diff --git a/app/Http/Controllers/Api/ApplicationsController.php b/app/Http/Controllers/Api/ApplicationsController.php index 35ff2632d..f02c4255d 100644 --- a/app/Http/Controllers/Api/ApplicationsController.php +++ b/app/Http/Controllers/Api/ApplicationsController.php @@ -25,26 +25,24 @@ class ApplicationsController extends Controller { private function removeSensitiveData($application) { - $token = auth()->user()->currentAccessToken(); $application->makeHidden([ 'id', ]); - if ($token->can('view:sensitive')) { - return serializeApiResponse($application); + if (request()->attributes->get('can_read_sensitive', false) === false) { + $application->makeHidden([ + 'custom_labels', + 'dockerfile', + 'docker_compose', + 'docker_compose_raw', + 'manual_webhook_secret_bitbucket', + 'manual_webhook_secret_gitea', + 'manual_webhook_secret_github', + 'manual_webhook_secret_gitlab', + 'private_key_id', + 'value', + 'real_value', + ]); } - $application->makeHidden([ - 'custom_labels', - 'dockerfile', - 'docker_compose', - 'docker_compose_raw', - 'manual_webhook_secret_bitbucket', - 'manual_webhook_secret_gitea', - 'manual_webhook_secret_github', - 'manual_webhook_secret_gitlab', - 'private_key_id', - 'value', - 'real_value', - ]); return serializeApiResponse($application); } diff --git a/app/Http/Controllers/Api/DatabasesController.php b/app/Http/Controllers/Api/DatabasesController.php index 98a076c49..917171e5c 100644 --- a/app/Http/Controllers/Api/DatabasesController.php +++ b/app/Http/Controllers/Api/DatabasesController.php @@ -19,26 +19,23 @@ class DatabasesController extends Controller { private function removeSensitiveData($database) { - $token = auth()->user()->currentAccessToken(); $database->makeHidden([ 'id', 'laravel_through_key', ]); - if ($token->can('view:sensitive')) { - return serializeApiResponse($database); + if (request()->attributes->get('can_read_sensitive', false) === false) { + $database->makeHidden([ + 'internal_db_url', + 'external_db_url', + 'postgres_password', + 'dragonfly_password', + 'redis_password', + 'mongo_initdb_root_password', + 'keydb_password', + 'clickhouse_admin_password', + ]); } - $database->makeHidden([ - 'internal_db_url', - 'external_db_url', - 'postgres_password', - 'dragonfly_password', - 'redis_password', - 'mongo_initdb_root_password', - 'keydb_password', - 'clickhouse_admin_password', - ]); - return serializeApiResponse($database); } diff --git a/app/Http/Controllers/Api/DeployController.php b/app/Http/Controllers/Api/DeployController.php index 666dc55a5..73b452f86 100644 --- a/app/Http/Controllers/Api/DeployController.php +++ b/app/Http/Controllers/Api/DeployController.php @@ -16,15 +16,12 @@ class DeployController extends Controller { private function removeSensitiveData($deployment) { - $token = auth()->user()->currentAccessToken(); - if ($token->can('view:sensitive')) { - return serializeApiResponse($deployment); + if (request()->attributes->get('can_read_sensitive', false) === false) { + $deployment->makeHidden([ + 'logs', + ]); } - $deployment->makeHidden([ - 'logs', - ]); - return serializeApiResponse($deployment); } diff --git a/app/Http/Controllers/Api/SecurityController.php b/app/Http/Controllers/Api/SecurityController.php index b7190ab1e..a14b0da20 100644 --- a/app/Http/Controllers/Api/SecurityController.php +++ b/app/Http/Controllers/Api/SecurityController.php @@ -11,13 +11,11 @@ class SecurityController extends Controller { private function removeSensitiveData($team) { - $token = auth()->user()->currentAccessToken(); - if ($token->can('view:sensitive')) { - return serializeApiResponse($team); + if (request()->attributes->get('can_read_sensitive', false) === false) { + $team->makeHidden([ + 'private_key', + ]); } - $team->makeHidden([ - 'private_key', - ]); return serializeApiResponse($team); } diff --git a/app/Http/Controllers/Api/ServersController.php b/app/Http/Controllers/Api/ServersController.php index 8c13b1a01..f37040bdd 100644 --- a/app/Http/Controllers/Api/ServersController.php +++ b/app/Http/Controllers/Api/ServersController.php @@ -19,25 +19,22 @@ class ServersController extends Controller { private function removeSensitiveDataFromSettings($settings) { - $token = auth()->user()->currentAccessToken(); - if ($token->can('view:sensitive')) { - return serializeApiResponse($settings); + if (request()->attributes->get('can_read_sensitive', false) === false) { + $settings = $settings->makeHidden([ + 'sentinel_token', + ]); } - $settings = $settings->makeHidden([ - 'sentinel_token', - ]); return serializeApiResponse($settings); } private function removeSensitiveData($server) { - $token = auth()->user()->currentAccessToken(); $server->makeHidden([ 'id', ]); - if ($token->can('view:sensitive')) { - return serializeApiResponse($server); + if (request()->attributes->get('can_read_sensitive', false) === false) { + // Do nothing } return serializeApiResponse($server); diff --git a/app/Http/Controllers/Api/ServicesController.php b/app/Http/Controllers/Api/ServicesController.php index bf90322e2..e6b7e9854 100644 --- a/app/Http/Controllers/Api/ServicesController.php +++ b/app/Http/Controllers/Api/ServicesController.php @@ -18,19 +18,16 @@ class ServicesController extends Controller { private function removeSensitiveData($service) { - $token = auth()->user()->currentAccessToken(); $service->makeHidden([ 'id', ]); - if ($token->can('view:sensitive')) { - return serializeApiResponse($service); + if (request()->attributes->get('can_read_sensitive', false) === false) { + $service->makeHidden([ + 'docker_compose_raw', + 'docker_compose', + ]); } - $service->makeHidden([ - 'docker_compose_raw', - 'docker_compose', - ]); - return serializeApiResponse($service); } diff --git a/app/Http/Controllers/Api/TeamController.php b/app/Http/Controllers/Api/TeamController.php index 3f951c6f7..d4b24d8ab 100644 --- a/app/Http/Controllers/Api/TeamController.php +++ b/app/Http/Controllers/Api/TeamController.php @@ -10,20 +10,18 @@ class TeamController extends Controller { private function removeSensitiveData($team) { - $token = auth()->user()->currentAccessToken(); $team->makeHidden([ 'custom_server_limit', 'pivot', ]); - if ($token->can('view:sensitive')) { - return serializeApiResponse($team); + if (request()->attributes->get('can_read_sensitive', false) === false) { + $team->makeHidden([ + 'smtp_username', + 'smtp_password', + 'resend_api_key', + 'telegram_token', + ]); } - $team->makeHidden([ - 'smtp_username', - 'smtp_password', - 'resend_api_key', - 'telegram_token', - ]); return serializeApiResponse($team); } diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 5f1731071..a1ce20295 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -69,5 +69,7 @@ class Kernel extends HttpKernel 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, 'abilities' => \Laravel\Sanctum\Http\Middleware\CheckAbilities::class, 'ability' => \Laravel\Sanctum\Http\Middleware\CheckForAnyAbility::class, + 'api.ability' => \App\Http\Middleware\ApiAbility::class, + 'api.sensitive' => \App\Http\Middleware\ApiSensitiveData::class, ]; } diff --git a/app/Http/Middleware/ApiAbility.php b/app/Http/Middleware/ApiAbility.php new file mode 100644 index 000000000..324eeebaa --- /dev/null +++ b/app/Http/Middleware/ApiAbility.php @@ -0,0 +1,27 @@ +user()->tokenCan('root')) { + return $next($request); + } + + return parent::handle($request, $next, ...$abilities); + } catch (\Illuminate\Auth\AuthenticationException $e) { + return response()->json([ + 'message' => 'Unauthenticated.', + ], 401); + } catch (\Exception $e) { + return response()->json([ + 'message' => 'Missing required permissions: '.implode(', ', $abilities), + ], 403); + } + } +} diff --git a/app/Http/Middleware/ApiSensitiveData.php b/app/Http/Middleware/ApiSensitiveData.php new file mode 100644 index 000000000..49584ddb3 --- /dev/null +++ b/app/Http/Middleware/ApiSensitiveData.php @@ -0,0 +1,21 @@ +user()->currentAccessToken(); + + // Allow access to sensitive data if token has root or read:sensitive permission + $request->attributes->add([ + 'can_read_sensitive' => $token->can('root') || $token->can('read:sensitive'), + ]); + + return $next($request); + } +} diff --git a/app/Http/Middleware/IgnoreReadOnlyApiToken.php b/app/Http/Middleware/IgnoreReadOnlyApiToken.php deleted file mode 100644 index bd6cd1f8a..000000000 --- a/app/Http/Middleware/IgnoreReadOnlyApiToken.php +++ /dev/null @@ -1,28 +0,0 @@ -user()->currentAccessToken(); - if ($token->can('*')) { - return $next($request); - } - if ($token->can('read-only')) { - return response()->json(['message' => 'You are not allowed to perform this action.'], 403); - } - - return $next($request); - } -} diff --git a/app/Http/Middleware/OnlyRootApiToken.php b/app/Http/Middleware/OnlyRootApiToken.php deleted file mode 100644 index 8ff1fa0e5..000000000 --- a/app/Http/Middleware/OnlyRootApiToken.php +++ /dev/null @@ -1,25 +0,0 @@ -user()->currentAccessToken(); - if ($token->can('*')) { - return $next($request); - } - - return response()->json(['message' => 'You are not allowed to perform this action.'], 403); - } -} diff --git a/app/Livewire/Notifications/Slack.php b/app/Livewire/Notifications/Slack.php index edd32a071..06b7643ea 100644 --- a/app/Livewire/Notifications/Slack.php +++ b/app/Livewire/Notifications/Slack.php @@ -82,6 +82,7 @@ class Slack extends Component $this->saveModel(); } catch (\Throwable $e) { $this->slackEnabled = false; + return handleError($e, $this); } } @@ -127,4 +128,4 @@ class Slack extends Component { return view('livewire.notifications.slack'); } -} \ No newline at end of file +} diff --git a/app/Livewire/Security/ApiTokens.php b/app/Livewire/Security/ApiTokens.php index fe68a8ba5..72684bdc6 100644 --- a/app/Livewire/Security/ApiTokens.php +++ b/app/Livewire/Security/ApiTokens.php @@ -11,13 +11,7 @@ class ApiTokens extends Component public $tokens = []; - public bool $viewSensitiveData = false; - - public bool $readOnly = true; - - public bool $rootAccess = false; - - public array $permissions = ['read-only']; + public array $permissions = ['read']; public $isApiEnabled; @@ -29,51 +23,28 @@ class ApiTokens extends Component public function mount() { $this->isApiEnabled = InstanceSettings::get()->is_api_enabled; + $this->getTokens(); + } + + private function getTokens() + { $this->tokens = auth()->user()->tokens->sortByDesc('created_at'); } - public function updatedViewSensitiveData() + public function updatedPermissions($permissionToUpdate) { - if ($this->viewSensitiveData) { - $this->permissions[] = 'view:sensitive'; - $this->permissions = array_diff($this->permissions, ['*']); - $this->rootAccess = false; + if ($permissionToUpdate == 'root') { + $this->permissions = ['root']; + } elseif ($permissionToUpdate == 'read:sensitive' && ! in_array('read', $this->permissions)) { + $this->permissions[] = 'read'; + } elseif ($permissionToUpdate == 'deploy') { + $this->permissions = ['deploy']; } else { - $this->permissions = array_diff($this->permissions, ['view:sensitive']); - } - $this->makeSureOneIsSelected(); - } - - public function updatedReadOnly() - { - if ($this->readOnly) { - $this->permissions[] = 'read-only'; - $this->permissions = array_diff($this->permissions, ['*']); - $this->rootAccess = false; - } else { - $this->permissions = array_diff($this->permissions, ['read-only']); - } - $this->makeSureOneIsSelected(); - } - - public function updatedRootAccess() - { - if ($this->rootAccess) { - $this->permissions = ['*']; - $this->readOnly = false; - $this->viewSensitiveData = false; - } else { - $this->readOnly = true; - $this->permissions = ['read-only']; - } - } - - public function makeSureOneIsSelected() - { - if (count($this->permissions) == 0) { - $this->permissions = ['read-only']; - $this->readOnly = true; + if (count($this->permissions) == 0) { + $this->permissions = ['read']; + } } + sort($this->permissions); } public function addNewToken() @@ -82,8 +53,8 @@ class ApiTokens extends Component $this->validate([ 'description' => 'required|min:3|max:255', ]); - $token = auth()->user()->createToken($this->description, $this->permissions); - $this->tokens = auth()->user()->tokens; + $token = auth()->user()->createToken($this->description, array_values($this->permissions)); + $this->getTokens(); session()->flash('token', $token->plainTextToken); } catch (\Exception $e) { return handleError($e, $this); @@ -92,8 +63,12 @@ class ApiTokens extends Component public function revoke(int $id) { - $token = auth()->user()->tokens()->where('id', $id)->first(); - $token->delete(); - $this->tokens = auth()->user()->tokens; + try { + $token = auth()->user()->tokens()->where('id', $id)->firstOrFail(); + $token->delete(); + $this->getTokens(); + } catch (\Exception $e) { + return handleError($e, $this); + } } } diff --git a/app/Models/Team.php b/app/Models/Team.php index 29c469b3b..ecf662787 100644 --- a/app/Models/Team.php +++ b/app/Models/Team.php @@ -167,7 +167,7 @@ class Team extends Model implements SendsDiscord, SendsEmail, SendsSlack return 9999999; } $team = Team::find(currentTeam()->id); - if (!