dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(acl): Change views/backend code to able to use proper ACL's later on. Currently it is not enabled.

Browse Source
This commit is contained in:
Andras Bacsai
2025-08-26 10:27:31 +02:00
parent 5a88377a67
commit 63fcc0ebc3
159 changed files with 3610 additions and 1922 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
app/Livewire/Project/Service/Configuration.php
View File

@@ -3,11 +3,14 @@
namespace App\Livewire\Project\Service;
use App\Models\Service;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Support\Facades\Auth;
use Livewire\Component;
class Configuration extends Component
{
use AuthorizesRequests;
public $currentRoute;
public $project;
@@ -40,24 +43,30 @@ class Configuration extends Component
public function mount()
{
$this->parameters = get_route_parameters();
$this->currentRoute = request()->route()->getName();
$this->query = request()->query();
$project = currentTeam()
->projects()
->select('id', 'uuid', 'team_id')
->where('uuid', request()->route('project_uuid'))
->firstOrFail();
$environment = $project->environments()
->select('id', 'uuid', 'name', 'project_id')
->where('uuid', request()->route('environment_uuid'))
->firstOrFail();
$this->service = $environment->services()->whereUuid(request()->route('service_uuid'))->firstOrFail();
try {
$this->parameters = get_route_parameters();
$this->currentRoute = request()->route()->getName();
$this->query = request()->query();
$project = currentTeam()
->projects()
->select('id', 'uuid', 'team_id')
->where('uuid', request()->route('project_uuid'))
->firstOrFail();
$environment = $project->environments()
->select('id', 'uuid', 'name', 'project_id')
->where('uuid', request()->route('environment_uuid'))
->firstOrFail();
$this->service = $environment->services()->whereUuid(request()->route('service_uuid'))->firstOrFail();
$this->project = $project;
$this->environment = $environment;
$this->applications = $this->service->applications->sort();
$this->databases = $this->service->databases->sort();
$this->authorize('view', $this->service);
$this->project = $project;
$this->environment = $environment;
$this->applications = $this->service->applications->sort();
$this->databases = $this->service->databases->sort();
} catch (\Throwable $e) {
return handleError($e, $this);
}
}
public function refreshServices()
@@ -70,6 +79,7 @@ class Configuration extends Component
public function restartApplication($id)
{
try {
$this->authorize('update', $this->service);
$application = $this->service->applications->find($id);
if ($application) {
$application->restart();
@@ -83,6 +93,7 @@ class Configuration extends Component
public function restartDatabase($id)
{
try {
$this->authorize('update', $this->service);
$database = $this->service->databases->find($id);
if ($database) {
$database->restart();

