tiennm99/coolify
1
0
Fork 0
mirror of https://github.com/tiennm99/coolify.git synced 2026-04-17 21:20:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: S3 restore button disabled state and security scopes

Browse Source 
- Add Alpine.js entangle bindings for s3StorageId and s3Path to enable
  reactive button state without server requests
- Change button disabled binding from PHP :disabled to Alpine x-bind:disabled
  for client-side reactivity using deferred wire:model inputs
- Replace S3Storage::findOrFail with ownedByCurrentTeam()->findOrFail in
  checkS3File() and downloadFromS3() methods
- Remove redundant manual team verification since ownedByCurrentTeam scope
  automatically filters to current team

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Andras Bacsai
2025-11-02 16:33:34 +01:00
parent 800396b443
commit 6cb3e4d515
2 changed files with 47 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
app/Livewire/Project/Database/Import.php
View File

@@ -300,14 +300,7 @@ EOD;
}
try {
$s3Storage = S3Storage::findOrFail($this->s3StorageId);
// Verify S3 belongs to current team
if ($s3Storage->team_id !== currentTeam()->id) {
$this->dispatch('error', 'You do not have permission to access this S3 storage.');
return;
}
$s3Storage = S3Storage::ownedByCurrentTeam()->findOrFail($this->s3StorageId);
// Test connection
$s3Storage->testConnection();
@@ -363,14 +356,7 @@ EOD;
try {
$this->s3DownloadInProgress = true;
$s3Storage = S3Storage::findOrFail($this->s3StorageId);
// Verify S3 belongs to current team
if ($s3Storage->team_id !== currentTeam()->id) {
$this->dispatch('error', 'You do not have permission to access this S3 storage.');
return;
}
$s3Storage = S3Storage::ownedByCurrentTeam()->findOrFail($this->s3StorageId);
$key = $s3Storage->key;
$secret = $s3Storage->secret;