starred/panel
1
0
Fork 0
mirror of https://github.com/pelican-dev/panel.git synced 2026-02-24 03:12:01 +03:00
Code Issues 42 Packages Projects Releases 12 Wiki Activity

Compare commits

base: starred:lance/1585
Branches Tags
starred:main starred:charles/filament-v5 starred:boy132/backup-hosts starred:release/v1.0.0-beta33 starred:lance/encodings starred:release/v1.0.0-beta32 starred:lance/2069 starred:lance/1228 starred:lance/2026 starred:lance/1022 starred:lance/2132 starred:lance/1585 starred:lance/769 starred:lance/2163 starred:lance/1769 starred:lance/2077 starred:shift-ci-v12.50.0 starred:charles/spotlight starred:charles/ex-im-servers starred:auto-claude/022-docker-image-links-plugin-dir-wrong starred:auto-claude/022-docker-image-links-plugin-dir-wrong-clean starred:release/v1.0.0-beta31 starred:auto-claude/005-run-unit-tests-in-parallel starred:charles/new-activitylog starred:lance/1742 starred:release/v1.0.0-beta30 starred:release/v1.0.0-beta29 starred:release/v1.0.0-beta28 starred:release/v1.0.0-beta27 starred:release/v1.0.0-beta26 starred:chore/shiftWorkflow starred:vehikl/make-webhooks-normalized starred:feature/1051-replace-fractal-with-laravel-data starred:release/v1.0.0-beta25 starred:release/v1.0.0-beta24 starred:release/v1.0.0-beta23 starred:release/v1.0.0-beta22 starred:lance/cloud starred:release/v1.0.0-beta21 starred:release/v1.0.0-beta20 starred:release/v1.0.0-beta19 starred:release/v1.0.0-beta18 starred:release/v1.0.0-beta17 starred:release/v1.0.0-beta16 starred:release/v1.0.0-beta15 starred:release/v1.0.0-beta14 starred:release/v1.0.0-beta13 starred:release/v1.0.0-beta11 starred:issue/68 starred:release/v1.0.0-beta10 starred:release/v1.0.0-beta9 starred:release/v1.0.0-beta8 starred:release/v1.0.0-beta7 starred:release/v1.0.0-beta6 starred:release/v1.0.0-beta5 starred:release/v1.0.0-beta4 starred:release/v1.0.0-beta3 starred:release/v1.0.0-beta2 starred:release/v1.0.0-beta1 starred:3.x
starred:v1.0.0-beta33 starred:v1.0.0-beta32 starred:v1.0.0-beta31 starred:v1.0.0-beta30 starred:v1.0.0-beta29 starred:v1.0.0-beta28 starred:v1.0.0-beta27 starred:v1.0.0-beta26 starred:v1.0.0-beta25 starred:v1.0.0-beta24 starred:v1.0.0-beta23 starred:v1.0.0-beta22 starred:v1.0.0-beta21 starred:v1.0.0-beta20 starred:v1.0.0-beta19 starred:v1.0.0-beta18 starred:v1.0.0-beta17 starred:v1.0.0-beta16 starred:v1.0.0-beta15 starred:v1.0.0-beta14 starred:v1.0.0-beta13 starred:v1.0.0-beta11 starred:v1.0.0-beta10 starred:v1.0.0-beta9 starred:v1.0.0-beta8 starred:v1.0.0-beta7 starred:v1.0.0-beta6 starred:v1.0.0-beta5 starred:v1.0.0-beta4 starred:v1.0.0-beta3 starred:v1.0.0-beta2 starred:v1.0.0-beta1 starred:2.x starred:1.x starred:0.x
