From ec1d6c7430e598b4136746bb13f08ee7804056d2 Mon Sep 17 00:00:00 2001 From: Mauricio Siu <47042324+Siumauricio@users.noreply.github.com> Date: Thu, 3 Oct 2024 19:48:49 -0600 Subject: [PATCH] refactor(cloud): add validation to prevent access to resources from another admin --- apps/dokploy/server/api/routers/bitbucket.ts | 11 +- apps/dokploy/server/api/routers/github.ts | 25 ++++- apps/dokploy/server/api/routers/gitlab.ts | 11 +- .../server/api/routers/notification.ts | 103 +++++++++++++----- apps/dokploy/server/api/routers/server.ts | 54 +++++---- apps/dokploy/server/api/routers/ssh-key.ts | 48 +++++--- .../builders/src/db/schema/git-provider.ts | 14 +-- .../builders/src/db/schema/notification.ts | 12 ++ packages/builders/src/services/bitbucket.ts | 6 +- packages/builders/src/services/destination.ts | 28 +++-- .../builders/src/services/git-provider.ts | 16 ++- .../builders/src/services/notification.ts | 12 ++ 12 files changed, 250 insertions(+), 90 deletions(-) diff --git a/apps/dokploy/server/api/routers/bitbucket.ts b/apps/dokploy/server/api/routers/bitbucket.ts index dcb29cf87..40eb14d93 100644 --- a/apps/dokploy/server/api/routers/bitbucket.ts +++ b/apps/dokploy/server/api/routers/bitbucket.ts @@ -20,9 +20,9 @@ import { TRPCError } from "@trpc/server"; export const bitbucketRouter = createTRPCRouter({ create: protectedProcedure .input(apiCreateBitbucket) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { - return await createBitbucket(input); + return await createBitbucket(input, ctx.user.adminId); } catch (error) { throw new TRPCError({ code: "BAD_REQUEST", @@ -74,7 +74,10 @@ export const bitbucketRouter = createTRPCRouter({ }), update: protectedProcedure .input(apiUpdateBitbucket) - .mutation(async ({ input }) => { - return await updateBitbucket(input.bitbucketId, input); + .mutation(async ({ input, ctx }) => { + return await updateBitbucket(input.bitbucketId, { + ...input, + adminId: ctx.user.adminId, + }); }), }); diff --git a/apps/dokploy/server/api/routers/github.ts b/apps/dokploy/server/api/routers/github.ts index 236a969a9..dcd404879 100644 --- a/apps/dokploy/server/api/routers/github.ts +++ b/apps/dokploy/server/api/routers/github.ts @@ -15,9 +15,18 @@ import { } from "@dokploy/builders"; export const githubRouter = createTRPCRouter({ - one: protectedProcedure.input(apiFindOneGithub).query(async ({ input }) => { - return await findGithubById(input.githubId); - }), + one: protectedProcedure + .input(apiFindOneGithub) + .query(async ({ input, ctx }) => { + const githubProvider = await findGithubById(input.githubId); + // if (githubProvider.gitProvider.adminId !== ctx.user.adminId) { //TODO: Remove this line when the cloud version is ready + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not allowed to access this github provider", + // }); + // } + return githubProvider; + }), getGithubRepositories: protectedProcedure .input(apiFindOneGithub) .query(async ({ input }) => { @@ -64,9 +73,17 @@ export const githubRouter = createTRPCRouter({ }), update: protectedProcedure .input(apiUpdateGithub) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { + const githubProvider = await findGithubById(input.githubId); + // if (githubProvider.gitProvider.adminId !== ctx.user.adminId) { //TODO: Remove this line when the cloud version is ready + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not allowed to access this github provider", + // }); + // } await updateGitProvider(input.gitProviderId, { name: input.name, + adminId: ctx.user.adminId, }); }), }); diff --git a/apps/dokploy/server/api/routers/gitlab.ts b/apps/dokploy/server/api/routers/gitlab.ts index deb174e67..940342a4d 100644 --- a/apps/dokploy/server/api/routers/gitlab.ts +++ b/apps/dokploy/server/api/routers/gitlab.ts @@ -23,9 +23,9 @@ import { export const gitlabRouter = createTRPCRouter({ create: protectedProcedure .input(apiCreateGitlab) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { - return await createGitlab(input); + return await createGitlab(input, ctx.user.adminId); } catch (error) { throw new TRPCError({ code: "BAD_REQUEST", @@ -83,13 +83,16 @@ export const gitlabRouter = createTRPCRouter({ }), update: protectedProcedure .input(apiUpdateGitlab) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { if (input.name) { await updateGitProvider(input.gitProviderId, { name: input.name, + adminId: ctx.user.adminId, }); } else { - await updateGitlab(input.gitlabId, input); + await updateGitlab(input.gitlabId, { + ...input, + }); } }), }); diff --git a/apps/dokploy/server/api/routers/notification.ts b/apps/dokploy/server/api/routers/notification.ts index cf4c05d5d..6b38aefa6 100644 --- a/apps/dokploy/server/api/routers/notification.ts +++ b/apps/dokploy/server/api/routers/notification.ts @@ -21,7 +21,7 @@ import { notifications, } from "@/server/db/schema"; import { TRPCError } from "@trpc/server"; -import { desc } from "drizzle-orm"; +import { desc, eq } from "drizzle-orm"; import { createDiscordNotification, createEmailNotification, @@ -39,14 +39,14 @@ import { sendTelegramNotification, } from "@dokploy/builders"; +// TODO: Uncomment the validations when is cloud ready export const notificationRouter = createTRPCRouter({ createSlack: adminProcedure .input(apiCreateSlack) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { - return await createSlackNotification(input); + return await createSlackNotification(input, ctx.user.adminId); } catch (error) { - console.log(error); throw new TRPCError({ code: "BAD_REQUEST", message: "Error to create the notification", @@ -56,15 +56,21 @@ export const notificationRouter = createTRPCRouter({ }), updateSlack: adminProcedure .input(apiUpdateSlack) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { - return await updateSlackNotification(input); - } catch (error) { - throw new TRPCError({ - code: "BAD_REQUEST", - message: "Error to update the notification", - cause: error, + const notification = await findNotificationById(input.notificationId); + // if (notification.adminId !== ctx.user.adminId) { + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not authorized to update this notification", + // }); + // } + return await updateSlackNotification({ + ...input, + adminId: ctx.user.adminId, }); + } catch (error) { + throw error; } }), testSlackConnection: adminProcedure @@ -86,9 +92,9 @@ export const notificationRouter = createTRPCRouter({ }), createTelegram: adminProcedure .input(apiCreateTelegram) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { - return await createTelegramNotification(input); + return await createTelegramNotification(input, ctx.user.adminId); } catch (error) { throw new TRPCError({ code: "BAD_REQUEST", @@ -100,9 +106,19 @@ export const notificationRouter = createTRPCRouter({ updateTelegram: adminProcedure .input(apiUpdateTelegram) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { - return await updateTelegramNotification(input); + const notification = await findNotificationById(input.notificationId); + // if (notification.adminId !== ctx.user.adminId) { + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not authorized to update this notification", + // }); + // } + return await updateTelegramNotification({ + ...input, + adminId: ctx.user.adminId, + }); } catch (error) { throw new TRPCError({ code: "BAD_REQUEST", @@ -127,7 +143,7 @@ export const notificationRouter = createTRPCRouter({ }), createDiscord: adminProcedure .input(apiCreateDiscord) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { // go to your discord server // go to settings @@ -135,7 +151,7 @@ export const notificationRouter = createTRPCRouter({ // add a new integration // select webhook // copy the webhook url - return await createDiscordNotification(input); + return await createDiscordNotification(input, ctx.user.adminId); } catch (error) { throw new TRPCError({ code: "BAD_REQUEST", @@ -147,9 +163,19 @@ export const notificationRouter = createTRPCRouter({ updateDiscord: adminProcedure .input(apiUpdateDiscord) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { - return await updateDiscordNotification(input); + const notification = await findNotificationById(input.notificationId); + // if (notification.adminId !