@@ -69,7 +69,6 @@ private function removeSensitiveData($application)
6969 $ application ->makeHidden ([
7070 'private_key_id ' ,
7171 ]);
72- $ this ->hideNestedServerSecrets ($ application );
7372 }
7473
7574 if ($ application ->is_shown_once ?? false ) {
@@ -79,31 +78,6 @@ private function removeSensitiveData($application)
7978 return serializeApiResponse ($ application );
8079 }
8180
82- private function hideNestedServerSecrets ($ model ): void
83- {
84- $ server = $ model ->destination ?->server ?? null ;
85- if (! $ server ) {
86- return ;
87- }
88-
89- $ server ->makeHidden ([
90- 'logdrain_axiom_api_key ' ,
91- 'logdrain_newrelic_license_key ' ,
92- ]);
93-
94- $ settings = $ server ->settings ?? null ;
95- if ($ settings ) {
96- $ settings ->makeHidden ([
97- 'sentinel_token ' ,
98- 'sentinel_custom_url ' ,
99- 'logdrain_newrelic_license_key ' ,
100- 'logdrain_axiom_api_key ' ,
101- 'logdrain_custom_config ' ,
102- 'logdrain_custom_config_parser ' ,
103- ]);
104- }
105- }
106-
10781 /**
10882 * Expose sensitive fields on eager-loaded nested Server + ServerSetting
10983 * relations for callers with the `read:sensitive` or `root` token ability.
@@ -184,8 +158,12 @@ public function applications(Request $request)
184158 }
185159
186160 $ tagName = $ request ->query ('tag ' );
161+ $ applicationRelations = $ request ->attributes ->get ('can_read_sensitive ' , false ) === true
162+ ? ['destination.server.settings ' ]
163+ : [];
187164
188165 $ applications = Application::ownedByCurrentTeamAPI ($ teamId )
166+ ->with ($ applicationRelations )
189167 ->when ($ tagName , function ($ query , $ tagName ) {
190168 $ query ->whereHas ('tags ' , function ($ query ) use ($ tagName ) {
191169 $ query ->where ('name ' , $ tagName );
0 commit comments