Commit Graph

2 Commits

Author SHA1 Message Date
DanielS
7119383139 fix(security): harden licserver config access controls
All checks were successful
Staging Build / build (push) Successful in 2m50s
- Add auth guard to getLicServerConfig() - unauthenticated callers
  now receive null config instead of DB values
- Remove non-existent 'superadmin' role from saveLicServerConfig()
  check (only 'admin' exists per project schema)
- New migration: restrict settings table WRITE to admins only
  (previously any authenticated user could overwrite licserver_api_key)
2026-07-14 17:35:12 +02:00
DanielS
fa93e060c2 feat(admin): LicServer config manageable via admin settings UI
Some checks failed
Staging Build / build (push) Has been cancelled
- Migration: add licserver_base_url/api_key cols to settings table
- New: lib/actions/licserver-config.ts (read/write/test server actions)
- Updated: proxy routes read config from DB with env-var fallback
- Updated: admin/einstellungen adds LicServer card with URL + API key
  input, show/hide toggle, Save and Connection Test buttons
2026-07-14 17:30:37 +02:00