mirror of
https://github.com/Dokploy/dokploy.git
synced 2026-07-05 22:15:22 +02:00
refactor(cloud): add validation to prevent access to shared resources
This commit is contained in:
@@ -1,4 +1,9 @@
|
||||
import { createGithub } from "@dokploy/builders";
|
||||
import {
|
||||
createGithub,
|
||||
findAdminByAuthId,
|
||||
findAuthById,
|
||||
findUserByAuthId,
|
||||
} from "@dokploy/builders";
|
||||
import { db } from "@/server/db";
|
||||
import { github } from "@/server/db/schema";
|
||||
import { eq } from "drizzle-orm";
|
||||
@@ -34,16 +39,29 @@ export default async function handler(
|
||||
},
|
||||
);
|
||||
|
||||
await createGithub({
|
||||
name: data.name,
|
||||
githubAppName: data.html_url,
|
||||
githubAppId: data.id,
|
||||
githubClientId: data.client_id,
|
||||
githubClientSecret: data.client_secret,
|
||||
githubWebhookSecret: data.webhook_secret,
|
||||
githubPrivateKey: data.pem,
|
||||
authId: value as string,
|
||||
});
|
||||
const auth = await findAuthById(value as string);
|
||||
|
||||
let adminId = "";
|
||||
if (auth.rol === "admin") {
|
||||
const admin = await findAdminByAuthId(auth.id);
|
||||
adminId = admin.adminId;
|
||||
} else {
|
||||
const user = await findUserByAuthId(auth.id);
|
||||
adminId = user.adminId;
|
||||
}
|
||||
|
||||
await createGithub(
|
||||
{
|
||||
name: data.name,
|
||||
githubAppName: data.html_url,
|
||||
githubAppId: data.id,
|
||||
githubClientId: data.client_id,
|
||||
githubClientSecret: data.client_secret,
|
||||
githubWebhookSecret: data.webhook_secret,
|
||||
githubPrivateKey: data.pem,
|
||||
},
|
||||
adminId,
|
||||
);
|
||||
} else if (action === "gh_setup") {
|
||||
await db
|
||||
.update(github)
|
||||
|
||||
Reference in New Issue
Block a user