mirror of
https://github.com/flarum/core.git
synced 2025-07-23 01:31:40 +02:00
6e8884f190
Only users that have the new `viewHiddenGroups` permissions will be able to see these groups. You might want this when you want to give certain users special permissions, but don't want to make your authorization scheme public to regular users. Co-authored-by: luceos <daniel+github@klabbers.email>
55 lines
1.2 KiB
PHP
55 lines
1.2 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of Flarum.
|
|
*
|
|
* For detailed copyright and license information, please view the
|
|
* LICENSE file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Flarum\Api\Serializer;
|
|
|
|
use Flarum\User\User;
|
|
use InvalidArgumentException;
|
|
|
|
class BasicUserSerializer extends AbstractSerializer
|
|
{
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
protected $type = 'users';
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*
|
|
* @param User $user
|
|
* @throws InvalidArgumentException
|
|
*/
|
|
protected function getDefaultAttributes($user)
|
|
{
|
|
if (! ($user instanceof User)) {
|
|
throw new InvalidArgumentException(
|
|
get_class($this).' can only serialize instances of '.User::class
|
|
);
|
|
}
|
|
|
|
return [
|
|
'username' => $user->username,
|
|
'displayName' => $user->display_name,
|
|
'avatarUrl' => $user->avatar_url
|
|
];
|
|
}
|
|
|
|
/**
|
|
* @return \Tobscure\JsonApi\Relationship
|
|
*/
|
|
protected function groups($user)
|
|
{
|
|
if ($this->getActor()->can('viewHiddenGroups')) {
|
|
return $this->hasMany($user, GroupSerializer::class);
|
|
}
|
|
|
|
return $this->hasMany($user, GroupSerializer::class, 'visibleGroups');
|
|
}
|
|
}
|