tiennm99/coolify
1
0
Fork 0
mirror of https://github.com/tiennm99/coolify.git synced 2026-06-22 11:34:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: scope server and project queries to current team

Browse Source 
Ensure Server and Project lookups in Livewire components and API
controllers use team-scoped queries (ownedByCurrentTeam / whereTeamId)
instead of unscoped find/where calls. This enforces consistent
multi-tenant isolation across all user-facing code paths.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Andras Bacsai
2026-03-28 12:29:08 +01:00
parent e39678aea5
commit e36622fdfb
13 changed files with 199 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php
+1 -1
View File
@@ -144,7 +144,7 @@ class GithubPrivateRepositoryDeployKey extends Component
// Note: git_repository has already been validated and transformed in get_git_source()
// It may now be in SSH format (git@host:repo.git) which is valid for deploy keys
$project = Project::where('uuid', $this->parameters['project_uuid'])->first();
$project = Project::ownedByCurrentTeam()->where('uuid', $this->parameters['project_uuid'])->first();
$environment = $project->load(['environments'])->environments->where('uuid', $this->parameters['environment_uuid'])->first();
if ($this->git_source === 'other') {
$application_init = [