feat: validate required SSH permissions before creating server

- New server_permissions table (migration 007) stores required SSH permissions per server
- PermissionValidator service connects via SSH and validates each permission before save
- ServerPermission model for CRUD on server_permissions table
- Web flow: create/edit forms include dynamic permission rows with quick-add presets
- API flow: serverAdd/serverUpdate accept permissions array, return 400 on failure
- Show view displays required permissions on server detail page
- Form input preserved on validation failure (credentials excluded)
- AGENTS.md updated with new conventions
This commit is contained in:
2026-06-13 10:41:18 -04:00
parent 8f3b5bd7ce
commit 0cfed5bf27
10 changed files with 689 additions and 24 deletions

View File

@@ -0,0 +1,11 @@
CREATE TABLE IF NOT EXISTS `server_permissions` (
`id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
`server_id` INT UNSIGNED NOT NULL,
`permission_type` ENUM('sudo', 'command', 'file_read', 'file_write', 'custom') NOT NULL,
`permission_value` VARCHAR(255) NOT NULL,
`description` VARCHAR(255) DEFAULT NULL,
`created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
KEY `idx_server_id` (`server_id`),
CONSTRAINT `fk_permissions_server` FOREIGN KEY (`server_id`) REFERENCES `servers` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;