New store_all_requests config value (#43)

Co-authored-by: bernardotavares <bernardopt@goparity.com>
Co-authored-by: Luke Towers <github@luketowers.ca>

Author: 3 people

config/config.php

@@ -32,6 +32,28 @@
 
     'allow_public_access' => false,
 
+    /*
+     |--------------------------------------------------------------------------
+     | Store all requests
+     |--------------------------------------------------------------------------
+     |
+     | For security reasons the debugbar will only store requests by a
+     | backend user with the rainlab.debugbar.access_debugbar permission.
+     |
+     | If you are not concerned about security (for instance, you are in
+     | a local environment) you can set this to true to log all requests.
+     |
+     | Usefull if you want to log requests from Postman without having to worry
+     | about authentication. WARNING: All stored requests are publicly available without
+     | any authentication, so do NOT enable this on an environment that's exposed to the
+     | internet.
+
+     |
+     */
+
+    'store_all_requests' => false,
+
+
     /*
      |--------------------------------------------------------------------------
      | Routes to exclude
@@ -230,4 +252,4 @@
      */
 
     'route_domain' => null,
-];
+];

middleware/InjectDebugbar.php

@@ -37,7 +37,8 @@ public function handle($request, Closure $next)
 
         $user = BackendAuth::getUser();
 
-        if (!$user || !$user->hasAccess('rainlab.debugbar.access_stored_requests')) {
+        if ((!$user || !$user->hasAccess('rainlab.debugbar.access_stored_requests')) &&
+            !Config::get('rainlab.debugbar::store_all_requests', false)) {
             // Disable stored requests
             // Note: this will completely disable storing requests from any users
             // without the required permission. If that functionality is desired again