== ctx.user.adminId) { + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not authorized to update this notification", + // }); + // } + return await updateDiscordNotification({ + ...input, + adminId: ctx.user.adminId, + }); } catch (error) { throw new TRPCError({ code: "BAD_REQUEST", @@ -178,11 +204,10 @@ export const notificationRouter = createTRPCRouter({ }), createEmail: adminProcedure .input(apiCreateEmail) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { - return await createEmailNotification(input); + return await createEmailNotification(input, ctx.user.adminId); } catch (error) { - console.log(error); throw new TRPCError({ code: "BAD_REQUEST", message: "Error to create the notification", @@ -192,9 +217,19 @@ export const notificationRouter = createTRPCRouter({ }), updateEmail: adminProcedure .input(apiUpdateEmail) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { - return await updateEmailNotification(input); + const notification = await findNotificationById(input.notificationId); + // if (notification.adminId !== ctx.user.adminId) { + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not authorized to update this notification", + // }); + // } + return await updateEmailNotification({ + ...input, + adminId: ctx.user.adminId, + }); } catch (error) { throw new TRPCError({ code: "BAD_REQUEST", @@ -223,8 +258,15 @@ export const notificationRouter = createTRPCRouter({ }), remove: adminProcedure .input(apiFindOneNotification) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { + const notification = await findNotificationById(input.notificationId); + // if (notification.adminId !== ctx.user.adminId) { + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not authorized to delete this notification", + // }); + // } return await removeNotificationById(input.notificationId); } catch (error) { throw new TRPCError({ @@ -235,11 +277,17 @@ export const notificationRouter = createTRPCRouter({ }), one: protectedProcedure .input(apiFindOneNotification) - .query(async ({ input }) => { + .query(async ({ input, ctx }) => { const notification = await findNotificationById(input.notificationId); + // if (notification.adminId !== ctx.user.adminId) { + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not authorized to access this notification", + // }); + // } return notification; }), - all: adminProcedure.query(async () => { + all: adminProcedure.query(async ({ ctx }) => { return await db.query.notifications.findMany({ with: { slack: true, @@ -248,6 +296,7 @@ export const notificationRouter = createTRPCRouter({ email: true, }, orderBy: desc(notifications.createdAt), + // where: eq(notifications.adminId, ctx.user.adminId), }); }), }); diff --git a/apps/dokploy/server/api/routers/server.ts b/apps/dokploy/server/api/routers/server.ts index ca8760edc..f6465198b 100644 --- a/apps/dokploy/server/api/routers/server.ts +++ b/apps/dokploy/server/api/routers/server.ts @@ -35,7 +35,6 @@ export const serverRouter = createTRPCRouter({ const project = await createServer(input, ctx.user.adminId); return project; } catch (error) { - console.log(error); throw new TRPCError({ code: "BAD_REQUEST", message: "Error to create the server", @@ -47,7 +46,15 @@ export const serverRouter = createTRPCRouter({ one: protectedProcedure .input(apiFindOneServer) .query(async ({ input, ctx }) => { - return await findServerById(input.serverId); + const server = await findServerById(input.serverId); + if (server.