 'created_at', 'updated_at', 'last_activity_at'
+ ];
+
+# TBD: Endpoints to create / update users
+# protected $rules = [
+# 'create' => [
+# ],
+# 'update' => [
+# ],
+# ];
+
+ public function __construct(User $user, UserRepo $userRepo)
+ {
+ $this->user = $user;
+ $this->userRepo = $userRepo;
+ }
+
+ /**
+ * Get a listing of users
+ */
+ public function list()
+ {
+ $this->checkPermission('users-manage');
+
+ $users = $this->userRepo->getUsersBuilder();
+
+ return $this->apiListingResponse($users, [
+ 'id', 'name', 'slug', 'email',
+ 'created_at', 'updated_at', 'last_activity_at',
+ ], $this->printHidden);
+ }
+
+ /**
+ * View the details of a single user
+ */
+ public function read(string $id)
+ {
+ $this->checkPermission('users-manage');
+
+ $singleUser = $this->userRepo->getById($id);
+ $singleUser = $singleUser->makeVisible($this->printHidden);
+
+ return response()->json($singleUser);
+ }
+}
Route::get('shelves/{id}', [BookshelfApiController::class, 'read']);
Route::put('shelves/{id}', [BookshelfApiController::class, 'update']);
Route::delete('shelves/{id}', [BookshelfApiController::class, 'delete']);
+
+Route::get('users', 'UserApiController@list');
+Route::get('users/{id}', 'UserApiController@read');
\ No newline at end of file
projects / bookstack / commitdiff