coolify/app/Policies
Andras Bacsai 86b05b902a fix(auth): enforce authorization checks across API and Livewire components
- Add authorization checks to API controller endpoints (view, create, update, delete)
- Wrap Livewire component methods with try-catch for consistent error handling
- Add AuthorizesRequests trait to components requiring authorization checks
- Ensure all sensitive operations verify user permissions before execution
- Implement unified error handling with handleError() helper function
2026-02-25 14:20:29 +01:00
..
ApiTokenPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
ApplicationPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
ApplicationPreviewPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
ApplicationSettingPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
CloudInitScriptPolicy.php feat: add cloud-init script support for Hetzner server creation 2025-10-10 19:37:16 +02:00
CloudProviderTokenPolicy.php init of cloud providers 2025-10-08 20:47:50 +02:00
DatabasePolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
EnvironmentPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
EnvironmentVariablePolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
GithubAppPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
InstanceSettingsPolicy.php feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection 2025-11-25 16:40:35 +01:00
NotificationPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
PrivateKeyPolicy.php Changes auto-committed by Conductor 2025-10-17 23:04:24 +02:00
ProjectPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
ResourceCreatePolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
S3StoragePolicy.php feat(acl): Change views/backend code to able to use proper ACL's later on. Currently it is not enabled. 2025-08-26 10:27:38 +02:00
ServerPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
ServiceApplicationPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
ServiceDatabasePolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
ServicePolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
SharedEnvironmentVariablePolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
StandaloneDockerPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
SwarmDockerPolicy.php fix(auth): enforce authorization checks across API and Livewire components 2026-02-25 14:20:29 +01:00
TeamPolicy.php fix: critical privilege escalation in team invitation system 2025-10-15 11:42:25 +02:00