jazzymc/homarr
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: issues found in security audit (#1668)

Browse Source
This commit is contained in:
Meier Lukas
2024-12-15 21:16:42 +01:00
committed by GitHub
parent 032509e462
commit 922101dcbd
15 changed files with 70 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
packages/api/src/router/serverSettings.ts
View File

@@ -3,17 +3,18 @@ import type { ServerSettings } from "@homarr/server-settings";
import { defaultServerSettingsKeys } from "@homarr/server-settings";
import { validation, z } from "@homarr/validation";
import { createTRPCRouter, onboardingProcedure, protectedProcedure, publicProcedure } from "../trpc";
import { createTRPCRouter, onboardingProcedure, permissionRequiredProcedure, publicProcedure } from "../trpc";
import { nextOnboardingStepAsync } from "./onboard/onboard-queries";
export const serverSettingsRouter = createTRPCRouter({
getCulture: publicProcedure.query(async ({ ctx }) => {
return await getServerSettingByKeyAsync(ctx.db, "culture");
}),
getAll: protectedProcedure.query(async ({ ctx }) => {
getAll: permissionRequiredProcedure.requiresPermission("admin").query(async ({ ctx }) => {
return await getServerSettingsAsync(ctx.db);
}),
saveSettings: protectedProcedure
saveSettings: permissionRequiredProcedure
.requiresPermission("admin")
.input(
z.object({
settingsKey: z.enum(defaultServerSettingsKeys),