From 4d0c6c388269d52eb20b5fc420965d124c38aa4b Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Thu, 20 Mar 2025 09:13:08 -0600
Subject: feat: add html pages to ui service that fetches data from rest api

---
 bin/api | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'bin/api')

diff --git a/bin/api b/bin/api
index 86bf0274..3fa550c0 100755
--- a/bin/api
+++ b/bin/api
@@ -80,6 +80,7 @@ end
 
 module HTTPHelpers
   def authorized?(request, permission, resource)
+    raise [permission, resource].inspect if resource.nil?
     authorization = Rack::Auth::AbstractRequest.new(request.env)
     return false unless authorization.provided?
 
@@ -138,7 +139,12 @@ class API
       when "/organizations", "/organizations.json"
         return json_ok(Organization.all.map(&:to_h))
       when "/groups", "/groups.json"
-        return json_ok(Group.all.map(&:to_h))
+        resource = Organization.default
+        if authorized?(request, :read_group, resource)
+          return json_ok(Group.all.map(&:to_h))
+        else
+          return json_unauthorized(:read_group, resource)
+        end
       when "/projects", "/projects.json"
         resource = Organization.default
         if authorized?(request, :read_project, resource)
-- 
cgit v1.2.3