diff --git a/framework/core/src/Api/Controller/ShowForumController.php b/framework/core/src/Api/Controller/ShowForumController.php index 2111d3d75..f9ba91c62 100644 --- a/framework/core/src/Api/Controller/ShowForumController.php +++ b/framework/core/src/Api/Controller/ShowForumController.php @@ -25,15 +25,18 @@ class ShowForumController extends AbstractShowController /** * {@inheritdoc} */ - public $include = ['groups']; + public $include = ['groups', 'actor']; /** * {@inheritdoc} */ protected function data(ServerRequestInterface $request, Document $document) { + $actor = RequestUtil::getActor($request); + return [ - 'groups' => Group::whereVisibleTo(RequestUtil::getActor($request))->get() + 'groups' => Group::whereVisibleTo($actor)->get(), + 'actor' => $actor->isGuest() ? null : $actor ]; } } diff --git a/framework/core/src/Api/Serializer/ForumSerializer.php b/framework/core/src/Api/Serializer/ForumSerializer.php index 44e89d26a..c223ea281 100644 --- a/framework/core/src/Api/Serializer/ForumSerializer.php +++ b/framework/core/src/Api/Serializer/ForumSerializer.php @@ -15,6 +15,7 @@ use Flarum\Http\UrlGenerator; use Flarum\Settings\SettingsRepositoryInterface; use Illuminate\Contracts\Filesystem\Cloud; use Illuminate\Contracts\Filesystem\Factory; +use Tobscure\JsonApi\Relationship; class ForumSerializer extends AbstractSerializer { @@ -68,7 +69,7 @@ class ForumSerializer extends AbstractSerializer /** * {@inheritdoc} */ - protected function getDefaultAttributes($model) + protected function getDefaultAttributes($model): array { $attributes = [ 'title' => $this->settings->get('forum_title'), @@ -104,9 +105,9 @@ class ForumSerializer extends AbstractSerializer } /** - * @return \Tobscure\JsonApi\Relationship + * @return Relationship */ - protected function groups($model) + protected function groups($model): Relationship { return $this->hasMany($model, GroupSerializer::class); } @@ -114,7 +115,7 @@ class ForumSerializer extends AbstractSerializer /** * @return null|string */ - protected function getLogoUrl() + protected function getLogoUrl(): ?string { $logoPath = $this->settings->get('logo_path'); @@ -124,7 +125,7 @@ class ForumSerializer extends AbstractSerializer /** * @return null|string */ - protected function getFaviconUrl() + protected function getFaviconUrl(): ?string { $faviconPath = $this->settings->get('favicon_path'); @@ -135,4 +136,12 @@ class ForumSerializer extends AbstractSerializer { return $this->assetsFilesystem->url($assetPath); } + + /** + * @return Relationship|null + */ + protected function actor($model): ?Relationship + { + return $this->hasOne($model, CurrentUserSerializer::class); + } } diff --git a/framework/core/src/Frontend/Content/CorePayload.php b/framework/core/src/Frontend/Content/CorePayload.php index cbe625d2d..5f02964fe 100644 --- a/framework/core/src/Frontend/Content/CorePayload.php +++ b/framework/core/src/Frontend/Content/CorePayload.php @@ -9,12 +9,9 @@ namespace Flarum\Frontend\Content; -use Flarum\Api\Client; use Flarum\Frontend\Document; use Flarum\Http\RequestUtil; use Flarum\Locale\LocaleManager; -use Flarum\User\User; -use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface as Request; class CorePayload @@ -24,19 +21,12 @@ class CorePayload */ private $locales; - /** - * @var Client - */ - private $api; - /** * @param LocaleManager $locales - * @param Client $api */ - public function __construct(LocaleManager $locales, Client $api) + public function __construct(LocaleManager $locales) { $this->locales = $locales; - $this->api = $api; } public function __invoke(Document $document, Request $request) @@ -51,17 +41,10 @@ class CorePayload { $data = $this->getDataFromApiDocument($document->getForumApiDocument()); - $actor = RequestUtil::getActor($request); - - if ($actor->exists) { - $user = $this->getUserApiDocument($request, $actor); - $data = array_merge($data, $this->getDataFromApiDocument($user)); - } - return [ 'resources' => $data, 'session' => [ - 'userId' => $actor->id, + 'userId' => RequestUtil::getActor($request)->id, 'csrfToken' => $request->getAttribute('session')->token() ], 'locales' => $this->locales->getLocales(), @@ -79,18 +62,4 @@ class CorePayload return $data; } - - private function getUserApiDocument(Request $request, User $actor): array - { - $id = $actor->id; - - return $this->getResponseBody( - $this->api->withParentRequest($request)->get("/users/$id") - ); - } - - private function getResponseBody(ResponseInterface $response) - { - return json_decode($response->getBody(), true); - } } diff --git a/framework/core/tests/integration/api/forum/ShowTest.php b/framework/core/tests/integration/api/forum/ShowTest.php index f2d41836f..e46e01a8e 100644 --- a/framework/core/tests/integration/api/forum/ShowTest.php +++ b/framework/core/tests/integration/api/forum/ShowTest.php @@ -31,6 +31,22 @@ class ShowTest extends TestCase ]); } + /** + * @test + */ + public function guest_user_does_not_see_actor_relationship() + { + $response = $this->send( + $this->request('GET', '/api') + ); + + $this->assertEquals(200, $response->getStatusCode()); + + $json = json_decode($response->getBody()->getContents(), true); + + $this->assertArrayNotHasKey('actor', Arr::get($json, 'data.relationships')); + } + /** * @test */ @@ -51,6 +67,8 @@ class ShowTest extends TestCase $this->assertEquals('http://localhost/api', Arr::get($json, 'data.attributes.apiUrl')); $this->assertArrayNotHasKey('adminUrl', Arr::get($json, 'data.attributes')); + $this->assertArrayHasKey('actor', Arr::get($json, 'data.relationships')); + $this->assertEquals(2, Arr::get($json, 'data.relationships.actor.data.id')); } /**