$team) { + if (! $team) { return 0; } diff --git a/app/Notifications/Application/DeploymentFailed.php b/app/Notifications/Application/DeploymentFailed.php index cdcec3261..7648aaac2 100644 --- a/app/Notifications/Application/DeploymentFailed.php +++ b/app/Notifications/Application/DeploymentFailed.php @@ -40,7 +40,7 @@ class DeploymentFailed extends CustomEmailNotification if (str($this->fqdn)->explode(',')->count() > 1) { $this->fqdn = str($this->fqdn)->explode(',')->first(); } - $this->deployment_url = base_url() . "/project/{$this->project_uuid}/" . urlencode($this->environment_name) . "/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}"; + $this->deployment_url = base_url()."/project/{$this->project_uuid}/".urlencode($this->environment_name)."/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}"; } public function via(object $notifiable): array @@ -54,10 +54,10 @@ class DeploymentFailed extends CustomEmailNotification $pull_request_id = data_get($this->preview, 'pull_request_id', 0); $fqdn = $this->fqdn; if ($pull_request_id === 0) { - $mail->subject('Coolify: Deployment failed of ' . $this->application_name . '.'); + $mail->subject('Coolify: Deployment failed of '.$this->application_name.'.'); } else { $fqdn = $this->preview->fqdn; - $mail->subject('Coolify: Deployment failed of pull request #' . $this->preview->pull_request_id . ' of ' . $this->application_name . '.'); + $mail->subject('Coolify: Deployment failed of pull request #'.$this->preview->pull_request_id.' of '.$this->application_name.'.'); } $mail->view('emails.application-deployment-failed', [ 'name' => $this->application_name, @@ -74,7 +74,7 @@ class DeploymentFailed extends CustomEmailNotification if ($this->preview) { $message = new DiscordMessage( title: ':cross_mark: Deployment failed', - description: 'Pull request: ' . $this->preview->pull_request_id, + description: 'Pull request: '.$this->preview->pull_request_id, color: DiscordMessage::errorColor(), isCritical: true, ); @@ -83,13 +83,13 @@ class DeploymentFailed extends CustomEmailNotification $message->addField('Environment', $this->environment_name, true); $message->addField('Name', $this->application_name, true); - $message->addField('Deployment Logs', '[Link](' . $this->deployment_url . ')'); + $message->addField('Deployment Logs', '[Link]('.$this->deployment_url.')'); if ($this->fqdn) { $message->addField('Domain', $this->fqdn, true); } } else { if ($this->fqdn) { - $description = '[Open application](' . $this->fqdn . ')'; + $description = '[Open application]('.$this->fqdn.')'; } else { $description = ''; } @@ -104,7 +104,7 @@ class DeploymentFailed extends CustomEmailNotification $message->addField('Environment', $this->environment_name, true); $message->addField('Name', $this->application_name, true); - $message->addField('Deployment Logs', '[Link](' . $this->deployment_url . ')'); + $message->addField('Deployment Logs', '[Link]('.$this->deployment_url.')'); } return $message; @@ -113,9 +113,9 @@ class DeploymentFailed extends CustomEmailNotification public function toTelegram(): array { if ($this->preview) { - $message = 'Coolify: Pull request #' . $this->preview->pull_request_id . ' of ' . $this->application_name . ' (' . $this->preview->fqdn . ') deployment failed: '; + $message = 'Coolify: Pull request #'.$this->preview->pull_request_id.' of '.$this->application_name.' ('.$this->preview->fqdn.') deployment failed: '; } else { - $message = 'Coolify: Deployment failed of ' . $this->application_name . ' (' . $this->fqdn . '): '; + $message = 'Coolify: Deployment failed of '.$this->application_name.' ('.$this->fqdn.'): '; } $buttons[] = [ 'text' => 'Deployment logs', @@ -139,14 +139,14 @@ class DeploymentFailed extends CustomEmailNotification $description .= "\nPreview URL: {$this->preview->fqdn}"; } } else { - $title = "Deployment failed"; + $title = 'Deployment failed'; $description = "Deployment failed for {$this->application_name}"; if ($this->fqdn) { $description .= "\nApplication URL: {$this->fqdn}"; } } - $description .= "\n\n**Project:** " . data_get($this->application, 'environment.project.name'); + $description .= "\n\n**Project:** ".data_get($this->application, 'environment.project.name'); $description .= "\n**Environment:** {$this->environment_name}"; $description .= "\n**Deployment Logs:** {$this->deployment_url}"; diff --git a/app/Notifications/Application/DeploymentSuccess.php b/app/Notifications/Application/DeploymentSuccess.php index 565bce0a5..79ae19f66 100644 --- a/app/Notifications/Application/DeploymentSuccess.php +++ b/app/Notifications/Application/DeploymentSuccess.php @@ -6,8 +6,8 @@ use App\Models\Application; use App\Models\ApplicationPreview; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; -use Illuminate\Notifications\Messages\MailMessage; use App\Notifications\Dto\SlackMessage; +use Illuminate\Notifications\Messages\MailMessage; class DeploymentSuccess extends CustomEmailNotification { @@ -40,7 +40,7 @@ class DeploymentSuccess extends CustomEmailNotification if (str($this->fqdn)->explode(',')->count() > 1) { $this->fqdn = str($this->fqdn)->explode(',')->first(); } - $this->deployment_url = base_url() . "/project/{$this->project_uuid}/" . urlencode($this->environment_name) . "/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}"; + $this->deployment_url = base_url()."/project/{$this->project_uuid}/".urlencode($this->environment_name)."/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}"; } public function via(object $notifiable): array @@ -80,21 +80,21 @@ class DeploymentSuccess extends CustomEmailNotification if ($this->preview) { $message = new DiscordMessage( title: ':white_check_mark: Preview deployment successful', - description: 'Pull request: ' . $this->preview->pull_request_id, + description: 'Pull request: '.$this->preview->pull_request_id, color: DiscordMessage::successColor(), ); if ($this->preview->fqdn) { - $message->addField('Application', '[Link](' . $this->preview->fqdn . ')'); + $message->addField('Application', '[Link]('.$this->preview->fqdn.')'); } $message->addField('Project', data_get($this->application, 'environment.project.name'), true); $message->addField('Environment', $this->environment_name, true); $message->addField('Name', $this->application_name, true); - $message->addField('Deployment logs', '[Link](' . $this->deployment_url . ')'); + $message->addField('Deployment logs', '[Link]('.$this->deployment_url.')'); } else { if ($this->fqdn) { - $description = '[Open application](' . $this->fqdn . ')'; + $description = '[Open application]('.$this->fqdn.')'; } else { $description = ''; } @@ -107,7 +107,7 @@ class DeploymentSuccess extends CustomEmailNotification $message->addField('Environment', $this->environment_name, true); $message->addField('Name', $this->application_name, true); - $message->addField('Deployment logs', '[Link](' . $this->deployment_url . ')'); + $message->addField('Deployment logs', '[Link]('.$this->deployment_url.')'); } return $message; @@ -116,7 +116,7 @@ class DeploymentSuccess extends CustomEmailNotification public function toTelegram(): array { if ($this->preview) { - $message = 'Coolify: New PR' . $this->preview->pull_request_id . ' version successfully deployed of ' . $this->application_name . ''; + $message = 'Coolify: New PR'.$this->preview->pull_request_id.' version successfully deployed of '.$this->application_name.''; if ($this->preview->fqdn) { $buttons[] = [ 'text' => 'Open Application', @@ -124,7 +124,7 @@ class DeploymentSuccess extends CustomEmailNotification ]; } } else { - $message = '✅ New version successfully deployed of ' . $this->application_name . ''; + $message = '✅ New version successfully deployed of '.$this->application_name.''; if ($this->fqdn) { $buttons[] = [ 'text' => 'Open Application', @@ -145,7 +145,6 @@ class DeploymentSuccess extends CustomEmailNotification ]; } - public function toSlack(): SlackMessage { if ($this->preview) { @@ -155,14 +154,14 @@ class DeploymentSuccess extends CustomEmailNotification $description .= "\nPreview URL: {$this->preview->fqdn}"; } } else { - $title = "New version successfully deployed"; + $title = 'New version successfully deployed'; $description = "New version successfully deployed for {$this->application_name}"; if ($this->fqdn) { $description .= "\nApplication URL: {$this->fqdn}"; } } - $description .= "\n\n**Project:** " . data_get($this->application, 'environment.project.name'); + $description .= "\n\n**Project:** ".data_get($this->application, 'environment.project.name'); $description .= "\n**Environment:** {$this->environment_name}"; $description .= "\n**Deployment Logs:** {$this->deployment_url}"; diff --git a/app/Notifications/Application/StatusChanged.php b/app/Notifications/Application/StatusChanged.php index 18c042ca6..2167e9f13 100644 --- a/app/Notifications/Application/StatusChanged.php +++ b/app/Notifications/Application/StatusChanged.php @@ -5,8 +5,8 @@ namespace App\Notifications\Application; use App\Models\Application; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; -use Illuminate\Notifications\Messages\MailMessage; use App\Notifications\Dto\SlackMessage; +use Illuminate\Notifications\Messages\MailMessage; class StatusChanged extends CustomEmailNotification { @@ -30,7 +30,7 @@ class StatusChanged extends CustomEmailNotification if (str($this->fqdn)->explode(',')->count() > 1) { $this->fqdn = str($this->fqdn)->explode(',')->first(); } - $this->resource_url = base_url() . "/project/{$this->project_uuid}/" . urlencode($this->environment_name) . "/application/{$this->resource->uuid}"; + $this->resource_url = base_url()."/project/{$this->project_uuid}/".urlencode($this->environment_name)."/application/{$this->resource->uuid}"; } public function via(object $notifiable): array @@ -56,7 +56,7 @@ class StatusChanged extends CustomEmailNotification { return new DiscordMessage( title: ':cross_mark: Application stopped', - description: '[Open Application in Coolify](' . $this->resource_url . ')', + description: '[Open Application in Coolify]('.$this->resource_url.')', color: DiscordMessage::errorColor(), isCritical: true, ); @@ -64,7 +64,7 @@ class StatusChanged extends CustomEmailNotification public function toTelegram(): array { - $message = 'Coolify: ' . $this->resource_name . ' has been stopped.'; + $message = 'Coolify: '.$this->resource_name.' has been stopped.'; return [ 'message' => $message, @@ -79,10 +79,10 @@ class StatusChanged extends CustomEmailNotification public function toSlack(): SlackMessage { - $title = "Application stopped"; + $title = 'Application stopped'; $description = "{$this->resource_name} has been stopped"; - $description .= "\n\n**Project:** " . data_get($this->resource, 'environment.project.name'); + $description .= "\n\n**Project:** ".data_get($this->resource, 'environment.project.name'); $description .= "\n**Environment:** {$this->environment_name}"; $description .