102
app/Livewire/Project/Service/Database.php
View File

@@ -6,6 +6,7 @@ use App\Actions\Database\StartDatabaseProxy;
use App\Actions\Database\StopDatabaseProxy;
use App\Models\InstanceSettings;
use App\Models\ServiceDatabase;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
@@ -13,6 +14,8 @@ use Livewire\Component;
class Database extends Component
{
use AuthorizesRequests;
public ServiceDatabase $database;
public ?string $db_url_public = null;
@@ -40,24 +43,31 @@ class Database extends Component
public function mount()
{
$this->parameters = get_route_parameters();
if ($this->database->is_public) {
$this->db_url_public = $this->database->getServiceDatabaseUrl();
try {
$this->parameters = get_route_parameters();
$this->authorize('view', $this->database);
if ($this->database->is_public) {
$this->db_url_public = $this->database->getServiceDatabaseUrl();
}
$this->refreshFileStorages();
} catch (\Throwable $e) {
return handleError($e, $this);
}
$this->refreshFileStorages();
}
public function delete($password)
{
if (! data_get(InstanceSettings::get(), 'disable_two_step_confirmation')) {
if (! Hash::check($password, Auth::user()->password)) {
$this->addError('password', 'The provided password is incorrect.');
return;
}
}
try {
$this->authorize('delete', $this->database);
if (! data_get(InstanceSettings::get(), 'disable_two_step_confirmation')) {
if (! Hash::check($password, Auth::user()->password)) {
$this->addError('password', 'The provided password is incorrect.');
return;
}
}
$this->database->delete();
$this->dispatch('success', 'Database deleted.');
@@ -69,24 +79,35 @@ class Database extends Component
public function instantSaveExclude()
{
$this->submit();
try {
$this->authorize('update', $this->database);
$this->submit();
} catch (\Throwable $e) {
return handleError($e, $this);
}
}
public function instantSaveLogDrain()
{
if (! $this->database->service->destination->server->isLogDrainEnabled()) {
$this->database->is_log_drain_enabled = false;
$this->dispatch('error', 'Log drain is not enabled on the server. Please enable it first.');
try {
$this->authorize('update', $this->database);
if (! $this->database->service->destination->server->isLogDrainEnabled()) {
$this->database->is_log_drain_enabled = false;
$this->dispatch('error', 'Log drain is not enabled on the server. Please enable it first.');
return;
return;
}
$this->submit();
$this->dispatch('success', 'You need to restart the service for the changes to take effect.');
} catch (\Throwable $e) {
return handleError($e, $this);
}
$this->submit();
$this->dispatch('success', 'You need to restart the service for the changes to take effect.');
}
public function convertToApplication()
{
try {
$this->authorize('update', $this->database);
$service = $this->database->service;
$serviceDatabase = $this->database;
@@ -122,28 +143,33 @@ class Database extends Component
public function instantSave()
{
if ($this->database->is_public && ! $this->database->public_port) {
$this->dispatch('error', 'Public port is required.');
$this->database->is_public = false;
return;
}
if ($this->database->is_public) {
if (! str($this->database->status)->startsWith('running')) {
$this->dispatch('error', 'Database must be started to be publicly accessible.');
try {
$this->authorize('update', $this->database);
if ($this->database->is_public && ! $this->database->public_port) {
$this->dispatch('error', 'Public port is required.');
$this->database->is_public = false;
return;
}
StartDatabaseProxy::run($this->database);
$this->db_url_public = $this->database->getServiceDatabaseUrl();
$this->dispatch('success', 'Database is now publicly accessible.');
} else {
StopDatabaseProxy::run($this->database);
$this->db_url_public = null;
$this->dispatch('success', 'Database is no longer publicly accessible.');
if ($this->database->is_public) {
if (! str($this->database->status)->startsWith('running')) {
$this->dispatch('error', 'Database must be started to be publicly accessible.');
$this->database->is_public = false;
return;
}
StartDatabaseProxy::run($this->database);
$this->db_url_public = $this->database->getServiceDatabaseUrl();
$this->dispatch('success', 'Database is now publicly accessible.');
} else {
StopDatabaseProxy::run($this->database);
$this->db_url_public = null;
$this->dispatch('success', 'Database is no longer publicly accessible.');
}
$this->submit();
} catch (\Throwable $e) {
return handleError($e, $this);
}
$this->submit();
}
public function refreshFileStorages()
@@ -154,11 +180,13 @@ class Database extends Component
public function submit()
{
try {
$this->authorize('update', $this->database);
$this->validate();
$this->database->save();
updateCompose($this->database);
$this->dispatch('success', 'Database saved.');
} catch (\Throwable) {
} catch (\Throwable $e) {
return handleError($e, $this);
} finally {
$this->dispatch('generateDockerCompose');
}

13
app/Livewire/Project/Service/FileStorage.php
View File

@@ -15,12 +15,15 @@ use App\Models\StandaloneMongodb;
use App\Models\StandaloneMysql;
use App\Models\StandalonePostgresql;
use App\Models\StandaloneRedis;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Livewire\Component;
class FileStorage extends Component
{
use AuthorizesRequests;
public LocalFileVolume $fileStorage;
public ServiceApplication|StandaloneRedis|StandalonePostgresql|StandaloneMongodb|StandaloneMysql|StandaloneMariadb|StandaloneKeydb|StandaloneDragonfly|StandaloneClickhouse|ServiceDatabase|Application $resource;
@@ -54,6 +57,8 @@ class FileStorage extends Component
public function convertToDirectory()
{
try {
$this->authorize('update', $this->resource);
$this->fileStorage->deleteStorageOnServer();
$this->fileStorage->is_directory = true;
$this->fileStorage->content = null;
@@ -70,6 +75,8 @@ class FileStorage extends Component
public function loadStorageOnServer()
{
try {
$this->authorize('update', $this->resource);
$this->fileStorage->loadStorageOnServer();
$this->dispatch('success', 'File storage loaded from server.');
} catch (\Throwable $e) {
@@ -82,6 +89,8 @@ class FileStorage extends Component
public function convertToFile()
{
try {
$this->authorize('update', $this->resource);
$this->fileStorage->deleteStorageOnServer();
$this->fileStorage->is_directory = false;
$this->fileStorage->content = null;
@@ -99,6 +108,8 @@ class FileStorage extends Component
public function delete($password)
{
$this->authorize('update', $this->resource);
if (! data_get(InstanceSettings::get(), 'disable_two_step_confirmation')) {
if (! Hash::check($password, Auth::user()->password)) {
$this->addError('password', 'The provided password is incorrect.');
@@ -127,6 +138,8 @@ class FileStorage extends Component
public function submit()
{
$this->authorize('update', $this->resource);
$original = $this->fileStorage->getOriginal();
try {
$this->validate();

