middleware should allow, not deny

2024-10-30 19:06:50 +11:00
parent d4d63ff273
commit 6520235667
15 changed files with 149 additions and 211 deletions
--- a/resources/views/components/forms/checkbox.blade.php
+++ b/resources/views/components/forms/checkbox.blade.php
@@ -5,6 +5,7 @@
    'disabled' => false,
    'instantSave' => false,
    'value' => null,
+    'domValue' => null,
    'hideLabel' => false,
    'fullWidth' => false,
 ])
@@ -33,5 +34,7 @@
    <span class="flex-grow"></span>
    <input @disabled($disabled) type="checkbox" {{ $attributes->merge(['class' => $defaultClass]) }}
        @if ($instantSave) wire:loading.attr="disabled" wire:click='{{ $instantSave === 'instantSave' || $instantSave == '1' ? 'instantSave' : $instantSave }}'
-       wire:model={{ $id }} @else wire:model={{ $value ?? $id }} @endif />
+       wire:model="{{ $id }}" @else wire:model="{{ $value ?? $id }}" @endif
+       @if ($domValue) value="{{ $domValue }}" @endif
+    />
 </div>
--- a/resources/views/livewire/security/api-tokens.blade.php
+++ b/resources/views/livewire/security/api-tokens.blade.php
@@ -25,21 +25,20 @@
            <div class="flex gap-1 font-bold dark:text-white">
                @if ($permissions)
                    @foreach ($permissions as $permission)
-                        @if ($permission === '*')
-                            <div>Root access, be careful!</div>
-                        @else
-                            <div>{{ $permission }}</div>
-                        @endif
+                        <div>{{ $permission }}</div>
                    @endforeach
                @endif
            </div>
        </div>
+        @if (in_array('write', $permissions))
+            <div class="font-bold text-warning">Root access, be careful!</div>
+        @endif
        <h4>Token Permissions</h4>
        <div class="w-64">
-            <x-forms.checkbox label="Root Access" wire:model.live="rootAccess"></x-forms.checkbox>
-            <x-forms.checkbox label="Read-only" wire:model.live="readOnly"></x-forms.checkbox>
-            <x-forms.checkbox label="View Sensitive Data" wire:model.live="viewSensitiveData"></x-forms.checkbox>
-            <x-forms.checkbox label="Trigger Deploy Webhooks" wire:model.live="triggerDeploy"></x-forms.checkbox>
+            <x-forms.checkbox label="read" wire:model.live="permissions" domValue="read" :checked="in_array('read', $permissions)"></x-forms.checkbox>
+            <x-forms.checkbox label="read:sensitive" wire:model.live="permissions" domValue="read:sensitive" helper="Responses will include secrets, logs, passwords, and compose file contents" :checked="in_array('read:sensitive', $permissions)"></x-forms.checkbox>
+            <x-forms.checkbox label="write" wire:model.live="permissions" domValue="write" helper="Root access, be careful!" :checked="in_array('write', $permissions)"></x-forms.checkbox>
+            <x-forms.checkbox label="deploy" wire:model.live="permissions" domValue="deploy" helper="Can trigger deploy webhooks" :checked="in_array('deploy', $permissions)"></x-forms.checkbox>
        </div>
    </form>
    @if (session()->has('token'))