dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(auth): implement authorization for PrivateKey management

Browse Source 
- Added authorization checks in the Create and Show Livewire components to ensure only authorized users can create, update, and delete PrivateKey instances.
- Introduced a new PrivateKeyPolicy to define access control rules for viewing, creating, updating, and deleting PrivateKey models based on user roles and team associations.
- Updated AuthServiceProvider to register the new PrivateKeyPolicy, enhancing security and access control for PrivateKey functionalities.
This commit is contained in:
Andras Bacsai
2025-08-22 13:02:20 +02:00
parent 3ffc751f1a
commit d8d01e6886
4 changed files with 76 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Livewire/Security/PrivateKey/Create.php
View File

@@ -4,10 +4,13 @@ namespace App\Livewire\Security\PrivateKey;
use App\Models\PrivateKey;
use App\Support\ValidationPatterns;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Livewire\Component;
class Create extends Component
{
use AuthorizesRequests;
public string $name = '';
public string $value = '';
@@ -66,6 +69,7 @@ class Create extends Component
$this->validate();
try {
$this->authorize('create', PrivateKey::class);
$privateKey = PrivateKey::createAndStore([
'name' => $this->name,
'description' => $this->description,

5
app/Livewire/Security/PrivateKey/Show.php
View File

@@ -4,10 +4,13 @@ namespace App\Livewire\Security\PrivateKey;
use App\Models\PrivateKey;
use App\Support\ValidationPatterns;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Livewire\Component;
class Show extends Component
{
use AuthorizesRequests;
public PrivateKey $private_key;
public $public_key = 'Loading...';
@@ -62,6 +65,7 @@ class Show extends Component
public function delete()
{
try {
$this->authorize('delete', $this->private_key);
$this->private_key->safeDelete();
currentTeam()->privateKeys = PrivateKey::where('team_id', currentTeam()->id)->get();
@@ -76,6 +80,7 @@ class Show extends Component
public function changePrivateKey()
{
try {
$this->authorize('update', $this->private_key);
$this->private_key->updatePrivateKey([
'private_key' => formatPrivateKey($this->private_key->private_key),
]);