Rename Template Catalog to Applications with management#81
Conversation
Rename Template Catalog to Applications and add full application management functionality: - Add installed_applications database schema and Go models - Add API handlers for application CRUD operations - Add group access control for applications - Create Applications page with install/edit/delete dialogs - Add API client methods and React Query hooks - Support custom display names and configuration Applications can be installed from catalog templates, configured with custom settings, and granted to specific groups with different access levels (view, launch, admin).
JoshuaAFerguson
deleted the
claude/applications-page-management-01U1wwaszif3FSgaM4pVe9XS
branch
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| query := fmt.Sprintf("UPDATE installed_applications SET %s WHERE id = $%d", | ||
| joinStrings(updates, ", "), argIdx) |
Check warning
Code scanning / Semgrep OSS
Semgrep Finding: go.lang.security.audit.database.string-formatted-query.string-formatted-query Warning
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| // Installed applications management - using dedicated handler (admin only for management) | ||
| applicationHandler.RegisterRoutes(protected) |
There was a problem hiding this comment.
Application CRUD and group-access endpoints are registered under the authenticated protected router without applying adminMiddleware, despite the comment that management is admin-only. As a result, any logged-in user can call /api/v1/applications to install, update, or delete applications and modify group access, which is a privilege escalation. These routes should be wrapped with admin middleware (similar to /config or other admin-only groups) so only administrators can manage installed applications.
Useful? React with 👍 / 👎.
| import { | ||
| Add as AddIcon, | ||
| Edit as EditIcon, | ||
| Delete as DeleteIcon, | ||
| Settings as SettingsIcon, | ||
| Group as GroupIcon, | ||
| Refresh as RefreshIcon, | ||
| Search as SearchIcon, | ||
| } from '@mui/icons-material'; |
Check notice
Code scanning / CodeQL
Unused variable, import, function or class Note
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, remove the unused imports Search as SearchIcon and Settings as SettingsIcon from the @mui/icons-material import statement. Only these two named imports should be removed; all other imported icons should remain untouched. This change is localized to the import { ... } from '@mui/icons-material'; statement in ui/src/pages/Applications.tsx on lines 33-41, and does not require any other modifications, as no other part of the code depends on these icons.
| @@ -34,10 +34,8 @@ | ||
| Add as AddIcon, | ||
| Edit as EditIcon, | ||
| Delete as DeleteIcon, | ||
| Settings as SettingsIcon, | ||
| Group as GroupIcon, | ||
| Refresh as RefreshIcon, | ||
| Search as SearchIcon, | ||
| } from '@mui/icons-material'; | ||
| import AdminPortalLayout from '../components/AdminPortalLayout'; | ||
| import { |
3 participants
Rename Template Catalog to Applications and add full application management functionality:
Applications can be installed from catalog templates, configured with custom settings, and granted to specific groups with different access levels (view, launch, admin).