From 5cebf5540acdc778169fefb320758c161d5df98c Mon Sep 17 00:00:00 2001 From: Mauricio Siu <47042324+Siumauricio@users.noreply.github.com> Date: Fri, 4 Oct 2024 18:53:46 -0600 Subject: [PATCH] refactor(cloud): add deploy to external API --- apps/dokploy/pages/api/deploy/[refreshToken].ts | 8 ++++++++ .../pages/api/deploy/compose/[refreshToken].ts | 8 ++++++++ apps/dokploy/pages/api/deploy/github.ts | 15 ++++++++++++++- apps/dokploy/server/api/routers/application.ts | 16 +++++++++++++++- apps/dokploy/server/api/routers/compose.ts | 8 +++++++- apps/dokploy/server/api/routers/mariadb.ts | 8 ++++++++ apps/dokploy/server/api/routers/mongo.ts | 8 ++++++++ apps/dokploy/server/api/routers/mysql.ts | 8 ++++++++ apps/dokploy/server/api/routers/postgres.ts | 8 ++++++++ apps/dokploy/server/api/routers/redis.ts | 8 ++++++++ 10 files changed, 92 insertions(+), 3 deletions(-) diff --git a/apps/dokploy/pages/api/deploy/[refreshToken].ts b/apps/dokploy/pages/api/deploy/[refreshToken].ts index 829d4d34..7dea0d2f 100644 --- a/apps/dokploy/pages/api/deploy/[refreshToken].ts +++ b/apps/dokploy/pages/api/deploy/[refreshToken].ts @@ -2,6 +2,8 @@ import { db } from "@/server/db"; import { applications } from "@/server/db/schema"; import type { DeploymentJob } from "@/server/queues/deployments-queue"; import { myQueue } from "@/server/queues/queueSetup"; +import { deploy } from "@/server/utils/deploy"; +import { IS_CLOUD } from "@dokploy/builders"; import { eq } from "drizzle-orm"; import type { NextApiRequest, NextApiResponse } from "next"; @@ -89,6 +91,12 @@ export default async function handler( applicationType: "application", server: !!application.serverId, }; + + if (IS_CLOUD && application.serverId) { + jobData.serverId = application.serverId; + await deploy(jobData); + return true; + } await myQueue.add( "deployments", { ...jobData }, diff --git a/apps/dokploy/pages/api/deploy/compose/[refreshToken].ts b/apps/dokploy/pages/api/deploy/compose/[refreshToken].ts index 8f24d2c0..65bf4aaf 100644 --- a/apps/dokploy/pages/api/deploy/compose/[refreshToken].ts +++ b/apps/dokploy/pages/api/deploy/compose/[refreshToken].ts @@ -9,6 +9,8 @@ import { extractCommitMessage, extractHash, } from "../[refreshToken]"; +import { IS_CLOUD } from "@dokploy/builders"; +import { deploy } from "@/server/utils/deploy"; export default async function handler( req: NextApiRequest, @@ -65,6 +67,12 @@ export default async function handler( descriptionLog: `Hash: ${deploymentHash}`, server: !!composeResult.serverId, }; + + if (IS_CLOUD && composeResult.serverId) { + jobData.serverId = composeResult.serverId; + await deploy(jobData); + return true; + } await myQueue.add( "deployments", { ...jobData }, diff --git a/apps/dokploy/pages/api/deploy/github.ts b/apps/dokploy/pages/api/deploy/github.ts index 6d1e912a..c711e093 100644 --- a/apps/dokploy/pages/api/deploy/github.ts +++ b/apps/dokploy/pages/api/deploy/github.ts @@ -1,4 +1,4 @@ -import { findAdmin } from "@dokploy/builders"; +import { findAdmin, IS_CLOUD } from "@dokploy/builders"; import { db } from "@/server/db"; import { applications, compose, github } from "@/server/db/schema"; import type { DeploymentJob } from "@/server/queues/deployments-queue"; @@ -7,6 +7,7 @@ import { Webhooks } from "@octokit/webhooks"; import { and, eq } from "drizzle-orm"; import type { NextApiRequest, NextApiResponse } from "next"; import { extractCommitMessage, extractHash } from "./[refreshToken]"; +import { deploy } from "@/server/utils/deploy"; export default async function handler( req: NextApiRequest, @@ -88,6 +89,12 @@ export default async function handler( applicationType: "application", server: !!app.serverId, }; + + if (IS_CLOUD && app.serverId) { + jobData.serverId = app.serverId; + await deploy(jobData); + return true; + } await myQueue.add( "deployments", { ...jobData }, @@ -116,6 +123,12 @@ export default async function handler( descriptionLog: `Hash: ${deploymentHash}`, }; + if (IS_CLOUD && composeApp.serverId) { + jobData.serverId = composeApp.serverId; + await deploy(jobData); + return true; + } + await myQueue.add( "deployments", { ...jobData }, diff --git a/apps/dokploy/server/api/routers/application.ts b/apps/dokploy/server/api/routers/application.ts index 2cc8e41d..f8d4a89b 100644 --- a/apps/dokploy/server/api/routers/application.ts +++ b/apps/dokploy/server/api/routers/application.ts @@ -48,6 +48,7 @@ import { addNewService, checkServiceAccess, IS_CLOUD, + findProjectById, // uploadFileSchema } from "@dokploy/builders"; import { uploadFileSchema } from "@/utils/schema"; @@ -65,6 +66,14 @@ export const applicationRouter = createTRPCRouter({ if (ctx.user.rol === "user") { await checkServiceAccess(ctx.user.authId, input.projectId, "create"); } + + const project = await findProjectById(input.projectId); + if (project.