rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(settings): fix 404 on /settings for root user on cloud (#7785)

Browse source
This commit is contained in:
Andras Bacsai 2026-01-02 13:18:07 +01:00 committed by GitHub
commit 009b4e7d48
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 97 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
app/Http/Controllers/Api/TeamController.php
View file

@ -218,7 +218,10 @@ public function current_team(Request $request)
if (is_null($teamId)) {
return invalidTokenResponse();
}
$team = auth()->user()->currentTeam();
$team = auth()->user()->teams->where('id', $teamId)->first();
if (is_null($team)) {
return response()->json(['message' => 'Team not found.'], 404);
}
return response()->json(
$this->removeSensitiveData($team),
@ -263,7 +266,10 @@ public function current_team_members(Request $request)
if (is_null($teamId)) {
return invalidTokenResponse();
}
$team = auth()->user()->currentTeam();
$team = auth()->user()->teams->where('id', $teamId)->first();
if (is_null($team)) {
return response()->json(['message' => 'Team not found.'], 404);
}
$team->members->makeHidden([
'pivot',
'email_change_code',

9
app/Http/Middleware/DecideWhatToDoWithUser.php
View file

@ -18,14 +18,21 @@ public function handle(Request $request, Closure $next): Response
}
if (auth()?->user()?->currentTeam()) {
refreshSession(auth()->user()->currentTeam());
} elseif (auth()?->user()?->teams?->count() > 0) {
// User's session team is invalid (e.g., removed from team), switch to first available team
refreshSession(auth()->user()->teams->first());
}
if (! auth()->user() || ! isCloud() || isInstanceAdmin()) {
if (! auth()->user() || ! isCloud()) {
if (! isCloud() && showBoarding() && ! in_array($request->path(), allowedPathsForBoardingAccounts())) {
return redirect()->route('onboarding');
}
return $next($request);
}
// Instance admins can access settings and admin routes regardless of subscription
if (isInstanceAdmin() && ($request->routeIs('settings.*') || $request->path() === 'admin')) {
return $next($request);
}
if (! auth()->user()->hasVerifiedEmail()) {
if ($request->path() === 'verify' || in_array($request->path(), allowedPathsForInvalidAccounts()) || $request->routeIs('verify.verify')) {
return $next($request);

6
app/Livewire/ActivityMonitor.php
View file

@ -79,8 +79,10 @@ public function polling()
$causer_id = data_get($this->activity, 'causer_id');
$user = User::find($causer_id);
if ($user) {
$teamId = $user->currentTeam()->id;
if (! self::$eventDispatched) {
$teamId = data_get($this->activity, 'properties.team_id')
?? $user->currentTeam()?->id
?? $user->teams->first()?->id;
if ($teamId && ! self::$eventDispatched) {
if (filled($this->eventData)) {
$this->eventToDispatch::dispatch($teamId, $this->eventData);
} else {

6
app/Livewire/Settings/Advanced.php
View file

@ -3,16 +3,12 @@
namespace App\Livewire\Settings;
use App\Models\InstanceSettings;
use App\Models\Server;
use App\Rules\ValidIpOrCidr;
use Livewire\Attributes\Validate;
use Livewire\Component;
class Advanced extends Component
{
#[Validate('required')]
public Server $server;
public InstanceSettings $settings;
#[Validate('boolean')]
@ -44,7 +40,6 @@ class Advanced extends Component
public function rules()
{
return [
'server' => 'required',
'is_registration_enabled' => 'boolean',
'do_not_track' => 'boolean',
'is_dns_validation_enabled' => 'boolean',
@ -62,7 +57,6 @@ public function mount()
if (! isInstanceAdmin()) {
return redirect()->route('dashboard');
}
$this->server = Server::findOrFail(0);
$this->settings = instanceSettings();
$this->custom_dns_servers = $this->settings->custom_dns_servers;
$this->allowed_ips = $this->settings->allowed_ips;