= "\n**Application URL:** {$this->resource_url}"; diff --git a/app/Notifications/Channels/SendsSlack.php b/app/Notifications/Channels/SendsSlack.php index 417d4adda..ab2dd6f11 100644 --- a/app/Notifications/Channels/SendsSlack.php +++ b/app/Notifications/Channels/SendsSlack.php @@ -5,4 +5,4 @@ namespace App\Notifications\Channels; interface SendsSlack { public function routeNotificationForSlack(); -} \ No newline at end of file +} diff --git a/app/Notifications/Container/ContainerRestarted.php b/app/Notifications/Container/ContainerRestarted.php index e1cf836ff..f9becd0e8 100644 --- a/app/Notifications/Container/ContainerRestarted.php +++ b/app/Notifications/Container/ContainerRestarted.php @@ -5,8 +5,8 @@ namespace App\Notifications\Container; use App\Models\Server; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; -use Illuminate\Notifications\Messages\MailMessage; use App\Notifications\Dto\SlackMessage; +use Illuminate\Notifications\Messages\MailMessage; class ContainerRestarted extends CustomEmailNotification { @@ -42,7 +42,7 @@ class ContainerRestarted extends CustomEmailNotification ); if ($this->url) { - $message->addField('Resource', '[Link](' . $this->url . ')'); + $message->addField('Resource', '[Link]('.$this->url.')'); } return $message; @@ -70,7 +70,7 @@ class ContainerRestarted extends CustomEmailNotification public function toSlack(): SlackMessage { - $title = "Resource restarted"; + $title = 'Resource restarted'; $description = "A resource ({$this->name}) has been restarted automatically on {$this->server->name}"; if ($this->url) { diff --git a/app/Notifications/Container/ContainerStopped.php b/app/Notifications/Container/ContainerStopped.php index 76c2dae80..eae2cf552 100644 --- a/app/Notifications/Container/ContainerStopped.php +++ b/app/Notifications/Container/ContainerStopped.php @@ -5,8 +5,8 @@ namespace App\Notifications\Container; use App\Models\Server; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; -use Illuminate\Notifications\Messages\MailMessage; use App\Notifications\Dto\SlackMessage; +use Illuminate\Notifications\Messages\MailMessage; class ContainerStopped extends CustomEmailNotification { @@ -42,7 +42,7 @@ class ContainerStopped extends CustomEmailNotification ); if ($this->url) { - $message->addField('Resource', '[Link](' . $this->url . ')'); + $message->addField('Resource', '[Link]('.$this->url.')'); } return $message; @@ -70,7 +70,7 @@ class ContainerStopped extends CustomEmailNotification public function toSlack(): SlackMessage { - $title = "Resource stopped"; + $title = 'Resource stopped'; $description = "A resource ({$this->name}) has been stopped unexpectedly on {$this->server->name}"; if ($this->url) { diff --git a/app/Notifications/Database/BackupFailed.php b/app/Notifications/Database/BackupFailed.php index a1b5c42e5..2056255d6 100644 --- a/app/Notifications/Database/BackupFailed.php +++ b/app/Notifications/Database/BackupFailed.php @@ -5,8 +5,8 @@ namespace App\Notifications\Database; use App\Models\ScheduledDatabaseBackup; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; -use Illuminate\Notifications\Messages\MailMessage; use App\Notifications\Dto\SlackMessage; +use Illuminate\Notifications\Messages\MailMessage; class BackupFailed extends CustomEmailNotification { @@ -66,7 +66,7 @@ class BackupFailed extends CustomEmailNotification public function toSlack(): SlackMessage { - $title = "Database backup failed"; + $title = 'Database backup failed'; $description = "Database backup for {$this->name} (db:{$this->database_name}) has FAILED."; $description .= "\n\n**Frequency:** {$this->frequency}"; diff --git a/app/Notifications/Database/BackupSuccess.php b/app/Notifications/Database/BackupSuccess.php index f2aa247a6..71866f9fc 100644 --- a/app/Notifications/Database/BackupSuccess.php +++ b/app/Notifications/Database/BackupSuccess.php @@ -5,8 +5,8 @@ namespace App\Notifications\Database; use App\Models\ScheduledDatabaseBackup; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; -use Illuminate\Notifications\Messages\MailMessage; use App\Notifications\Dto\SlackMessage; +use Illuminate\Notifications\Messages\MailMessage; class BackupSuccess extends CustomEmailNotification { @@ -64,7 +64,7 @@ class BackupSuccess extends CustomEmailNotification public function toSlack(): SlackMessage { - $title = "Database backup successful"; + $title = 'Database backup successful'; $description = "Database backup for {$this->name} (db:{$this->database_name}) was successful."; $description .= "\n\n**Frequency:** {$this->frequency}"; diff --git a/app/Notifications/Dto/SlackMessage.php b/app/Notifications/Dto/SlackMessage.php index 86532c65b..879bf6547 100644 --- a/app/Notifications/Dto/SlackMessage.php +++ b/app/Notifications/Dto/SlackMessage.php @@ -8,8 +8,7 @@ class SlackMessage public string $title, public string $description, public string $color = '#0099ff' - ) { - } + ) {} public static function infoColor(): string { @@ -30,4 +29,4 @@ class SlackMessage { return '#ffa500'; } -} \ No newline at end of file +} diff --git a/app/Notifications/Internal/GeneralNotification.php b/app/Notifications/Internal/GeneralNotification.php index 699291d16..347f4a0dd 100644 --- a/app/Notifications/Internal/GeneralNotification.php +++ b/app/Notifications/Internal/GeneralNotification.php @@ -3,8 +3,8 @@ namespace App\Notifications\Internal; use App\Notifications\Channels\DiscordChannel; -use App\Notifications\Channels\TelegramChannel; use App\Notifications\Channels\SlackChannel; +use App\Notifications\Channels\TelegramChannel; use App\Notifications\Dto\DiscordMessage; use App\Notifications\Dto\SlackMessage; use Illuminate\Bus\Queueable; diff --git a/app/Notifications/ScheduledTask/TaskFailed.php b/app/Notifications/ScheduledTask/TaskFailed.php index 53b7f46a3..753da7ff0 100644 --- a/app/Notifications/ScheduledTask/TaskFailed.php +++ b/app/Notifications/ScheduledTask/TaskFailed.php @@ -5,8 +5,8 @@ namespace App\Notifications\ScheduledTask; use App\Models\ScheduledTask; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; -use Illuminate\Notifications\Messages\MailMessage; use App\Notifications\Dto\SlackMessage; +use Illuminate\Notifications\Messages\MailMessage; class TaskFailed extends CustomEmailNotification { @@ -49,7 +49,7 @@ class TaskFailed extends CustomEmailNotification ); if ($this->url) { - $message->addField('Scheduled task', '[Link](' . $this->url . ')'); + $message->addField('Scheduled task', '[Link]('.$this->url.')'); } return $message; @@ -72,7 +72,7 @@ class TaskFailed extends CustomEmailNotification public function toSlack(): SlackMessage { - $title = "Scheduled task failed"; + $title = 'Scheduled task failed'; $description = "Scheduled task ({$this->task->name}) failed."; if ($this->output) { diff --git a/app/Notifications/Server/ForceDisabled.php b/app/Notifications/Server/ForceDisabled.php index 1939170f6..143917dde 100644 --- a/app/Notifications/Server/ForceDisabled.php +++ b/app/Notifications/Server/ForceDisabled.php @@ -5,11 +5,11 @@ namespace App\Notifications\Server; use App\Models\Server; use App\Notifications\Channels\DiscordChannel; use App\Notifications\Channels\EmailChannel; -use App\Notifications\Channels\TelegramChannel; use App\Notifications\Channels\SlackChannel; -use App\Notifications\Dto\SlackMessage; +use App\Notifications\Channels\TelegramChannel; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; +use App\Notifications\Dto\SlackMessage; use Illuminate\Notifications\Messages\MailMessage; class ForceDisabled extends CustomEmailNotification @@ -73,13 +73,12 @@ class ForceDisabled extends CustomEmailNotification ]; } - public function toSlack(): SlackMessage { - $title = "Server disabled"; + $title = 'Server disabled'; $description = "Server ({$this->server->name}) disabled because it is not paid!\n"; $description .= "All automations and integrations are stopped.\n\n"; - $description .= "Please update your subscription to enable the server again: https://app.coolify.io/subscriptions"; + $description .= 'Please update your subscription to enable the server again: https://app.coolify.io/subscriptions'; return new SlackMessage( title: $title, diff --git a/app/Notifications/Server/ForceEnabled.php b/app/Notifications/Server/ForceEnabled.php index 4b6181e19..3b83882d8 100644 --- a/app/Notifications/Server/ForceEnabled.php +++ b/app/Notifications/Server/ForceEnabled.php @@ -5,11 +5,11 @@ namespace App\Notifications\Server; use App\Models\Server; use App\Notifications\Channels\DiscordChannel; use App\Notifications\Channels\EmailChannel; -use App\Notifications\Channels\TelegramChannel; use App\Notifications\Channels\SlackChannel; -use App\Notifications\Dto\SlackMessage; +use App\Notifications\Channels\TelegramChannel; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; +use App\Notifications\Dto\SlackMessage; use Illuminate\Notifications\Messages\MailMessage; class ForceEnabled extends CustomEmailNotification @@ -69,7 +69,6 @@ class ForceEnabled extends CustomEmailNotification ]; } - public function toSlack(): SlackMessage { return new SlackMessage( @@ -78,5 +77,4 @@ class ForceEnabled extends CustomEmailNotification color: SlackMessage::successColor() ); } - } diff --git a/app/Notifications/Server/HighDiskUsage.php b/app/Notifications/Server/HighDiskUsage.php index 40c0e2cb6..baff49508 100644 --- a/app/Notifications/Server/HighDiskUsage.php +++ b/app/Notifications/Server/HighDiskUsage.php @@ -45,7 +45,7 @@ class HighDiskUsage extends CustomEmailNotification $message->addField('Disk usage', "{$this->disk_usage}%", true); $message->addField('Threshold', "{$this->server_disk_usage_notification_threshold}%", true); $message->addField('What to do?', '[Link](https://coolify.io/docs/knowledge-base/server/automated-cleanup)', true); - $message->addField('Change Settings', '[Threshold](' . base_url() . '/server/' . $this->server->uuid . '#advanced) | [Notification](' . base_url() . '/notifications/discord)'); + $message->addField('Change Settings', '[Threshold]('.base_url().'/server/'.$this->server->uuid.'#advanced) | [Notification]('.base_url().'/notifications/discord)'); return $message; } @@ -65,8 +65,8 @@ class HighDiskUsage extends CustomEmailNotification $description .= "Please cleanup your disk to prevent data-loss.\n"; $description .= "Tips for cleanup: https://coolify.io/docs/knowledge-base/server/automated-cleanup\n"; $description .= "Change settings:\n"; - $description .= "- Threshold: " . base_url() . "/server/" . $this->server->uuid . "#advanced\n"; - $description .= "- Notifications: " . base_url() . "/notifications/discord"; + $description .= '- Threshold: '.base_url().'/server/'.$this->server->uuid."#advanced\n"; + $description .= '- Notifications: '.base_url().'/notifications/discord'; return new SlackMessage( title: 'High disk usage detected', diff --git a/app/Notifications/Server/Reachable.php b/app/Notifications/Server/Reachable.php index a0dfd1cc5..62ece34e8 100644 --- a/app/Notifications/Server/Reachable.php +++ b/app/Notifications/Server/Reachable.php @@ -5,11 +5,11 @@ namespace App\Notifications\Server; use App\Models\Server; use App\Notifications\Channels\DiscordChannel; use App\Notifications\Channels\EmailChannel; -use App\Notifications\Channels\TelegramChannel; use App\Notifications\Channels\SlackChannel; -use App\Notifications\Dto\SlackMessage; +use App\Notifications\Channels\TelegramChannel; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; +use App\Notifications\Dto\SlackMessage; use Illuminate\Notifications\Messages\MailMessage; class Reachable extends CustomEmailNotification @@ -20,7 +20,7 @@ class Reachable extends CustomEmailNotification { $this->onQueue('high'); $this->isRateLimited = isEmailRateLimited( - limiterKey: 'server-reachable:' . $this->server->id, + limiterKey: 'server-reachable:'.$this->server->id, ); } @@ -78,13 +78,10 @@ class Reachable extends CustomEmailNotification ]; } - - - public function toSlack(): SlackMessage { return new SlackMessage( - title: "Server revived", + title: 'Server revived', description: "Server '{$this->server->name}' revived.