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to access this project", + }); + } const newApplication = await createApplication(input); if (ctx.user.rol === "user") { @@ -545,7 +554,6 @@ export const applicationRouter = createTRPCRouter({ }); await unzipDrop(zipFile, app); - const jobData: DeploymentJob = { applicationId: app.applicationId, titleLog: "Manual deployment", @@ -554,6 +562,12 @@ export const applicationRouter = createTRPCRouter({ applicationType: "application", server: !!app.serverId, }; + if (IS_CLOUD && app.serverId) { + jobData.serverId = app.serverId; + await deploy(jobData); + return true; + } + await myQueue.add( "deployments", { ...jobData }, diff --git a/apps/dokploy/server/api/routers/compose.ts b/apps/dokploy/server/api/routers/compose.ts index a3f31332..cba1c480 100644 --- a/apps/dokploy/server/api/routers/compose.ts +++ b/apps/dokploy/server/api/routers/compose.ts @@ -64,6 +64,13 @@ export const composeRouter = createTRPCRouter({ if (ctx.user.rol === "user") { await checkServiceAccess(ctx.user.authId, input.projectId, "create"); } + const project = await findProjectById(input.projectId); + if (project.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to access this project", + }); + } const newService = await createCompose(input); if (ctx.user.rol === "user") { @@ -278,7 +285,6 @@ export const composeRouter = createTRPCRouter({ }; if (IS_CLOUD && compose.serverId) { jobData.serverId = compose.serverId; - await deploy(jobData); return true; } diff --git a/apps/dokploy/server/api/routers/mariadb.ts b/apps/dokploy/server/api/routers/mariadb.ts index 00878259..0a9fe846 100644 --- a/apps/dokploy/server/api/routers/mariadb.ts +++ b/apps/dokploy/server/api/routers/mariadb.ts @@ -24,6 +24,7 @@ import { addNewService, checkServiceAccess, createMount, + findProjectById, } from "@dokploy/builders"; export const mariadbRouter = createTRPCRouter({ @@ -35,6 +36,13 @@ export const mariadbRouter = createTRPCRouter({ await checkServiceAccess(ctx.user.authId, input.projectId, "create"); } + const project = await findProjectById(input.projectId); + if (project.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to access this project", + }); + } const newMariadb = await createMariadb(input); if (ctx.user.rol === "user") { await addNewService(ctx.user.authId, newMariadb.mariadbId); diff --git a/apps/dokploy/server/api/routers/mongo.ts b/apps/dokploy/server/api/routers/mongo.ts index 2ed159a0..cb78745e 100644 --- a/apps/dokploy/server/api/routers/mongo.ts +++ b/apps/dokploy/server/api/routers/mongo.ts @@ -24,6 +24,7 @@ import { startServiceRemote, stopService, stopServiceRemote, + findProjectById, } from "@dokploy/builders"; export const mongoRouter = createTRPCRouter({ @@ -35,6 +36,13 @@ export const mongoRouter = createTRPCRouter({ await checkServiceAccess(ctx.user.authId, input.projectId, "create"); } + const project = await findProjectById(input.projectId); + if (project.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to access this project", + }); + } const newMongo = await createMongo(input); if (ctx.user.rol === "user") { await addNewService(ctx.user.authId, newMongo.mongoId); diff --git a/apps/dokploy/server/api/routers/mysql.ts b/apps/dokploy/server/api/routers/mysql.ts index 46ecac42..22f3885e 100644 --- a/apps/dokploy/server/api/routers/mysql.ts +++ b/apps/dokploy/server/api/routers/mysql.ts @@ -26,6 +26,7 @@ import { startServiceRemote, stopService, stopServiceRemote, + findProjectById, } from "@dokploy/builders"; export const mysqlRouter = createTRPCRouter({ @@ -36,6 +37,13 @@ export const mysqlRouter = createTRPCRouter({ if (ctx.user.rol === "user") { await checkServiceAccess(ctx.user.authId, input.projectId, "create"); } + const project = await findProjectById(input.projectId); + if (project.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to access this project", + }); + } const newMysql = await createMysql(input); if (ctx.user.rol === "user") { diff --git a/apps/dokploy/server/api/routers/postgres.ts b/apps/dokploy/server/api/routers/postgres.ts index ae4ced08..14978465 100644 --- a/apps/dokploy/server/api/routers/postgres.ts +++ b/apps/dokploy/server/api/routers/postgres.ts @@ -24,6 +24,7 @@ import { findPostgresById, removePostgresById, updatePostgresById, + findProjectById, } from "@dokploy/builders"; export const postgresRouter = createTRPCRouter({ @@ -35,6 +36,13 @@ export const postgresRouter = createTRPCRouter({ await checkServiceAccess(ctx.user.authId, input.projectId, "create"); } + const project = await findProjectById(input.projectId); + if (project.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to access this project", + }); + } const newPostgres = await createPostgres(input); if (ctx.user.rol === "user") { await addNewService(ctx.user.authId, newPostgres.postgresId); diff --git a/apps/dokploy/server/api/routers/redis.ts b/apps/dokploy/server/api/routers/redis.ts index e336cde3..86a1f2a2 100644 --- a/apps/dokploy/server/api/routers/redis.ts +++ b/apps/dokploy/server/api/routers/redis.ts @@ -27,6 +27,7 @@ import { removeRedisById, updateRedisById, IS_CLOUD, + findProjectById, } from "@dokploy/builders"; export const redisRouter = createTRPCRouter({ @@ -38,6 +39,13 @@ export const redisRouter = createTRPCRouter({ await checkServiceAccess(ctx.user.authId, input.projectId, "create"); } + const project = await findProjectById(input.projectId); + if (project.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to access this project", + }); + } const newRedis = await createRedis(input); if (ctx.user.rol === "user") { await addNewService(ctx.user.authId, newRedis.redisId);