Remove unused /api/authtokens/all endpoint (#3626)

Author: williamjallen

app/Http/Controllers/AuthTokenController.php

@@ -20,23 +20,6 @@ public function manage(): View
         return $this->vue('manage-auth-tokens', 'Authentication Tokens');
     }
 
-    /**
-     * Get all of the authentication tokens available across the entire system.
-     * This method is only available to administrators.
-     */
-    public function fetchAll(): JsonResponse
-    {
-        $token_array = AuthTokenUtil::getAllTokens();
-        $token_map = [];
-        foreach ($token_array as $token) {
-            $token_map[$token['hash']] = $token;
-        }
-
-        return response()->json([
-            'tokens' => $token_map,
-        ]);
-    }
-
     public function createToken(Request $request): JsonResponse
     {
         $fields = ['scope', 'description'];

app/Utils/AuthTokenUtil.php

@@ -8,7 +8,6 @@
 use App\Models\User;
 use CDash\Model\Project;
 use Illuminate\Auth\AuthenticationException;
-use Illuminate\Database\Eloquent\Collection;
 use Illuminate\Support\Carbon;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Config;
@@ -210,21 +209,6 @@ public static function deleteToken(string $token_hash, int $expected_user_id): b
         return $auth_token->delete() > 0;
     }
 
-    /**
-     * Contract: we assume that the user has already been validated and blindly return a list of
-     * all auth tokens.  It is your responsibility as a user of this method to ensure that only
-     * administrators can access it.
-     *
-     * @return Collection<int,AuthToken>
-     */
-    public static function getAllTokens(): Collection
-    {
-        return AuthToken::select('authtoken.*', 'project.name AS projectname', 'users.firstname AS owner_firstname', 'users.lastname AS owner_lastname')
-            ->leftJoin('project', 'project.id', '=', 'authtoken.projectid')
-            ->leftJoin('users', 'users.id', '=', 'authtoken.userid')
-            ->get();
-    }
-
     public static function hashToken(?string $unhashed_token): string
     {
         if ($unhashed_token === null || $unhashed_token === '') {

phpstan-baseline.neon

@@ -630,12 +630,6 @@ parameters:
 			count: 1
 			path: app/Http/Controllers/AuthTokenController.php
 
-		-
-			rawMessage: Possibly invalid array key type mixed.
-			identifier: offsetAccess.invalidOffset
-			count: 1
-			path: app/Http/Controllers/AuthTokenController.php
-
 		-
 			rawMessage: 'Argument of an invalid type array|false supplied for foreach, only iterables are supported.'
 			identifier: foreach.nonIterable

routes/api.php

@@ -70,8 +70,6 @@
     Route::match(['get', 'post'], '/v1/manageOverview.php', 'ProjectOverviewController@apiManageOverview');
 
     Route::middleware(['admin'])->group(function (): void {
-        Route::get('/authtokens/all', 'AuthTokenController@fetchAll');
-
         Route::get('/monitor', 'MonitorController@get');
     });
 });