feat: add html pages to ui service that fetches data from rest api

author: mo khan <mo@mokhan.ca> 2025-03-20 09:13:08 -0600
committer: mo khan <mo@mokhan.ca> 2025-03-20 09:13:08 -0600
commit: 4d0c6c388269d52eb20b5fc420965d124c38aa4b (patch)
tree: 05f50c6b1496e90716228648fb1db2efceb7f33f /bin/api
parent: 136c4dfb645aff8a97e3c26fcc5b91ff9e32b3e7 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/bin/api b/bin/api
index 86bf027..3fa550c 100755
--- a/bin/api
+++ b/bin/api
@@ -80,6 +80,7 @@ end
 
 module HTTPHelpers
   def authorized?(request, permission, resource)
+    raise [permission, resource].inspect if resource.nil?
     authorization = Rack::Auth::AbstractRequest.new(request.env)
     return false unless authorization.provided?
 
@@ -138,7 +139,12 @@ class API
       when "/organizations", "/organizations.json"
         return json_ok(Organization.all.map(&:to_h))
       when "/groups", "/groups.json"
-        return json_ok(Group.all.map(&:to_h))
+        resource = Organization.default
+        if authorized?(request, :read_group, resource)
+          return json_ok(Group.all.map(&:to_h))
+        else
+          return json_unauthorized(:read_group, resource)
+        end
       when "/projects", "/projects.json"
         resource = Organization.default
         if authorized?(request, :read_project, resource)
author	mo khan <mo@mokhan.ca>	2025-03-20 09:13:08 -0600
committer	mo khan <mo@mokhan.ca>	2025-03-20 09:13:08 -0600
commit	4d0c6c388269d52eb20b5fc420965d124c38aa4b (patch)
tree	05f50c6b1496e90716228648fb1db2efceb7f33f /bin/api
parent	136c4dfb645aff8a97e3c26fcc5b91ff9e32b3e7 (diff)