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to access this server", + }); + } + + return server; }), all: protectedProcedure.query(async ({ ctx }) => { const result = await db @@ -69,7 +76,7 @@ export const serverRouter = createTRPCRouter({ return result; }), - withSSHKey: protectedProcedure.query(async ({ input, ctx }) => { + withSSHKey: protectedProcedure.query(async ({ ctx }) => { return await db.query.server.findMany({ orderBy: desc(server.createdAt), where: and( @@ -82,20 +89,30 @@ export const serverRouter = createTRPCRouter({ .input(apiFindOneServer) .mutation(async ({ input, ctx }) => { try { + const server = await findServerById(input.serverId); + if (server.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to setup this server", + }); + } const currentServer = await serverSetup(input.serverId); return currentServer; } catch (error) { - throw new TRPCError({ - code: "BAD_REQUEST", - message: "Error to setup this server", - cause: error, - }); + throw error; } }), remove: protectedProcedure .input(apiRemoveServer) .mutation(async ({ input, ctx }) => { try { + const server = await findServerById(input.serverId); + if (server.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to delete this server", + }); + } const activeServers = await haveActiveServices(input.serverId); if (activeServers) { @@ -110,28 +127,27 @@ export const serverRouter = createTRPCRouter({ return currentServer; } catch (error) { - throw new TRPCError({ - code: "BAD_REQUEST", - message: "Error to delete this server", - cause: error, - }); + throw error; } }), update: protectedProcedure .input(apiUpdateServer) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { + const server = await findServerById(input.serverId); + if (server.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not authorized to update this server", + }); + } const currentServer = await updateServerById(input.serverId, { ...input, }); return currentServer; } catch (error) { - throw new TRPCError({ - code: "BAD_REQUEST", - message: "Error to update this server", - cause: error, - }); + throw error; } }), }); diff --git a/apps/dokploy/server/api/routers/ssh-key.ts b/apps/dokploy/server/api/routers/ssh-key.ts index cbee66400..3cf3778e1 100644 --- a/apps/dokploy/server/api/routers/ssh-key.ts +++ b/apps/dokploy/server/api/routers/ssh-key.ts @@ -16,7 +16,6 @@ import { removeSSHKeyById, updateSSHKeyById, } from "@dokploy/builders"; -import { eq } from "drizzle-orm"; export const sshRouter = createTRPCRouter({ create: protectedProcedure @@ -37,24 +36,38 @@ export const sshRouter = createTRPCRouter({ }), remove: protectedProcedure .input(apiRemoveSshKey) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { + const sshKey = await findSSHKeyById(input.sshKeyId); + // if (sshKey.adminId !== ctx.user.adminId) { + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not allowed to delete this ssh key", + // }); + // } return await removeSSHKeyById(input.sshKeyId); } catch (error) { - throw new TRPCError({ - code: "BAD_REQUEST", - message: "Error to delete this ssh key", - }); + throw error; } }), - one: protectedProcedure.input(apiFindOneSshKey).query(async ({ input }) => { - const sshKey = await findSSHKeyById(input.sshKeyId); - return sshKey; - }), + one: protectedProcedure + .input(apiFindOneSshKey) + .query(async ({ input, ctx }) => { + const sshKey = await findSSHKeyById(input.sshKeyId); + + if (sshKey.adminId !== ctx.user.adminId) { + throw new TRPCError({ + code: "UNAUTHORIZED", + message: "You are not allowed to access this ssh key", + }); + } + return sshKey; + }), all: protectedProcedure.query(async ({ ctx }) => { - return await db.query.sshKeys.findMany({ - where: eq(sshKeys.adminId, ctx.user.adminId), - }); + return await db.query.sshKeys.findMany({}); + // return await db.query.sshKeys.findMany({ + // where: eq(sshKeys.adminId, ctx.user.adminId), + // }); // TODO: Remove this line when the cloud version is ready }), generate: protectedProcedure .input(apiGenerateSSHKey) @@ -63,8 +76,15 @@ export const sshRouter = createTRPCRouter({ }), update: protectedProcedure .input(apiUpdateSshKey) - .mutation(async ({ input }) => { + .mutation(async ({ input, ctx }) => { try { + const sshKey = await findSSHKeyById(input.sshKeyId); + // if (sshKey.adminId !