From d938a6ce8fe76054a57ea385d7065e5a7b6794e0 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <andras.bacsai@gmail.com>
Date: Thu, 24 Oct 2024 14:28:14 +0200
Subject: [PATCH] Refactor ShowPrivateKey component and add validation for
 owned private key

---
 app/Livewire/Server/ShowPrivateKey.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/app/Livewire/Server/ShowPrivateKey.php b/app/Livewire/Server/ShowPrivateKey.php
index b76c0a405..cc77fd611 100644
--- a/app/Livewire/Server/ShowPrivateKey.php
+++ b/app/Livewire/Server/ShowPrivateKey.php
@@ -2,6 +2,7 @@
 
 namespace App\Livewire\Server;
 
+use App\Models\PrivateKey;
 use App\Models\Server;
 use Livewire\Component;
 
@@ -20,6 +21,13 @@ class ShowPrivateKey extends Component
 
     public function setPrivateKey($privateKeyId)
     {
+        $ownedPrivateKey = PrivateKey::ownedByCurrentTeam()->find($privateKeyId);
+        if (is_null($ownedPrivateKey)) {
+            $this->dispatch('error', 'You are not allowed to use this private key.');
+
+            return;
+        }
+
         $originalPrivateKeyId = $this->server->getOriginal('private_key_id');
         try {
             $this->server->update(['private_key_id' => $privateKeyId]);