Commit graph

14671 commits

Author SHA1 Message Date
Andras Bacsai
cebef8e258 fix(policies): ensure instance-level databases use root team
Instance-level databases like coolify-db (with id = 0) should always
be assigned to the root team (id = 0) rather than attempting to resolve
their team from the database object itself.
2026-02-27 11:54:22 +01:00
Andras Bacsai
dbbc77830e fix(storage): add error handling for S3 connection error notifications
Wrap email notification logic in try-catch to prevent email sending failures from breaking the connection test. If notification fails, log a warning and continue instead of letting the exception propagate.
2026-02-27 11:48:48 +01:00
Andras Bacsai
b878dc8102 refactor(auth): enforce team member authorization across app
Restrict sensitive operations to admins/owners and hide sensitive data
from team members:
- Add authorization checks to Livewire components and API endpoints
- Restrict team members from accessing sensitive permissions and data
- Hide environment variable values from non-admin team members
- Update policies to enforce team-level admin status requirement
- Add useSensitivePermissions policy for read:sensitive tokens
- Improve disabled button UX with auth-specific tooltips
- Add authorization checks in middleware for API tokens

Closes authorization gaps in project management, server management,
and settings components.
2026-02-27 11:41:01 +01:00
Andras Bacsai
e82942b387 test: refresh api and job feature suites
Some checks are pending
Staging Build / build-push (aarch64, linux/aarch64, ubuntu-24.04-arm) (push) Waiting to run
Staging Build / build-push (amd64, linux/amd64, ubuntu-24.04) (push) Waiting to run
Staging Build / merge-manifest (push) Blocked by required conditions
2026-02-26 08:37:20 +01:00
Andras Bacsai
347af07a79 chore(tests): reorganize feature suites and expand team auth coverage 2026-02-26 07:13:19 +01:00
Andras Bacsai
34d8499a0c test(auth): cover authorization scenarios for api and ui 2026-02-26 06:55:08 +01:00
Andras Bacsai
52b88135f3 test(browser): improve "ResourceSettingsPersistence" assertions
Adjusted Discord notification setup, Livewire form submission handling, and checkbox interactions in `ResourceSettingsPersistenceTest` to better reflect page flows.
2026-02-25 22:35:37 +01:00
Andras Bacsai
9c1ca422ce test(browser): remove notification prompt helper 2026-02-25 19:28:39 +01:00
Andras Bacsai
37eac11df3 test(browser): cover resource settings persistence 2026-02-25 19:26:55 +01:00
Andras Bacsai
f09bbb4a04 Merge remote-tracking branch 'origin/next' into audit-policies
# Conflicts:
#	tests/Unit/Policies/GithubAppPolicyTest.php
#	tests/Unit/Policies/SharedEnvironmentVariablePolicyTest.php
2026-02-25 18:53:39 +01:00
Andras Bacsai
ede75283db test(browser): expand server/project auth coverage 2026-02-25 18:50:26 +01:00
🏔️ Peak
78aea9a7ec
Merge branch 'v4.x' into next
Some checks failed
Staging Build / build-push (aarch64, linux/aarch64, ubuntu-24.04-arm) (push) Has been cancelled
Staging Build / build-push (amd64, linux/amd64, ubuntu-24.04) (push) Has been cancelled
Staging Build / merge-manifest (push) Has been cancelled
2026-02-25 17:59:04 +01:00
Andras Bacsai
94dfd6a54e fix(auth): enforce authorization checks in Livewire components
- Replace manual ownership checks with authorize() in Destination/Show, NavbarDeleteTeam, and Project/Show
- Add authorization checks for team deletion and environment creation
- Add proper exception handling with try-catch blocks
- Add comprehensive feature and browser tests for authorization scenarios
- Update CLAUDE.md with Pest Browser Plugin testing guidelines
2026-02-25 16:38:04 +01:00
Andras Bacsai
41e1248b6f fix(auth): enforce proxy authorization checks in server navbar
Add authorization gate using @can('manageProxy') directive to ensure only
authorized users can view and interact with proxy control buttons (restart,
stop, start) in the server navbar component. Refactor tests to validate that
members cannot see proxy buttons while admins can.