..
compare: starred:lance/1769
Branches Tags
starred:charles/filament-v5 starred:main starred:boy132/backup-hosts starred:release/v1.0.0-beta33 starred:lance/encodings starred:release/v1.0.0-beta32 starred:lance/2069 starred:lance/1228 starred:lance/2026 starred:lance/1022 starred:lance/2132 starred:lance/1585 starred:lance/769 starred:lance/2163 starred:lance/1769 starred:lance/2077 starred:shift-ci-v12.50.0 starred:charles/spotlight starred:charles/ex-im-servers starred:auto-claude/022-docker-image-links-plugin-dir-wrong starred:auto-claude/022-docker-image-links-plugin-dir-wrong-clean starred:release/v1.0.0-beta31 starred:auto-claude/005-run-unit-tests-in-parallel starred:charles/new-activitylog starred:lance/1742 starred:release/v1.0.0-beta30 starred:release/v1.0.0-beta29 starred:release/v1.0.0-beta28 starred:release/v1.0.0-beta27 starred:release/v1.0.0-beta26 starred:chore/shiftWorkflow starred:vehikl/make-webhooks-normalized starred:feature/1051-replace-fractal-with-laravel-data starred:release/v1.0.0-beta25 starred:release/v1.0.0-beta24 starred:release/v1.0.0-beta23 starred:release/v1.0.0-beta22 starred:lance/cloud starred:release/v1.0.0-beta21 starred:release/v1.0.0-beta20 starred:release/v1.0.0-beta19 starred:release/v1.0.0-beta18 starred:release/v1.0.0-beta17 starred:release/v1.0.0-beta16 starred:release/v1.0.0-beta15 starred:release/v1.0.0-beta14 starred:release/v1.0.0-beta13 starred:release/v1.0.0-beta11 starred:issue/68 starred:release/v1.0.0-beta10 starred:release/v1.0.0-beta9 starred:release/v1.0.0-beta8 starred:release/v1.0.0-beta7 starred:release/v1.0.0-beta6 starred:release/v1.0.0-beta5 starred:release/v1.0.0-beta4 starred:release/v1.0.0-beta3 starred:release/v1.0.0-beta2 starred:release/v1.0.0-beta1 starred:3.x
starred:v1.0.0-beta33 starred:v1.0.0-beta32 starred:v1.0.0-beta31 starred:v1.0.0-beta30 starred:v1.0.0-beta29 starred:v1.0.0-beta28 starred:v1.0.0-beta27 starred:v1.0.0-beta26 starred:v1.0.0-beta25 starred:v1.0.0-beta24 starred:v1.0.0-beta23 starred:v1.0.0-beta22 starred:v1.0.0-beta21 starred:v1.0.0-beta20 starred:v1.0.0-beta19 starred:v1.0.0-beta18 starred:v1.0.0-beta17 starred:v1.0.0-beta16 starred:v1.0.0-beta15 starred:v1.0.0-beta14 starred:v1.0.0-beta13 starred:v1.0.0-beta11 starred:v1.0.0-beta10 starred:v1.0.0-beta9 starred:v1.0.0-beta8 starred:v1.0.0-beta7 starred:v1.0.0-beta6 starred:v1.0.0-beta5 starred:v1.0.0-beta4 starred:v1.0.0-beta3 starred:v1.0.0-beta2 starred:v1.0.0-beta1 starred:2.x starred:1.x starred:0.x

