rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: add authorization checks for environment and project views

Browse source
This commit is contained in:
Andras Bacsai 2025-11-26 09:55:04 +01:00
parent 5f33ad74b5
commit ce134cb8b1
3 changed files with 15 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/Livewire/SharedVariables/Environment/Show.php
View file

@ -60,6 +60,7 @@ public function mount()
public function switch()
{
$this->authorize('view', $this->environment);
$this->view = $this->view === 'normal' ? 'dev' : 'normal';
$this->getDevView();
}

19
app/Livewire/SharedVariables/Project/Show.php
View file

@ -57,6 +57,7 @@ public function mount()
public function switch()
{
$this->authorize('view', $this->project);
$this->view = $this->view === 'normal' ? 'dev' : 'normal';
$this->getDevView();
}
@ -97,25 +98,19 @@ private function handleBulkSubmit()
{
$variables = parseEnvFormatToArray($this->variables);
DB::transaction(function () use ($variables) {
$changesMade = false;
$changesMade = DB::transaction(function () use ($variables) {
// Delete removed variables
$deletedCount = $this->deleteRemovedVariables($variables);
if ($deletedCount > 0) {
$changesMade = true;
}
// Update or create variables
$updatedCount = $this->updateOrCreateVariables($variables);
if ($updatedCount > 0) {
$changesMade = true;
}
if ($changesMade) {
$this->dispatch('success', 'Environment variables updated.');
}
return $deletedCount > 0 || $updatedCount > 0;
});
if ($changesMade) {
$this->dispatch('success', 'Environment variables updated.');
}
}
private function deleteRemovedVariables($variables)

14
app/Livewire/SharedVariables/Team/Index.php
View file

@ -51,6 +51,7 @@ public function mount()
public function switch()
{
$this->authorize('view', $this->team);
$this->view = $this->view === 'normal' ? 'dev' : 'normal';
$this->getDevView();
}
@ -90,10 +91,9 @@ public function submit()
private function handleBulkSubmit()
{
$variables = parseEnvFormatToArray($this->variables);
$changesMade = false;
DB::transaction(function () use ($variables) {
$changesMade = false;
DB::transaction(function () use ($variables, &$changesMade) {
// Delete removed variables
$deletedCount = $this->deleteRemovedVariables($variables);
if ($deletedCount > 0) {
@ -105,11 +105,11 @@ private function handleBulkSubmit()
if ($updatedCount > 0) {
$changesMade = true;
}
if ($changesMade) {
$this->dispatch('success', 'Environment variables updated.');
}
});
if ($changesMade) {
$this->dispatch('success', 'Environment variables updated.');
}
}
private function deleteRemovedVariables($variables)