dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat: token permissions

Browse Source 
feat: handle sensitive data
feat: handle read-only data
This commit is contained in:
Andras Bacsai
2024-07-02 12:15:58 +02:00
parent 1249b1ece9
commit c39d6dd407
28 changed files with 328 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
app/Http/Controllers/Api/DatabasesController.php
View File

@@ -20,6 +20,27 @@ use Illuminate\Validation\Rule;
class DatabasesController extends Controller
{
private function removeSensitiveData($database)
{
$token = auth()->user()->currentAccessToken();
if ($token->can('view:sensitive')) {
return serializeApiResponse($database);
}
$database->makeHidden([
'internal_db_url',
'external_db_url',
'postgres_password',
'dragonfly_password',
'redis_password',
'mongo_initdb_root_password',
'keydb_password',
'clickhouse_admin_password',
]);
return serializeApiResponse($database);
}
public function databases(Request $request)
{
$teamId = getTeamIdFromToken();
@@ -32,7 +53,7 @@ class DatabasesController extends Controller
$databases = $databases->merge($project->databases());
}
$databases = $databases->map(function ($database) {
return serializeApiResponse($database);
return $this->removeSensitiveData($database);
});
return response()->json([
@@ -57,7 +78,7 @@ class DatabasesController extends Controller
return response()->json([
'success' => true,
'data' => serializeApiResponse($database),
'data' => $this->removeSensitiveData($database),
]);
}