Commit graph

3 commits

Author SHA1 Message Date
Andras Bacsai
b878dc8102 refactor(auth): enforce team member authorization across app
Restrict sensitive operations to admins/owners and hide sensitive data
from team members:
- Add authorization checks to Livewire components and API endpoints
- Restrict team members from accessing sensitive permissions and data
- Hide environment variable values from non-admin team members
- Update policies to enforce team-level admin status requirement
- Add useSensitivePermissions policy for read:sensitive tokens
- Improve disabled button UX with auth-specific tooltips
- Add authorization checks in middleware for API tokens

Closes authorization gaps in project management, server management,
and settings components.
2026-02-27 11:41:01 +01:00
Andras Bacsai
acff543e09 fix(settings): fix 404 on /settings for root user on cloud instance
- Make Server property nullable in Settings components (Index, Advanced, Updates)
- Add conditional server loading: only load when not on cloud
- Add null checks before using server for DNS validation and proxy configuration
- Fix isInstanceAdmin() to check root team's pivot role directly instead of current team
- Make root team (id=0) bypass subscription check on cloud
- Remove isInstanceAdmin() from main middleware bypass: only settings/admin routes are exempted
- Update isSubscribed() to only check isSubscriptionActive() for navbar consistency

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2025-12-28 13:55:55 +01:00
Andras Bacsai
90817914d9 refactor(ui): separate views for instance settings to separate paths to make it cleaner 2025-06-30 08:50:17 +02:00