dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(auth): implement authorization for Docker and server management

Browse Source 
- Added authorization checks in Livewire components related to Docker and server management to ensure only authorized users can create, update, and manage Docker instances and server settings.
- Introduced new policies for StandaloneDocker and SwarmDocker to define access control rules based on user roles and team associations.
- Updated AuthServiceProvider to register the new policies, enhancing security and access control for Docker functionalities and server management operations.
This commit is contained in:
Andras Bacsai
2025-08-22 14:04:25 +02:00
parent 6c75e89303
commit 6772cfe603
13 changed files with 244 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/Livewire/Server/Proxy/NewDynamicConfiguration.php
View File

@@ -4,11 +4,14 @@ namespace App\Livewire\Server\Proxy;
use App\Enums\ProxyTypes;
use App\Models\Server;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Livewire\Component;
use Symfony\Component\Yaml\Yaml;
class NewDynamicConfiguration extends Component
{
use AuthorizesRequests;
public string $fileName = '';
public string $value = '';
@@ -23,6 +26,7 @@ class NewDynamicConfiguration extends Component
public function mount()
{
$this->server = Server::ownedByCurrentTeam()->whereId($this->server_id)->first();
$this->parameters = get_route_parameters();
if ($this->fileName !== '') {
$this->fileName = str_replace('|', '.', $this->fileName);
@@ -32,6 +36,7 @@ class NewDynamicConfiguration extends Component
public function addDynamicConfiguration()
{
try {
$this->authorize('update', $this->server);
$this->validate([
'fileName' => 'required',
'value' => 'required',
@@ -39,9 +44,7 @@ class NewDynamicConfiguration extends Component
if (data_get($this->parameters, 'server_uuid')) {
$this->server = Server::ownedByCurrentTeam()->whereUuid(data_get($this->parameters, 'server_uuid'))->first();
}
if (! is_null($this->server_id)) {
$this->server = Server::ownedByCurrentTeam()->whereId($this->server_id)->first();
}
if (is_null($this->server)) {
return redirect()->route('server.index');
}