2 Commits
lance/1585 ... lance/1769

Author SHA1 Message Date
Lance Pioch
6775f5ad01 Pint fix 2026-02-06 09:15:40 -05:00
Lance Pioch
ce3fba5102 Fix node FQDN validation showing banned values as valid (#1769) 
Reject banned FQDNs (localhost, 127.0.0.1, 0.0.0.0) in the DNS check callback so the form shows a red indicator immediately, instead of misleadingly resolving localhost to 127.0.0.1 with a green checkmark. Extract banned values into a Node::BANNED_FQDNS constant for reuse.
 2026-02-06 08:35:17 -05:00
12 changed files with 32 additions and 317 deletions
Expand all files Collapse all files

6
app/Filament/Admin/Resources/Nodes/Pages/CreateNode.php
View File

@@ -113,6 +113,12 @@ class CreateNode extends CreateRecord
return;
}
if (in_array(strtolower($state), Node::BANNED_FQDNS)) {
$set('dns', false);
return;
}
$ip = get_ip_from_hostname($state);
if ($ip) {
$set('dns', true);

6
app/Filament/Admin/Resources/Nodes/Pages/EditNode.php
View File

@@ -174,6 +174,12 @@ class EditNode extends EditRecord
return;
}
if (in_array(strtolower($state), Node::BANNED_FQDNS)) {
$set('dns', false);
return;
}
$ip = get_ip_from_hostname($state);
if ($ip) {
$set('dns', true);

10
app/Filament/Server/Pages/Console.php
View File

@@ -78,15 +78,11 @@ class Console extends Page
$feature = data_get($data, 'key');
$feature = $this->featureService->get($feature);
if (!$feature) {
if (!$feature || $this->getMountedAction()) {
return;
}
if ($this->getMountedAction()) {
$this->replaceMountedAction($feature->getId());
} else {
$this->mountAction($feature->getId());
}
$this->mountAction($feature->getId());
sleep(2); // TODO find a better way
}
public function getWidgetData(): array

8
app/Filament/Server/Resources/Files/Pages/ListFiles.php
View File

@@ -209,18 +209,16 @@ class ListFiles extends ListRecords
->required()
->live(),
TextEntry::make('new_location')
->state(fn (Get $get, File $file) => resolve_path(join_paths($this->path, str_ends_with($get('location') ?? '/', '/') ? join_paths($get('location') ?? '/', $file->name) : $get('location') ?? '/'))),
->state(fn (Get $get, File $file) => resolve_path(join_paths($this->path, $get('location') ?? '/', $file->name))),
])
->action(function ($data, File $file) {
$location = $data['location'];
$endsWithSlash = str_ends_with($location, '/');
$to = $endsWithSlash ? join_paths($location, $file->name) : $location;
$files = [['to' => $to, 'from' => $file->name]];
$files = [['to' => join_paths($location, $file->name), 'from' => $file->name]];
$this->getDaemonFileRepository()->renameFiles($this->path, $files);
$oldLocation = join_paths($this->path, $file->name);
$newLocation = resolve_path(join_paths($this->path, $to));
$newLocation = resolve_path(join_paths($this->path, $location, $file->name));
Activity::event('server:file.rename')
->property('directory', $this->path)

2
app/Http/Controllers/Auth/OAuthController.php
View File

@@ -74,7 +74,7 @@ class OAuthController extends Controller
$email = $oauthUser->getEmail();
if (!$email) {
return $this->errorRedirect('No email was linked to your account on the OAuth provider.');
return $this->errorRedirect();
}
$user = User::whereEmail($email)->first();

72
app/Listeners/AdminActivityListener.php
View File

@@ -1,72 +0,0 @@
<?php
namespace App\Listeners;
use App\Facades\Activity;
use Filament\Facades\Filament;
use Filament\Resources\Events\RecordCreated;
use Filament\Resources\Events\RecordUpdated;
use Illuminate\Support\Str;
class AdminActivityListener
{
protected const REDACTED_FIELDS = [
'password',
'password_confirmation',
'current_password',
'token',
'secret',
'api_key',
'daemon_token',
'_token',
];
public function handle(RecordCreated|RecordUpdated $event): void
{
if (Filament::getCurrentPanel()?->getId() !== 'admin') {
return;
}
$record = $event->getRecord();
$page = $event->getPage();
$data = $event->getData();
$resourceClass = $page::getResource();
$modelClass = $resourceClass::getModel();
$slug = Str::kebab(class_basename($modelClass));
$action = $event instanceof RecordCreated ? 'create' : 'update';
$properties = $this->redactSensitiveFields($data);
Activity::event("admin:$slug.$action")
->subject($record)
->property($properties)
->log();
}
/**
* @param array<string, mixed> $data
* @return array<string, mixed>
*/
protected function redactSensitiveFields(array $data): array
{
$redacted = [];
foreach ($data as $key => $value) {
if (in_array($key, self::REDACTED_FIELDS, true)) {
$redacted[$key] = '[REDACTED]';
continue;
}
if (is_array($value)) {
$redacted[$key] = $this->redactSensitiveFields($value);
} else {
$redacted[$key] = $value;
}
}
return $redacted;
}
}

