banquise/pelican-panel-mirror
14
0
Fork 1
mirror of https://github.com/pelican-dev/panel.git synced 2025-12-08 17:30:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Only allow server transfers to accessible nodes (#1951)

Browse Source
This commit is contained in:
Boy132 2025-12-02 08:26:19 +01:00 committed by GitHub
parent c312ef493f
commit 0fe8917668
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/Filament/Admin/Resources/Servers/Pages/EditServer.php
View File

@ -12,7 +12,6 @@ use App\Filament\Components\StateCasts\ServerConditionStateCast;
use App\Filament\Server\Pages\Console;
use App\Models\Allocation;
use App\Models\Egg;
use App\Models\Node;
use App\Models\Server;
use App\Models\User;
use App\Repositories\Daemon\DaemonServerRepository;
@ -1008,7 +1007,7 @@ class EditServer extends EditRecord
Actions::make([
Action::make('transfer')
->label(trans('admin/server.transfer'))
->disabled(fn (Server $server) => Node::count() <= 1 || $server->isInConflictState())
->disabled(fn (Server $server) => user()?->accessibleNodes()->count() <= 1 || $server->isInConflictState())
->modalHeading(trans('admin/server.transfer'))
->schema($this->transferServer())
->action(function (TransferServerService $transfer, Server $server, $data) {
@ -1080,10 +1079,10 @@ class EditServer extends EditRecord
->label(trans('admin/server.node'))
->prefixIcon('tabler-server-2')
->selectablePlaceholder(false)
->default(fn (Server $server) => Node::whereNot('id', $server->node->id)->first()?->id)
->default(fn (Server $server) => user()?->accessibleNodes()->whereNot('id', $server->node->id)->first()?->id)
->required()
->live()
->options(fn (Server $server) => Node::whereNot('id', $server->node->id)->pluck('name', 'id')->all()),
->options(fn (Server $server) => user()?->accessibleNodes()->whereNot('id', $server->node->id)->pluck('name', 'id')->all()),
Select::make('allocation_id')
->label(trans('admin/server.primary_allocation'))
->disabled(fn (Get $get, Server $server) => !$get('node_id') || !$server->allocation_id)

1
app/Models/User.php
View File

@ -291,6 +291,7 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
->distinct('servers.id');
}
/** @return Builder<Node> */
public function accessibleNodes(): Builder
{
// Root admins can access all nodes