Merge branch 'api-endpoint-users' into users_api

app/Http/Controllers/Api/ApiController.php

@@ -10,14 +10,15 @@ use Illuminate\Http\JsonResponse;
 abstract class ApiController extends Controller
 {
     protected $rules = [];
+    protected $printHidden = [];
 
     /**
      * Provide a paginated listing JSON response in a standard format
      * taking into account any pagination parameters passed by the user.
      */
-    protected function apiListingResponse(Builder $query, array $fields): JsonResponse
+    protected function apiListingResponse(Builder $query, array $fields, array $protectedFieldsToPrint = []): JsonResponse
     {
-        $listing = new ListingResponseBuilder($query, request(), $fields);
+        $listing = new ListingResponseBuilder($query, request(), $fields, $protectedFieldsToPrint);
 
         return $listing->toResponse();
     }

app/Http/Controllers/Api/UserApiController.php

@@ -0,0 +1,61 @@
+<?php
+
+namespace BookStack\Http\Controllers\Api;
+
+use BookStack\Exceptions\PermissionsException;
+use BookStack\Auth\User;
+use BookStack\Auth\UserRepo;
+use Exception;
+use Illuminate\Http\Request;
+
+class UserApiController extends ApiController
+{
+    protected $user;
+    protected $userRepo;
+
+    protected $printHidden = [
+        'email', 'created_at', 'updated_at', 'last_activity_at'
+    ];
+
+# TBD: Endpoints to create / update users
+#     protected $rules = [
+#         'create' => [
+#         ],
+#         'update' => [
+#         ],
+#     ];
+
+    public function __construct(User $user, UserRepo $userRepo)
+    {
+        $this->user = $user;
+        $this->userRepo = $userRepo;
+    }
+
+    /**
+     * Get a listing of users
+     */
+    public function list()
+    {
+        $this->checkPermission('users-manage');
+
+        $users = $this->userRepo->getUsersBuilder();
+
+        return $this->apiListingResponse($users, [
+            'id', 'name', 'slug', 'email',
+            'created_at', 'updated_at', 'last_activity_at',
+        ], $this->printHidden);
+    }
+
+    /**
+     * View the details of a single user
+     */
+    public function read(string $id)
+    {
+        $this->checkPermission('users-manage');
+
+        $singleUser = $this->userRepo->getById($id);
+        $singleUser = $singleUser->makeVisible($this->printHidden);
+
+        return response()->json($singleUser);
+    }
+}