\nAll automations & integrations are turned on again!", color: SlackMessage::successColor() ); diff --git a/app/Notifications/Server/Unreachable.php b/app/Notifications/Server/Unreachable.php index 0bd44ef3d..2a90d7552 100644 --- a/app/Notifications/Server/Unreachable.php +++ b/app/Notifications/Server/Unreachable.php @@ -5,11 +5,11 @@ namespace App\Notifications\Server; use App\Models\Server; use App\Notifications\Channels\DiscordChannel; use App\Notifications\Channels\EmailChannel; -use App\Notifications\Channels\TelegramChannel; use App\Notifications\Channels\SlackChannel; -use App\Notifications\Dto\SlackMessage; +use App\Notifications\Channels\TelegramChannel; use App\Notifications\CustomEmailNotification; use App\Notifications\Dto\DiscordMessage; +use App\Notifications\Dto\SlackMessage; use Illuminate\Notifications\Messages\MailMessage; class Unreachable extends CustomEmailNotification @@ -20,7 +20,7 @@ class Unreachable extends CustomEmailNotification { $this->onQueue('high'); $this->isRateLimited = isEmailRateLimited( - limiterKey: 'server-unreachable:' . $this->server->id, + limiterKey: 'server-unreachable:'.$this->server->id, ); } @@ -83,12 +83,11 @@ class Unreachable extends CustomEmailNotification ]; } - public function toSlack(): SlackMessage { $description = "Your server '{$this->server->name}' is unreachable.\n"; $description .= "All automations & integrations are turned off!\n\n"; - $description .= "*IMPORTANT:* We automatically try to revive your server and turn on all automations & integrations."; + $description .= '*IMPORTANT:* We automatically try to revive your server and turn on all automations & integrations.'; return new SlackMessage( title: 'Server unreachable', diff --git a/app/View/Components/Forms/Checkbox.php b/app/View/Components/Forms/Checkbox.php index 0bdebe7e4..e46598e8e 100644 --- a/app/View/Components/Forms/Checkbox.php +++ b/app/View/Components/Forms/Checkbox.php @@ -15,6 +15,7 @@ class Checkbox extends Component public ?string $id = null, public ?string $name = null, public ?string $value = null, + public ?string $domValue = null, public ?string $label = null, public ?string $helper = null, public string|bool|null $checked = false, diff --git a/bootstrap/helpers/shared.php b/bootstrap/helpers/shared.php index 40c5acb21..835ead24c 100644 --- a/bootstrap/helpers/shared.php +++ b/bootstrap/helpers/shared.php @@ -68,27 +68,27 @@ function base_configuration_dir(): string } function application_configuration_dir(): string { - return base_configuration_dir() . '/applications'; + return base_configuration_dir().'/applications'; } function service_configuration_dir(): string { - return base_configuration_dir() . '/services'; + return base_configuration_dir().'/services'; } function database_configuration_dir(): string { - return base_configuration_dir() . '/databases'; + return base_configuration_dir().'/databases'; } function database_proxy_dir($uuid): string { - return base_configuration_dir() . "/databases/$uuid/proxy"; + return base_configuration_dir()."/databases/$uuid/proxy"; } function backup_dir(): string { - return base_configuration_dir() . '/backups'; + return base_configuration_dir().'/backups'; } function metrics_dir(): string { - return base_configuration_dir() . '/metrics'; + return base_configuration_dir().'/metrics'; } function sanitize_string(?string $input = null): ?string @@ -139,15 +139,15 @@ function showBoarding(): bool } function refreshSession(?Team $team = null): void { - if (!$team) { + if (! $team) { if (Auth::user()->currentTeam()) { $team = Team::find(Auth::user()->currentTeam()->id); } else { $team = User::find(Auth::id())->teams->first(); } } - Cache::forget('team:' . Auth::id()); - Cache::remember('team:' . Auth::id(), 3600, function () use ($team) { + Cache::forget('team:'.Auth::id()); + Cache::remember('team:'.Auth::id(), 3600, function () use ($team) { return $team; }); session(['currentTeam' => $team]); @@ -179,7 +179,7 @@ function handleError(?Throwable $error = null, ?Livewire\Component $livewire = n $message = null; } if ($customErrorMessage) { - $message = $customErrorMessage . ' ' . $message; + $message = $customErrorMessage.' '.$message; } if (isset($livewire)) { @@ -252,7 +252,7 @@ function generateSSHKey(string $type = 'rsa') function formatPrivateKey(string $privateKey) { $privateKey = trim($privateKey); - if (!str_ends_with($privateKey, "\n")) { + if (! str_ends_with($privateKey, "\n")) { $privateKey .= "\n"; } @@ -274,7 +274,7 @@ function is_transactional_emails_active(): bool function set_transanctional_email_settings(?InstanceSettings $settings = null): ?string { - if (!$settings) { + if (! $settings) { $settings = instanceSettings(); } config()->set('mail.from.address', data_get($settings, 'smtp_from_address')); @@ -374,7 +374,7 @@ function isSubscribed() function isProduction(): bool { - return !isDev(); + return ! isDev(); } function isDev(): bool { @@ -427,14 +427,14 @@ function send_user_an_email(MailMessage $mail, string $email, ?string $cc = null { $settings = instanceSettings(); $type = set_transanctional_email_settings($settings); - if (!$type) { + if (! $type) { throw new Exception('No email settings found.'); } if ($cc) { Mail::send( [], [], - fn(Message $message) => $message + fn (Message $message) => $message ->to($email) ->replyTo($email) ->cc($cc) @@ -445,7 +445,7 @@ function send_user_an_email(MailMessage $mail, string $email, ?string $cc = null Mail::send( [], [], - fn(Message $message) => $message + fn (Message $message) => $message ->to($email) ->subject($mail->subject) ->html((string) $mail->render()) @@ -594,7 +594,7 @@ function getResourceByUuid(string $uuid, ?int $teamId = null) return null; } $resource = queryResourcesByUuid($uuid); - if (!is_null($resource) && $resource->environment->project->team_id === $teamId) { + if (! is_null($resource) && $resource->environment->project->team_id === $teamId) { return $resource; } @@ -686,29 +686,29 @@ function queryResourcesByUuid(string $uuid) function generateTagDeployWebhook($tag_name) { $baseUrl = base_url(); - $api = Url::fromString($baseUrl) . '/api/v1'; + $api = Url::fromString($baseUrl).'/api/v1'; $endpoint = "/deploy?tag=$tag_name"; - return $api . $endpoint; + return $api.$endpoint; } function generateDeployWebhook($resource) { $baseUrl = base_url(); - $api = Url::fromString($baseUrl) . '/api/v1'; + $api = Url::fromString($baseUrl).'/api/v1'; $endpoint = '/deploy'; $uuid = data_get($resource, 'uuid'); - return $api . $endpoint . "?uuid=$uuid&force=false"; + return $api.$endpoint."?uuid=$uuid&force=false"; } function generateGitManualWebhook($resource, $type) { - if ($resource->source_id !== 0 && !is_null($resource->source_id)) { + if ($resource->source_id !== 0 && ! is_null($resource->source_id)) { return null; } if ($resource->getMorphClass() === \App\Models\Application::class) { $baseUrl = base_url(); - return Url::fromString($baseUrl) . "/webhooks/source/$type/events/manual"; + return Url::fromString($baseUrl)."/webhooks/source/$type/events/manual"; } return null; @@ -735,7 +735,7 @@ function getTopLevelNetworks(Service|Application $resource) $hasHostNetworkMode = data_get($service, 'network_mode') === 'host' ? true : false; // Only add 'networks' key if 'network_mode' is not 'host' - if (!$hasHostNetworkMode) { + if (! $hasHostNetworkMode) { // Collect/create/update networks if ($serviceNetworks->count() > 0) { foreach ($serviceNetworks as $networkName => $networkDetails) { @@ -749,7 +749,7 @@ function getTopLevelNetworks(Service|Application $resource) $networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) { return $value == $networkName || $key == $networkName; }); - if (!$networkExists) { + if (! $networkExists) { if (is_string($networkDetails) || is_int($networkDetails)) { $topLevelNetworks->put($networkDetails, null); } @@ -760,7 +760,7 @@ function getTopLevelNetworks(Service|Application $resource) $definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) { return $value == $definedNetwork; }); - if (!$definedNetworkExists) { + if (! $definedNetworkExists) { foreach ($definedNetwork as $network) { $topLevelNetworks->put($network, [ 'name' => $network, @@ -801,7 +801,7 @@ function getTopLevelNetworks(Service|Application $resource) $networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) { return $value == $networkName || $key == $networkName; }); - if (!$networkExists) { + if (! $networkExists) { if (is_string($networkDetails) || is_int($networkDetails)) { $topLevelNetworks->put($networkDetails, null); } @@ -811,7 +811,7 @@ function getTopLevelNetworks(Service|Application $resource) $definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) { return $value == $definedNetwork; }); - if (!$definedNetworkExists) { + if (! $definedNetworkExists) { foreach ($definedNetwork as $network) { $topLevelNetworks->put($network, [ 'name' => $network, @@ -947,7 +947,7 @@ function generateEnvValue(string $command, Service|Application|null $service = n case 'PASSWORD_64': $generatedValue = Str::password(length: 64, symbols: false); break; - // This is not base64, it's just a random string + // This is not base64, it's just a random string case 'BASE64_64': $generatedValue = Str::random(64); break; @@ -958,7 +958,7 @@ function generateEnvValue(string $command, Service|Application|null $service = n case 'BASE64_32': $generatedValue = Str::random(32); break; - // This is base64, + // This is base64, case 'REALBASE64_64': $generatedValue = base64_encode(Str::random(64)); break; @@ -1058,7 +1058,7 @@ function validate_dns_entry(string $fqdn, Server $server) } $settings = instanceSettings(); $is_dns_validation_enabled = data_get($settings, 'is_dns_validation_enabled'); - if (!$is_dns_validation_enabled) { + if (! $is_dns_validation_enabled) { return true; } $dns_servers = data_get($settings, 'custom_dns_servers'); @@ -1076,7 +1076,7 @@ function validate_dns_entry(string $fqdn, Server $server) $query = new DNSQuery($dns_server); $results = $query->query($host, $type); if ($results === false || $query->hasError()) { - ray('Error: ' . $query->getLasterror()); + ray('Error: '.$query->getLasterror()); } else { foreach ($results as $result) { if ($result->getType() == $type) { @@ -1086,7 +1086,7 @@ function validate_dns_entry(string $fqdn, Server $server) break; } if ($result->getData() === $ip) { - ray($host . ' has IP address ' . $result->getData()); + ray($host.' has IP address '.$result->getData()); ray($result->getString()); $found_matching_ip = true; break; @@ -1134,15 +1134,15 @@ function checkIfDomainIsAlreadyUsed(Collection|array $domains, ?string $teamId = $applications = Application::ownedByCurrentTeamAPI($teamId)->get(['fqdn', 'uuid']); $serviceApplications = ServiceApplication::ownedByCurrentTeamAPI($teamId)->get(['fqdn', 'uuid']); if ($uuid) { - $applications = $applications->filter(fn($app) => $app->uuid !== $uuid); - $serviceApplications = $serviceApplications->filter(fn($app) => $app->uuid !== $uuid); + $applications = $applications->filter(fn ($app) => $app->uuid !== $uuid); + $serviceApplications = $serviceApplications->filter(fn ($app) => $app->uuid !