18
app/Livewire/Settings/Index.php
View file

@ -12,7 +12,7 @@ class Index extends Component
{
public InstanceSettings $settings;
public Server $server;
public ?Server $server = null;
#[Validate('nullable|string|max:255')]
public ?string $fqdn = null;
@ -57,7 +57,9 @@ public function mount()
return redirect()->route('dashboard');
}
$this->settings = instanceSettings();
$this->server = Server::findOrFail(0);
if (! isCloud()) {
$this->server = Server::findOrFail(0);
}
$this->fqdn = $this->settings->fqdn;
$this->public_port_min = $this->settings->public_port_min;
$this->public_port_max = $this->settings->public_port_max;
@ -127,7 +129,7 @@ public function submit()
$this->validate();
if ($this->settings->is_dns_validation_enabled && $this->fqdn) {
if ($this->settings->is_dns_validation_enabled && $this->fqdn && $this->server) {
if (! validateDNSEntry($this->fqdn, $this->server)) {
$this->dispatch('error', "Validating DNS failed.<br><br>Make sure you have added the DNS records correctly.<br><br>{$this->fqdn}->{$this->server->ip}<br><br>Check this <a target='_blank' class='underline dark:text-white' href='https://coolify.io/docs/knowledge-base/dns-configuration'>documentation</a> for further help.");
$error_show = true;
@ -151,7 +153,9 @@ public function submit()
$this->instantSave(isSave: false);
$this->settings->save();
$this->server->setupDynamicProxyConfiguration();
if ($this->server) {
$this->server->setupDynamicProxyConfiguration();
}
if (! $error_show) {
$this->dispatch('success', 'Instance settings updated successfully!');
}
@ -169,6 +173,12 @@ public function buildHelperImage()
return;
}
if (! $this->server) {
$this->dispatch('error', 'Server not available.');
return;
}
$version = $this->dev_helper_version ?: config('constants.coolify.helper_version');
if (empty($version)) {
$this->dispatch('error', 'Please specify a version to build.');

10
app/Livewire/Settings/Updates.php
View file

@ -12,7 +12,7 @@ class Updates extends Component
{
public InstanceSettings $settings;
public Server $server;
public ?Server $server = null;
#[Validate('string')]
public string $auto_update_frequency;
@ -25,7 +25,9 @@ class Updates extends Component
public function mount()
{
$this->server = Server::findOrFail(0);
if (! isCloud()) {
$this->server = Server::findOrFail(0);
}
$this->settings = instanceSettings();
$this->auto_update_frequency = $this->settings->auto_update_frequency;
@ -76,7 +78,9 @@ public function submit()
}
$this->instantSave();
$this->server->setupDynamicProxyConfiguration();
if ($this->server) {
$this->server->setupDynamicProxyConfiguration();
}
} catch (\Exception $e) {
return handleError($e, $this);
}

2
app/Livewire/Team/InviteLink.php
View file

@ -48,7 +48,7 @@ private function generateInviteLink(bool $sendEmail = false)
// Prevent privilege escalation: users cannot invite someone with higher privileges
$userRole = auth()->user()->role();
if ($userRole === 'member' && in_array($this->role, ['admin', 'owner'])) {
if (is_null($userRole) || ($userRole === 'member' && in_array($this->role, ['admin', 'owner']))) {
throw new \Exception('Members cannot invite admins or owners.');
}
if ($userRole === 'admin' && $this->role === 'owner') {

6
app/Livewire/Team/Member.php
View file

@ -71,11 +71,11 @@ public function remove()
|| Role::from($this->getMemberRole())->gt(auth()->user()->role())) {
throw new \Exception('You are not authorized to perform this action.');
}
$teamId = currentTeam()->id;
$this->member->teams()->detach(currentTeam());
// Clear cache for the removed user - both old and new key formats
Cache::forget("team:{$this->member->id}");
Cache::remember('team:'.$this->member->id, 3600, function () {
return $this->member->teams()->first();
});
Cache::forget("user:{$this->member->id}:team:{$teamId}");
$this->dispatch('reloadWindow');
} catch (\Exception $e) {
$this->dispatch('error', $e->getMessage());

