dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix: add middleware to new abilities, better ux for selecting permissions, etc.

Browse Source
This commit is contained in:
Andras Bacsai
2024-12-09 10:28:34 +01:00
parent 78f0ac80c1
commit 5bbcd7bf76
7 changed files with 191 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/Http/Kernel.php
View File

@@ -69,5 +69,6 @@ class Kernel extends HttpKernel
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'abilities' => \Laravel\Sanctum\Http\Middleware\CheckAbilities::class,
'ability' => \Laravel\Sanctum\Http\Middleware\CheckForAnyAbility::class,
'api.ability' => \App\Http\Middleware\ApiAbility::class,
];
}

23
app/Http/Middleware/ApiAbility.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
namespace App\Http\Middleware;
use Laravel\Sanctum\Http\Middleware\CheckForAnyAbility;
class ApiAbility extends CheckForAnyAbility
{
public function handle($request, $next, ...$abilities)
{
try {
return parent::handle($request, $next, ...$abilities);
} catch (\Illuminate\Auth\AuthenticationException $e) {
return response()->json([
'message' => 'Unauthenticated.',
], 401);
} catch (\Exception $e) {
return response()->json([
'message' => 'Missing required permissions: '.implode(', ', $abilities),
], 403);
}
}
}

16
app/Livewire/Security/ApiTokens.php
View File

@@ -26,14 +26,20 @@ class ApiTokens extends Component
$this->tokens = auth()->user()->tokens->sortByDesc('created_at');
}
public function updated()
public function updatedPermissions($permissionToUpdate)
{
if (count($this->permissions) == 0) {
$this->permissions = ['read'];
}
if (in_array('read:sensitive', $this->permissions) && !in_array('read', $this->permissions)) {
if ($permissionToUpdate == 'write') {
$this->permissions = ['write', 'deploy', 'read', 'read:sensitive'];
} elseif ($permissionToUpdate == 'read:sensitive' && ! in_array('read', $this->permissions)) {
$this->permissions[] = 'read';
} elseif ($permissionToUpdate == 'deploy') {
$this->permissions = ['deploy'];
} else {
if (count($this->permissions) == 0) {
$this->permissions = ['read'];
}
}
sort($this->permissions);
}
public function addNewToken()