Make all services and groups available via the API (#69)

[Kovah]

I think this is a needed fix, because external services or scripts should have access to all data. If there is a use case where an API token should not access private data, different token permissions should probably be implemented.

I tested this the following way:

• Created a clean setup with demo data.
• Added a new test user.
• Logged in with both users, both can view private services and groups on the dashboard.
• Anonymous users can not view private services or groups on the dashboard.
• When authenticated with an API token, private services and groups are now displayed properly.

Of course, this should be pointed out in the release notes.

---

Testing locally can be done by building the binary. With Go and Node installed, run make build. Then start Statping with ./statping.
API testing can be done by setting an API secret right before starting Statping with export API_SECRET=super-secret-token. In a tool like Insomnia, you can point to http://localhost:8080/api/services with the secret as a Bearer token.

[adamboutcher]

I dont use the API, so I'm not sure what this changes exactly but your reasoning seems sensible to me...

[jemand771]

changes lgtm, but the (existing) api authentication handling is a bit confusing to me (i.e. who can see and/or modify which resources) - I'll have to look into that soon™

closing and reopening for now to (hopefully) trigger ci 👀

[a-camacho]

Any news when this PR can be merged ?
Thanks a lot !

[larswmh]

Would also really appreciate if this could be implemented, thanks

[a-camacho]

Would also really appreciate if this could be implemented, thanks

Any news ?
Thanks a lot !