== $uuid); } $domainFound = false; foreach ($applications as $app) { if (is_null($app->fqdn)) { continue; } - $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== ''); + $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== ''); foreach ($list_of_domains as $domain) { if (str($domain)->endsWith('/')) { $domain = str($domain)->beforeLast('/'); @@ -1161,7 +1161,7 @@ function checkIfDomainIsAlreadyUsed(Collection|array $domains, ?string $teamId = if (str($app->fqdn)->isEmpty()) { continue; } - $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== ''); + $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== ''); foreach ($list_of_domains as $domain) { if (str($domain)->endsWith('/')) { $domain = str($domain)->beforeLast('/'); @@ -1211,7 +1211,7 @@ function check_domain_usage(ServiceApplication|Application|null $resource = null }); $apps = Application::all(); foreach ($apps as $app) { - $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== ''); + $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== ''); foreach ($list_of_domains as $domain) { if (str($domain)->endsWith('/')) { $domain = str($domain)->beforeLast('/'); @@ -1230,7 +1230,7 @@ function check_domain_usage(ServiceApplication|Application|null $resource = null } $apps = ServiceApplication::all(); foreach ($apps as $app) { - $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== ''); + $list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== ''); foreach ($list_of_domains as $domain) { if (str($domain)->endsWith('/')) { $domain = str($domain)->beforeLast('/'); @@ -1266,7 +1266,7 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array { $commands = $commands->map(function ($line) { if ( - !str(trim($line))->startsWith([ + ! str(trim($line))->startsWith([ 'cd', 'command', 'echo', @@ -1287,7 +1287,7 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array $commands = $commands->map(function ($line) use ($server) { if (Str::startsWith($line, 'sudo mkdir -p')) { - return "$line && sudo chown -R $server->user:$server->user " . Str::after($line, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($line, 'sudo mkdir -p'); + return "$line && sudo chown -R $server->user:$server->user ".Str::after($line, 'sudo mkdir -p').' && sudo chmod -R o-rwx '.Str::after($line, 'sudo mkdir -p'); } return $line; @@ -1315,11 +1315,11 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array } function parseLineForSudo(string $command, Server $server): string { - if (!str($command)->startSwith('cd') && !str($command)->startSwith('command')) { + if (! str($command)->startSwith('cd') && ! str($command)->startSwith('command')) { $command = "sudo $command"; } if (Str::startsWith($command, 'sudo mkdir -p')) { - $command = "$command && sudo chown -R $server->user:$server->user " . Str::after($command, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($command, 'sudo mkdir -p'); + $command = "$command && sudo chown -R $server->user:$server->user ".Str::after($command, 'sudo mkdir -p').' && sudo chmod -R o-rwx '.Str::after($command, 'sudo mkdir -p'); } if (str($command)->contains('$(') || str($command)->contains('`')) { $command = str($command)->replace('$(', '$(sudo ')->replace('`', '`sudo ')->value(); @@ -1441,7 +1441,7 @@ function parseServiceVolumes($serviceVolumes, $resource, $topLevelVolumes, $pull $isDirectory = data_get($foundConfig, 'is_directory'); } else { $isDirectory = (bool) data_get($volume, 'isDirectory', null) || (bool) data_get($volume, 'is_directory', null); - if ((is_null($isDirectory) || !$isDirectory) && is_null($content)) { + if ((is_null($isDirectory) || ! $isDirectory) && is_null($content)) { // if isDirectory is not set (or false) & content is also not set, we assume it is a directory ray('setting isDirectory to true'); $isDirectory = true; @@ -1456,9 +1456,9 @@ function parseServiceVolumes($serviceVolumes, $resource, $topLevelVolumes, $pull return $volume; } if (get_class($resource) === \App\Models\Application::class) { - $dir = base_configuration_dir() . '/applications/' . $resource->uuid; + $dir = base_configuration_dir().'/applications/'.$resource->uuid; } else { - $dir = base_configuration_dir() . '/services/' . $resource->service->uuid; + $dir = base_configuration_dir().'/services/'.$resource->service->uuid; } if ($source->startsWith('.')) { @@ -1468,9 +1468,9 @@ function parseServiceVolumes($serviceVolumes, $resource, $topLevelVolumes, $pull $source = $source->replaceFirst('~', $dir); } if ($pull_request_id !== 0) { - $source = $source . "-pr-$pull_request_id"; + $source = $source."-pr-$pull_request_id"; } - if (!$resource?->settings?->is_preserve_repository_enabled || $foundConfig?->is_based_on_git) { + if (! $resource?->settings?->is_preserve_repository_enabled || $foundConfig?->is_based_on_git) { LocalFileVolume::updateOrCreate( [ 'mount_path' => $target, @@ -1599,7 +1599,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal if ($serviceLabels->count() > 0) { $removedLabels = collect([]); $serviceLabels = $serviceLabels->filter(function ($serviceLabel, $serviceLabelName) use ($removedLabels) { - if (!str($serviceLabel)->contains('=')) { + if (! str($serviceLabel)->contains('=')) { $removedLabels->put($serviceLabelName, $serviceLabel); return false; @@ -1681,7 +1681,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) { return $value == $networkName || $key == $networkName; }); - if (!$networkExists) { + if (! $networkExists) { if (is_string($networkDetails) || is_int($networkDetails)) { $topLevelNetworks->put($networkDetails, null); } @@ -1707,12 +1707,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $savedService->ports = $collectedPorts->implode(','); $savedService->save(); - if (!$hasHostNetworkMode) { + if (! $hasHostNetworkMode) { // Add Coolify specific networks $definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) { return $value == $definedNetwork; }); - if (!$definedNetworkExists) { + if (! $definedNetworkExists) { foreach ($definedNetwork as $network) { $topLevelNetworks->put($network, [ 'name' => $network, @@ -1924,9 +1924,9 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $fqdn = "$fqdn$path"; } - if (!$isDatabase) { + if (! $isDatabase) { if ($savedService->fqdn) { - data_set($savedService, 'fqdn', $savedService->fqdn . ',' . $fqdn); + data_set($savedService, 'fqdn', $savedService->fqdn.','.$fqdn); } else { data_set($savedService, 'fqdn', $fqdn); } @@ -1941,7 +1941,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal ]); } // Caddy needs exact port in some cases. - if ($predefinedPort && !$key->endsWith("_{$predefinedPort}")) { + if ($predefinedPort && ! $key->endsWith("_{$predefinedPort}")) { $fqdns_exploded = str($savedService->fqdn)->explode(','); if ($fqdns_exploded->count() > 1) { continue; @@ -1981,12 +1981,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal 'service_id' => $resource->id, ])->first(); ['command' => $command, 'forService' => $forService, 'generatedValue' => $generatedValue, 'port' => $port] = parseEnvVariable($value); - if (!is_null($command)) { + if (! is_null($command)) { if ($command?->value() === 'FQDN' || $command?->value() === 'URL') { if (Str::lower($forService) === $serviceName) { $fqdn = generateFqdn($resource->server, $containerName); } else { - $fqdn = generateFqdn($resource->server, Str::lower($forService) . '-' . $resource->uuid); + $fqdn = generateFqdn($resource->server, Str::lower($forService).'-'.$resource->uuid); } if ($port) { $fqdn = "$fqdn:$port"; @@ -2016,13 +2016,13 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal 'is_preview' => false, ]); } - if (!$isDatabase) { - if ($command->value() === 'FQDN' && is_null($savedService->fqdn) && !$foundEnv) { + if (! $isDatabase) { + if ($command->value() === 'FQDN' && is_null($savedService->fqdn) && ! $foundEnv) { $savedService->fqdn = $fqdn; $savedService->save(); } // Caddy needs exact port in some cases. - if ($predefinedPort && !$key->endsWith("_{$predefinedPort}") && $command?->value() === 'FQDN' && $resource->server->proxyType() === 'CADDY') { + if ($predefinedPort && ! $key->endsWith("_{$predefinedPort}") && $command?->value() === 'FQDN' && $resource->server->proxyType() === 'CADDY') { $fqdns_exploded = str($savedService->fqdn)->explode(','); if ($fqdns_exploded->count() > 1) { continue; @@ -2044,7 +2044,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal } } else { $generatedValue = generateEnvValue($command, $resource); - if (!$foundEnv) { + if (! $foundEnv) { EnvironmentVariable::create([ 'key' => $key, 'value' => $generatedValue, @@ -2099,7 +2099,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal } $defaultLabels = defaultLabels($resource->id, $containerName, type: 'service', subType: $isDatabase ? 'database' : 'application', subId: $savedService->id); $serviceLabels = $serviceLabels->merge($defaultLabels); - if (!$isDatabase && $fqdns->count() > 0) { + if (! $isDatabase && $fqdns->count() > 0) { if ($fqdns) { $shouldGenerateLabelsExactly = $resource->server->settings->generate_exact_labels; if ($shouldGenerateLabelsExactly) { @@ -2167,7 +2167,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal } data_set($service, 'labels', $serviceLabels->toArray()); data_forget($service, 'is_database'); - if (!data_get($service, 'restart')) { + if (! data_get($service, 'restart')) { data_set($service, 'restart', RESTART_MODE); } if (data_get($service, 'restart') === 'no' || data_get($service, 'exclude_from_hc')) { @@ -2206,21 +2206,21 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $parsedServiceVariables->put('COOLIFY_CONTAINER_NAME', "$serviceName-{$resource->uuid}"); // TODO: move this in a shared function - if (!$parsedServiceVariables->has('COOLIFY_APP_NAME')) { + if (! $parsedServiceVariables->has('COOLIFY_APP_NAME')) { $parsedServiceVariables->put('COOLIFY_APP_NAME', "\"{$resource->name}\""); } - if (!$parsedServiceVariables->has('COOLIFY_SERVER_IP')) { + if (! $parsedServiceVariables->has('COOLIFY_SERVER_IP')) { $parsedServiceVariables->put('COOLIFY_SERVER_IP', "\"{$resource->destination->server->ip}\""); } - if (!$parsedServiceVariables->has('COOLIFY_ENVIRONMENT_NAME')) { + if (! $parsedServiceVariables->has('COOLIFY_ENVIRONMENT_NAME')) { $parsedServiceVariables->put('COOLIFY_ENVIRONMENT_NAME', "\"{$resource->environment->name}\""); } - if (!$parsedServiceVariables->has('COOLIFY_PROJECT_NAME')) { + if (! $parsedServiceVariables->has('COOLIFY_PROJECT_NAME')) { $parsedServiceVariables->put('COOLIFY_PROJECT_NAME', "\"{$resource->project()->name}\""); } $parsedServiceVariables = $parsedServiceVariables->map(function ($value, $key) use ($envs_from_coolify) { - if (!str($value)->startsWith('$')) { + if (! str($value)->startsWith('$')) { $found_env = $envs_from_coolify->where('key', $key)->first(); if ($found_env) { return $found_env->value; @@ -2304,7 +2304,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal if ($serviceLabels->count() > 0) { $removedLabels = collect([]); $serviceLabels = $serviceLabels->filter(function ($serviceLabel, $serviceLabelName) use ($removedLabels) { - if (!str($serviceLabel)->contains('=')) { + if (! str($serviceLabel)->contains('=')) { $removedLabels->put($serviceLabelName, $serviceLabel); return false; @@ -2324,11 +2324,11 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $serviceVolumes = $serviceVolumes->map(function ($volume) use ($resource, $topLevelVolumes, $pull_request_id) { if (is_string($volume)) { $volume = str($volume); - if ($volume->contains(':') && !$volume->startsWith('/')) { + if ($volume->contains(':') && ! $volume->startsWith('/')) { $name = $volume->before(':'); $mount = $volume->after(':'); if ($name->startsWith('.') || $name->startsWith('~')) { - $dir = base_configuration_dir() . '/applications/' . $resource->uuid; + $dir = base_configuration_dir().'/applications/'.$resource->uuid; if ($name->startsWith('.')) { $name = $name->replaceFirst('.', $dir); } @@ -2336,12 +2336,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $name = $name->replaceFirst('~', $dir); } if ($pull_request_id !== 0) { - $name = $name . "-pr-$pull_request_id"; + $name = $name."-pr-$pull_request_id"; } $volume = str("$name:$mount"); } else { if ($pull_request_id !== 0) { - $name = $name . "-pr-$pull_request_id"; + $name = $name."-pr-$pull_request_id"; $volume = str("$name:$mount"); if ($topLevelVolumes->has($name)) { $v = $topLevelVolumes->get($name); @@ -2380,7 +2380,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $name = $volume->before(':'); $mount = $volume->after(':'); if ($pull_request_id !== 0) { - $name = $name . "-pr-$pull_request_id"; + $name = $name."-pr-$pull_request_id"; } $volume = str("$name:$mount"); } @@ -2391,7 +2391,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $read_only = data_get($volume, 'read_only'); if ($source && $target) { if ((str($source)->startsWith('.') || str($source)->startsWith('~'))) { - $dir = base_configuration_dir() . '/applications/' . $resource->uuid; + $dir = base_configuration_dir().'/applications/'.$resource->uuid; if (str($source, '.')) { $source = str($source)->replaceFirst('.', $dir); } @@ -2399,23 +2399,23 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $source = str($source)->replaceFirst('~', $dir); } if ($pull_request_id !== 0) { - $source = $source . "-pr-$pull_request_id"; + $source = $source."-pr-$pull_request_id"; } if ($read_only) { - data_set($volume, 'source', $source . ':' . $target . ':ro'); + data_set($volume, 'source', $source.':'.$target.':ro'); } else { - data_set($volume, 'source', $source . ':' . $target); + data_set($volume, 'source', $source.':'.$target); } } else { if ($pull_request_id !== 0) { - $source = $source . "-pr-$pull_request_id"; + $source = $source."