rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app
History
Andras Bacsai e20327b9c4 fix: add authorization checks to database Livewire components 
Added authorization checks to 11 database-related Livewire components
that were loading sensitive database configuration without verifying
user permissions.

Changes:
- Added authorize('view', $database) to all 8 database type General.php mount() methods
- Added authorization to Configuration.php before loading database
- Added authorization to BackupEdit.php before loading backup config
- Added authorization to Import.php before loading database resource

This prevents unauthorized users from accessing database credentials,
connection strings, and configuration details.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-14 17:33:42 +02:00
..
Actions fix: prevent container name conflict when updating database port mappings 2025-10-13 10:01:54 +02:00
Console feat: add artisan command to clear global search cache 2025-10-11 13:36:14 +02:00
Contracts refactor: streamline job status retrieval and clean up repository interface 2025-01-10 19:53:13 +01:00
Data Fix styling 2024-06-19 06:59:46 +00:00
Enums Add new role enum and apply authorization 2024-10-28 17:08:24 +01:00
Events work work on hetzner integration 2025-10-09 16:54:13 +02:00
Exceptions feat(exceptions): introduce NonReportableException to handle known errors and update Handler for selective reporting 2025-09-08 09:18:25 +02:00
Helpers feat(ssh-multiplexing): add connection age metadata handling to improve multiplexed connection management 2025-09-10 08:38:36 +02:00
Http Merge pull request #6860 from coollabsio/fix-api-env-vars-fields 2025-10-13 10:45:35 +02:00
Jobs Handle all ProcessStatus values in ApplicationPullRequestUpdateJob 2025-10-14 11:05:42 +02:00
Listeners refactor(proxy): streamline proxy status handling and improve dashboard availability checks 2025-06-11 12:02:39 +02:00
Livewire fix: add authorization checks to database Livewire components 2025-10-14 17:33:42 +02:00
Models Merge pull request #6837 from coollabsio/andrasbacsai/custom-webhooks 2025-10-12 10:57:47 +02:00
Notifications Merge pull request #6837 from coollabsio/andrasbacsai/custom-webhooks 2025-10-12 10:57:47 +02:00
Policies feat: add cloud-init script support for Hetzner server creation 2025-10-10 19:37:16 +02:00
Providers fix: register WebhookNotificationSettings with NotificationPolicy 2025-10-10 17:48:14 +02:00
Repositories refactor: streamline job status retrieval and clean up repository interface 2025-01-10 19:53:13 +01:00
Rules feat: add YAML validation for cloud-init scripts 2025-10-11 13:56:55 +02:00
Services debug: add ray logging for Hetzner createServer API request/response 2025-10-11 11:17:44 +02:00
Support feat(validation): centralize validation patterns for names and descriptions 2025-08-19 12:14:48 +02:00
Traits Merge pull request #6837 from coollabsio/andrasbacsai/custom-webhooks 2025-10-12 10:57:47 +02:00
View/Components feat: add support for selecting additional SSH keys from Hetzner in server creation form 2025-10-10 12:17:05 +02:00