dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(acl): Change views/backend code to able to use proper ACL's later on. Currently it is not enabled.

Browse Source
This commit is contained in:
Andras Bacsai
2025-08-26 10:27:31 +02:00
parent 5a88377a67
commit 63fcc0ebc3
159 changed files with 3610 additions and 1922 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
resources/views/livewire/security/api-tokens.blade.php
View File

@@ -12,44 +12,58 @@
<div>Tokens are created with the current team as scope.</div>
</div>
<h3>New Token</h3>
<form class="flex flex-col gap-2" wire:submit='addNewToken'>
<div class="flex gap-2 items-end w-96">
<x-forms.input required id="description" label="Description" />
<x-forms.button type="submit">Create</x-forms.button>
</div>
<div class="flex">
Permissions
<x-helper class="px-1" helper="These permissions will be granted to the token." /><span
class="pr-1">:</span>
<div class="flex gap-1 font-bold dark:text-white">
@if ($permissions)
@foreach ($permissions as $permission)
<div>{{ $permission }}</div>
@endforeach
@can('create', App\Models\PersonalAccessToken::class)
<form class="flex flex-col gap-2" wire:submit='addNewToken'>
<div class="flex gap-2 items-end w-96">
<x-forms.input required id="description" label="Description" />
<x-forms.button type="submit">Create</x-forms.button>
</div>
<div class="flex">
Permissions
<x-helper class="px-1" helper="These permissions will be granted to the token." /><span
class="pr-1">:</span>
<div class="flex gap-1 font-bold dark:text-white">
@if ($permissions)
@foreach ($permissions as $permission)
<div>{{ $permission }}</div>
@endforeach
@endif
</div>
</div>
<h4>Token Permissions</h4>
<div class="w-64">
@if ($canUseRootPermissions)
<x-forms.checkbox label="root" wire:model.live="permissions" domValue="root"
helper="Root access, be careful!" :checked="in_array('root', $permissions)"></x-forms.checkbox>
@else
<x-forms.checkbox label="root (admin/owner only)" disabled domValue="root"
helper="Root access requires admin or owner role" :checked="false"></x-forms.checkbox>
@endif
@if (!in_array('root', $permissions))
@if ($canUseWritePermissions)
<x-forms.checkbox label="write" wire:model.live="permissions" domValue="write"
helper="Write access to all resources." :checked="in_array('write', $permissions)"></x-forms.checkbox>
@else
<x-forms.checkbox label="write (admin/owner only)" disabled domValue="write"
helper="Write access requires admin or owner role" :checked="false"></x-forms.checkbox>
@endif
<x-forms.checkbox label="deploy" wire:model.live="permissions" domValue="deploy"
helper="Can trigger deploy webhooks." :checked="in_array('deploy', $permissions)"></x-forms.checkbox>
<x-forms.checkbox label="read" domValue="read" wire:model.live="permissions" domValue="read"
:checked="in_array('read', $permissions)"></x-forms.checkbox>
<x-forms.checkbox label="read:sensitive" wire:model.live="permissions" domValue="read:sensitive"
helper="Responses will include secrets, logs, passwords, and compose file contents."
:checked="in_array('read:sensitive', $permissions)"></x-forms.checkbox>
@endif
</div>
</div>
<h4>Token Permissions</h4>
<div class="w-64">
<x-forms.checkbox label="root" wire:model.live="permissions" domValue="root"
helper="Root access, be careful!" :checked="in_array('root', $permissions)"></x-forms.checkbox>
@if (!in_array('root', $permissions))
<x-forms.checkbox label="write" wire:model.live="permissions" domValue="write"
helper="Write access to all resources." :checked="in_array('write', $permissions)"></x-forms.checkbox>
<x-forms.checkbox label="deploy" wire:model.live="permissions" domValue="deploy"
helper="Can trigger deploy webhooks." :checked="in_array('deploy', $permissions)"></x-forms.checkbox>
<x-forms.checkbox label="read" domValue="read" wire:model.live="permissions" domValue="read"
:checked="in_array('read', $permissions)"></x-forms.checkbox>
<x-forms.checkbox label="read:sensitive" wire:model.live="permissions" domValue="read:sensitive"
helper="Responses will include secrets, logs, passwords, and compose file contents."
:checked="in_array('read:sensitive', $permissions)"></x-forms.checkbox>
@if (in_array('root', $permissions))
<div class="font-bold dark:text-warning">Root access, be careful!</div>
@endif
</div>
@if (in_array('root', $permissions))
<div class="font-bold dark:text-warning">Root access, be careful!</div>
@endif
</form>
</form>
@endcan
@if (session()->has('token'))
<div class="py-4 font-bold dark:text-warning">Please copy this token now. For your security, it won't be shown
again.
@@ -72,15 +86,17 @@
@endif
</div>
<x-modal-confirmation title="Confirm API Token Revocation?" isErrorButton buttonTitle="Revoke token"
submitAction="revoke({{ data_get($token, 'id') }})" :actions="[
'This API Token will be revoked and permanently deleted.',
'Any API call made with this token will fail.',
]"
confirmationText="{{ $token->name }}"
confirmationLabel="Please confirm the execution of the actions by entering the API Token Description below"
shortConfirmationLabel="API Token Description" :confirmWithPassword="false"
step2ButtonText="Revoke API Token" />
@if (auth()->id() === $token->tokenable_id)
<x-modal-confirmation title="Confirm API Token Revocation?" isErrorButton buttonTitle="Revoke token"
submitAction="revoke({{ data_get($token, 'id') }})" :actions="[
'This API Token will be revoked and permanently deleted.',
'Any API call made with this token will fail.',
]"
confirmationText="{{ $token->name }}"
confirmationLabel="Please confirm the execution of the actions by entering the API Token Description below"
shortConfirmationLabel="API Token Description" :confirmWithPassword="false"
step2ButtonText="Revoke API Token" />
@endif
</div>
@empty
<div>

