We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User has many Post Post has many Note Note belong to User
Allow show for note when the note belongs to user.
class NotePolicy { public function show(User $user, Note $note) { return $note->user_id == $user->id; } }
Post
User
Note
GET /posts?related=note Whenever a user fetches a post it would load the notes but only the ones belonging to the user because of the NotePolicy.
GET /posts?related=note
{ ..... "relationships":{ "notes":{ "1":{ "id":"2", "type":"notes" } } } ..... }
{ ..... "relationships":{ "notes":[ { "id":"2", "type":"notes" } ] } ..... }
allowToShow
filter
{ "id":1, "notes":[ { "id":"1", "type":"notes" }, { "id":"2", "type":"notes" } ] }
{ "id":1, "notes":[ null, { "id":"2", "type":"notes" } ] }
{ "id":1, "notes":{ 1 => { "id":"2", "type":"notes" } } }
Replace
laravel-restify/src/Repositories/Repository.php
Line 543 in 18d120a
return $items->filter()->values();
The text was updated successfully, but these errors were encountered:
Thanks @mwalid-trackbar for diving into this.
Sorry, something went wrong.
Solved! Thank you!
No branches or pull requests
Schema
User has many Post
Post has many Note
Note belong to User
Policy
Allow show for note when the note belongs to user.
Database
Post
User
Note
Request
GET /posts?related=note
Whenever a user fetches a post it would load the notes but only the ones belonging to the user because of the NotePolicy.
Response
Actual
Expected
Root cause
allowToShow
to nullify notes where the user is not allowed to access https://github.com/BinarCode/laravel-restify/blob/7.x/src/Fields/EagerField.php#L69filter
on the collection to remove nulls https://github.com/BinarCode/laravel-restify/blob/7.x/src/Repositories/Repository.php#L530Post loaded from db
Post notes are filtered via
allowToShow
(step 1)Post notes after removing nulls via
filter
(step 2)Suggested fix
Replace
laravel-restify/src/Repositories/Repository.php
Line 543 in 18d120a
with
The text was updated successfully, but these errors were encountered: