Skip to content

Commit

Permalink
[TM-1492] make dashboard endpoints publicly accessible (#577)
Browse files Browse the repository at this point in the history
  • Loading branch information
@cesarLima1
cesarLima1 authored Nov 19, 2024
1 parent a88366b commit 3b75b5a
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 8 deletions.
5 changes: 4 additions & 1 deletion app/Http/Controllers/V2/Dashboard/GetProjectsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,10 @@ public function __invoke(Request $request)
{
/** @var User $user */
$user = Auth::user();
if ($user->hasRole('government') && data_get($request, 'filter.projectUuid', '')) {

if (is_null($user)) {
$request = new Request(['filter' => []]);
} elseif ($user->hasRole('government') && data_get($request, 'filter.projectUuid', '')) {
$request = new Request(['filter' => []]);
} else {
$frameworks = data_get($request, 'filter.programmes', []);
Expand Down
9 changes: 3 additions & 6 deletions app/Http/Controllers/V2/Dashboard/ViewProjectController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,16 +18,13 @@ public function getIfUserIsAllowedToProject(String $uuid)
{
/** @var User $user */
$user = Auth::user();
if ($user->hasRole('government')) {
if (is_null($user)) {
$response = (object)[
'allowed' => false,
];
} elseif ($user->hasRole('funder')) {
$isAllowed = Project::where('uuid', $uuid)
->where('framework_key', $user->program)
->exists();
} elseif ($user->hasRole('government') || $user->hasRole('funder')) {
$response = (object)[
'allowed' => $isAllowed,
'allowed' => true,
];
} elseif ($user->hasRole('project-developer')) {
$projectId = Project::where('uuid', $uuid)
Expand Down
2 changes: 1 addition & 1 deletion routes/api_v2.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -722,7 +722,7 @@ function () {
Route::delete('/{auditable}/{uuid}/delete', DeleteAuditStatusController::class);
});

Route::prefix('dashboard')->group(function () {
Route::prefix('dashboard')->withoutMiddleware('auth:service-api-key,api')->group(function () {
Route::get('/restoration-strategy', ViewRestorationStrategyController::class);
Route::get('/jobs-created', GetJobsCreatedController::class);
Route::get('/volunteers-survival-rate', VolunteersAndAverageSurvivalRateController::class);
Expand Down

0 comments on commit 3b75b5a

Please sign in to comment.