-pr-$pull_request_id"; } if ($read_only) { - data_set($volume, 'source', $source . ':' . $target . ':ro'); + data_set($volume, 'source', $source.':'.$target.':ro'); } else { - data_set($volume, 'source', $source . ':' . $target); + data_set($volume, 'source', $source.':'.$target); } - if (!str($source)->startsWith('/')) { + if (! str($source)->startsWith('/')) { if ($topLevelVolumes->has($source)) { $v = $topLevelVolumes->get($source); if (data_get($v, 'driver_opts.type') === 'cifs') { @@ -2448,11 +2448,11 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $serviceVolumes = $serviceVolumes->map(function ($volume) use ($resource, $topLevelVolumes, $pull_request_id) { if (is_string($volume)) { $volume = str($volume); - if ($volume->contains(':') && !$volume->startsWith('/')) { + if ($volume->contains(':') && ! $volume->startsWith('/')) { $name = $volume->before(':'); $mount = $volume->after(':'); if ($name->startsWith('.') || $name->startsWith('~')) { - $dir = base_configuration_dir() . '/applications/' . $resource->uuid; + $dir = base_configuration_dir().'/applications/'.$resource->uuid; if ($name->startsWith('.')) { $name = $name->replaceFirst('.', $dir); } @@ -2460,13 +2460,13 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $name = $name->replaceFirst('~', $dir); } if ($pull_request_id !== 0) { - $name = $name . "-pr-$pull_request_id"; + $name = $name."-pr-$pull_request_id"; } $volume = str("$name:$mount"); } else { if ($pull_request_id !== 0) { $uuid = $resource->uuid; - $name = $uuid . "-$name-pr-$pull_request_id"; + $name = $uuid."-$name-pr-$pull_request_id"; $volume = str("$name:$mount"); if ($topLevelVolumes->has($name)) { $v = $topLevelVolumes->get($name); @@ -2485,7 +2485,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal } } else { $uuid = $resource->uuid; - $name = str($uuid . "-$name"); + $name = str($uuid."-$name"); $volume = str("$name:$mount"); if ($topLevelVolumes->has($name->value())) { $v = $topLevelVolumes->get($name->value()); @@ -2508,7 +2508,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $name = $volume->before(':'); $mount = $volume->after(':'); if ($pull_request_id !== 0) { - $name = $name . "-pr-$pull_request_id"; + $name = $name."-pr-$pull_request_id"; } $volume = str("$name:$mount"); } @@ -2520,7 +2520,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal if ($source && $target) { $uuid = $resource->uuid; if ((str($source)->startsWith('.') || str($source)->startsWith('~') || str($source)->startsWith('/'))) { - $dir = base_configuration_dir() . '/applications/' . $resource->uuid; + $dir = base_configuration_dir().'/applications/'.$resource->uuid; if (str($source, '.')) { $source = str($source)->replaceFirst('.', $dir); } @@ -2528,22 +2528,22 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $source = str($source)->replaceFirst('~', $dir); } if ($read_only) { - data_set($volume, 'source', $source . ':' . $target . ':ro'); + data_set($volume, 'source', $source.':'.$target.':ro'); } else { - data_set($volume, 'source', $source . ':' . $target); + data_set($volume, 'source', $source.':'.$target); } } else { if ($pull_request_id === 0) { - $source = $uuid . "-$source"; + $source = $uuid."-$source"; } else { - $source = $uuid . "-$source-pr-$pull_request_id"; + $source = $uuid."-$source-pr-$pull_request_id"; } if ($read_only) { - data_set($volume, 'source', $source . ':' . $target . ':ro'); + data_set($volume, 'source', $source.':'.$target.':ro'); } else { - data_set($volume, 'source', $source . ':' . $target); + data_set($volume, 'source', $source.':'.$target); } - if (!str($source)->startsWith('/')) { + if (! str($source)->startsWith('/')) { if ($topLevelVolumes->has($source)) { $v = $topLevelVolumes->get($source); if (data_get($v, 'driver_opts.type') === 'cifs') { @@ -2576,7 +2576,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal if ($pull_request_id !== 0 && count($serviceDependencies) > 0) { $serviceDependencies = $serviceDependencies->map(function ($dependency) use ($pull_request_id) { - return $dependency . "-pr-$pull_request_id"; + return $dependency."-pr-$pull_request_id"; }); data_set($service, 'depends_on', $serviceDependencies->toArray()); } @@ -2598,7 +2598,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) { return $value == $networkName || $key == $networkName; }); - if (!$networkExists) { + if (! $networkExists) { if (is_string($networkDetails) || is_int($networkDetails)) { $topLevelNetworks->put($networkDetails, null); } @@ -2626,7 +2626,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal $definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) { return $value == $definedNetwork; }); - if (!$definedNetworkExists) { + if (! $definedNetworkExists) { foreach ($definedNetwork as $network) { if ($pull_request_id !== 0) { $topLevelNetworks->put($network, [ @@ -2744,12 +2744,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal 'application_id' => $resource->id, ])->first(); ['command' => $command, 'forService' => $forService, 'generatedValue' => $generatedValue, 'port' => $port] = parseEnvVariable($value); - if (!is_null($command)) { + if (! is_null($command)) { if ($command?->value() === 'FQDN' || $command?->value() === 'URL') { if (Str::lower($forService) === $serviceName) { $fqdn = generateFqdn($server, $containerName); } else { - $fqdn = generateFqdn($server, Str::lower($forService) . '-' . $resource->uuid); + $fqdn = generateFqdn($server, Str::lower($forService).'-'.$resource->uuid); } if ($port) { $fqdn = "$fqdn:$port"; @@ -2770,7 +2770,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal } } else { $generatedValue = generateEnvValue($command); - if (!$foundEnv) { + if (! $foundEnv) { EnvironmentVariable::create([ 'key' => $key, 'value' => $generatedValue, @@ -2942,7 +2942,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal } data_set($service, 'labels', $serviceLabels->toArray()); data_forget($service, 'is_database'); - if (!data_get($service, 'restart')) { + if (! data_get($service, 'restart')) { data_set($service, 'restart', RESTART_MODE); } data_set($service, 'container_name', $containerName); @@ -2953,7 +2953,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal }); if ($pull_request_id !== 0) { $services->each(function ($service, $serviceName) use ($pull_request_id, $services) { - $services[$serviceName . "-pr-$pull_request_id"] = $service; + $services[$serviceName."-pr-$pull_request_id"] = $service; data_forget($services, $serviceName); }); } @@ -2981,7 +2981,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int $uuid = data_get($resource, 'uuid'); $compose = data_get($resource, 'docker_compose_raw'); - if (!$compose) { + if (! $compose) { return collect([]); } @@ -3374,29 +3374,29 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int $isDirectory = data_get($foundConfig, 'is_directory'); } else { // if isDirectory is not set (or false) & content is also not set, we assume it is a directory - if ((is_null($isDirectory) || !$isDirectory) && is_null($content)) { + if ((is_null($isDirectory) || ! $isDirectory) && is_null($content)) { $isDirectory = true; } } } if ($type->value() === 'bind') { if ($source->value() === '/var/run/docker.sock') { - $volume = $source->value() . ':' . $target->value(); + $volume = $source->value().':'.$target->value(); } elseif ($source->value() === '/tmp' || $source->value() === '/tmp/') { - $volume = $source->value() . ':' . $target->value(); + $volume = $source->value().':'.$target->value(); } else { if ((int) $resource->compose_parsing_version >= 4) { if ($isApplication) { - $mainDirectory = str(base_configuration_dir() . '/applications/' . $uuid); + $mainDirectory = str(base_configuration_dir().'/applications/'.$uuid); } elseif ($isService) { - $mainDirectory = str(base_configuration_dir() . '/services/' . $uuid); + $mainDirectory = str(base_configuration_dir().'/services/'.$uuid); } } else { - $mainDirectory = str(base_configuration_dir() . '/applications/' . $uuid); + $mainDirectory = str(base_configuration_dir().'/applications/'.$uuid); } $source = replaceLocalSource($source, $mainDirectory); if ($isApplication && $isPullRequest) { - $source = $source . "-pr-$pullRequestId"; + $source = $source."-pr-$pullRequestId"; } LocalFileVolume::updateOrCreate( [ @@ -3416,12 +3416,12 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int if (isDev()) { if ((int) $resource->compose_parsing_version >= 4) { if ($isApplication) { - $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/' . $uuid); + $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/'.$uuid); } elseif ($isService) { - $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/services/' . $uuid); + $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/services/'.$uuid); } } else { - $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/' . $uuid); + $source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/'.$uuid); } } $volume = "$source:$target"; @@ -3488,7 +3488,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int $depends_on = $newDependsOn; } } - if (!$use_network_mode) { + if (! $use_network_mode) { if ($topLevel->get('networks')?->count() > 0) { foreach ($topLevel->get('networks') as $networkName => $network) { if ($networkName === 'default') { @@ -3501,7 +3501,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int $networkExists = $networks->contains(function ($value, $key) use ($networkName) { return $value == $networkName || $key == $networkName; }); - if (!$networkExists) { + if (! $networkExists) { $networks->put($networkName, null); } } @@ -3509,7 +3509,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int $baseNetworkExists = $networks->contains(function ($value, $_) use ($baseNetwork) { return $value == $baseNetwork; }); - if (!$baseNetworkExists) { + if (! $baseNetworkExists) { foreach ($baseNetwork as $network) { $topLevel->get('networks')->put($network, [ 'name' => $network, @@ -3541,7 +3541,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int $networks_temp = collect(); - if (!$use_network_mode) { + if (! $use_network_mode) { foreach ($networks as $key => $network) { if (gettype($network) === 'string') { // networks: @@ -3572,7 +3572,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int $normalEnvironments = $environment->diffKeys($allMagicEnvironments); $normalEnvironments = $normalEnvironments->filter(function ($value, $key) { - return !str($value)->startsWith('SERVICE_'); + return ! str($value)->startsWith('SERVICE_'); }); foreach ($normalEnvironments as $key => $value) { @@ -3592,7 +3592,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int continue; } - if (!$value->startsWith('$')) { + if (! $value->startsWith('$')) { continue; } if ($key->value() === $parsedValue->value()) { @@ -3723,7 +3723,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int $defaultLabels = defaultLabels($resource->id, $containerName, type: 'service', subType: $isDatabase ? 'database' : 'application', subId: $savedService->id); } // Add COOLIFY_FQDN & COOLIFY_URL to environment - if (!$isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) { + if (! $isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) { $coolifyEnvironments->put('COOLIFY_URL', $fqdns->implode(',')); $urls = $fqdns->map(function ($fqdn) { @@ -3735,7 +3735,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int if ($environment->count() > 0) { $environment = $environment->filter(function ($value, $key) { - return !str($key)->startsWith('SERVICE_FQDN_'); + return ! str($key)->startsWith('SERVICE_FQDN_'); })->map(function ($value, $key) use ($resource) { // if value is empty, set it to null so if you set the environment variable in the .env file (Coolify's UI), it will used if (str($value)->isEmpty()) { @@ -3762,7 +3762,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int }); } } - if (!$isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) { + if (! $isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) { if ($isApplication) { $shouldGenerateLabelsExactly = $resource->destination->server->settings->generate_exact_labels; $uuid = $resource->uuid; @@ -3855,7 +3855,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int 'restart' => $restart->value(), 'labels' => $serviceLabels, ]); - if (!