/**
* Display a listing of the resource.
*
* @param $instance_id
* @return \Illuminate\Http\Response
*/
public function index($instance_id)
{
// If user has not permission to list users, log it and deny access (HTTP 403)
if (Gate::denies('list-instance-users', [User::class, $instance_id])) {
Log::info('Access denied for instance user listing.', ['auth_user' => auth()->user(), 'request_ip' => request()->ip(), 'instance_id' => $instance_id]);
abort(403);
}
return response()->json(User::fromInstance($instance_id)->get());
}
