Fix .env Files for Isolated Users (#496)

2025-04-20 02:11:36 +00:00 · 2025-02-22 08:23:03 +00:00 · 2025-02-22 08:23:03 +00:00 · 1223ea1499
commit 1223ea1499
parent 2356e44f5b
5 changed files with 39 additions and 8 deletions
--- a/app/Actions/Site/UpdateEnv.php
+++ b/app/Actions/Site/UpdateEnv.php
@ -2,19 +2,20 @@

 namespace App\Actions\Site;

-use App\Exceptions\SSHUploadFailed;
+use App\Exceptions\SSHError;
 use App\Models\Site;

 class UpdateEnv
 {
    /**
-     * @throws SSHUploadFailed
+     * @throws SSHError
     */
    public function update(Site $site, array $input): void
    {
-        $site->server->os()->editFile(
+        $site->server->os()->editFileAs(
            $site->path.'/.env',
-            $input['env']
+            $site->user,
+            trim($input['env']),
        );
    }
 }
--- a/app/Helpers/SSH.php
+++ b/app/Helpers/SSH.php
@ -112,7 +112,9 @@ public function exec(string $command, string $log = '', ?int $siteId = null, ?bo

        try {
            if ($this->asUser) {
-                $command = 'sudo su - '.$this->asUser.' -c '.'"'.addslashes($command).'"';
+                $command = addslashes($command);
+                $command = str_replace('\\\'', '\'', $command);
+                $command = 'sudo su - '.$this->asUser.' -c '.'"'.trim($command).'"';
            }

            $this->connection->setTimeout(0);
--- a/app/SSH/OS/OS.php
+++ b/app/SSH/OS/OS.php
@ -198,16 +198,34 @@ public function editFile(string $path, ?string $content = null): void
        }
    }

+    /**
+     * @throws SSHError
+     */
+    public function editFileAs(string $path, string $user, ?string $content = null): void
+    {
+        $sudo = $user === 'root';
+        $actualUser = $sudo ? $this->server->getSshUser() : $user;
+
+        $this->server->ssh($actualUser)->exec(
+            view('ssh.os.edit-file', [
+                'path' => $path,
+                'content' => $content,
+                'sudo' => $sudo,
+            ]),
+            'edit-file'
+        );
+    }
+
    /**
     * @throws SSHError
     */
    public function readFile(string $path): string
    {
-        return $this->server->ssh()->exec(
+        return trim($this->server->ssh()->exec(
            view('ssh.os.read-file', [
                'path' => $path,
            ])
-        );
+        ));
    }

    /**
--- a/resources/views/ssh/os/edit-file.blade.php
+++ b/resources/views/ssh/os/edit-file.blade.php
@ -0,0 +1,9 @@
+@if($sudo) sudo @endif tee {!! $path !!} << 'VITO_SSH_EOF' > /dev/null
+{!! $content !!}
+VITO_SSH_EOF
+
+if [ $? -eq 0 ]; then
+    echo "Successfully wrote to {{ $path }}"
+else
+    echo 'VITO_SSH_ERROR' && exit 1
+fi
--- a/tests/Feature/ApplicationTest.php
+++ b/tests/Feature/ApplicationTest.php
@ -202,7 +202,8 @@ public function test_update_env_file(): void
            ->assertSuccessful()
            ->assertNotified('.env updated!');

-        SSH::assertFileUploaded('/home/vito/'.$this->site->domain.'/.env', 'APP_ENV="production"');
+        SSH::assertExecutedContains('tee /home/vito/vito.test/.env << \'VITO_SSH_EOF\'');
+        SSH::assertExecutedContains('APP_ENV="production"');
    }

    public function test_git_hook_deployment(): void