feat: token permissions

feat: handle sensitive data feat: handle read-only data
2024-07-02 12:15:58 +02:00
parent 1249b1ece9
commit c39d6dd407
28 changed files with 328 additions and 201 deletions
--- a/app/Http/Controllers/Api/DeployController.php
+++ b/app/Http/Controllers/Api/DeployController.php
@@ -20,6 +20,20 @@ use Visus\Cuid2\Cuid2;

 class DeployController extends Controller
 {
+    private function removeSensitiveData($deployment)
+    {
+        $token = auth()->user()->currentAccessToken();
+        if ($token->can('view:sensitive')) {
+            return serializeApiResponse($deployment);
+        }
+
+        $deployment->makeHidden([
+            'logs',
+        ]);
+
+        return serializeApiResponse($deployment);
+    }
+
    public function deployments(Request $request)
    {
        $teamId = getTeamIdFromToken();
@@ -61,7 +75,7 @@ class DeployController extends Controller

        return response()->json([
            'success' => true,
-            'data' => serializeApiResponse($deployment->makeHidden('logs')),
+            'data' => $this->removeSensitiveData($deployment),
        ]);
    }