Restrict sensitive operations to admins/owners and hide sensitive data
from team members:
- Add authorization checks to Livewire components and API endpoints
- Restrict team members from accessing sensitive permissions and data
- Hide environment variable values from non-admin team members
- Update policies to enforce team-level admin status requirement
- Add useSensitivePermissions policy for read:sensitive tokens
- Improve disabled button UX with auth-specific tooltips
- Add authorization checks in middleware for API tokens
Closes authorization gaps in project management, server management,
and settings components.
- Eager load service applications and databases to eliminate N+1 queries
- Replace individual model updates with batch database updates for applications, previews, and services
- Move connectProxyToNetworks to async ConnectProxyToNetworksJob to avoid blocking status updates
- Optimize Server.databases() and applications() methods with efficient database queries
- Use flatMap for cleaner collection transformations
🤖 Generated with Claude Code
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Added authorization checks in Livewire components related to Docker and server management to ensure only authorized users can create, update, and manage Docker instances and server settings.
- Introduced new policies for StandaloneDocker and SwarmDocker to define access control rules based on user roles and team associations.
- Updated AuthServiceProvider to register the new policies, enhancing security and access control for Docker functionalities and server management operations.