feat: add accessedServers permission handling and server access validation

- Introduced `accessedServers` field in user permissions schema and member table.
- Implemented server access validation across various API routers to ensure users can only access permitted servers.
- Added a new query to fetch accessible server IDs based on user roles and licenses.
- Updated UI components to support server selection in user permissions.
This commit is contained in:
Mauricio Siu
2026-04-05 00:06:27 -06:00
parent c160f24765
commit bfa4ebc801
17 changed files with 8595 additions and 5 deletions

View File

@@ -20,6 +20,7 @@ import {
stopService,
stopServiceRemote,
updatePostgresById,
getAccessibleServerIds,
} from "@dokploy/server";
import { db } from "@dokploy/server/db";
import {
@@ -74,6 +75,17 @@ export const postgresRouter = createTRPCRouter({
message: "You are not authorized to access this project",
});
}
if (input.serverId) {
const accessibleIds = await getAccessibleServerIds(ctx.session);
if (!accessibleIds.has(input.serverId)) {
throw new TRPCError({
code: "UNAUTHORIZED",
message: "You are not authorized to access this server",
});
}
}
const newPostgres = await createPostgres({
...input,
});