fix(security): harden licserver config access controls
All checks were successful
Staging Build / build (push) Successful in 2m50s
All checks were successful
Staging Build / build (push) Successful in 2m50s
- Add auth guard to getLicServerConfig() - unauthenticated callers now receive null config instead of DB values - Remove non-existent 'superadmin' role from saveLicServerConfig() check (only 'admin' exists per project schema) - New migration: restrict settings table WRITE to admins only (previously any authenticated user could overwrite licserver_api_key)
This commit is contained in:
@@ -0,0 +1,26 @@
|
||||
-- Migration: Restrict settings table write access to admins only
|
||||
-- Previously any authenticated user could write to settings (including licserver_api_key).
|
||||
-- This fixes the RLS policy to only allow admins to write.
|
||||
|
||||
DROP POLICY IF EXISTS "Allow authenticated write on settings" ON public.settings;
|
||||
|
||||
-- Admins can write all settings
|
||||
CREATE POLICY "Only admins can write settings" ON public.settings
|
||||
FOR ALL
|
||||
USING (
|
||||
EXISTS (
|
||||
SELECT 1 FROM public.users
|
||||
WHERE id = auth.uid() AND role = 'admin'
|
||||
)
|
||||
)
|
||||
WITH CHECK (
|
||||
EXISTS (
|
||||
SELECT 1 FROM public.users
|
||||
WHERE id = auth.uid() AND role = 'admin'
|
||||
)
|
||||
);
|
||||
|
||||
-- All authenticated users can still READ settings (needed for proxy routes to load licserver config)
|
||||
-- The READ policy remains: "Allow authenticated read on settings"
|
||||
|
||||
NOTIFY pgrst, 'reload schema';
|
||||
Reference in New Issue
Block a user