alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: quick deploy duplicate detection, logout UX, backup toggle, CSP, SSE guard, and migration

Browse Source 
- Detect existing projects with same image on quick deploy; show conflict dialog with options
- Move logout button to sidebar header as icon-only
- Replace backup checkbox with ToggleSwitch component
- Allow unsafe-inline in CSP script-src for SvelteKit hydration
- Guard SSE connection behind isAuthenticated() check
- Add notification_url ALTER TABLE migration for existing databases
- Restore RegisterPersistentLogger on event bus
This commit is contained in:
Admin
2026-04-04 14:40:59 +03:00
parent 205a5a36c6
commit 6667abf03c
11 changed files with 259 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/api/deploys.go
+18
View File
@@ -101,6 +101,7 @@ type quickDeployRequest struct {
Tag string `json:"tag"`
Registry string `json:"registry"`
Port int `json:"port"`
Force bool `json:"force"` // skip duplicate check
}
// quickDeploy handles POST /api/deploy/quick.
@@ -124,6 +125,23 @@ func (s *Server) quickDeploy(w http.ResponseWriter, r *http.Request) {
req.Name = parts[len(parts)-1]
}
// Check for existing projects with the same image.
if !req.Force {
existing, err := s.store.GetProjectsByImage(req.Image)
if err != nil {
slog.Error("failed to check existing projects", "error", err)
respondError(w, http.StatusInternalServerError, "internal server error")
return
}
if len(existing) > 0 {
respondJSON(w, http.StatusConflict, map[string]any{
"message": "A project with this image already exists",
"existing_projects": existing,
})
return
}
}
// Create project.
project, err := s.store.CreateProject(store.Project{
Name: req.Name,
internal/api/middleware.go
+1 -1
View File
@@ -45,7 +45,7 @@ func securityHeaders(next http.Handler) http.Handler {
w.Header().Set("X-Content-Type-Options", "nosniff")
w.Header().Set("X-Frame-Options", "DENY")
w.Header().Set("Referrer-Policy", "strict-origin-when-cross-origin")
w.Header().Set("Content-Security-Policy", "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'")
w.Header().Set("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'")
next.ServeHTTP(w, r)
})
}