Commit graph

11 commits

Author SHA1 Message Date
Andras Bacsai
86b05b902a fix(auth): enforce authorization checks across API and Livewire components
- Add authorization checks to API controller endpoints (view, create, update, delete)
- Wrap Livewire component methods with try-catch for consistent error handling
- Add AuthorizesRequests trait to components requiring authorization checks
- Ensure all sensitive operations verify user permissions before execution
- Implement unified error handling with handleError() helper function
2026-02-25 14:20:29 +01:00
Andras Bacsai
281a706231 fix: enhance validation for database names and filenames to prevent command injection 2025-11-27 14:51:23 +01:00
Andras Bacsai
0073d045fb fix: enhance security by validating and escaping database names, file paths, and proxy configuration filenames to prevent command injection 2025-11-27 14:36:31 +01:00
Andras Bacsai
63fcc0ebc3 feat(acl): Change views/backend code to able to use proper ACL's later on. Currently it is not enabled. 2025-08-26 10:27:38 +02:00
Thijmen
d86274cc37 Fix styling 2024-06-10 20:43:34 +00:00
Andras Bacsai
d4d0330f70 Fix reloadCaddy() method call in delete() function 2024-03-12 17:35:53 +01:00
Andras Bacsai
6950966b06 Commented out reloadCaddy() calls in DynamicConfigurationNavbar.php, NewDynamicConfiguration.php, and Server.php 2024-03-11 20:39:41 +01:00
Andras Bacsai
1490828069 feat: dynamic configuration for caddy 2024-03-11 17:31:28 +01:00
Andras Bacsai
34d6a12d95 feat: experimental caddy support 2024-03-11 15:08:05 +01:00
Andras Bacsai
c7218f2856 Update success messages 2024-02-22 14:53:42 +01:00
Andras Bacsai
154b1b05e4 feat: able to add dynamic configurations from proxy dashboard 2024-02-22 13:29:28 +01:00