Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy synced 2025-06-26 18:27:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor(cloud): add validation to prevent access to resources from another admin

Browse Source
This commit is contained in:
Mauricio Siu
2024-10-03 19:48:49 -06:00
parent 8abeae5e63
commit ec1d6c7430
12 changed files with 250 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
apps/dokploy/server/api/routers/gitlab.ts
View File

@@ -23,9 +23,9 @@ import {
export const gitlabRouter = createTRPCRouter({
create: protectedProcedure
.input(apiCreateGitlab)
.mutation(async ({ input }) => {
.mutation(async ({ input, ctx }) => {
try {
return await createGitlab(input);
return await createGitlab(input, ctx.user.adminId);
} catch (error) {
throw new TRPCError({
code: "BAD_REQUEST",
@@ -83,13 +83,16 @@ export const gitlabRouter = createTRPCRouter({
}),
update: protectedProcedure
.input(apiUpdateGitlab)
.mutation(async ({ input }) => {
.mutation(async ({ input, ctx }) => {
if (input.name) {
await updateGitProvider(input.gitProviderId, {
name: input.name,
adminId: ctx.user.adminId,
});
} else {
await updateGitlab(input.gitlabId, input);
await updateGitlab(input.gitlabId, {
...input,
});
}
}),
});