$use_network_mode) { + if (! $use_network_mode) { $payload['networks'] = $networks_temp; } if ($ports->count() > 0) { @@ -3915,7 +3915,7 @@ function isAssociativeArray($array) $array = $array->toArray(); } - if (!is_array($array)) { + if (! is_array($array)) { throw new \InvalidArgumentException('Input must be an array or a Collection.'); } @@ -4028,7 +4028,7 @@ function instanceSettings() function loadConfigFromGit(string $repository, string $branch, string $base_directory, int $server_id, int $team_id) { $server = Server::find($server_id)->where('team_id', $team_id)->first(); - if (!$server) { + if (! $server) { return; } $uuid = new Cuid2; @@ -4055,7 +4055,7 @@ function loadConfigFromGit(string $repository, string $branch, string $base_dire function loggy($message = null, array $context = []) { - if (!isDev()) { + if (! isDev()) { return; } if (function_exists('ray') && config('app.debug')) { @@ -4090,7 +4090,7 @@ function isEmailRateLimited(string $limiterKey, int $decaySeconds = 3600, ?calla $limiterKey, $maxAttempts = 0, function () use (&$rateLimited, &$limiterKey, $callbackOnSuccess) { - isDev() && loggy('Rate limit not reached for ' . $limiterKey); + isDev() && loggy('Rate limit not reached for '.$limiterKey); $rateLimited = false; if ($callbackOnSuccess) { @@ -4099,8 +4099,8 @@ function isEmailRateLimited(string $limiterKey, int $decaySeconds = 3600, ?calla }, $decaySeconds, ); - if (!$executed) { - isDev() && loggy('Rate limit reached for ' . $limiterKey . '. Rate limiter will be disabled for ' . $decaySeconds . ' seconds.'); + if (! $executed) { + isDev() && loggy('Rate limit reached for '.$limiterKey.'. Rate limiter will be disabled for '.$decaySeconds.' seconds.'); $rateLimited = true; } diff --git a/database/migrations/2024_10_30_074601_rename_token_permissions.php b/database/migrations/2024_10_30_074601_rename_token_permissions.php new file mode 100644 index 000000000..2ca98d090 --- /dev/null +++ b/database/migrations/2024_10_30_074601_rename_token_permissions.php @@ -0,0 +1,60 @@ +abilities)) { + $abilities->push('root'); + } + if (in_array('read-only', $token->abilities)) { + $abilities->push('read'); + } + if (in_array('view:sensitive', $token->abilities)) { + $abilities->push('read', 'read:sensitive'); + } + $token->abilities = $abilities->unique()->values()->all(); + $token->save(); + } + } catch (\Exception $e) { + \Log::error('Error renaming token permissions: '.$e->getMessage()); + } + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + try { + $tokens = PersonalAccessToken::all(); + foreach ($tokens as $token) { + $abilities = collect(); + if (in_array('write', $token->abilities)) { + $abilities->push('*'); + } else { + if (in_array('read', $token->abilities)) { + $abilities->push('read-only'); + } + if (in_array('read:sensitive', $token->abilities)) { + $abilities->push('view:sensitive'); + } + } + $token->abilities = $abilities->unique()->values()->all(); + $token->save(); + } + } catch (\Exception $e) { + \Log::error('Error renaming token permissions: '.$e->getMessage()); + } + } +}; diff --git a/resources/views/components/forms/checkbox.blade.php b/resources/views/components/forms/checkbox.blade.php index fb244962d..39704a122 100644 --- a/resources/views/components/forms/checkbox.blade.php +++ b/resources/views/components/forms/checkbox.blade.php @@ -5,8 +5,8 @@ 'disabled' => false, 'instantSave' => false, 'value' => null, + 'domValue' => null, 'checked' => false, - 'hideLabel' => false, 'fullWidth' => false, ]) @@ -14,26 +14,32 @@ 'flex flex-row items-center gap-4 pr-2 py-1 form-control min-w-fit dark:hover:bg-coolgray-100', 'w-full' => $fullWidth, ])> - @if (!$hideLabel) - - @endif + diff --git a/resources/views/livewire/security/api-tokens.blade.php b/resources/views/livewire/security/api-tokens.blade.php index 1bcd64710..5c3c4c81c 100644 --- a/resources/views/livewire/security/api-tokens.blade.php +++ b/resources/views/livewire/security/api-tokens.blade.php @@ -25,21 +25,31 @@
@if ($permissions) @foreach ($permissions as $permission) - @if ($permission === '*') -
Root access, be careful!
- @else -
{{ $permission }}
- @endif +
{{ $permission }}
@endforeach @endif
+

Token Permissions

- - - + + @if (!in_array('root', $permissions)) + + + + + @endif
+ @if (in_array('root', $permissions)) +
Root access, be careful!
+ @endif @if (session()->has('token'))
Please copy this token now. For your security, it won't be shown @@ -50,12 +60,13 @@

Issued Tokens

@forelse ($tokens as $token) -
+
Description: {{ $token->name }}
Last used: {{ $token->last_used_at ? $token->last_used_at->diffForHumans() : 'Never' }}
@if ($token->abilities) - Abilities: + Permissions: @foreach ($token->abilities as $ability)
{{ $ability }}
@endforeach diff --git a/resources/views/livewire/team/admin-view.blade.php b/resources/views/livewire/team/admin-view.blade.php index 26da967ab..7aa623122 100644 --- a/resources/views/livewire/team/admin-view.blade.php +++ b/resources/views/livewire/team/admin-view.blade.php @@ -10,7 +10,8 @@

Users

@forelse ($users as $user) -
+
{{ $user->name }}
{{ $user->email }}
diff --git a/routes/api.php b/routes/api.php index e8425aeb1..9ad64c40c 100644 --- a/routes/api.php +++ b/routes/api.php @@ -11,8 +11,6 @@ use App\Http\Controllers\Api\ServersController; use App\Http\Controllers\Api\ServicesController; use App\Http\Controllers\Api\TeamController; use App\Http\Middleware\ApiAllowed; -use App\Http\Middleware\IgnoreReadOnlyApiToken; -use App\Http\Middleware\OnlyRootApiToken; use App\Jobs\PushServerUpdateJob; use App\Models\Server; use Illuminate\Support\Facades\Route; @@ -21,113 +19,113 @@ Route::get('/health', [OtherController::class, 'healthcheck']); Route::post('/feedback', [OtherController::class, 'feedback']); Route::group([ - 'middleware' => ['auth:sanctum', OnlyRootApiToken::class], + 'middleware' => ['auth:sanctum', 'api.ability:write'], 'prefix' => 'v1', ], function () { Route::get('/enable', [OtherController::class, 'enable_api']); Route::get('/disable', [OtherController::class, 'disable_api']); }); Route::group([ - 'middleware' => ['auth:sanctum', ApiAllowed::class], + 'middleware' => ['auth:sanctum', ApiAllowed::class, 'api.sensitive'], 'prefix' => 'v1', ], function () { - Route::get('/version', [OtherController::class, 'version']); + Route::get('/version', [OtherController::class, 'version'])->middleware(['api.ability:read']); - Route::get('/teams', [TeamController::class, 'teams']); - Route::get('/teams/current', [TeamController::class, 'current_team']); - Route::get('/teams/current/members', [TeamController::class, 'current_team_members']); - Route::get('/teams/{id}', [TeamController::class, 'team_by_id']); - Route::get('/teams/{id}/members', [TeamController::class, 'members_by_id']); + Route::get('/teams', [TeamController::class, 'teams'])->middleware(['api.ability:read']); + Route::get('/teams/current', [TeamController::class, 'current_team'])->middleware(['api.ability:read']); + Route::get('/teams/current/members', [TeamController::class, 'current_team_members'])->middleware(['api.ability:read']); + Route::get('/teams/{id}', [TeamController::class, 'team_by_id'])->middleware(['api.ability:read']); + Route::get('/teams/{id}/members', [TeamController::class, 'members_by_id'])->middleware(['api.ability:read']); - Route::get('/projects', [ProjectController::class, 'projects']); - Route::get('/projects/{uuid}', [ProjectController::class, 'project_by_uuid']); - Route::get('/projects/{uuid}/{environment_name}', [ProjectController::class, 'environment_details']); + Route::get('/projects', [ProjectController::class, 'projects'])->middleware(['api.ability:read']); + Route::get('/projects/{uuid}', [ProjectController::class, 'project_by_uuid'])->middleware(['api.ability:read']); + Route::get('/projects/{uuid}/{environment_name}', [ProjectController::class, 'environment_details'])->middleware(['api.ability:read']); - Route::post('/projects', [ProjectController::class, 'create_project']); - Route::patch('/projects/{uuid}', [ProjectController::class, 'update_project']); - Route::delete('/projects/{uuid}', [ProjectController::class, 'delete_project']); + Route::post('/projects', [ProjectController::class, 'create_project'])->middleware(['api.ability:read']); + Route::patch('/projects/{uuid}', [ProjectController::class, 'update_project'])->middleware(['api.ability:write']); + Route::delete('/projects/{uuid}', [ProjectController::class, 'delete_project'])->middleware(['api.ability:write']); - Route::get('/security/keys', [SecurityController::class, 'keys']); - Route::post('/security/keys', [SecurityController::class, 'create_key'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::get('/security/keys', [SecurityController::class, 'keys'])->middleware(['api.ability:read']); + Route::post('/security/keys', [SecurityController::class, 'create_key'])->middleware(['api.ability:write']); - Route::get('/security/keys/{uuid}', [SecurityController::class, 'key_by_uuid']); - Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::get('/security/keys/{uuid}', [SecurityController::class, 'key_by_uuid'])->middleware(['api.ability:read']); + Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware(['api.ability:write']); + Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware(['api.ability:write']); - Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::get('/deployments', [DeployController::class, 'deployments']); - Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid']); + Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])->middleware(['api.ability:write,deploy']); + Route::get('/deployments', [DeployController::class, 'deployments'])->middleware(['api.ability:read']); + Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid'])->middleware(['api.ability:read']); - Route::get('/servers', [ServersController::class, 'servers']); - Route::get('/servers/{uuid}', [ServersController::class, 'server_by_uuid']); - Route::get('/servers/{uuid}/domains', [ServersController::class, 'domains_by_server']); - Route::get('/servers/{uuid}/resources', [ServersController::class, 'resources_by_server']); + Route::get('/servers', [ServersController::class, 'servers'])->middleware(['api.ability:read']); + Route::get('/servers/{uuid}', [ServersController::class, 'server_by_uuid'])->middleware(['api.ability:read']); + Route::get('/servers/{uuid}/domains', [ServersController::class, 'domains_by_server'])->middleware(['api.ability:read']); + Route::get('/servers/{uuid}/resources', [ServersController::class, 'resources_by_server'])->middleware(['api.ability:read']); - Route::get('/servers/{uuid}/validate', [ServersController::class, 'validate_server']); + Route::get('/servers/{uuid}/validate', [ServersController::class, 'validate_server'])->middleware(['api.ability:read']); - Route::post('/servers', [ServersController::class, 'create_server']); - Route::patch('/servers/{uuid}', [ServersController::class, 'update_server']); - Route::delete('/servers/{uuid}', [ServersController::class, 'delete_server']); + Route::post('/servers', [ServersController::class, 'create_server'])->middleware(['api.ability:read']); + Route::patch('/servers/{uuid}', [ServersController::class, 'update_server'])->middleware(['api.ability:write']); + Route::delete('/servers/{uuid}', [ServersController::class, 'delete_server'])->middleware(['api.ability:write']); - Route::get('/resources', [ResourcesController::class, 'resources']); + Route::get('/resources', [ResourcesController::class, 'resources'])->middleware(['api.ability:read']); - Route::get('/applications', [ApplicationsController::class, 'applications']); - Route::post('/applications/public', [ApplicationsController::class, 'create_public_application'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/applications/private-github-app', [ApplicationsController::class, 'create_private_gh_app_application'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/applications/private-deploy-key', [ApplicationsController::class, 'create_private_deploy_key_application'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/applications/dockerfile', [ApplicationsController::class, 