feat: add application configuration for Adminer integration and implement access control

Author: David Courtey

app/Http/Controllers/Web/AdminerController.php

@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers\Web;
 
+use App\Facades\AppConfig;
 use App\Http\Controllers\Controller;
 use App\Services\AdminerService;
 use Illuminate\Http\Request;
@@ -10,6 +11,8 @@ class AdminerController extends Controller
 {
     public function __invoke(Request $request, AdminerService $adminer): void
     {
+        abort_unless((bool) AppConfig::get('app.adminer_enabled'), 404);
+
         $credentials = session('adminer_credentials');
 
         // Auto-login: simulate form submission only on the initial load

app/Livewire/Configuration/Index.php

@@ -140,6 +140,15 @@ public function getSsoConfig(): array
         ];
     }
 
+    public function saveApplicationConfig(): void
+    {
+        abort_unless(auth()->user()->isAdmin(), Response::HTTP_FORBIDDEN);
+
+        $this->form->saveApplication();
+
+        $this->success(__('Application configuration saved.'));
+    }
+
     public function saveBackupConfig(): void
     {
         abort_unless(auth()->user()->isAdmin(), Response::HTTP_FORBIDDEN);

app/Livewire/DatabaseServer/Index.php

@@ -3,6 +3,7 @@
 namespace App\Livewire\DatabaseServer;
 
 use App\Enums\DatabaseType;
+use App\Facades\AppConfig;
 use App\Models\Backup;
 use App\Models\DatabaseServer;
 use App\Models\NotificationChannel;
@@ -133,6 +134,10 @@ public function confirmRestore(string $id): void
 
     public function openAdminer(string $id): void
     {
+        if (! AppConfig::get('app.adminer_enabled')) {
+            return;
+        }
+
         $server = DatabaseServer::findOrFail($id);
 
         $this->authorize('view', $server);

app/Livewire/Forms/ConfigurationForm.php

@@ -8,6 +8,9 @@
 
 class ConfigurationForm extends Form
 {
+    // Application settings
+    public bool $adminer_enabled = true;
+
     // Backup settings
     public string $working_directory = '';
 
@@ -34,6 +37,7 @@ class ConfigurationForm extends Form
 
     public function loadFromConfig(): void
     {
+        $this->adminer_enabled = (bool) AppConfig::get('app.adminer_enabled');
         $this->working_directory = (string) AppConfig::get('backup.working_directory');
         $this->compression = (string) AppConfig::get('backup.compression');
         $this->compression_level = (int) AppConfig::get('backup.compression_level');
@@ -45,6 +49,29 @@ public function loadFromConfig(): void
         $this->verify_files_cron = (string) AppConfig::get('backup.verify_files_cron');
     }
 
+    /**
+     * @return array<string, mixed>
+     */
+    private function applicationRules(): array
+    {
+        return [
+            'adminer_enabled' => ['boolean'],
+        ];
+    }
+
+    public function saveApplication(): void
+    {
+        $this->validate($this->applicationRules());
+
+        $appKeyMap = [
+            'adminer_enabled' => 'app.adminer_enabled',
+        ];
+
+        foreach ($appKeyMap as $property => $configKey) {
+            AppConfig::set($configKey, $this->{$property});
+        }
+    }
+
     /**
      * @return array<string, mixed>
      */

app/Services/AppConfigService.php

@@ -14,6 +14,7 @@ class AppConfigService
      * @var array<string, array{type: string, is_sensitive: bool, default: mixed}>
      */
     private const array CONFIG = [
+        'app.adminer_enabled' => ['type' => 'boolean', 'is_sensitive' => false, 'default' => true],
         'backup.working_directory' => ['type' => 'string', 'is_sensitive' => false, 'default' => '/tmp/backups'],
         'backup.compression' => ['type' => 'string', 'is_sensitive' => false, 'default' => 'gzip'],
         'backup.compression_level' => ['type' => 'integer', 'is_sensitive' => false, 'default' => 6],

resources/views/livewire/configuration/index.blade.php

@@ -28,7 +28,7 @@ class="btn-ghost btn-sm"
 
