Improved logic for handling permissions on API routes.

Still only partially implemented, however this method will allow the inclusion of data that is granted with servers (such as viewing more about the node, node location, allocations, etc) while still limiting someone from doing `?include=node.servers` and listing all servers when they don’t have list-servers as a permission.
2017-04-08 12:05:29 -04:00 · 2017-04-08 12:05:29 -04:00 · 4479d3bf19
commit 4479d3bf19
parent db4df2bfa1
16 changed files with 296 additions and 29 deletions
--- a/config/debugbar.php
+++ b/config/debugbar.php
@ -28,7 +28,7 @@ return [
     */
    'storage' => [
        'enabled' => true,
-        'driver' => 'file', // redis, file, pdo
+        'driver' => env('DEBUGBAR_DRIVER', 'file'), // redis, file, pdo
        'path' => storage_path() . '/debugbar', // For file driver
        'connection' => null,   // Leave null for default connection (Redis/PDO)
    ],
@ -125,7 +125,7 @@ return [
                'enabled' => false,
                'types' => ['SELECT', 'INSERT', 'UPDATE', 'DELETE'], // array('SELECT', 'INSERT', 'UPDATE', 'DELETE'); for MySQL 5.6.3+
            ],
-            'hints'             => true,    // Show hints for common mistakes
+            'hints'             => false,    // Show hints for common mistakes
        ],
        'mail' => [
            'full_log' => false,