fix: access team's github apps only
This commit is contained in:
Andras Bacsai
@@ -93,52 +93,55 @@ class Change extends Component
|
|||||||
// }
|
// }
|
||||||
public function mount()
|
public function mount()
|
||||||
{
|
{
|
||||||
$github_app_uuid = request()->github_app_uuid;
|
try {
|
||||||
$this->github_app = GithubApp::where('uuid', $github_app_uuid)->first();
|
$github_app_uuid = request()->github_app_uuid;
|
||||||
if (! $this->github_app) {
|
$this->github_app = GithubApp::ownedByCurrentTeam()->whereUuid($github_app_uuid)->firstOrFail();
|
||||||
return redirect()->route('source.all');
|
|
||||||
}
|
|
||||||
$this->applications = $this->github_app->applications;
|
|
||||||
$settings = instanceSettings();
|
|
||||||
$this->github_app->makeVisible('client_secret')->makeVisible('webhook_secret');
|
|
||||||
|
|
||||||
$this->name = str($this->github_app->name)->kebab();
|
$this->applications = $this->github_app->applications;
|
||||||
$this->fqdn = $settings->fqdn;
|
$settings = instanceSettings();
|
||||||
|
$this->github_app->makeVisible('client_secret')->makeVisible('webhook_secret');
|
||||||
|
|
||||||
if ($settings->public_ipv4) {
|
$this->name = str($this->github_app->name)->kebab();
|
||||||
$this->ipv4 = 'http://'.$settings->public_ipv4.':'.config('app.port');
|
$this->fqdn = $settings->fqdn;
|
||||||
}
|
|
||||||
if ($settings->public_ipv6) {
|
|
||||||
$this->ipv6 = 'http://'.$settings->public_ipv6.':'.config('app.port');
|
|
||||||
}
|
|
||||||
if ($this->github_app->installation_id && session('from')) {
|
|
||||||
$source_id = data_get(session('from'), 'source_id');
|
|
||||||
if (! $source_id || $this->github_app->id !== $source_id) {
|
|
||||||
session()->forget('from');
|
|
||||||
} else {
|
|
||||||
$parameters = data_get(session('from'), 'parameters');
|
|
||||||
$back = data_get(session('from'), 'back');
|
|
||||||
$environment_name = data_get($parameters, 'environment_name');
|
|
||||||
$project_uuid = data_get($parameters, 'project_uuid');
|
|
||||||
$type = data_get($parameters, 'type');
|
|
||||||
$destination = data_get($parameters, 'destination');
|
|
||||||
session()->forget('from');
|
|
||||||
|
|
||||||
return redirect()->route($back, [
|
if ($settings->public_ipv4) {
|
||||||
'environment_name' => $environment_name,
|
$this->ipv4 = 'http://'.$settings->public_ipv4.':'.config('app.port');
|
||||||
'project_uuid' => $project_uuid,
|
|
||||||
'type' => $type,
|
|
||||||
'destination' => $destination,
|
|
||||||
]);
|
|
||||||
}
|
}
|
||||||
|
if ($settings->public_ipv6) {
|
||||||
|
$this->ipv6 = 'http://'.$settings->public_ipv6.':'.config('app.port');
|
||||||
|
}
|
||||||
|
if ($this->github_app->installation_id && session('from')) {
|
||||||
|
$source_id = data_get(session('from'), 'source_id');
|
||||||
|
if (! $source_id || $this->github_app->id !== $source_id) {
|
||||||
|
session()->forget('from');
|
||||||
|
} else {
|
||||||
|
$parameters = data_get(session('from'), 'parameters');
|
||||||
|
$back = data_get(session('from'), 'back');
|
||||||
|
$environment_name = data_get($parameters, 'environment_name');
|
||||||
|
$project_uuid = data_get($parameters, 'project_uuid');
|
||||||
|
$type = data_get($parameters, 'type');
|
||||||
|
$destination = data_get($parameters, 'destination');
|
||||||
|
session()->forget('from');
|
||||||
|
|
||||||
|
return redirect()->route($back, [
|
||||||
|
'environment_name' => $environment_name,
|
||||||
|
'project_uuid' => $project_uuid,
|
||||||
|
'type' => $type,
|
||||||
|
'destination' => $destination,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$this->parameters = get_route_parameters();
|
||||||
|
if (isCloud() && ! isDev()) {
|
||||||
|
$this->webhook_endpoint = config('app.url');
|
||||||
|
} else {
|
||||||
|
$this->webhook_endpoint = $this->ipv4;
|
||||||
|
$this->is_system_wide = $this->github_app->is_system_wide;
|
||||||
|
}
|
||||||
|
} catch (\Throwable $e) {
|
||||||
|
return handleError($e, $this);
|
||||||
}
|
}
|
||||||
$this->parameters = get_route_parameters();
|
|
||||||
if (isCloud() && ! isDev()) {
|
|
||||||
$this->webhook_endpoint = config('app.url');
|
|
||||||
} else {
|
|
||||||
$this->webhook_endpoint = $this->ipv4;
|
|
||||||
$this->is_system_wide = $this->github_app->is_system_wide;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function submit()
|
public function submit()
|
||||||
|
|||||||
@@ -31,6 +31,11 @@ class GithubApp extends BaseModel
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function ownedByCurrentTeam()
|
||||||
|
{
|
||||||
|
return GithubApp::whereTeamId(currentTeam()->id);
|
||||||
|
}
|
||||||
|
|
||||||
public static function public()
|
public static function public()
|
||||||
{
|
{
|
||||||
return GithubApp::whereTeamId(currentTeam()->id)->whereisPublic(true)->whereNotNull('app_id')->get();
|
return GithubApp::whereTeamId(currentTeam()->id)->whereisPublic(true)->whereNotNull('app_id')->get();
|
||||||
|
|||||||
@@ -9,6 +9,11 @@ class GitlabApp extends BaseModel
|
|||||||
'app_secret',
|
'app_secret',
|
||||||
];
|
];
|
||||||
|
|
||||||
|
public static function ownedByCurrentTeam()
|
||||||
|
{
|
||||||
|
return GitlabApp::whereTeamId(currentTeam()->id);
|
||||||
|
}
|
||||||
|
|
||||||
public function applications()
|
public function applications()
|
||||||
{
|
{
|
||||||
return $this->morphMany(Application::class, 'source');
|
return $this->morphMany(Application::class, 'source');
|
||||||
|
|||||||
Reference in New Issue
Block a user