dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(auth): implement authorization checks for server updates across multiple components

Browse Source 
- Added authorization checks using the `authorize` method in various Livewire components to ensure only authorized users can update server settings.
- Updated `ServerPolicy` to restrict update permissions to admin users and their respective teams.
- Enhanced security and access control for server management functionalities.
This commit is contained in:
Andras Bacsai
2025-08-22 13:02:11 +02:00
parent 0748ef3ee5
commit 3ffc751f1a
10 changed files with 47 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Livewire/Server/ValidateAndInstall.php
View File

@@ -5,10 +5,13 @@ namespace App\Livewire\Server;
use App\Actions\Proxy\CheckProxy;
use App\Actions\Proxy\StartProxy;
use App\Models\Server;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Livewire\Component;
class ValidateAndInstall extends Component
{
use AuthorizesRequests;
public Server $server;
public int $number_of_tries = 0;
@@ -62,6 +65,7 @@ class ValidateAndInstall extends Component
public function validateConnection()
{
$this->authorize('update', $this->server);
['uptime' => $this->uptime, 'error' => $error] = $this->server->validateConnection();
if (! $this->uptime) {
$this->error = 'Server is not reachable. Please validate your configuration and connection.<br>Check this <a target="_blank" class="text-black underline dark:text-white" href="https://coolify.io/docs/knowledge-base/server/openssh">documentation</a> for further help. <br><br><div class="text-error">Error: '.$error.'</div>';