feat: add deploy-only token permission
This commit is contained in:
Kael
@@ -12,10 +12,9 @@ class ApiTokens extends Component
|
|||||||
public $tokens = [];
|
public $tokens = [];
|
||||||
|
|
||||||
public bool $viewSensitiveData = false;
|
public bool $viewSensitiveData = false;
|
||||||
|
|
||||||
public bool $readOnly = true;
|
public bool $readOnly = true;
|
||||||
|
|
||||||
public bool $rootAccess = false;
|
public bool $rootAccess = false;
|
||||||
|
public bool $triggerDeploy = false;
|
||||||
|
|
||||||
public array $permissions = ['read-only'];
|
public array $permissions = ['read-only'];
|
||||||
|
|
||||||
@@ -62,12 +61,25 @@ class ApiTokens extends Component
|
|||||||
$this->permissions = ['*'];
|
$this->permissions = ['*'];
|
||||||
$this->readOnly = false;
|
$this->readOnly = false;
|
||||||
$this->viewSensitiveData = false;
|
$this->viewSensitiveData = false;
|
||||||
|
$this->triggerDeploy = false;
|
||||||
} else {
|
} else {
|
||||||
$this->readOnly = true;
|
$this->readOnly = true;
|
||||||
$this->permissions = ['read-only'];
|
$this->permissions = ['read-only'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function updatedTriggerDeploy()
|
||||||
|
{
|
||||||
|
if ($this->triggerDeploy) {
|
||||||
|
$this->permissions[] = 'trigger-deploy';
|
||||||
|
$this->permissions = array_diff($this->permissions, ['*']);
|
||||||
|
$this->rootAccess = false;
|
||||||
|
} else {
|
||||||
|
$this->permissions = array_diff($this->permissions, ['trigger-deploy']);
|
||||||
|
}
|
||||||
|
$this->makeSureOneIsSelected();
|
||||||
|
}
|
||||||
|
|
||||||
public function makeSureOneIsSelected()
|
public function makeSureOneIsSelected()
|
||||||
{
|
{
|
||||||
if (count($this->permissions) == 0) {
|
if (count($this->permissions) == 0) {
|
||||||
|
|||||||
@@ -39,6 +39,7 @@
|
|||||||
<x-forms.checkbox label="Root Access" wire:model.live="rootAccess"></x-forms.checkbox>
|
<x-forms.checkbox label="Root Access" wire:model.live="rootAccess"></x-forms.checkbox>
|
||||||
<x-forms.checkbox label="Read-only" wire:model.live="readOnly"></x-forms.checkbox>
|
<x-forms.checkbox label="Read-only" wire:model.live="readOnly"></x-forms.checkbox>
|
||||||
<x-forms.checkbox label="View Sensitive Data" wire:model.live="viewSensitiveData"></x-forms.checkbox>
|
<x-forms.checkbox label="View Sensitive Data" wire:model.live="viewSensitiveData"></x-forms.checkbox>
|
||||||
|
<x-forms.checkbox label="Trigger Deploy Webhooks" wire:model.live="triggerDeploy"></x-forms.checkbox>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
@if (session()->has('token'))
|
@if (session()->has('token'))
|
||||||
|
|||||||
@@ -54,7 +54,8 @@ Route::group([
|
|||||||
Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware([IgnoreReadOnlyApiToken::class]);
|
Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware([IgnoreReadOnlyApiToken::class]);
|
||||||
Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware([IgnoreReadOnlyApiToken::class]);
|
Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware([IgnoreReadOnlyApiToken::class]);
|
||||||
|
|
||||||
Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])->middleware([IgnoreReadOnlyApiToken::class]);
|
Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])
|
||||||
|
->middleware([IgnoreReadOnlyApiToken::class, 'auth:sanctum', 'ability:trigger-deploy']);
|
||||||
Route::get('/deployments', [DeployController::class, 'deployments']);
|
Route::get('/deployments', [DeployController::class, 'deployments']);
|
||||||
Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid']);
|
Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid']);
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user