add user group validation

app/JsonApi/V2/Accounts/AccountCollectionQuery.php

@@ -0,0 +1,60 @@
+<?php
+
+namespace FireflyIII\JsonApi\V2\Accounts;
+
+use FireflyIII\Models\Account;
+use FireflyIII\Rules\IsAllowedGroupAction;
+use Illuminate\Support\Facades\Log;
+use LaravelJsonApi\Laravel\Http\Requests\ResourceQuery;
+use LaravelJsonApi\Validation\Rule as JsonApiRule;
+
+class AccountCollectionQuery extends ResourceQuery
+{
+
+    /**
+     * Get the validation rules that apply to the request query parameters.
+     *
+     * @return array
+     */
+    public function rules(): array
+    {
+        Log::debug(__METHOD__);
+        return [
+            'fields' => [
+                'nullable',
+                'array',
+                JsonApiRule::fieldSets(),
+            ],
+            'user_group_id' => [
+                'nullable',
+                'integer',
+                new IsAllowedGroupAction(Account::class, request()->method()),
+            ],
+            'filter' => [
+                'nullable',
+                'array',
+                JsonApiRule::filter(),
+            ],
+            'include' => [
+                'nullable',
+                'string',
+                JsonApiRule::includePaths(),
+            ],
+            'page' => [
+                'nullable',
+                'array',
+                JsonApiRule::page(),
+            ],
+            'sort' => [
+                'nullable',
+                'string',
+                JsonApiRule::sort(),
+            ],
+            'withCount' => [
+                'nullable',
+                'string',
+                JsonApiRule::countable(),
+            ],
+        ];
+    }
+}

app/JsonApi/V2/Accounts/AccountQuery.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace FireflyIII\JsonApi\V2\Accounts;
+
+use Illuminate\Support\Facades\Log;
+use LaravelJsonApi\Laravel\Http\Requests\ResourceQuery;
+use LaravelJsonApi\Validation\Rule as JsonApiRule;
+
+class AccountQuery extends ResourceQuery
+{
+
+    /**
+     * Get the validation rules that apply to the request query parameters.
+     *
+     * @return array
+     */
+    public function rules(): array
+    {
+        Log::debug(__METHOD__);;
+        return [
+            'fields' => [
+                'nullable',
+                'array',
+                JsonApiRule::fieldSets(),
+            ],
+            'filter' => [
+                'nullable',
+                'array',
+                JsonApiRule::filter()->forget('id'),
+            ],
+            'include' => [
+                'nullable',
+                'string',
+                JsonApiRule::includePaths(),
+            ],
+            'page' => JsonApiRule::notSupported(),
+            'sort' => JsonApiRule::notSupported(),
+            'withCount' => [
+                'nullable',
+                'string',
+                JsonApiRule::countable(),
+            ],
+        ];
+    }
+}

app/JsonApi/V2/Accounts/AccountResource.php

@@ -4,6 +4,7 @@ namespace FireflyIII\JsonApi\V2\Accounts;
 
 use FireflyIII\Models\Account;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;
 use LaravelJsonApi\Core\Resources\JsonApiResource;
 
 /**
@@ -31,6 +32,7 @@ class AccountResource extends JsonApiResource
      */
     public function attributes($request): iterable
     {
+        Log::debug(__METHOD__);
         return [
             'created_at' => $this->resource->created_at,
             'updated_at' => $this->resource->updated_at,

app/JsonApi/V2/Accounts/AccountSchema.php

@@ -4,6 +4,7 @@ namespace FireflyIII\JsonApi\V2\Accounts;
 
 use FireflyIII\Models\Account;
 use FireflyIII\Support\JsonApi\Concerns\UsergroupAware;
+use Illuminate\Support\Facades\Log;
 use LaravelJsonApi\Core\Schema\Schema;
 use LaravelJsonApi\Eloquent\Fields\Relations\HasOne;
 use LaravelJsonApi\NonEloquent\Fields\Attribute;
@@ -30,6 +31,7 @@ class AccountSchema extends Schema
      */
     public function fields(): array
     {
+        Log::debug(__METHOD__);;
         return [
             ID::make(),
             Attribute::make('name'),
@@ -44,6 +46,7 @@ class AccountSchema extends Schema
      */
     public function filters(): array
     {
+        Log::debug(__METHOD__);;
         return [
             // Filter::make('id'),
         ];
@@ -51,6 +54,10 @@ class AccountSchema extends Schema
 
     public function repository(): AccountRepository
     {
+        Log::debug(__METHOD__);;
+        // to access the repository, you need to have the necessary rights.
+
+
         $this->setUserGroup($this->server->getUsergroup());
         return AccountRepository::make()
                                 ->withServer($this->server)

app/JsonApi/V2/Accounts/Capabilities/AccountQuery.php

@@ -29,6 +29,7 @@ use FireflyIII\Support\JsonApi\ExpandsQuery;
 use FireflyIII\Support\JsonApi\FiltersPagination;
 use FireflyIII\Support\JsonApi\SortsCollection;
 use FireflyIII\Support\JsonApi\ValidateSortParameters;
+use Illuminate\Support\Facades\Log;
 use LaravelJsonApi\Contracts\Store\HasPagination;
 use LaravelJsonApi\NonEloquent\Capabilities\QueryAll;
 use LaravelJsonApi\NonEloquent\Concerns\PaginatesEnumerables;
@@ -48,6 +49,7 @@ class AccountQuery extends QueryAll implements HasPagination
      */
     public function get(): iterable
     {
+        Log::debug(__METHOD__);
         // collect filters
         $filters    = $this->queryParameters->filter();
         // collect sort options

app/JsonApi/V2/Server.php

@@ -30,6 +30,7 @@ class Server extends BaseServer
      */
     public function serving(): void
     {
+        // at this point the user may not actually have access to this user group.
         $res = $this->detectUserGroup();
         $this->setUserGroup($res);
     }