mirror of
https://github.com/Dokploy/dokploy.git
synced 2026-06-21 07:05:21 +02:00
8127dc4536
- Introduced new test files for permission checks, including `check-permission.test.ts`, `enterprise-only-resources.test.ts`, `resolve-permissions.test.ts`, and `service-access.test.ts`. - Implemented permission checks in various components to ensure actions are gated by user permissions, including `ShowTraefikConfig`, `UpdateTraefikConfig`, `ShowVolumes`, `ShowDomains`, and others. - Enhanced the logic for displaying UI elements based on user permissions, ensuring that only authorized users can access or modify resources.
60 lines
1.7 KiB
TypeScript
60 lines
1.7 KiB
TypeScript
import { findGitProviderById, removeGitProvider } from "@dokploy/server";
|
|
import { db } from "@dokploy/server/db";
|
|
import { TRPCError } from "@trpc/server";
|
|
import { and, desc, eq } from "drizzle-orm";
|
|
import { audit } from "@/server/api/utils/audit";
|
|
import {
|
|
createTRPCRouter,
|
|
protectedProcedure,
|
|
withPermission,
|
|
} from "@/server/api/trpc";
|
|
import { apiRemoveGitProvider, gitProvider } from "@/server/db/schema";
|
|
|
|
export const gitProviderRouter = createTRPCRouter({
|
|
getAll: protectedProcedure.query(async ({ ctx }) => {
|
|
return await db.query.gitProvider.findMany({
|
|
with: {
|
|
gitlab: true,
|
|
bitbucket: true,
|
|
github: true,
|
|
gitea: true,
|
|
},
|
|
orderBy: desc(gitProvider.createdAt),
|
|
where: and(
|
|
eq(gitProvider.userId, ctx.session.userId),
|
|
eq(gitProvider.organizationId, ctx.session.activeOrganizationId),
|
|
),
|
|
});
|
|
}),
|
|
remove: withPermission("gitProviders", "delete")
|
|
.input(apiRemoveGitProvider)
|
|
.mutation(async ({ input, ctx }) => {
|
|
try {
|
|
const gitProvider = await findGitProviderById(input.gitProviderId);
|
|
|
|
if (gitProvider.organizationId !== ctx.session.activeOrganizationId) {
|
|
throw new TRPCError({
|
|
code: "UNAUTHORIZED",
|
|
message: "You are not allowed to delete this Git provider",
|
|
});
|
|
}
|
|
await audit(ctx, {
|
|
action: "delete",
|
|
resourceType: "gitProvider",
|
|
resourceId: gitProvider.gitProviderId,
|
|
resourceName: gitProvider.name ?? gitProvider.gitProviderId,
|
|
});
|
|
return await removeGitProvider(input.gitProviderId);
|
|
} catch (error) {
|
|
const message =
|
|
error instanceof Error
|
|
? error.message
|
|
: "Error deleting this Git provider";
|
|
throw new TRPCError({
|
|
code: "BAD_REQUEST",
|
|
message,
|
|
});
|
|
}
|
|
}),
|
|
});
|