mirror of
https://github.com/InvoiceShelf/InvoiceShelf.git
synced 2026-07-18 06:45:20 +00:00
feat(updater): disable the in-app updater in containerized installs
The Docker image already injects CONTAINERIZED=true; consume it via config('invoiceshelf.containerized'), expose it on /app/version, block the update endpoints + console command, and show a 'docker compose pull' panel instead of the updater. Adds missing i18n keys.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
46
tests/Feature/Admin/UpdateContainerizedTest.php
Normal file
46
tests/Feature/Admin/UpdateContainerizedTest.php
Normal file
@@ -0,0 +1,46 @@
|
||||
<?php
|
||||
|
||||
use App\Models\User;
|
||||
use Laravel\Sanctum\Sanctum;
|
||||
|
||||
use function Pest\Laravel\getJson;
|
||||
use function Pest\Laravel\postJson;
|
||||
|
||||
beforeEach(function () {
|
||||
Artisan::call('db:seed', ['--class' => 'DatabaseSeeder', '--force' => true]);
|
||||
Artisan::call('db:seed', ['--class' => 'DemoSeeder', '--force' => true]);
|
||||
|
||||
$user = User::where('role', 'super admin')->first();
|
||||
|
||||
$this->withHeaders([
|
||||
'company' => $user->companies()->first()->id,
|
||||
]);
|
||||
|
||||
Sanctum::actingAs($user, ['*']);
|
||||
});
|
||||
|
||||
it('exposes the containerized flag from the app version endpoint', function () {
|
||||
config(['invoiceshelf.containerized' => true]);
|
||||
|
||||
getJson('/api/v1/app/version')
|
||||
->assertOk()
|
||||
->assertJson(['containerized' => true]);
|
||||
|
||||
config(['invoiceshelf.containerized' => false]);
|
||||
|
||||
getJson('/api/v1/app/version')
|
||||
->assertOk()
|
||||
->assertJson(['containerized' => false]);
|
||||
});
|
||||
|
||||
it('blocks the in-app updater endpoints when containerized', function () {
|
||||
config(['invoiceshelf.containerized' => true]);
|
||||
|
||||
getJson('/api/v1/check/update')->assertForbidden();
|
||||
postJson('/api/v1/update/download', ['version' => '2.4.0'])->assertForbidden();
|
||||
postJson('/api/v1/update/unzip', ['path' => '/tmp/x.zip'])->assertForbidden();
|
||||
postJson('/api/v1/update/copy', ['path' => '/tmp/x'])->assertForbidden();
|
||||
postJson('/api/v1/update/clean')->assertForbidden();
|
||||
postJson('/api/v1/update/migrate')->assertForbidden();
|
||||
postJson('/api/v1/update/finish', ['installed' => '2.4.0', 'version' => '2.4.1'])->assertForbidden();
|
||||
});
|
||||
Reference in New Issue
Block a user