15
app/Models/Node.php
View File

@@ -18,6 +18,7 @@ use Illuminate\Database\Eloquent\Relations\MorphToMany;
use Illuminate\Notifications\Notifiable;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Str;
use Illuminate\Validation\Rule;
use Symfony\Component\Yaml\Yaml;
/**
@@ -72,6 +73,8 @@ class Node extends Model implements Validatable
public const DAEMON_TOKEN_LENGTH = 64;
public const BANNED_FQDNS = ['0.0.0.0', '127.0.0.1', 'localhost'];
/**
* The attributes excluded from the model's JSON form.
*/
@@ -95,7 +98,7 @@ class Node extends Model implements Validatable
'name' => ['required', 'string', 'min:1', 'max:100'],
'description' => ['string', 'nullable'],
'public' => ['boolean'],
'fqdn' => ['required', 'string', 'notIn:0.0.0.0,127.0.0.1,localhost'],
'fqdn' => ['required', 'string'],
'scheme' => ['required', 'string', 'in:http,https'],
'behind_proxy' => ['boolean'],
'memory' => ['required', 'numeric', 'min:0'],
@@ -114,6 +117,14 @@ class Node extends Model implements Validatable
'tags' => ['array'],
];
public static function getRules(): array
{
$rules = static::$validationRules;
$rules['fqdn'][] = Rule::notIn(static::BANNED_FQDNS);
return $rules;
}
/**
* Default values for specific columns that are generally not changed on base installs.
*/
@@ -358,7 +369,7 @@ class Node extends Model implements Validatable
'disk_used' => 0,
];
return cache()->flexible("nodes.$this->id.statistics", [5, 30], function () use ($default) {
return cache()->remember("nodes.$this->id.statistics", now()->addSeconds(360), function () use ($default) {
try {
$data = Http::daemon($this)

5
app/Providers/EventServiceProvider.php
View File

@@ -2,10 +2,7 @@
namespace App\Providers;
use App\Listeners\AdminActivityListener;
use App\Listeners\DispatchWebhooks;
use Filament\Resources\Events\RecordCreated;
use Filament\Resources\Events\RecordUpdated;
use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
class EventServiceProvider extends ServiceProvider
@@ -18,7 +15,5 @@ class EventServiceProvider extends ServiceProvider
'eloquent.created*' => [DispatchWebhooks::class],
'eloquent.deleted*' => [DispatchWebhooks::class],
'eloquent.updated*' => [DispatchWebhooks::class],
RecordCreated::class => [AdminActivityListener::class],
RecordUpdated::class => [AdminActivityListener::class],
];
}