11
app/Livewire/Project/Service/Index.php
View File

@@ -5,11 +5,14 @@ namespace App\Livewire\Project\Service;
use App\Models\Service;
use App\Models\ServiceApplication;
use App\Models\ServiceDatabase;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Support\Collection;
use Livewire\Component;
class Index extends Component
{
use AuthorizesRequests;
public ?Service $service = null;
public ?ServiceApplication $serviceApplication = null;
@@ -36,6 +39,7 @@ class Index extends Component
if (! $this->service) {
return redirect()->route('dashboard');
}
$this->authorize('view', $this->service);
$service = $this->service->applications()->whereUuid($this->parameters['stack_service_uuid'])->first();
if ($service) {
$this->serviceApplication = $service;
@@ -52,7 +56,12 @@ class Index extends Component
public function generateDockerCompose()
{
$this->service->parse();
try {
$this->authorize('update', $this->service);
$this->service->parse();
} catch (\Throwable $e) {
return handleError($e, $this);
}
}
public function render()

54
app/Livewire/Project/Service/ServiceApplicationView.php
View File

@@ -4,6 +4,7 @@ namespace App\Livewire\Project\Service;
use App\Models\InstanceSettings;
use App\Models\ServiceApplication;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
@@ -12,6 +13,8 @@ use Spatie\Url\Url;
class ServiceApplicationView extends Component
{
use AuthorizesRequests;
public ServiceApplication $application;
public $parameters;
@@ -34,32 +37,44 @@ class ServiceApplicationView extends Component
public function instantSave()
{
$this->submit();
try {
$this->authorize('update', $this->application);
$this->submit();
} catch (\Throwable $e) {
return handleError($e, $this);
}
}
public function instantSaveAdvanced()
{
if (! $this->application->service->destination->server->isLogDrainEnabled()) {
$this->application->is_log_drain_enabled = false;
$this->dispatch('error', 'Log drain is not enabled on the server. Please enable it first.');
try {
$this->authorize('update', $this->application);
if (! $this->application->service->destination->server->isLogDrainEnabled()) {
$this->application->is_log_drain_enabled = false;
$this->dispatch('error', 'Log drain is not enabled on the server. Please enable it first.');
return;
return;
}
$this->application->save();
$this->dispatch('success', 'You need to restart the service for the changes to take effect.');
} catch (\Throwable $e) {
return handleError($e, $this);
}
$this->application->save();
$this->dispatch('success', 'You need to restart the service for the changes to take effect.');
}
public function delete($password)
{
if (! data_get(InstanceSettings::get(), 'disable_two_step_confirmation')) {
if (! Hash::check($password, Auth::user()->password)) {
$this->addError('password', 'The provided password is incorrect.');
return;
}
}
try {
$this->authorize('delete', $this->application);
if (! data_get(InstanceSettings::get(), 'disable_two_step_confirmation')) {
if (! Hash::check($password, Auth::user()->password)) {
$this->addError('password', 'The provided password is incorrect.');
return;
}
}
$this->application->delete();
$this->dispatch('success', 'Application deleted.');
@@ -71,12 +86,18 @@ class ServiceApplicationView extends Component
public function mount()
{
$this->parameters = get_route_parameters();
try {
$this->parameters = get_route_parameters();
$this->authorize('view', $this->application);
} catch (\Throwable $e) {
return handleError($e, $this);
}
}
public function convertToDatabase()
{
try {
$this->authorize('update', $this->application);
$service = $this->application->service;
$serviceApplication = $this->application;
@@ -111,6 +132,7 @@ class ServiceApplicationView extends Component
public function submit()
{
try {
$this->authorize('update', $this->application);
$this->application->fqdn = str($this->application->fqdn)->replaceEnd(',', '')->trim();
$this->application->fqdn = str($this->application->fqdn)->replaceStart(',', '')->trim();
$this->application->fqdn = str($this->application->fqdn)->trim()->explode(',')->map(function ($domain) {

5
app/Livewire/Project/Service/Storage.php
View File

@@ -3,10 +3,13 @@
namespace App\Livewire\Project\Service;
use App\Models\LocalPersistentVolume;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Livewire\Component;
class Storage extends Component
{
use AuthorizesRequests;
public $resource;
public $fileStorage;
@@ -42,6 +45,8 @@ class Storage extends Component
public function addNewVolume($data)
{
try {
$this->authorize('update', $this->resource);
LocalPersistentVolume::create([
'name' => $data['name'],
'mount_path' => $data['mount_path'],