rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(databases): update backup queries to use team-specific method

Browse source 
- Modified backup retrieval logic in DatabasesController to utilize the new ownedByCurrentTeamAPI method for improved access control based on team ID.
- Enhanced code consistency and maintainability by centralizing team-based filtering in the ScheduledDatabaseBackup model.
This commit is contained in:
Andras Bacsai 2025-09-22 17:47:46 +02:00
parent bb06a74fee
commit 33d25f418e
2 changed files with 11 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
app/Http/Controllers/Api/DatabasesController.php
View file

@ -85,7 +85,7 @@ public function databases(Request $request)
$databaseIds = $databases->pluck('id')->toArray();
$backupConfigs = ScheduledDatabaseBackup::with('latest_log')
$backupConfigs = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->with('latest_log')
->whereIn('database_id', $databaseIds)
->get()
->groupBy('database_id');
@ -159,7 +159,7 @@ public function database_backup_details_uuid(Request $request)
$this->authorize('view', $database);
$backupConfig = ScheduledDatabaseBackup::with('executions')->where('database_id', $database->id)->get();
$backupConfig = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->with('executions')->where('database_id', $database->id)->get();
return response()->json($backupConfig);
}
@ -718,7 +718,7 @@ public function update_backup(Request $request)
return response()->json(['message' => 'Database not found.'], 404);
}
$backupConfig = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
$backupConfig = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
->where('uuid', $request->scheduled_backup_uuid)
->first();
if (! $backupConfig) {
@ -1951,7 +1951,7 @@ public function delete_backup_by_uuid(Request $request)
}
// Find the backup configuration by its UUID
$backup = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
$backup = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
->where('uuid', $request->scheduled_backup_uuid)
->first();
@ -2072,7 +2072,7 @@ public function delete_execution_by_uuid(Request $request)
}
// Find the backup configuration by its UUID
$backup = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
$backup = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
->where('uuid', $request->scheduled_backup_uuid)
->first();
@ -2180,7 +2180,7 @@ public function list_backup_executions(Request $request)
}
// Find the backup configuration by its UUID
$backup = ScheduledDatabaseBackup::ownedByCurrentTeam()->where('database_id', $database->id)
$backup = ScheduledDatabaseBackup::ownedByCurrentTeamAPI($teamId)->where('database_id', $database->id)
->where('uuid', $request->scheduled_backup_uuid)
->first();

5
app/Models/ScheduledDatabaseBackup.php
View file

@ -15,6 +15,11 @@ public static function ownedByCurrentTeam()
return ScheduledDatabaseBackup::whereRelation('team', 'id', currentTeam()->id)->orderBy('name');
}
public static function ownedByCurrentTeamAPI(int $teamId)
{
return ScheduledDatabaseBackup::whereRelation('team', 'id', $teamId)->orderBy('name');
}
public function team()
{
return $this->belongsTo(Team::class);