16
app/Providers/Filament/FilamentServiceProvider.php
View File

@@ -4,14 +4,12 @@ namespace App\Providers\Filament;
use App\Enums\CustomizationKey;
use App\Enums\TablerIcon;
use App\Facades\Activity;
use Filament\Actions\Action;
use Filament\Actions\CreateAction;
use Filament\Actions\DeleteAction;
use Filament\Actions\EditAction;
use Filament\Actions\View\ActionsIconAlias;
use Filament\Actions\ViewAction;
use Filament\Facades\Filament;
use Filament\Forms\Components\Field;
use Filament\Forms\Components\KeyValue;
use Filament\Forms\Components\Repeater;
@@ -31,10 +29,8 @@ use Filament\Support\View\SupportIconAlias;
use Filament\Tables\View\TablesIconAlias;
use Filament\View\PanelsIconAlias;
use Filament\View\PanelsRenderHook;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Facades\Blade;
use Illuminate\Support\ServiceProvider;
use Illuminate\Support\Str;
use Livewire\Component;
use Livewire\Livewire;
@@ -136,18 +132,6 @@ class FilamentServiceProvider extends ServiceProvider
$action->iconButton();
$action->iconSize(IconSize::ExtraLarge);
}
$action->before(function (Model $record) {
if (Filament::getCurrentPanel()?->getId() !== 'admin') {
return;
}
$slug = Str::kebab(class_basename($record));
Activity::event("admin:$slug.delete")
->subject($record)
->log();
});
});
CreateAction::configureUsing(function (CreateAction $action) {

47
lang/en/activity.php
View File

@@ -122,51 +122,4 @@ return [
],
'crashed' => 'Server crashed',
],
'admin' => [
'user' => [
'create' => 'Created user <b>:username</b>',
'update' => 'Updated user <b>:username</b>',
'delete' => 'Deleted user <b>:username</b>',
],
'server' => [
'create' => 'Created server <b>:name</b>',
'update' => 'Updated server <b>:name</b>',
'delete' => 'Deleted server <b>:name</b>',
],
'node' => [
'create' => 'Created node <b>:name</b>',
'update' => 'Updated node <b>:name</b>',
'delete' => 'Deleted node <b>:name</b>',
],
'egg' => [
'create' => 'Created egg <b>:name</b>',
'update' => 'Updated egg <b>:name</b>',
'delete' => 'Deleted egg <b>:name</b>',
],
'role' => [
'create' => 'Created role <b>:name</b>',
'update' => 'Updated role <b>:name</b>',
'delete' => 'Deleted role <b>:name</b>',
],
'database-host' => [
'create' => 'Created database host <b>:name</b>',
'update' => 'Updated database host <b>:name</b>',
'delete' => 'Deleted database host <b>:name</b>',
],
'mount' => [
'create' => 'Created mount <b>:name</b>',
'update' => 'Updated mount <b>:name</b>',
'delete' => 'Deleted mount <b>:name</b>',
],
'webhook-configuration' => [
'create' => 'Created webhook <b>:description</b>',
'update' => 'Updated webhook <b>:description</b>',
'delete' => 'Deleted webhook <b>:description</b>',
],
'api-key' => [
'create' => 'Created API key',
'update' => 'Updated API key',
'delete' => 'Deleted API key',
],
],
];

4
public/.htaccess
View File

@@ -5,10 +5,6 @@
RewriteEngine On
# Handle X-Forwarded-Proto Header
RewriteCond %{HTTP:X-Forwarded-Proto} =https [NC]
RewriteRule .* - [E=HTTPS:on]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

