fix(web): restrict read-only service account controls #415
No reviewers
Labels
No labels
E2E Failure
area:agent
area:audit-log
area:auth
area:authz
area:ci
area:crypto
area:db
area:docker
area:headers
area:ingest
area:ldap
area:rate-limit
area:ssrf
area:supply-chain
area:terminal
autorelease: pending
autorelease: tagged
bug
claude-working
documentation
duplicate
enhancement
good first issue
help wanted
invalid
priority: critical
priority: high
priority: low
priority: medium
question
security
sev:critical
sev:high
sev:info
sev:low
sev:medium
tests-required
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
carrtech/ct-ops!415
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "fix/readonly-admin-guard"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary\n- Require write-capable instance access for domain service-account create/update/delete actions.\n- Require write-capable instance access for certificate tracking and deletion actions.\n- Hide Administration navigation from non-admin roles and hide service-account/certificate mutation controls for read-only users.\n- Add regression tests for mutation guards and read-only UI gating.\n\n## Validation\n- pnpm --filter web exec node --experimental-strip-types --test lib/actions/mutation-authz.test.mjs lib/auth/read-only-ui.test.mjs\n- pnpm --filter web type-check\n- pnpm --filter web lint (passes with existing warnings)\n- DATABASE_URL=postgresql://dummy:dummy@localhost:5432/dummy BETTER_AUTH_SECRET=dummy-secret-for-ci-build-only-at-least-32 BETTER_AUTH_URL=http://localhost:3000 NEXT_PUBLIC_APP_URL=http://localhost:3000 pnpm --filter web run build\n\n## Notes\n- Full unit suite has an unrelated stale source assertion in dashboard standalone tests; filed #414.