mirror of
https://github.com/Dokploy/dokploy.git
synced 2026-07-01 20:15:29 +02:00
feat(license): enhance license key management and authorization checks
- Added authorization checks to ensure only users with the "owner" role can activate or deactivate license keys. - Updated the menu item visibility logic to simplify role checks for admin and owner users. - Commented out the cloud environment redirection logic in the license settings page for future consideration.
This commit is contained in:
@@ -21,6 +21,7 @@ import {
|
||||
Key,
|
||||
KeyRound,
|
||||
Loader2,
|
||||
LogIn,
|
||||
type LucideIcon,
|
||||
Package,
|
||||
PieChart,
|
||||
@@ -30,7 +31,6 @@ import {
|
||||
Trash2,
|
||||
User,
|
||||
Users,
|
||||
LogIn,
|
||||
} from "lucide-react";
|
||||
import Link from "next/link";
|
||||
import { usePathname } from "next/navigation";
|
||||
@@ -404,8 +404,8 @@ const MENU: Menu = {
|
||||
url: "/dashboard/settings/license",
|
||||
icon: Key,
|
||||
// Only enabled for admins in non-cloud environments
|
||||
isEnabled: ({ auth, isCloud }) =>
|
||||
!!((auth?.role === "owner" || auth?.role === "admin") && !isCloud),
|
||||
isEnabled: ({ auth }) =>
|
||||
!!(auth?.role === "owner" || auth?.role === "admin"),
|
||||
},
|
||||
{
|
||||
isSingle: true,
|
||||
|
||||
@@ -36,14 +36,14 @@ export async function getServerSideProps(
|
||||
) {
|
||||
const { req, res } = ctx;
|
||||
const locale = await getLocale(req.cookies);
|
||||
if (IS_CLOUD) {
|
||||
return {
|
||||
redirect: {
|
||||
permanent: true,
|
||||
destination: "/dashboard/projects",
|
||||
},
|
||||
};
|
||||
}
|
||||
// if (IS_CLOUD) {
|
||||
// return {
|
||||
// redirect: {
|
||||
// permanent: true,
|
||||
// destination: "/dashboard/projects",
|
||||
// },
|
||||
// };
|
||||
// }
|
||||
const { user, session } = await validateRequest(ctx.req);
|
||||
if (!user) {
|
||||
return {
|
||||
|
||||
@@ -26,6 +26,13 @@ export const licenseKeyRouter = createTRPCRouter({
|
||||
});
|
||||
}
|
||||
|
||||
if (ctx.user.role !== "owner") {
|
||||
throw new TRPCError({
|
||||
code: "FORBIDDEN",
|
||||
message: "You are not authorized to activate a license key",
|
||||
});
|
||||
}
|
||||
|
||||
if (!currentUser.enableEnterpriseFeatures) {
|
||||
throw new TRPCError({
|
||||
code: "BAD_REQUEST",
|
||||
@@ -117,6 +124,14 @@ export const licenseKeyRouter = createTRPCRouter({
|
||||
message: "No license key found",
|
||||
});
|
||||
}
|
||||
|
||||
if (ctx.user.role !== "owner") {
|
||||
throw new TRPCError({
|
||||
code: "FORBIDDEN",
|
||||
message: "You are not authorized to deactivate a license key",
|
||||
});
|
||||
}
|
||||
|
||||
await deactivateLicenseKey(currentUser.licenseKey);
|
||||
await db
|
||||
.update(user)
|
||||
|
||||
Reference in New Issue
Block a user