mirror of
https://github.com/Dokploy/dokploy.git
synced 2026-07-03 21:15:23 +02:00
feat: add comprehensive permission tests and enhance permission checks in components
- Introduced new test files for permission checks, including `check-permission.test.ts`, `enterprise-only-resources.test.ts`, `resolve-permissions.test.ts`, and `service-access.test.ts`. - Implemented permission checks in various components to ensure actions are gated by user permissions, including `ShowTraefikConfig`, `UpdateTraefikConfig`, `ShowVolumes`, `ShowDomains`, and others. - Enhanced the logic for displaying UI elements based on user permissions, ensuring that only authorized users can access or modify resources.
This commit is contained in:
31
apps/dokploy/server/api/utils/audit.ts
Normal file
31
apps/dokploy/server/api/utils/audit.ts
Normal file
@@ -0,0 +1,31 @@
|
||||
import { createAuditLog } from "@dokploy/server/services/proprietary/audit-log";
|
||||
import type { AuditAction, AuditResourceType } from "@dokploy/server/db/schema";
|
||||
|
||||
interface AuditCtx {
|
||||
user: { id: string; email: string; role: string };
|
||||
session: { activeOrganizationId: string };
|
||||
}
|
||||
|
||||
interface AuditEvent {
|
||||
action: AuditAction;
|
||||
resourceType: AuditResourceType;
|
||||
resourceId?: string;
|
||||
resourceName?: string;
|
||||
metadata?: Record<string, unknown>;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates an audit log entry from a tRPC context.
|
||||
* Extracts userId, userEmail, userRole and organizationId automatically.
|
||||
*
|
||||
* Usage:
|
||||
* await audit(ctx, { action: "create", resourceType: "project", resourceName: "my-app" });
|
||||
*/
|
||||
export const audit = (ctx: AuditCtx, event: AuditEvent) =>
|
||||
createAuditLog({
|
||||
organizationId: ctx.session.activeOrganizationId,
|
||||
userId: ctx.user.id,
|
||||
userEmail: ctx.user.email,
|
||||
userRole: ctx.user.role,
|
||||
...event,
|
||||
});
|
||||
Reference in New Issue
Block a user