From 93253acd1d1a6504be866f54539a2442d880918e Mon Sep 17 00:00:00 2001
From: Tim Cowlishaw <tim@timcowlishaw.co.uk>
Date: Wed, 7 Feb 2024 18:56:02 +0100
Subject: [PATCH] dont show mac address outside hardware info

---
 app/views/v0/devices/_device.jbuilder |  2 --
 spec/requests/v0/devices_spec.rb      | 18 +++++++++---------
 2 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/app/views/v0/devices/_device.jbuilder b/app/views/v0/devices/_device.jbuilder
index 8b00ae18..2ae33a62 100644
--- a/app/views/v0/devices/_device.jbuilder
+++ b/app/views/v0/devices/_device.jbuilder
@@ -22,10 +22,8 @@ json.(
 authorized = current_user && (current_user.is_admin? || (device.owner_id && current_user.id == device.owner_id))
 
 if authorized
-  json.merge! mac_address: device.mac_address
   json.merge! device_token: device.device_token
 else
-  json.merge! mac_address: '[FILTERED]'
   json.merge! device_token: '[FILTERED]'
 end
 
diff --git a/spec/requests/v0/devices_spec.rb b/spec/requests/v0/devices_spec.rb
index 17fa50ad..d37efc26 100644
--- a/spec/requests/v0/devices_spec.rb
+++ b/spec/requests/v0/devices_spec.rb
@@ -24,7 +24,7 @@
       expect(json.length).to eq(2)
       # expect(json[0]['name']).to eq(first.name)
       # expect(json[1]['name']).to eq(second.name)
-      expect(json[0].keys).to eq(%w(id uuid name description state postprocessing system_tags user_tags is_private notify_low_battery notify_stopped_publishing last_reading_at created_at updated_at mac_address device_token hardware owner data))
+      expect(json[0].keys).to eq(%w(id uuid name description state postprocessing system_tags user_tags is_private notify_low_battery notify_stopped_publishing last_reading_at created_at updated_at device_token hardware owner data))
     end
 
     describe "when not logged in" do
@@ -254,25 +254,25 @@
 
     describe "mac_address" do
 
-      it "filters mac address from guests" do
+      it "filters hardware info from guests" do
         j = api_get "devices/#{device.id}"
-        expect(j['mac_address']).to eq('[FILTERED]')
+        expect(j['hardware']['info']).to eq('[FILTERED]')
       end
 
-      it "filters mac address from users" do
+      it "filters hardware info from users" do
         j = api_get "devices/#{device.id}?access_token=#{token.token}"
-        expect(j['mac_address']).to eq('[FILTERED]')
+        expect(j['hardware']['info']).to eq('[FILTERED]')
       end
 
-      it "exposes mac address to device owner" do
+      it "exposes hardware info to device owner" do
         device = create(:device, owner: user)
         j = api_get "devices/#{device.id}?access_token=#{token.token}"
-        expect(j['mac_address']).to eq(device.mac_address)
+        expect(j['hardware']['info']).to eq(device.hardware_info)
       end
 
-      it "exposes mac address to admin" do
+      it "exposes hardware info address to admin" do
         j = api_get "devices/#{device.id}?access_token=#{admin_token.token}"
-        expect(j['mac_address']).to eq(device.mac_address)
+        expect(j['hardware']['info']).to eq(device.hardware_info)
       end
 
     end