14
resources/views/livewire/security/private-key/index.blade.php
View File

@@ -2,11 +2,15 @@
<x-security.navbar />
<div class="flex gap-2">
<h2 class="pb-4">Private Keys</h2>
<x-modal-input buttonTitle="+ Add" title="New Private Key">
<livewire:security.private-key.create />
</x-modal-input>
<x-modal-confirmation title="Confirm unused SSH Key Deletion?" buttonTitle="Delete unused SSH Keys" isErrorButton
submitAction="cleanupUnusedKeys" :actions="['All unused SSH keys (marked with unused) are permanently deleted.']" :confirmWithText="false" :confirmWithPassword="false" />
@can('create', App\Models\PrivateKey::class)
<x-modal-input buttonTitle="+ Add" title="New Private Key">
<livewire:security.private-key.create />
</x-modal-input>
@endcan
@can('create', App\Models\PrivateKey::class)
<x-modal-confirmation title="Confirm unused SSH Key Deletion?" buttonTitle="Delete unused SSH Keys" isErrorButton
submitAction="cleanupUnusedKeys" :actions="['All unused SSH keys (marked with unused) are permanently deleted.']" :confirmWithText="false" :confirmWithPassword="false" />
@endcan
</div>
<div class="grid gap-4 lg:grid-cols-2">
@forelse ($privateKeys as $key)

34
resources/views/livewire/security/private-key/show.blade.php
View File

@@ -7,32 +7,34 @@
<form class="flex flex-col" wire:submit='changePrivateKey'>
<div class="flex items-start gap-2">
<h2 class="pb-4">Private Key</h2>
<x-forms.button type="submit">
<x-forms.button canGate="update" :canResource="$private_key" type="submit">
Save
</x-forms.button>
@if (data_get($private_key, 'id') > 0)
<x-modal-confirmation title="Confirm Private Key Deletion?" isErrorButton buttonTitle="Delete"
submitAction="delete({{ $private_key->id }})" :actions="[
'This private key will be permanently deleted.',
'All servers connected to this private key will stop working.',
'Any git app using this private key will stop working.',
]"
confirmationText="{{ $private_key->name }}"
confirmationLabel="Please confirm the execution of the actions by entering the Private Key Name below"
shortConfirmationLabel="Private Key Name" :confirmWithPassword="false"
step2ButtonText="Delete Private Key" />
@can('delete', $private_key)
<x-modal-confirmation title="Confirm Private Key Deletion?" isErrorButton buttonTitle="Delete"
submitAction="delete({{ $private_key->id }})" :actions="[
'This private key will be permanently deleted.',
'All servers connected to this private key will stop working.',
'Any git app using this private key will stop working.',
]"
confirmationText="{{ $private_key->name }}"
confirmationLabel="Please confirm the execution of the actions by entering the Private Key Name below"
shortConfirmationLabel="Private Key Name" :confirmWithPassword="false"
step2ButtonText="Delete Private Key" />
@endcan
@endif
</div>
<div class="flex flex-col gap-2">
<div class="flex gap-2">
<x-forms.input id="private_key.name" label="Name" required />
<x-forms.input id="private_key.description" label="Description" />
<x-forms.input canGate="update" :canResource="$private_key" id="private_key.name" label="Name" required />
<x-forms.input canGate="update" :canResource="$private_key" id="private_key.description" label="Description" />
</div>
<div>
<div class="flex items-end gap-2 py-2 ">
<div class="pl-1">Public Key</div>
</div>
<x-forms.input readonly id="public_key" />
<x-forms.input canGate="update" :canResource="$private_key" readonly id="public_key" />
<div class="flex items-end gap-2 py-2 ">
<div class="pl-1">Private Key <span class='text-helper'>*</span></div>
<div class="text-xs underline cursor-pointer dark:text-white" x-cloak x-show="!showPrivateKey"
@@ -50,11 +52,11 @@
</div>
@endif
<div x-cloak x-show="!showPrivateKey">
<x-forms.input allowToPeak="false" type="password" rows="10" id="private_key.private_key"
<x-forms.input canGate="update" :canResource="$private_key" allowToPeak="false" type="password" rows="10" id="private_key.private_key"
required disabled />
</div>
<div x-cloak x-show="showPrivateKey">
<x-forms.textarea rows="10" id="private_key.private_key" required />
<x-forms.textarea canGate="update" :canResource="$private_key" rows="10" id="private_key.private_key" required />
</div>
</div>
</div>