fix(security): harden licserver config access controls
All checks were successful
Staging Build / build (push) Successful in 2m50s

- Add auth guard to getLicServerConfig() - unauthenticated callers
  now receive null config instead of DB values
- Remove non-existent 'superadmin' role from saveLicServerConfig()
  check (only 'admin' exists per project schema)
- New migration: restrict settings table WRITE to admins only
  (previously any authenticated user could overwrite licserver_api_key)
This commit is contained in:
DanielS
2026-07-14 17:35:12 +02:00
parent fa93e060c2
commit 7119383139
2 changed files with 35 additions and 3 deletions

View File

@@ -0,0 +1,26 @@
-- Migration: Restrict settings table write access to admins only
-- Previously any authenticated user could write to settings (including licserver_api_key).
-- This fixes the RLS policy to only allow admins to write.
DROP POLICY IF EXISTS "Allow authenticated write on settings" ON public.settings;
-- Admins can write all settings
CREATE POLICY "Only admins can write settings" ON public.settings
FOR ALL
USING (
EXISTS (
SELECT 1 FROM public.users
WHERE id = auth.uid() AND role = 'admin'
)
)
WITH CHECK (
EXISTS (
SELECT 1 FROM public.users
WHERE id = auth.uid() AND role = 'admin'
)
);
-- All authenticated users can still READ settings (needed for proxy routes to load licserver config)
-- The READ policy remains: "Allow authenticated read on settings"
NOTIFY pgrst, 'reload schema';