repository = $repository; } /** * Return all of the servers available to the client making the API * request, including servers the user has access to as a subuser. * * @throws \Illuminate\Contracts\Container\BindingResolutionException */ public function index(GetServersRequest $request): array { $user = $request->user(); // Start the query builder and ensure we eager load any requested relationships from the request. $builder = QueryBuilder::for( Server::query()->with($this->getIncludesForTransformer(new ServerTransformer(), ['node'])) )->allowedFilters([ 'uuid', 'name', 'external_id', AllowedFilter::custom('*', new MultiFieldServerFilter()), ]); $type = $request->input('type'); // Either return all of the servers the user has access to because they are an admin `?type=admin` or // just return all of the servers the user has access to because they are the owner or a subuser of the // server. If ?type=admin-all is passed all servers on the system will be returned to the user, rather // than only servers they can see because they are an admin. if (in_array($type, ['admin', 'admin-all'])) { // If they aren't an admin but want all the admin servers don't fail the request, just // make it a query that will never return any results back. if (!$user->root_admin) { $builder->whereRaw('1 = 2'); } else { $builder = $type === 'admin-all' ? $builder : $builder->whereNotIn('servers.id', $user->accessibleServers()->pluck('id')->all()); } } elseif ($type === 'owner') { $builder = $builder->where('servers.owner_id', $user->id); } else { $builder = $builder->whereIn('servers.id', $user->accessibleServers()->pluck('id')->all()); } $servers = $builder->paginate(min((int) $request->query('per_page', '50'), 100))->appends($request->query()); return $this->fractal->transformWith(new ServerTransformer())->collection($servers)->toArray(); } /** * Returns all of the subuser permissions available on the system. */ public function permissions(): array { return [ 'object' => 'system_permissions', 'attributes' => [ 'permissions' => Permission::permissions(), ], ]; } }