BookStack/app/Http/Controllers/Api/UserApiController.php

<?php

namespace BookStack\Http\Controllers\Api;

use BookStack\Auth\User;
use BookStack\Auth\UserRepo;
use Closure;

class UserApiController extends ApiController
{
    protected $userRepo;

    protected $fieldsToExpose = [
        'email', 'created_at', 'updated_at', 'last_activity_at', 'external_auth_id'
    ];

    protected $rules = [
        'create' => [
        ],
        'update' => [
        ],
    ];

    public function __construct(UserRepo $userRepo)
    {
        $this->userRepo = $userRepo;
    }

    /**
     * Get a listing of users in the system.
     * Requires permission to manage users.
     */
    public function list()
    {
        $this->checkPermission('users-manage');

        $users = $this->userRepo->getApiUsersBuilder();

        return $this->apiListingResponse($users, [
            'id', 'name', 'slug', 'email', 'external_auth_id',
            'created_at', 'updated_at', 'last_activity_at',
        ], [Closure::fromCallable([$this, 'listFormatter'])]);
    }

    /**
     * View the details of a single user.
     * Requires permission to manage users.
     */
    public function read(string $id)
    {
        $this->checkPermission('users-manage');

        $singleUser = $this->userRepo->getById($id);
        $this->singleFormatter($singleUser);

        return response()->json($singleUser);
    }

    /**
     * Format the given user model for single-result display.
     */
    protected function singleFormatter(User $user)
    {
        $this->listFormatter($user);
        $user->load('roles:id,display_name');
        $user->makeVisible(['roles']);
    }

    /**
     * Format the given user model for a listing multi-result display.
     */
    protected function listFormatter(User $user)
    {
        $user->makeVisible($this->fieldsToExpose);
        $user->setAttribute('profile_url', $user->getProfileUrl());
        $user->setAttribute('edit_url', $user->getEditUrl());
        $user->setAttribute('avatar_url', $user->getAvatar());
    }
}
Test API Endpoint for users 2021-05-05 07:46:14 -04:00			`<?php`

			`namespace BookStack\Http\Controllers\Api;`

			`use BookStack\Auth\User;`
			`use BookStack\Auth\UserRepo;`
Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`use Closure;`
Test API Endpoint for users 2021-05-05 07:46:14 -04:00
			`class UserApiController extends ApiController`
			`{`
			`protected $userRepo;`

Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`protected $fieldsToExpose = [`
			`'email', 'created_at', 'updated_at', 'last_activity_at', 'external_auth_id'`
Extend /users API endpoint * add /users/{id} to get a single user * add variable to print fields that are otherwise hidden (e.g. email) 2021-05-06 05:10:49 -04:00			`];`

Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`protected $rules = [`
			`'create' => [`
			`],`
			`'update' => [`
			`],`
			`];`
Test API Endpoint for users 2021-05-05 07:46:14 -04:00
Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`public function __construct(UserRepo $userRepo)`
Test API Endpoint for users 2021-05-05 07:46:14 -04:00			`{`
			`$this->userRepo = $userRepo;`
			`}`

			`/**`
Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`* Get a listing of users in the system.`
			`* Requires permission to manage users.`
Test API Endpoint for users 2021-05-05 07:46:14 -04:00			`*/`
			`public function list()`
			`{`
Extend /users API endpoint * add /users/{id} to get a single user * add variable to print fields that are otherwise hidden (e.g. email) 2021-05-06 05:10:49 -04:00			`$this->checkPermission('users-manage');`

Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`$users = $this->userRepo->getApiUsersBuilder();`
Test API Endpoint for users 2021-05-05 07:46:14 -04:00
			`return $this->apiListingResponse($users, [`
Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`'id', 'name', 'slug', 'email', 'external_auth_id',`
Extend /users API endpoint * add /users/{id} to get a single user * add variable to print fields that are otherwise hidden (e.g. email) 2021-05-06 05:10:49 -04:00			`'created_at', 'updated_at', 'last_activity_at',`
Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`], [Closure::fromCallable([$this, 'listFormatter'])]);`
Extend /users API endpoint * add /users/{id} to get a single user * add variable to print fields that are otherwise hidden (e.g. email) 2021-05-06 05:10:49 -04:00			`}`

			`/**`
Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`* View the details of a single user.`
			`* Requires permission to manage users.`
Extend /users API endpoint * add /users/{id} to get a single user * add variable to print fields that are otherwise hidden (e.g. email) 2021-05-06 05:10:49 -04:00			`*/`
			`public function read(string $id)`
			`{`
			`$this->checkPermission('users-manage');`

			`$singleUser = $this->userRepo->getById($id);`
Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00			`$this->singleFormatter($singleUser);`
Extend /users API endpoint * add /users/{id} to get a single user * add variable to print fields that are otherwise hidden (e.g. email) 2021-05-06 05:10:49 -04:00
			`return response()->json($singleUser);`
Test API Endpoint for users 2021-05-05 07:46:14 -04:00			`}`
Refactored existing user API work - Updated routes to use new format. - Changed how hidden fields are exposed to be more flexible to different use-cases. - Updated properties available on read/list results. - Started adding testing coverage. - Removed old unused UserRepo 'getAllUsers' function. Related to #2701, Progression of #2734 2022-02-03 07:33:26 -05:00
			`/**`
			`* Format the given user model for single-result display.`
			`*/`
			`protected function singleFormatter(User $user)`
			`{`
			`$this->listFormatter($user);`
			`$user->load('roles:id,display_name');`
			`$user->makeVisible(['roles']);`
			`}`

			`/**`
			`* Format the given user model for a listing multi-result display.`
			`*/`
			`protected function listFormatter(User $user)`
			`{`
			`$user->makeVisible($this->fieldsToExpose);`
			`$user->setAttribute('profile_url', $user->getProfileUrl());`
			`$user->setAttribute('edit_url', $user->getEditUrl());`
			`$user->setAttribute('avatar_url', $user->getAvatar());`
			`}`
Test API Endpoint for users 2021-05-05 07:46:14 -04:00			`}`