rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app/Events/S3RestoreJobFinished.php
Andras Bacsai fbdd8e5f03 fix: improve robustness and security in database restore flows 
- Add null checks for server instances in restore events to prevent errors
- Escape S3 credentials to prevent command injection vulnerabilities
- Fix file upload clearing custom location to prevent UI confusion
- Optimize isSafeTmpPath helper by avoiding redundant dirname calls
- Remove unnecessary --rm flag from long-running S3 restore container
- Prioritize uploaded files over custom location in import logic
- Add comprehensive unit tests for restore event null server handling

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 14:13:10 +01:00

58 lines
1.9 KiB
PHP
Raw Blame History

<?php
namespace App\Events;
use App\Models\Server;
use Illuminate\Broadcasting\InteractsWithSockets;
use Illuminate\Foundation\Events\Dispatchable;
use Illuminate\Queue\SerializesModels;
class S3RestoreJobFinished
{
use Dispatchable, InteractsWithSockets, SerializesModels;
public function __construct($data)
{
$containerName = data_get($data, 'containerName');
$serverTmpPath = data_get($data, 'serverTmpPath');
$scriptPath = data_get($data, 'scriptPath');
$containerTmpPath = data_get($data, 'containerTmpPath');
$container = data_get($data, 'container');
$serverId = data_get($data, 'serverId');
// Clean up helper container and temporary files
if (filled($serverId)) {
$commands = [];
// Stop and remove helper container
if (filled($containerName)) {
$commands[] = "docker rm -f {$containerName} 2>/dev/null || true";
}
// Clean up downloaded file from server /tmp
if (isSafeTmpPath($serverTmpPath)) {
$commands[] = "rm -f {$serverTmpPath} 2>/dev/null || true";
}
// Clean up script from server
if (isSafeTmpPath($scriptPath)) {
$commands[] = "rm -f {$scriptPath} 2>/dev/null || true";
}
// Clean up files from database container
if (filled($container)) {
if (isSafeTmpPath($containerTmpPath)) {
$commands[] = "docker exec {$container} rm -f {$containerTmpPath} 2>/dev/null || true";
}
if (isSafeTmpPath($scriptPath)) {
$commands[] = "docker exec {$container} rm -f {$scriptPath} 2>/dev/null || true";
}
}
$server = Server::find($serverId);
if ($server) {
instant_remote_process($commands, $server, throwError: false);
}
}
}
}
Reference in a new issue View git blame Copy permalink