From 1546a823c50c22e309f1e4bb06937130c74d51e4 Mon Sep 17 00:00:00 2001
From: fipwmaqzufheoxq92ebc
 <29818044+fipwmaqzufheoxq92ebc@users.noreply.github.com>
Date: Wed, 2 Sep 2020 11:08:48 +0200
Subject: [PATCH] Show only API-Keys for current user

---
 controllers/OpenApiController.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/controllers/OpenApiController.php b/controllers/OpenApiController.php
index 6b9e6177..813af27f 100644
--- a/controllers/OpenApiController.php
+++ b/controllers/OpenApiController.php
@@ -2,12 +2,17 @@
 
 namespace Grocy\Controllers;
 
+use Grocy\Controllers\Users\User;
+
 class OpenApiController extends BaseApiController
 {
 	public function ApiKeysList(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
+		$apiKeys = $this->getDatabase()->api_keys();
+		if(!User::hasPermissions(User::PERMISSION_ADMIN))
+			$apiKeys = $apiKeys->where('user_id', GROCY_USER_ID);
 		return $this->renderPage($response, 'manageapikeys', [
-			'apiKeys' => $this->getDatabase()->api_keys(),
+			'apiKeys' =>$apiKeys,
 			'users' => $this->getDatabase()->users()
 		]);
 	}