2026-02-25 15:37:04 +01:00
Andras Bacsai
fcc58ca08a fix(auth): enforce dashboard authorization and improve team deletion
Add authorization gates to Project and Server creation buttons in the dashboard to prevent non-admin users from accessing resource creation. Improve team deletion to clear cache before deletion and automatically switch to the user's next available team.

- Hide create buttons from non-admin users in dashboard
- Clear cache before team deletion to prevent stale session resolution
- Switch user session to next available team when current team is deleted
- Handle refreshSession when user has no remaining teams
- Add tests for dashboard authorization enforcement and team deletion flow
2026-02-25 14:47:35 +01:00
Andras Bacsai
86b05b902a fix(auth): enforce authorization checks across API and Livewire components
- Add authorization checks to API controller endpoints (view, create, update, delete)
- Wrap Livewire component methods with try-catch for consistent error handling
- Add AuthorizesRequests trait to components requiring authorization checks
- Ensure all sensitive operations verify user permissions before execution
- Implement unified error handling with handleError() helper function
2026-02-25 14:20:29 +01:00
Andras Bacsai
5a2547c879
fix(soketi): make host binding configurable for IPv6 support (#8619) 2026-02-25 12:24:25 +01:00
Andras Bacsai
9ec45bcf56 chore: prepare for PR 2026-02-25 12:18:50 +01:00
Andras Bacsai
c93296e9a6
feat(healthcheck): add command-based health check support (#8612) 2026-02-25 12:09:59 +01:00
Andras Bacsai
f3b63b4d8d
fix(scheduler): add self-healing for stale Redis locks and detection in UI (#8618) 2026-02-25 12:08:45 +01:00
Andras Bacsai
3e755338b4 fix(healthchecks): remove redundant newline sanitization from CMD healthcheck
Simplify the CMD healthcheck generation by removing the str_replace call that
normalizes newlines. The command is now used directly without modification,
following the pattern of centralized command escaping in recent changes.
2026-02-25 12:08:24 +01:00
Andras Bacsai
b88f9fca67 chore: prepare for PR 2026-02-25 12:07:29 +01:00
Andras Bacsai
3eb9426b95
fix(ca-cert): prevent command injection via base64 encoding (#8617) 2026-02-25 12:01:52 +01:00
Andras Bacsai
fe36b70680 chore: prepare for PR 2026-02-25 12:00:24 +01:00
Andras Bacsai
521d995ea1 Merge remote-tracking branch 'origin/next' into 7765-healthcheck-investigation 2026-02-25 11:57:58 +01:00
Andras Bacsai
12f8f80eb1
fix(api): add team authorization to domains_by_server endpoint (#8616) 2026-02-25 11:54:29 +01:00
Andras Bacsai
8e2f0836da chore: prepare for PR 2026-02-25 11:52:18 +01:00
Andras Bacsai
57848c25e9
fix(docker): centralize command escaping in executeInDocker helper (#8615) 2026-02-25 11:51:23 +01:00
Andras Bacsai
992b922df3 chore: prepare for PR 2026-02-25 11:50:57 +01:00
Andras Bacsai
0580af0d34 feat(healthchecks): add command health checks with input validation
Add support for command-based health checks in addition to HTTP-based checks:
- New health_check_type field supporting 'http' and 'cmd' values
- New health_check_command field with strict regex validation
- Updated allowedFields in create_application and update_by_uuid endpoints
- Validation rules include max 1000 characters and safe character whitelist
- Added feature tests for health check API endpoints
- Added unit tests for GithubAppPolicy and SharedEnvironmentVariablePolicy
2026-02-25 11:38:09 +01:00
Andras Bacsai
609cb4190e fix(health-checks): sanitize and validate CMD healthcheck commands