== ctx.user.adminId) { + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not allowed to update this ssh key", + // }); + // } return await updateSSHKeyById(input); } catch (error) { throw new TRPCError({ diff --git a/packages/builders/src/db/schema/git-provider.ts b/packages/builders/src/db/schema/git-provider.ts index 794706128..8c8fee504 100644 --- a/packages/builders/src/db/schema/git-provider.ts +++ b/packages/builders/src/db/schema/git-provider.ts @@ -3,10 +3,10 @@ import { pgEnum, pgTable, text } from "drizzle-orm/pg-core"; import { createInsertSchema } from "drizzle-zod"; import { nanoid } from "nanoid"; import { z } from "zod"; -import { auth } from "./auth"; import { bitbucket } from "./bitbucket"; import { github } from "./github"; import { gitlab } from "./gitlab"; +import { admins } from "./admin"; export const gitProviderType = pgEnum("gitProviderType", [ "github", @@ -24,9 +24,9 @@ export const gitProvider = pgTable("git_provider", { createdAt: text("createdAt") .notNull() .$defaultFn(() => new Date().toISOString()), - authId: text("authId") - .notNull() - .references(() => auth.id, { onDelete: "cascade" }), + adminId: text("adminId").references(() => admins.adminId, { + onDelete: "cascade", + }), }); export const gitProviderRelations = relations(gitProvider, ({ one, many }) => ({ @@ -42,9 +42,9 @@ export const gitProviderRelations = relations(gitProvider, ({ one, many }) => ({ fields: [gitProvider.gitProviderId], references: [bitbucket.gitProviderId], }), - auth: one(auth, { - fields: [gitProvider.authId], - references: [auth.id], + admin: one(admins, { + fields: [gitProvider.adminId], + references: [admins.adminId], }), })); diff --git a/packages/builders/src/db/schema/notification.ts b/packages/builders/src/db/schema/notification.ts index a0fcf62ce..73ee64cd7 100644 --- a/packages/builders/src/db/schema/notification.ts +++ b/packages/builders/src/db/schema/notification.ts @@ -3,6 +3,7 @@ import { boolean, integer, pgEnum, pgTable, text } from "drizzle-orm/pg-core"; import { createInsertSchema } from "drizzle-zod"; import { nanoid } from "nanoid"; import { z } from "zod"; +import { admins } from "./admin"; export const notificationType = pgEnum("notificationType", [ "slack", @@ -38,6 +39,9 @@ export const notifications = pgTable("notification", { emailId: text("emailId").references(() => email.emailId, { onDelete: "cascade", }), + adminId: text("adminId").references(() => admins.adminId, { + onDelete: "cascade", + }), }); export const slack = pgTable("slack", { @@ -96,6 +100,10 @@ export const notificationsRelations = relations(notifications, ({ one }) => ({ fields: [notifications.emailId], references: [email.emailId], }), + admin: one(admins, { + fields: [notifications.adminId], + references: [admins.adminId], + }), })); export const notificationsSchema = createInsertSchema(notifications); @@ -118,6 +126,7 @@ export const apiCreateSlack = notificationsSchema export const apiUpdateSlack = apiCreateSlack.partial().extend({ notificationId: z.string().min(1), slackId: z.string(), + adminId: z.string().optional(), }); export const apiTestSlackConnection = apiCreateSlack.pick({ @@ -143,6 +152,7 @@ export const apiCreateTelegram = notificationsSchema export const apiUpdateTelegram = apiCreateTelegram.partial().extend({ notificationId: z.string().min(1), telegramId: z.string().min(1), + adminId: z.string().optional(), }); export const apiTestTelegramConnection = apiCreateTelegram.pick({ @@ -167,6 +177,7 @@ export const apiCreateDiscord = notificationsSchema export const apiUpdateDiscord = apiCreateDiscord.partial().extend({ notificationId: z.string().min(1), discordId: