feat(auth): add comprehensive authorization checks for all kind of resource creations

app/Livewire/Project/Resource/Create.php

@@ -2,19 +2,42 @@
 
 namespace App\Livewire\Project\Resource;
 
+use App\Models\Application;
 use App\Models\EnvironmentVariable;
 use App\Models\Service;
+use App\Models\StandaloneClickhouse;
 use App\Models\StandaloneDocker;
+use App\Models\StandaloneDragonfly;
+use App\Models\StandaloneKeydb;
+use App\Models\StandaloneMariadb;
+use App\Models\StandaloneMongodb;
+use App\Models\StandaloneMysql;
+use App\Models\StandalonePostgresql;
+use App\Models\StandaloneRedis;
+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Livewire\Component;
 
 class Create extends Component
 {
+    use AuthorizesRequests;
+
     public $type;
 
     public $project;
 
     public function mount()
     {
+        $this->authorize('create', StandalonePostgresql::class);
+        $this->authorize('create', StandaloneRedis::class);
+        $this->authorize('create', StandaloneMongodb::class);
+        $this->authorize('create', StandaloneMysql::class);
+        $this->authorize('create', StandaloneMariadb::class);
+        $this->authorize('create', StandaloneKeydb::class);
+        $this->authorize('create', StandaloneDragonfly::class);
+        $this->authorize('create', StandaloneClickhouse::class);
+        $this->authorize('create', Service::class);
+        $this->authorize('create', Application::class);
+
         $type = str(request()->query('type'));
         $destination_uuid = request()->query('destination');
         $server_id = request()->query('server_id');
@@ -34,24 +57,32 @@ class Create extends Component
 
             if (in_array($type, DATABASE_TYPES)) {
                 if ($type->value() === 'postgresql') {
+                    $this->authorize('create', StandalonePostgresql::class);
                     $database = create_standalone_postgresql(
                         environmentId: $environment->id,
                         destinationUuid: $destination_uuid,
                         databaseImage: $database_image
                     );
                 } elseif ($type->value() === 'redis') {
+                    $this->authorize('create', StandaloneRedis::class);
                     $database = create_standalone_redis($environment->id, $destination_uuid);
                 } elseif ($type->value() === 'mongodb') {
+                    $this->authorize('create', StandaloneMongodb::class);
                     $database = create_standalone_mongodb($environment->id, $destination_uuid);
                 } elseif ($type->value() === 'mysql') {
+                    $this->authorize('create', StandaloneMysql::class);
                     $database = create_standalone_mysql($environment->id, $destination_uuid);
                 } elseif ($type->value() === 'mariadb') {
+                    $this->authorize('create', StandaloneMariadb::class);
                     $database = create_standalone_mariadb($environment->id, $destination_uuid);
                 } elseif ($type->value() === 'keydb') {
+                    $this->authorize('create', StandaloneKeydb::class);
                     $database = create_standalone_keydb($environment->id, $destination_uuid);
                 } elseif ($type->value() === 'dragonfly') {
+                    $this->authorize('create', StandaloneDragonfly::class);
                     $database = create_standalone_dragonfly($environment->id, $destination_uuid);
                 } elseif ($type->value() === 'clickhouse') {
+                    $this->authorize('create', StandaloneClickhouse::class);
                     $database = create_standalone_clickhouse($environment->id, $destination_uuid);
                 }