158
tests/Filament/Admin/AdminActivityListenerTest.php
View File

@@ -1,158 +0,0 @@
<?php
use App\Events\ActivityLogged;
use App\Filament\Admin\Resources\Eggs\Pages\CreateEgg;
use App\Filament\Admin\Resources\Eggs\Pages\EditEgg;
use App\Filament\Admin\Resources\Nodes\Pages\CreateNode;
use App\Filament\Admin\Resources\Nodes\Pages\EditNode;
use App\Listeners\AdminActivityListener;
use App\Models\Egg;
use App\Models\Node;
use App\Models\Role;
use Filament\Facades\Filament;
use Filament\Resources\Events\RecordCreated;
use Filament\Resources\Events\RecordUpdated;
use Illuminate\Support\Facades\Event;
function pageInstance(string $class): object
{
return (new ReflectionClass($class))->newInstanceWithoutConstructor();
}
function createEvent(object $record, array $data, object $page): RecordCreated
{
return new RecordCreated($record, $data, $page);
}
function updateEvent(object $record, array $data, object $page): RecordUpdated
{
return new RecordUpdated($record, $data, $page);
}
beforeEach(function () {
[$this->admin] = generateTestAccount([]);
$this->admin = $this->admin->syncRoles(Role::getRootAdmin());
$this->actingAs($this->admin);
Filament::setCurrentPanel('admin');
});
it('logs create activity for an egg', function () {
$egg = Egg::first();
$listener = new AdminActivityListener();
$listener->handle(createEvent($egg, ['name' => 'Test Egg'], pageInstance(CreateEgg::class)));
$this->assertActivityLogged('admin:egg.create');
});
it('logs update activity for an egg', function () {
$egg = Egg::first();
$listener = new AdminActivityListener();
$listener->handle(updateEvent($egg, ['name' => 'Updated Egg'], pageInstance(EditEgg::class)));
$this->assertActivityLogged('admin:egg.update');
});
it('logs create activity for a node', function () {
$node = Node::first();
$listener = new AdminActivityListener();
$listener->handle(createEvent($node, ['name' => 'Test Node'], pageInstance(CreateNode::class)));
$this->assertActivityLogged('admin:node.create');
});
it('logs update activity for a node', function () {
$node = Node::first();
$listener = new AdminActivityListener();
$listener->handle(updateEvent($node, ['name' => 'Updated Node'], pageInstance(EditNode::class)));
$this->assertActivityLogged('admin:node.update');
});
it('does not log activity for non-admin panels', function () {
Filament::setCurrentPanel('app');
$egg = Egg::first();
$listener = new AdminActivityListener();
$listener->handle(createEvent($egg, ['name' => 'Test'], pageInstance(CreateEgg::class)));
Event::assertNotDispatched(ActivityLogged::class);
});
it('sets the record as the activity subject', function () {
$egg = Egg::first();
$listener = new AdminActivityListener();
$listener->handle(createEvent($egg, ['name' => 'Test'], pageInstance(CreateEgg::class)));
$this->assertActivityFor('admin:egg.create', $this->admin, $egg);
});
it('redacts sensitive fields from activity properties', function () {
$egg = Egg::first();
$data = [
'name' => 'Visible',
'password' => 'should-be-redacted',
'password_confirmation' => 'should-be-redacted',
'token' => 'should-be-redacted',
'secret' => 'should-be-redacted',
'api_key' => 'should-be-redacted',
];
$listener = new AdminActivityListener();
$listener->handle(updateEvent($egg, $data, pageInstance(EditEgg::class)));
Event::assertDispatched(ActivityLogged::class, function (ActivityLogged $event) {
$properties = $event->model->properties;
expect($properties)->toHaveKey('name', 'Visible')
->toHaveKey('password', '[REDACTED]')
->toHaveKey('password_confirmation', '[REDACTED]')
->toHaveKey('token', '[REDACTED]')
->toHaveKey('secret', '[REDACTED]')
->toHaveKey('api_key', '[REDACTED]');
return true;
});
});
it('redacts sensitive fields in nested arrays', function () {
$egg = Egg::first();
$data = [
'name' => 'Visible',
'nested' => [
'safe' => 'value',
'password' => 'should-be-redacted',
'token' => 'should-be-redacted',
],
];
$listener = new AdminActivityListener();
$listener->handle(updateEvent($egg, $data, pageInstance(EditEgg::class)));
Event::assertDispatched(ActivityLogged::class, function (ActivityLogged $event) {
$properties = $event->model->properties;
expect($properties['nested'])->toHaveKey('safe', 'value')
->toHaveKey('password', '[REDACTED]')
->toHaveKey('token', '[REDACTED]');
return true;
});
});
it('generates kebab-case event names from model class names', function () {
$node = Node::first();
$listener = new AdminActivityListener();
$listener->handle(createEvent($node, ['name' => 'Test'], pageInstance(CreateNode::class)));
$this->assertActivityLogged('admin:node.create');
});