Block viewing node allocations and location unless user has permission

DaneEveritt · DaneEveritt · commit 463f465deac7 · 2017-04-08T12:07:17.000-04:00
Blocks viewing the allocation list and location for a node unless a
user has permission to view the node in the first place.
diff --git a/app/Transformers/Admin/NodeTransformer.php b/app/Transformers/Admin/NodeTransformer.php
@@ -80,6 +80,10 @@ public function transform(Node $node)
      */
     public function includeAllocations(Node $node)
     {
+        if ($this->request && ! $this->request->apiKeyHasPermission('view-node')) {
+            return;
+        }
+
         return $this->collection($node->allocations, new AllocationTransformer, 'allocation');
     }
 
@@ -90,6 +94,10 @@ public function includeAllocations(Node $node)
      */
     public function includeLocation(Node $node)
     {
+        if ($this->request && ! $this->request->apiKeyHasPermission('view-node')) {
+            return;
+        }
+
         return $this->item($node->location, new LocationTransformer, 'location');
     }
 

Original file line number	Diff line number	Diff line change
`@@ -80,6 +80,10 @@ public function transform(Node $node)`
`80`	`80`	`*/`
`81`	`81`	`public function includeAllocations(Node $node)`
`82`	`82`	`{`
	`83`	`+ if ($this->request && ! $this->request->apiKeyHasPermission('view-node')) {`
	`84`	`+ return;`
	`85`	`+ }`
	`86`	`+`
`83`	`87`	`return $this->collection($node->allocations, new AllocationTransformer, 'allocation');`
`84`	`88`	`}`
`85`	`89`
`@@ -90,6 +94,10 @@ public function includeAllocations(Node $node)`
`90`	`94`	`*/`
`91`	`95`	`public function includeLocation(Node $node)`
`92`	`96`	`{`
	`97`	`+ if ($this->request && ! $this->request->apiKeyHasPermission('view-node')) {`
	`98`	`+ return;`
	`99`	`+ }`
	`100`	`+`
`93`	`101`	`return $this->item($node->location, new LocationTransformer, 'location');`
`94`	`102`	`}`
`95`	`103`