mirror of
https://github.com/coollabsio/coolify.git
synced 2026-03-11 08:55:47 +00:00
Add authorization checks to multiple Livewire components to ensure users have proper permissions before performing sensitive operations. This includes: - Adding AuthorizesRequests trait to components handling deployments, backups, services, and configuration uploads - Enforcing 'deploy', 'update', and 'manageBackups' authorization checks - Adding instance admin check for system upgrade operations - Improving database queries with team ownership scope - Moving backup trigger from component to button with new backupNow() method
107 lines
3.1 KiB
PHP
107 lines
3.1 KiB
PHP
<?php
|
|
|
|
namespace App\Livewire\Project\Service;
|
|
|
|
use App\Models\Service;
|
|
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
|
|
use Livewire\Component;
|
|
|
|
class EditCompose extends Component
|
|
{
|
|
use AuthorizesRequests;
|
|
|
|
public Service $service;
|
|
|
|
public $serviceId;
|
|
|
|
public ?string $dockerComposeRaw = null;
|
|
|
|
public ?string $dockerCompose = null;
|
|
|
|
public bool $isContainerLabelEscapeEnabled = false;
|
|
|
|
protected $listeners = [
|
|
'refreshEnvs',
|
|
'envsUpdated',
|
|
'refresh' => 'envsUpdated',
|
|
];
|
|
|
|
protected $rules = [
|
|
'dockerComposeRaw' => 'required',
|
|
'dockerCompose' => 'required',
|
|
'isContainerLabelEscapeEnabled' => 'required',
|
|
];
|
|
|
|
public function envsUpdated()
|
|
{
|
|
$this->dispatch('saveCompose', $this->dockerComposeRaw);
|
|
$this->refreshEnvs();
|
|
}
|
|
|
|
public function refreshEnvs()
|
|
{
|
|
$this->service = Service::ownedByCurrentTeam()->find($this->serviceId);
|
|
$this->syncData(false);
|
|
}
|
|
|
|
public function mount()
|
|
{
|
|
$this->service = Service::ownedByCurrentTeam()->find($this->serviceId);
|
|
$this->syncData(false);
|
|
}
|
|
|
|
private function syncData(bool $toModel = false): void
|
|
{
|
|
if ($toModel) {
|
|
$this->service->docker_compose_raw = $this->dockerComposeRaw;
|
|
$this->service->docker_compose = $this->dockerCompose;
|
|
$this->service->is_container_label_escape_enabled = $this->isContainerLabelEscapeEnabled;
|
|
} else {
|
|
$this->dockerComposeRaw = $this->service->docker_compose_raw;
|
|
$this->dockerCompose = $this->service->docker_compose;
|
|
$this->isContainerLabelEscapeEnabled = $this->service->is_container_label_escape_enabled ?? false;
|
|
}
|
|
}
|
|
|
|
public function validateCompose()
|
|
{
|
|
$isValid = validateComposeFile($this->dockerComposeRaw, $this->service->server_id);
|
|
if ($isValid !== 'OK') {
|
|
$this->dispatch('error', "Invalid docker-compose file.\n$isValid");
|
|
} else {
|
|
$this->dispatch('success', 'Docker compose is valid.');
|
|
}
|
|
}
|
|
|
|
public function saveEditedCompose()
|
|
{
|
|
try {
|
|
$this->authorize('update', $this->service);
|
|
$this->dispatch('info', 'Saving new docker compose...');
|
|
$this->dispatch('saveCompose', $this->dockerComposeRaw);
|
|
$this->dispatch('refreshStorages');
|
|
} catch (\Throwable $e) {
|
|
return handleError($e, $this);
|
|
}
|
|
}
|
|
|
|
public function instantSave()
|
|
{
|
|
try {
|
|
$this->authorize('update', $this->service);
|
|
$this->validate([
|
|
'isContainerLabelEscapeEnabled' => 'required',
|
|
]);
|
|
$this->syncData(true);
|
|
$this->service->save(['is_container_label_escape_enabled' => $this->isContainerLabelEscapeEnabled]);
|
|
$this->dispatch('success', 'Service updated successfully');
|
|
} catch (\Throwable $e) {
|
|
return handleError($e, $this);
|
|
}
|
|
}
|
|
|
|
public function render()
|
|
{
|
|
return view('livewire.project.service.edit-compose');
|
|
}
|
|
}
|