z.string().min(1), + adminId: z.string().optional(), }); export const apiTestDiscordConnection = apiCreateDiscord.pick({ @@ -195,6 +206,7 @@ export const apiCreateEmail = notificationsSchema export const apiUpdateEmail = apiCreateEmail.partial().extend({ notificationId: z.string().min(1), emailId: z.string().min(1), + adminId: z.string().optional(), }); export const apiTestEmailConnection = apiCreateEmail.pick({ diff --git a/packages/builders/src/services/bitbucket.ts b/packages/builders/src/services/bitbucket.ts index 11ae0903d..589837dd9 100644 --- a/packages/builders/src/services/bitbucket.ts +++ b/packages/builders/src/services/bitbucket.ts @@ -12,13 +12,14 @@ export type Bitbucket = typeof bitbucket.$inferSelect; export const createBitbucket = async ( input: typeof apiCreateBitbucket._type, + adminId: string, ) => { return await db.transaction(async (tx) => { const newGitProvider = await tx .insert(gitProvider) .values({ providerType: "bitbucket", - authId: input.authId, + adminId: adminId, name: input.name, }) .returning() @@ -73,11 +74,12 @@ export const updateBitbucket = async ( .where(eq(bitbucket.bitbucketId, bitbucketId)) .returning(); - if (input.name) { + if (input.name || input.adminId) { await tx .update(gitProvider) .set({ name: input.name, + adminId: input.adminId, }) .where(eq(gitProvider.gitProviderId, input.gitProviderId)) .returning(); diff --git a/packages/builders/src/services/destination.ts b/packages/builders/src/services/destination.ts index dfc15649b..c814d0b52 100644 --- a/packages/builders/src/services/destination.ts +++ b/packages/builders/src/services/destination.ts @@ -1,20 +1,19 @@ import { db } from "@/server/db"; import { type apiCreateDestination, destinations } from "@/server/db/schema"; import { TRPCError } from "@trpc/server"; -import { eq } from "drizzle-orm"; -import { findAdmin } from "./admin"; +import { and, eq } from "drizzle-orm"; export type Destination = typeof destinations.$inferSelect; export const createDestintation = async ( input: typeof apiCreateDestination._type, + adminId: string, ) => { - const adminResponse = await findAdmin(); const newDestination = await db .insert(destinations) .values({ ...input, - adminId: adminResponse.adminId, + adminId: adminId, }) .returning() .then((value) => value[0]); @@ -31,7 +30,7 @@ export const createDestintation = async ( export const findDestinationById = async (destinationId: string) => { const destination = await db.query.destinations.findFirst({ - where: eq(destinations.destinationId, destinationId), + where: and(eq(destinations.destinationId, destinationId)), }); if (!destination) { throw new TRPCError({ @@ -42,10 +41,18 @@ export const findDestinationById = async (destinationId: string) => { return destination; }; -export const removeDestinationById = async (destinationId: string) => { +export const removeDestinationById = async ( + destinationId: string, + adminId: string, +) => { const result = await db .delete(destinations) - .where(eq(destinations.destinationId, destinationId)) + .where( + and( + eq(destinations.destinationId, destinationId), + eq(destinations.adminId, adminId), + ), + ) .returning(); return result[0]; @@ -60,7 +67,12 @@ export const updateDestinationById = async ( .set({ ...destinationData, }) - .where(eq(destinations.destinationId, destinationId)) + .where( + and( + eq(destinations.destinationId, destinationId), + eq(destinations.adminId, destinationData.adminId || ""), + ), + ) .returning(); return result[0]; diff --git a/packages/builders/src/services/git-provider.ts b/packages/builders/src/services/git-provider.ts index 6846de4dd..25b455c4a 100644 --- a/packages/builders/src/services/git-provider.ts +++ b/packages/builders/src/services/git-provider.ts @@ -1,5 +1,5 @@ import { db } from "@/server/db"; -import { type apiCreateGithub, gitProvider, github } from "@/server/db/schema"; +import { gitProvider } from "@/server/db/schema"; import { TRPCError } from "@trpc/server"; import { eq } from "drizzle-orm"; @@ -14,6 +14,20 @@ export const removeGitProvider = async (gitProviderId: string) => { return result[0]; }; +export const findGitProviderById = async (gitProviderId: string) => { + const result = await db.query.gitProvider.findFirst({ + where: eq(gitProvider.gitProviderId, gitProviderId), + }); + + if (!result) { + throw new TRPCError({ + code: "NOT_FOUND", + message: "Git Provider not found", + }); + } + return result; +}; + export const updateGitProvider = async ( gitProviderId: string, input: Partial, diff --git a/packages/builders/src/services/notification.ts b/packages/builders/src/services/notification.ts index 15d8f9d7c..a7d3a04a7 100644 --- a/packages/builders/src/services/notification.ts +++ b/packages/builders/src/services/notification.ts @@ -21,6 +21,7 @@ export type Notification = typeof notifications.$inferSelect; export const createSlackNotification = async ( input: typeof apiCreateSlack._type, + adminId: string, ) => { await db.transaction(async (tx) => { const newSlack = await tx @@ -50,6 +51,7 @@ export const createSlackNotification = async ( dokployRestart: input.dokployRestart, dockerCleanup: input.dockerCleanup, notificationType: "slack", + adminId: adminId, }) .returning() .then((value) => value[0]); @@ -78,6 +80,7 @@ export const updateSlackNotification = async ( databaseBackup: input.databaseBackup, dokployRestart: input.dokployRestart, dockerCleanup: input.dockerCleanup, + adminId: input.adminId, }) .where(eq(notifications.notificationId, input.notificationId)) .returning() @@ -106,6 +109,7 @@ export const updateSlackNotification = async ( export const createTelegramNotification = async ( input: typeof apiCreateTelegram._type, + adminId: string, ) => { await db.transaction(async (tx) => { const newTelegram = await tx @@ -135,6 +139,7 @@ export const createTelegramNotification = async ( dokployRestart: input.dokployRestart, dockerCleanup: input.dockerCleanup, notificationType: "telegram", + adminId: adminId, }) .returning() .then((value) => value[0]); @@ -163,6 +168,7 @@ export const updateTelegramNotification = async ( databaseBackup: input.databaseBackup, dokployRestart: input.dokployRestart, dockerCleanup: input.dockerCleanup, + adminId: input.adminId, }) .where(eq(notifications.notificationId, input.notificationId)) .returning() @@ -191,6 +197,7 @@ export const updateTelegramNotification = async ( export const createDiscordNotification = async ( input: typeof apiCreateDiscord._type, + adminId: string, ) => { await db.transaction(async (tx) => { const newDiscord = await tx @@ -219,6 +226,7 @@ export const createDiscordNotification = async ( dokployRestart: input.dokployRestart, dockerCleanup: input.dockerCleanup, notificationType: "discord", + adminId: adminId, }) .returning() .then((value) => value[0]); @@ -247,6 +255,7 @@ export const updateDiscordNotification = async ( databaseBackup: input.databaseBackup, dokployRestart: input.dokployRestart, dockerCleanup: input.dockerCleanup, + adminId: input.adminId, }) .where(eq(notifications.notificationId, input.notificationId)) .returning() @@ -274,6 +283,7 @@ export const updateDiscordNotification = async ( export const createEmailNotification = async ( input: typeof apiCreateEmail._type, + adminId: string, ) => { await db.transaction(async (tx) => { const newEmail = await tx @@ -307,6 +317,7 @@ export const createEmailNotification = async ( dokployRestart: input.dokployRestart, dockerCleanup: input.dockerCleanup, notificationType: "email", + adminId: adminId, }) .returning() .then((value) => value[0]); @@ -335,6 +346,7 @@ export const updateEmailNotification = async ( databaseBackup: input.databaseBackup, dokployRestart: input.dokployRestart, dockerCleanup: input.dockerCleanup, + adminId: input.adminId, }) .where(eq(notifications.notificationId, input.notificationId)) .returning()