64
app/Models/User.php
View file

@ -2,6 +2,7 @@
namespace App\Models;
use App\Jobs\UpdateStripeCustomerEmailJob;
use App\Notifications\Channels\SendsEmail;
use App\Notifications\TransactionalEmails\ResetPassword as TransactionalEmailsResetPassword;
use App\Traits\DeletesUserSessions;
@ -295,9 +296,10 @@ public function isAdminFromSession()
public function isInstanceAdmin()
{
$found_root_team = Auth::user()->teams->filter(function ($team) {
$found_root_team = $this->teams->filter(function ($team) {
if ($team->id == 0) {
if (! Auth::user()->isAdmin()) {
$role = $team->pivot->role;
if ($role !== 'admin' && $role !== 'owner') {
return false;
}
@ -310,32 +312,51 @@ public function isInstanceAdmin()
return $found_root_team->count() > 0;
}
public function currentTeam()
public function currentTeam(): ?Team
{
return Cache::remember('team:'.Auth::id(), 3600, function () {
if (is_null(data_get(session('currentTeam'), 'id')) && Auth::user()->teams->count() > 0) {
return Auth::user()->teams[0];
}
$sessionTeamId = data_get(session('currentTeam'), 'id');
return Team::find(session('currentTeam')->id);
if (is_null($sessionTeamId)) {
return null;
}
// Check if user actually belongs to this team
if (! $this->teams->contains('id', $sessionTeamId)) {
session()->forget('currentTeam');
Cache::forget('user:'.$this->id.':team:'.$sessionTeamId);
return null;
}
return Cache::remember('user:'.$this->id.':team:'.$sessionTeamId, 3600, function () use ($sessionTeamId) {
return Team::find($sessionTeamId);
});
}
public function otherTeams()
{
return Auth::user()->teams->filter(function ($team) {
return $team->id != currentTeam()->id;
});
}
public function role()
public function role(): ?string
{
if (data_get($this, 'pivot')) {
return $this->pivot->role;
}
$user = Auth::user()->teams->where('id', currentTeam()->id)->first();
return data_get($user, 'pivot.role');
$current = $this->currentTeam();
if (is_null($current)) {
return null;
}
$team = $this->teams->where('id', $current->id)->first();
return data_get($team, 'pivot.role');
}
/**
* Get the user's role in a specific team
*/
public function roleInTeam(int $teamId): ?string
{
$team = $this->teams->where('id', $teamId)->first();
return data_get($team, 'pivot.role');
}
/**
@ -415,9 +436,10 @@ public function confirmEmailChange(string $code): bool
]);
// For cloud users, dispatch job to update Stripe customer email asynchronously
if (isCloud() && $this->currentTeam()->subscription) {
dispatch(new \App\Jobs\UpdateStripeCustomerEmailJob(
$this->currentTeam(),
$currentTeam = $this->currentTeam();
if (isCloud() && $currentTeam?->subscription) {
dispatch(new UpdateStripeCustomerEmailJob(
$currentTeam,
$this->id,
$newEmail,
$oldEmail

7
bootstrap/helpers/shared.php
View file

@ -182,8 +182,11 @@ function refreshSession(?Team $team = null): void
$team = User::find(Auth::id())->teams->first();
}
}
// Clear old cache key format for backwards compatibility
Cache::forget('team:'.Auth::id());
Cache::remember('team:'.Auth::id(), 3600, function () use ($team) {
// Use new cache key format that includes team ID
Cache::forget('user:'.Auth::id().':team:'.$team->id);
Cache::remember('user:'.Auth::id().':team:'.$team->id, 3600, function () use ($team) {
return $team;
});
session(['currentTeam' => $team]);
@ -384,7 +387,7 @@ function base_url(bool $withPort = true): string
function isSubscribed()
{
return isSubscriptionActive() || auth()->user()->isInstanceAdmin();
return isSubscriptionActive();
}
function isProduction(): bool

4
bootstrap/helpers/subscriptions.php
View file

@ -13,6 +13,10 @@ function isSubscriptionActive()
if (! $team) {
return false;
}
// Root team (id=0) doesn't require subscription
if ($team->id === 0) {
return true;
}
$subscription = $team?->subscription;
if (is_null($subscription)) {