rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(user): complete User model fixes for non-web contexts

Browse source 
- Fix currentTeam() to return null instead of crashing when no session
- Fix role() to use $this->currentTeam() instead of global helper
- Add roleInTeam() method for explicit team context
- Remove unused otherTeams() method
- Fix InviteLink authorization bypass when role() returns null
- Fix confirmEmailChange() null safety for currentTeam()
- Fix ActivityMonitor to handle null currentTeam with fallback chain

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Andras Bacsai 2025-12-28 13:26:52 +01:00
parent 2cf915aed8
commit 2743229cc4
3 changed files with 34 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/Livewire/ActivityMonitor.php
View file

@ -79,8 +79,10 @@ public function polling()
$causer_id = data_get($this->activity, 'causer_id');
$user = User::find($causer_id);
if ($user) {
$teamId = $user->currentTeam()->id;
if (! self::$eventDispatched) {
$teamId = data_get($this->activity, 'properties.team_id')
?? $user->currentTeam()?->id
?? $user->teams->first()?->id;
if ($teamId && ! self::$eventDispatched) {
if (filled($this->eventData)) {
$this->eventToDispatch::dispatch($teamId, $this->eventData);
} else {

2
app/Livewire/Team/InviteLink.php
View file

@ -48,7 +48,7 @@ private function generateInviteLink(bool $sendEmail = false)
// Prevent privilege escalation: users cannot invite someone with higher privileges
$userRole = auth()->user()->role();
if ($userRole === 'member' && in_array($this->role, ['admin', 'owner'])) {
if (is_null($userRole) || ($userRole === 'member' && in_array($this->role, ['admin', 'owner']))) {
throw new \Exception('Members cannot invite admins or owners.');
}
if ($userRole === 'admin' && $this->role === 'owner') {

46
app/Models/User.php
View file

@ -311,30 +311,41 @@ public function isInstanceAdmin()
return $found_root_team->count() > 0;
}
public function currentTeam()
public function currentTeam(): ?Team
{
return Cache::remember('team:'.$this->id, 3600, function () {
if (is_null(data_get(session('currentTeam'), 'id')) && $this->teams->count() > 0) {
return $this->teams[0];
}
$sessionTeamId = data_get(session('currentTeam'), 'id');
return Team::find(session('currentTeam')->id);
if (is_null($sessionTeamId)) {
return null;
}
return Cache::remember('team:'.$this->id, 3600, function () use ($sessionTeamId) {
return Team::find($sessionTeamId);
});
}
public function otherTeams()
{
return $this->teams->filter(function ($team) {
return $team->id != currentTeam()->id;
});
}
public function role()
public function role(): ?string
{
if (data_get($this, 'pivot')) {
return $this->pivot->role;
}
$team = $this->teams->where('id', currentTeam()->id)->first();
$current = $this->currentTeam();
if (is_null($current)) {
return null;
}
$team = $this->teams->where('id', $current->id)->first();
return data_get($team, 'pivot.role');
}
/**
* Get the user's role in a specific team
*/
public function roleInTeam(int $teamId): ?string
{
$team = $this->teams->where('id', $teamId)->first();
return data_get($team, 'pivot.role');
}
@ -416,9 +427,10 @@ public function confirmEmailChange(string $code): bool
]);
// For cloud users, dispatch job to update Stripe customer email asynchronously
if (isCloud() && $this->currentTeam()->subscription) {
$currentTeam = $this->currentTeam();
if (isCloud() && $currentTeam?->subscription) {
dispatch(new \App\Jobs\UpdateStripeCustomerEmailJob(
$this->currentTeam(),
$currentTeam,
$this->id,
$newEmail,
$oldEmail