- Add regex validation to restrict allowed characters (alphanumeric, spaces, and specific safe symbols)
- Enforce maximum 1000 character limit on healthcheck commands
- Strip newlines and carriage returns to prevent command injection
- Change input field from textarea to text input in UI
- Add warning callout about prohibited shell operators
- Add comprehensive validation tests for both valid and malicious command patterns
2026-02-25 11:28:33 +01:00
Andras Bacsai
24abd51238
fix(auth): prevent cross-tenant IDOR in resource cloning (#8613) 2026-02-25 11:21:52 +01:00
Andras Bacsai
1759a1631c chore: prepare for PR 2026-02-25 11:18:46 +01:00
Andras Bacsai
65d4005493 Merge remote-tracking branch 'origin/next' into 7765-healthcheck-investigation
# Conflicts:
#	app/Livewire/Project/Shared/HealthChecks.php
2026-02-25 11:02:38 +01:00
Andras Bacsai
03a8621516
fix(health-checks): prevent command injection in health check commands (#8611)
Some checks are pending
Staging Build / build-push (aarch64, linux/aarch64, ubuntu-24.04-arm) (push) Waiting to run
Staging Build / build-push (amd64, linux/amd64, ubuntu-24.04) (push) Waiting to run
Staging Build / merge-manifest (push) Blocked by required conditions
2026-02-25 10:59:00 +01:00
Andras Bacsai
30c0b37689 chore: prepare for PR 2026-02-25 10:58:29 +01:00
Aditya Tripathi
036f565785
Merge branch 'next' into feat/healthcheck-cmd 2026-02-24 22:22:02 +05:30
Andras Bacsai
cb759b2846
fix(api): correct permission requirements for POST endpoints (#8600)
Some checks are pending
Staging Build / build-push (aarch64, linux/aarch64, ubuntu-24.04-arm) (push) Waiting to run
Staging Build / build-push (amd64, linux/amd64, ubuntu-24.04) (push) Waiting to run
Staging Build / merge-manifest (push) Blocked by required conditions
2026-02-24 14:57:51 +01:00
Andras Bacsai
d8419fad93 chore: prepare for PR 2026-02-24 14:57:32 +01:00
Andras Bacsai
279322d50f
fix(input): prevent eye icon flash on password fields before Alpine.js loads (#8599) 2026-02-24 12:57:22 +01:00
Andras Bacsai
f39a1da7be
fix(auth): prevent CSRF redirect loop during 2FA challenge (#8596) 2026-02-24 12:57:10 +01:00
Andras Bacsai
448e922e6c chore: prepare for PR 2026-02-24 12:56:54 +01:00
Andras Bacsai
78e584a136
feat(service): upgrade beszel and beszel-agent to v0.18 (#8513) 2026-02-24 12:56:36 +01:00
Andras Bacsai
912e5f6db2
feat(service): disable pterodactyl panel and pterodactyl wings (#8512) 2026-02-24 12:55:52 +01:00
Andras Bacsai
f8de374f77
feat(service): disable plane (#8580) 2026-02-24 12:55:29 +01:00
Andras Bacsai
2986d7604e chore: prepare for PR 2026-02-24 10:17:16 +01:00
ShadowArcanist
b36d67288b feat(service): disable plane
The latest version of plane v1.2.2 have security fixed but our template is using v1.0.0 which is 5 months behind the current latest. New version v1.2.2 doesn't work with our existing template so disabling it for now to prevent users from deploying a vulnerable version of plane
2026-02-24 02:34:35 +05:30
Andras Bacsai
021605dbf0
fix(deploy): split BuildKit and secrets detection (#8565)
Some checks are pending
Staging Build / build-push (aarch64, linux/aarch64, ubuntu-24.04-arm) (push) Waiting to run
Staging Build / build-push (amd64, linux/amd64, ubuntu-24.04) (push) Waiting to run
Staging Build / merge-manifest (push) Blocked by required conditions
2026-02-23 15:20:25 +01:00
Andras Bacsai
ec14b55f0a chore: prepare for PR 2026-02-23 14:28:28 +01:00
Andras Bacsai
2310ad5f7f
chore(ui): widen project heading nav spacing (#8564) 2026-02-23 14:17:38 +01:00