Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy.git synced 2026-06-15 20:25:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: implement audit logs and custom role management components

Browse Source 
- Added new components for displaying and managing audit logs, including a data table and filters for user actions.
- Introduced a custom roles management interface, allowing users to create and modify roles with specific permissions.
- Updated permission checks to ensure proper access control for audit logs and custom roles.
- Refactored existing components to integrate new functionality and improve user experience.
This commit is contained in:
Mauricio Siu
2026-03-16 11:13:24 -06:00
parent 72fb85f616
commit a4e9c6e890
9 changed files with 38 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
packages/server/src/lib/access-control.ts
View File

@@ -168,21 +168,23 @@ export const memberRole = ac.newRole({
gitProviders: [],
traefikFiles: [],
api: [],
volume: [],
deployment: [],
envVars: [],
projectEnvVars: [],
environmentEnvVars: [],
// Service-level enterprise resources — member can do everything within services they have access to
volume: ["read", "create", "delete"],
deployment: ["read", "create", "cancel"],
envVars: ["read", "write"],
projectEnvVars: ["read", "write"],
environmentEnvVars: ["read", "write"],
backup: ["read", "create", "update", "delete", "restore"],
volumeBackup: ["read", "create", "update", "delete", "restore"],
schedule: ["read", "create", "update", "delete"],
domain: ["read", "create", "delete"],
logs: ["read"],
monitoring: ["read"],
// Org-level enterprise resources — member cannot manage these
server: [],
registry: [],
certificate: [],
backup: [],
volumeBackup: [],
schedule: [],
domain: [],
destination: [],
notification: [],
logs: [],
monitoring: [],
auditLog: [],
});

5
packages/server/src/services/permission.ts
View File

@@ -182,13 +182,14 @@ export const resolvePermissions = async (
const legacyOverrides =
memberRecord.role === "member" ? getLegacyOverrides(memberRecord) : {};
const isStaticRole = memberRecord.role in staticRoles;
const isPrivilegedRole =
memberRecord.role === "owner" || memberRecord.role === "admin";
const result = {} as ResolvedPermissions;
for (const [resource, actions] of Object.entries(statements)) {
const resourcePerms = {} as Record<string, boolean>;
for (const action of actions) {
if (isStaticRole && enterpriseOnlyResources.has(resource)) {
if (isPrivilegedRole && enterpriseOnlyResources.has(resource)) {
resourcePerms[action] = true;
continue;
}