direct-online/vito
2
0
Fork 0
mirror of https://github.com/vitodeploy/vito.git synced 2025-07-03 15:02:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

2.x - firewall/metrics/services/cronjobs

Browse Source
This commit is contained in:
Saeed Vaziry
2024-10-01 19:09:38 +02:00
parent 2e9620409b
commit 906ddc38de
58 changed files with 1625 additions and 631 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
app/Policies/CronJobPolicy.php Normal file
View File

@ -0,0 +1,41 @@
<?php
namespace App\Policies;
use App\Models\CronJob;
use App\Models\Server;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class CronJobPolicy
{
use HandlesAuthorization;
public function viewAny(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady();
}
public function view(User $user, CronJob $cronjob): bool
{
return ($user->isAdmin() || $cronjob->server->project->users->contains($user)) &&
$cronjob->server->isReady();
}
public function create(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady();
}
public function update(User $user, CronJob $cronjob): bool
{
return ($user->isAdmin() || $cronjob->server->project->users->contains($user)) &&
$cronjob->server->isReady();
}
public function delete(User $user, CronJob $cronjob): bool
{
return ($user->isAdmin() || $cronjob->server->project->users->contains($user)) &&
$cronjob->server->isReady();
}
}

41
app/Policies/FirewallRulePolicy.php Normal file
View File

@ -0,0 +1,41 @@
<?php
namespace App\Policies;
use App\Models\FirewallRule;
use App\Models\Server;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class FirewallRulePolicy
{
use HandlesAuthorization;
public function viewAny(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady();
}
public function view(User $user, FirewallRule $rule): bool
{
return ($user->isAdmin() || $rule->server->project->users->contains($user)) &&
$rule->server->isReady();
}
public function create(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady();
}
public function update(User $user, FirewallRule $rule): bool
{
return ($user->isAdmin() || $rule->server->project->users->contains($user)) &&
$rule->server->isReady();
}
public function delete(User $user, FirewallRule $rule): bool
{
return ($user->isAdmin() || $rule->server->project->users->contains($user)) &&
$rule->server->isReady();
}
}

44
app/Policies/MetricPolicy.php Normal file
View File

@ -0,0 +1,44 @@
<?php
namespace App\Policies;
use App\Models\Metric;
use App\Models\Server;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class MetricPolicy
{
use HandlesAuthorization;
public function viewAny(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) &&
$server->service('monitoring');
}
public function view(User $user, Metric $metric): bool
{
return ($user->isAdmin() || $metric->server->project->users->contains($user)) &&
$metric->server->service('monitoring');
}
public function create(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) &&
$server->service('monitoring');
}
public function update(User $user, Metric $metric): bool
{
return ($user->isAdmin() || $metric->server->project->users->contains($user)) &&
$metric->server->service('monitoring');
}
public function delete(User $user, Metric $metric): bool
{
return ($user->isAdmin() || $metric->server->project->users->contains($user)) &&
$metric->server->service('monitoring');
}
}

49
app/Policies/ServicePolicy.php
View File

@ -2,6 +2,7 @@
namespace App\Policies;
use App\Enums\ServiceStatus;
use App\Models\Server;
use App\Models\Service;
use App\Models\User;
@ -35,4 +36,52 @@ public function delete(User $user, Service $service): bool
{
return ($user->isAdmin() || $service->server->project->users->contains($user)) && $service->server->isReady();
}
public function start(User $user, Service $service): bool
{
return ($user->isAdmin() || $service->server->project->users->contains($user)) &&
$service->server->isReady() &&
in_array($service->status, [
ServiceStatus::STOPPED,
ServiceStatus::FAILED,
]);
}
public function stop(User $user, Service $service): bool
{
return ($user->isAdmin() || $service->server->project->users->contains($user)) &&
$service->server->isReady() &&
in_array($service->status, [
ServiceStatus::READY,
ServiceStatus::FAILED,
]);
}
public function restart(User $user, Service $service): bool
{
return ($user->isAdmin() || $service->server->project->users->contains($user)) &&
$service->server->isReady() &&
in_array($service->status, [
ServiceStatus::READY,
ServiceStatus::FAILED,
ServiceStatus::STOPPED,
]);
}
public function enable(User $user, Service $service): bool
{
return ($user->isAdmin() || $service->server->project->users->contains($user)) &&
$service->server->isReady() &&
$service->status == ServiceStatus::DISABLED;
}
public function disable(User $user, Service $service): bool
{
return ($user->isAdmin() || $service->server->project->users->contains($user)) &&
$service->server->isReady() &&
in_array($service->status, [
ServiceStatus::READY,
ServiceStatus::STOPPED,
]);
}
}

66
app/Policies/SshKeyPolicy.php Normal file
View File

@ -0,0 +1,66 @@
<?php
namespace App\Policies;
use App\Models\Server;
use App\Models\SshKey;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class SshKeyPolicy
{
use HandlesAuthorization;
public function viewAny(User $user): bool
{
return true;
}
public function view(User $user, SshKey $sshKey): bool
{
return $user->id === $sshKey->user_id;
}
public function create(User $user): bool
{
return true;
}
public function update(User $user, SshKey $sshKey): bool
{
return $user->id === $sshKey->user_id;
}
public function delete(User $user, SshKey $sshKey): bool
{
return $user->id === $sshKey->user_id;
}
public function viewAnyServer(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady();
}
public function viewServer(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) &&
$server->isReady();
}
public function createServer(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) && $server->isReady();
}
public function updateServer(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) &&
$server->isReady();
}
public function deleteServer(User $user, Server $server): bool
{
return ($user->isAdmin() || $server->project->users->contains($user)) &&
$server->isReady();
}
}