feat(auth): implement authorization checks for database management
This commit is contained in:
Andras Bacsai
@@ -11,11 +11,14 @@ use App\Models\StandalonePostgresql;
|
||||
use App\Support\ValidationPatterns;
|
||||
use Carbon\Carbon;
|
||||
use Exception;
|
||||
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Livewire\Component;
|
||||
|
||||
class General extends Component
|
||||
{
|
||||
use AuthorizesRequests;
|
||||
|
||||
public StandalonePostgresql $database;
|
||||
|
||||
public Server $server;
|
||||
@@ -118,6 +121,8 @@ class General extends Component
|
||||
public function instantSaveAdvanced()
|
||||
{
|
||||
try {
|
||||
$this->authorize('update', $this->database);
|
||||
|
||||
if (! $this->server->isLogDrainEnabled()) {
|
||||
$this->database->is_log_drain_enabled = false;
|
||||
$this->dispatch('error', 'Log drain is not enabled on the server. Please enable it first.');
|
||||
@@ -140,6 +145,8 @@ class General extends Component
|
||||
public function instantSaveSSL()
|
||||
{
|
||||
try {
|
||||
$this->authorize('update', $this->database);
|
||||
|
||||
$this->database->save();
|
||||
$this->dispatch('success', 'SSL configuration updated.');
|
||||
$this->db_url = $this->database->internal_db_url;
|
||||
@@ -152,6 +159,8 @@ class General extends Component
|
||||
public function regenerateSslCertificate()
|
||||
{
|
||||
try {
|
||||
$this->authorize('update', $this->database);
|
||||
|
||||
$existingCert = $this->database->sslCertificates()->first();
|
||||
|
||||
if (! $existingCert) {
|
||||
@@ -184,6 +193,8 @@ class General extends Component
|
||||
public function instantSave()
|
||||
{
|
||||
try {
|
||||
$this->authorize('update', $this->database);
|
||||
|
||||
if ($this->database->is_public && ! $this->database->public_port) {
|
||||
$this->dispatch('error', 'Public port is required.');
|
||||
$this->database->is_public = false;
|
||||
@@ -214,6 +225,8 @@ class General extends Component
|
||||
|
||||
public function save_init_script($script)
|
||||
{
|
||||
$this->authorize('update', $this->database);
|
||||
|
||||
$initScripts = collect($this->database->init_scripts ?? []);
|
||||
|
||||
$existingScript = $initScripts->firstWhere('filename', $script['filename']);
|
||||
@@ -264,6 +277,8 @@ class General extends Component
|
||||
|
||||
public function delete_init_script($script)
|
||||
{
|
||||
$this->authorize('update', $this->database);
|
||||
|
||||
$collection = collect($this->database->init_scripts);
|
||||
$found = $collection->firstWhere('filename', $script['filename']);
|
||||
if ($found) {
|
||||
@@ -298,6 +313,8 @@ class General extends Component
|
||||
|
||||
public function save_new_init_script()
|
||||
{
|
||||
$this->authorize('update', $this->database);
|
||||
|
||||
$this->validate([
|
||||
'new_filename' => 'required|string',
|
||||
'new_content' => 'required|string',
|
||||
@@ -327,6 +344,8 @@ class General extends Component
|
||||
public function submit()
|
||||
{
|
||||
try {
|
||||
$this->authorize('update', $this->database);
|
||||
|
||||
if (str($this->database->public_port)->isEmpty()) {
|
||||
$this->database->public_port = null;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user