dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(security): add authorization checks for package updates in Livewire components

Browse Source
This commit is contained in:
Andras Bacsai
2025-08-22 14:43:18 +02:00
parent 8408205955
commit 37ee6717e9
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Livewire/Server/Security/Patches.php
View File

@@ -69,8 +69,9 @@ class Patches extends Component
public function updateAllPackages() public function updateAllPackages()
{ {
$this->authorize('update', $this->server);
if (! $this->packageManager || ! $this->osId) { if (! $this->packageManager || ! $this->osId) {
$this->dispatch('error', message: 'Run Check for updates first.'); $this->dispatch('error', message: 'Run "Check for updates" first.');
return; return;
} }
@@ -91,6 +92,7 @@ class Patches extends Component
public function updatePackage($package) public function updatePackage($package)
{ {
try { try {
$this->authorize('update', $this->server);
$activity = UpdatePackage::run(server: $this->server, packageManager: $this->packageManager, osId: $this->osId, package: $package); $activity = UpdatePackage::run(server: $this->server, packageManager: $this->packageManager, osId: $this->osId, package: $package);
$this->dispatch('activityMonitor', $activity->id, ServerPackageUpdated::class); $this->dispatch('activityMonitor', $activity->id, ServerPackageUpdated::class);
} catch (\Exception $e) { } catch (\Exception $e) {