'create_dockerfile_application'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/applications/dockerimage', [ApplicationsController::class, 'create_dockerimage_application'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/applications/dockercompose', [ApplicationsController::class, 'create_dockercompose_application'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::get('/applications', [ApplicationsController::class, 'applications'])->middleware(['api.ability:read']); + Route::post('/applications/public', [ApplicationsController::class, 'create_public_application'])->middleware(['api.ability:write']); + Route::post('/applications/private-github-app', [ApplicationsController::class, 'create_private_gh_app_application'])->middleware(['api.ability:write']); + Route::post('/applications/private-deploy-key', [ApplicationsController::class, 'create_private_deploy_key_application'])->middleware(['api.ability:write']); + Route::post('/applications/dockerfile', [ApplicationsController::class, 'create_dockerfile_application'])->middleware(['api.ability:write']); + Route::post('/applications/dockerimage', [ApplicationsController::class, 'create_dockerimage_application'])->middleware(['api.ability:write']); + Route::post('/applications/dockercompose', [ApplicationsController::class, 'create_dockercompose_application'])->middleware(['api.ability:write']); - Route::get('/applications/{uuid}', [ApplicationsController::class, 'application_by_uuid']); - Route::patch('/applications/{uuid}', [ApplicationsController::class, 'update_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::delete('/applications/{uuid}', [ApplicationsController::class, 'delete_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::get('/applications/{uuid}', [ApplicationsController::class, 'application_by_uuid'])->middleware(['api.ability:read']); + Route::patch('/applications/{uuid}', [ApplicationsController::class, 'update_by_uuid'])->middleware(['api.ability:write']); + Route::delete('/applications/{uuid}', [ApplicationsController::class, 'delete_by_uuid'])->middleware(['api.ability:write']); - Route::get('/applications/{uuid}/envs', [ApplicationsController::class, 'envs']); - Route::post('/applications/{uuid}/envs', [ApplicationsController::class, 'create_env'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::patch('/applications/{uuid}/envs/bulk', [ApplicationsController::class, 'create_bulk_envs'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::patch('/applications/{uuid}/envs', [ApplicationsController::class, 'update_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::delete('/applications/{uuid}/envs/{env_uuid}', [ApplicationsController::class, 'delete_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); - // Route::post('/applications/{uuid}/execute', [ApplicationsController::class, 'execute_command_by_uuid'])->middleware([OnlyRootApiToken::class]); + Route::get('/applications/{uuid}/envs', [ApplicationsController::class, 'envs'])->middleware(['api.ability:read']); + Route::post('/applications/{uuid}/envs', [ApplicationsController::class, 'create_env'])->middleware(['api.ability:write']); + Route::patch('/applications/{uuid}/envs/bulk', [ApplicationsController::class, 'create_bulk_envs'])->middleware(['api.ability:write']); + Route::patch('/applications/{uuid}/envs', [ApplicationsController::class, 'update_env_by_uuid'])->middleware(['api.ability:write']); + Route::delete('/applications/{uuid}/envs/{env_uuid}', [ApplicationsController::class, 'delete_env_by_uuid'])->middleware(['api.ability:write']); + // Route::post('/applications/{uuid}/execute', [ApplicationsController::class, 'execute_command_by_uuid'])->middleware(['ability:write']); - Route::match(['get', 'post'], '/applications/{uuid}/start', [ApplicationsController::class, 'action_deploy'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::match(['get', 'post'], '/applications/{uuid}/restart', [ApplicationsController::class, 'action_restart'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::match(['get', 'post'], '/applications/{uuid}/start', [ApplicationsController::class, 'action_deploy'])->middleware(['api.ability:write']); + Route::match(['get', 'post'], '/applications/{uuid}/restart', [ApplicationsController::class, 'action_restart'])->middleware(['api.ability:write']); + Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware(['api.ability:write']); - Route::get('/databases', [DatabasesController::class, 'databases']); - Route::post('/databases/postgresql', [DatabasesController::class, 'create_database_postgresql'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/databases/mysql', [DatabasesController::class, 'create_database_mysql'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/databases/mariadb', [DatabasesController::class, 'create_database_mariadb'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/databases/mongodb', [DatabasesController::class, 'create_database_mongodb'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/databases/redis', [DatabasesController::class, 'create_database_redis'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/databases/clickhouse', [DatabasesController::class, 'create_database_clickhouse'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/databases/dragonfly', [DatabasesController::class, 'create_database_dragonfly'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::post('/databases/keydb', [DatabasesController::class, 'create_database_keydb'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::get('/databases', [DatabasesController::class, 'databases'])->middleware(['api.ability:read']); + Route::post('/databases/postgresql', [DatabasesController::class, 'create_database_postgresql'])->middleware(['api.ability:write']); + Route::post('/databases/mysql', [DatabasesController::class, 'create_database_mysql'])->middleware(['api.ability:write']); + Route::post('/databases/mariadb', [DatabasesController::class, 'create_database_mariadb'])->middleware(['api.ability:write']); + Route::post('/databases/mongodb', [DatabasesController::class, 'create_database_mongodb'])->middleware(['api.ability:write']); + Route::post('/databases/redis', [DatabasesController::class, 'create_database_redis'])->middleware(['api.ability:write']); + Route::post('/databases/clickhouse', [DatabasesController::class, 'create_database_clickhouse'])->middleware(['api.ability:write']); + Route::post('/databases/dragonfly', [DatabasesController::class, 'create_database_dragonfly'])->middleware(['api.ability:write']); + Route::post('/databases/keydb', [DatabasesController::class, 'create_database_keydb'])->middleware(['api.ability:write']); - Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid']); - Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid'])->middleware(['api.ability:read']); + Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware(['api.ability:write']); + Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']); - Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::match(['get', 'post'], '/databases/{uuid}/stop', [DatabasesController::class, 'action_stop'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware(['api.ability:write']); + Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware(['api.ability:write']); + Route::match(['get', 'post'], '/databases/{uuid}/stop', [DatabasesController::class, 'action_stop'])->middleware(['api.ability:write']); - Route::get('/services', [ServicesController::class, 'services']); - Route::post('/services', [ServicesController::class, 'create_service'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::get('/services', [ServicesController::class, 'services'])->middleware(['api.ability:read']); + Route::post('/services', [ServicesController::class, 'create_service'])->middleware(['api.ability:write']); - Route::get('/services/{uuid}', [ServicesController::class, 'service_by_uuid']); - // Route::patch('/services/{uuid}', [ServicesController::class, 'update_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::delete('/services/{uuid}', [ServicesController::class, 'delete_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::get('/services/{uuid}', [ServicesController::class, 'service_by_uuid'])->middleware(['api.ability:read']); + // Route::patch('/services/{uuid}', [ServicesController::class, 'update_by_uuid'])->middleware(['ability:write']); + Route::delete('/services/{uuid}', [ServicesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']); - Route::get('/services/{uuid}/envs', [ServicesController::class, 'envs']); - Route::post('/services/{uuid}/envs', [ServicesController::class, 'create_env'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::patch('/services/{uuid}/envs/bulk', [ServicesController::class, 'create_bulk_envs'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::patch('/services/{uuid}/envs', [ServicesController::class, 'update_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::delete('/services/{uuid}/envs/{env_uuid}', [ServicesController::class, 'delete_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::get('/services/{uuid}/envs', [ServicesController::class, 'envs'])->middleware(['api.ability:read']); + Route::post('/services/{uuid}/envs', [ServicesController::class, 'create_env'])->middleware(['api.ability:write']); + Route::patch('/services/{uuid}/envs/bulk', [ServicesController::class, 'create_bulk_envs'])->middleware(['api.ability:write']); + Route::patch('/services/{uuid}/envs', [ServicesController::class, 'update_env_by_uuid'])->middleware(['api.ability:write']); + Route::delete('/services/{uuid}/envs/{env_uuid}', [ServicesController::class, 'delete_env_by_uuid'])->middleware(['api.ability:write']); - Route::match(['get', 'post'], '/services/{uuid}/start', [ServicesController::class, 'action_deploy'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::match(['get', 'post'], '/services/{uuid}/restart', [ServicesController::class, 'action_restart'])->middleware([IgnoreReadOnlyApiToken::class]); - Route::match(['get', 'post'], '/services/{uuid}/stop', [ServicesController::class, 'action_stop'])->middleware([IgnoreReadOnlyApiToken::class]); + Route::match(['get', 'post'], '/services/{uuid}/start', [ServicesController::class, 'action_deploy'])->middleware(['api.ability:write']); + Route::match(['get', 'post'], '/services/{uuid}/restart', [ServicesController::class, 'action_restart'])->middleware(['api.ability:write']); + Route::match(['get', 'post'], '/services/{uuid}/stop', [ServicesController::class, 'action_stop'])->middleware(['api.ability:write']); }); Route::group([ diff --git a/routes/web.php b/routes/web.php index d8ba925f2..f7bec5be5 100644 --- a/routes/web.php +++ b/routes/web.php @@ -12,8 +12,8 @@ use App\Livewire\Destination\Show as DestinationShow; use App\Livewire\ForcePasswordReset; use App\Livewire\Notifications\Discord as NotificationDiscord; use App\Livewire\Notifications\Email as NotificationEmail; -use App\Livewire\Notifications\Telegram as NotificationTelegram; use App\Livewire\Notifications\Slack as NotificationSlack; +use App\Livewire\Notifications\Telegram as NotificationTelegram; use App\Livewire\Profile\Index as ProfileIndex; use App\Livewire\Project\Application\Configuration as ApplicationConfiguration; use App\Livewire\Project\Application\Deployment\Index as DeploymentIndex; @@ -287,7 +287,7 @@ Route::middleware(['auth'])->group(function () { 'privateKey' => $privateKeyLocation, 'root' => '/', ]); - if (!$disk->exists($filename)) { + if (! $disk->exists($filename)) { return response()->json(['message' => 'Backup not found.'], 404); } @@ -299,7 +299,7 @@ Route::middleware(['auth'])->group(function () { if ($stream === false || is_null($stream)) { abort(500, 'Failed to open stream for the requested file.'); } - while (!feof($stream)) { + while (! feof($stream)) { echo fread($stream, 2048); flush(); } @@ -307,7 +307,7 @@ Route::middleware(['auth'])->group(function () { fclose($stream); }, 200, [ 'Content-Type' => 'application/octet-stream', - 'Content-Disposition' => 'attachment; filename="' . basename($filename) . '"', + 'Content-Disposition' => 'attachment; filename="'.basename($filename).'"', ]); } catch (\Throwable $e) { return response()->json(['message' => $e->getMessage()], 500);