coolify/app/Livewire/Team
Andras Bacsai b878dc8102 refactor(auth): enforce team member authorization across app
Restrict sensitive operations to admins/owners and hide sensitive data
from team members:
- Add authorization checks to Livewire components and API endpoints
- Restrict team members from accessing sensitive permissions and data
- Hide environment variable values from non-admin team members
- Update policies to enforce team-level admin status requirement
- Add useSensitivePermissions policy for read:sensitive tokens
- Improve disabled button UX with auth-specific tooltips
- Add authorization checks in middleware for API tokens

Closes authorization gaps in project management, server management,
and settings components.
2026-02-27 11:41:01 +01:00
..
Member feat(acl): Change views/backend code to able to use proper ACL's later on. Currently it is not enabled. 2025-08-26 10:27:38 +02:00
Storage Fix styling 2024-06-10 20:43:34 +00:00
AdminView.php refactor(auth): enforce team member authorization across app 2026-02-27 11:41:01 +01:00
Create.php refactor(redirect): replace redirect calls with redirectRoute helper for consistency 2025-12-26 13:29:59 +01:00
Index.php fix(auth): enforce dashboard authorization and improve team deletion 2026-02-25 14:47:35 +01:00
Invitations.php feat(acl): Change views/backend code to able to use proper ACL's later on. Currently it is not enabled. 2025-08-26 10:27:38 +02:00
InviteLink.php fix(user): complete User model fixes for non-web contexts 2025-12-28 13:55:55 +01:00
Member.php fix(team): improve team retrieval and session handling for users 2025-12-28 14:50:59 +01:00