shishantbiswas/bknd
1
0
Fork 0
mirror of https://github.com/shishantbiswas/bknd.git synced 2026-03-15 20:17:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enhance SystemController to improve config modification checks

Browse Source 
Updated the `SystemController` to include additional checks for read-only status and user permissions when modifying configurations.
This commit is contained in:
dswbx
2025-10-24 10:37:52 +02:00
parent cfb4b0e336
commit 88e5c06e9d
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/src/modules/server/SystemController.ts
View File

@@ -17,6 +17,7 @@ import {
mcp as mcpMiddleware, mcp as mcpMiddleware,
isNode, isNode,
type McpServer, type McpServer,
threw,
} from "bknd/utils"; } from "bknd/utils";
import type { Context, Hono } from "hono"; import type { Context, Hono } from "hono";
import { Controller } from "modules/Controller"; import { Controller } from "modules/Controller";
@@ -380,7 +381,11 @@ export class SystemController extends Controller {
async (c) => { async (c) => {
const module = c.req.param("module") as ModuleKey | undefined; const module = c.req.param("module") as ModuleKey | undefined;
const { config, secrets, fresh } = c.req.valid("query"); const { config, secrets, fresh } = c.req.valid("query");
const readonly = this.app.isReadOnly(); const readonly =
// either if app is read only in general
this.app.isReadOnly() ||
// or if user is not allowed to modify the config
threw(() => this.ctx.guard.granted(SystemPermissions.configWrite, c, { module }));
if (config) { if (config) {
this.ctx.guard.granted(SystemPermissions.configRead, c, { this.ctx.guard.granted(SystemPermissions.configRead, c, {