     <div class="grid gap-6">
         <!-- Application Configuration (read-only) -->
-        <x-card title="{{ __('Application') }}" subtitle="{{ __('General application settings (read-only).') }}" shadow class="min-w-0">
+        <x-card :title="__('Application')" :subtitle="__('General application settings.')" shadow class="min-w-0">
             <x-slot:menu>
                 <x-button
                     label="{{ __('Documentation') }}"
@@ -39,6 +39,25 @@ class="btn-ghost btn-sm"
                 />
             </x-slot:menu>
             @include('livewire.configuration._config-table', ['rows' => $appConfig])
+
+            <form wire:submit="saveApplicationConfig" class="mt-4 border-t border-base-200/60 pt-4">
+                <div class="divide-y divide-base-200/80">
+                    <x-config-row :label="__('Database Browser')" :description="__('Enable the built-in Adminer database browser for viewing and managing database contents.')">
+                        <x-toggle wire:model="form.adminer_enabled" :disabled="!$this->isAdmin" />
+                    </x-config-row>
+                </div>
+
+                @if ($this->isAdmin)
+                <div class="flex items-center justify-end border-t border-base-200/60 pt-6">
+                    <x-button
+                        type="submit"
+                        class="btn-primary"
+                        :label="__('Save Application Settings')"
+                        spinner="saveApplicationConfig"
+                    />
+                </div>
+                @endif
+            </form>
         </x-card>
 
         <!-- Backup Schedules -->

resources/views/livewire/database-server/index.blade.php

@@ -121,12 +121,14 @@ class="flex items-center gap-1 hover:text-success transition-colors tooltip @if
 
             @scope('cell_actions', $server)
             <div>
-                @can('view', $server)
-                    @if(! in_array($server->database_type, [\App\Enums\DatabaseType::REDIS, \App\Enums\DatabaseType::MONGODB]))
-                        <x-button icon="o-table-cells" wire:click="openAdminer('{{ $server->id }}')" spinner
-                                  tooltip="{{ __('Browse') }}" class="btn-ghost btn-sm text-accent" />
-                    @endif
-                @endcan
+                @if(\App\Facades\AppConfig::get('app.adminer_enabled'))
+                    @can('view', $server)
+                        @if(! in_array($server->database_type, [\App\Enums\DatabaseType::REDIS, \App\Enums\DatabaseType::MONGODB]))
+                            <x-button icon="o-table-cells" wire:click="openAdminer('{{ $server->id }}')" spinner
+                                      tooltip="{{ __('Browse') }}" class="btn-ghost btn-sm text-accent" />
+                        @endif
+                    @endcan
+                @endif
                 @can('backup', $server)
                     <x-button icon="o-arrow-down-tray" wire:click="runBackupAll('{{ $server->id }}')" spinner
                               tooltip="{{ __('Backup now') }}" class="btn-ghost btn-sm text-info" />
@@ -158,7 +160,9 @@ class="flex items-center gap-1 hover:text-success transition-colors tooltip @if
     <livewire:database-server.restore-modal />
 
     <!-- ADMINER MODAL -->
-    <livewire:database-server.adminer-modal />
+    @if(\App\Facades\AppConfig::get('app.adminer_enabled'))
+        <livewire:database-server.adminer-modal />
+    @endif
 
     <!-- REDIS RESTORE INFO MODAL -->
     <x-modal wire:model="showRedisRestoreModal" :title="__('Restore Redis / Valkey Snapshot')" class="backdrop-blur">

tests/Feature/ConfigurationTest.php

@@ -29,6 +29,7 @@
         ->test(Index::class)
         ->assertSee('Configuration')
         ->assertSee('Save Backup Settings')
+        ->assertSet('form.adminer_enabled', true)
         ->assertSet('form.compression', 'gzip')
         ->assertSet('form.compression_level', 6)
         ->assertSet('form.verify_files', true);
@@ -57,6 +58,23 @@
         ->assertForbidden();
 });
 
+test('saving application config persists adminer enabled', function () {
+    Livewire::actingAs(User::factory()->create(['role' => 'admin']))
+        ->test(Index::class)
+        ->set('form.adminer_enabled', false)
+        ->call('saveApplicationConfig')
+        ->assertHasNoErrors();
+
+    expect(AppConfig::get('app.adminer_enabled'))->toBe(false);
+});
+
+test('non-admin cannot save application config', function () {
+    Livewire::actingAs(User::factory()->create(['role' => 'member']))
+        ->test(Index::class)
+        ->call('saveApplicationConfig')
+        ->assertForbidden();
+});
+
 test('saving backup config persists values', function () {
     Livewire::actingAs(User::factory()->create(['role' => 'admin']))
         ->test(Index::class)

tests/Feature/Livewire/DatabaseServer/IndexTest.php

@@ -1,5 +1,6 @@
 <?php
 
+use App\Facades\AppConfig;
 use App\Jobs\ProcessBackupJob;
 use App\Livewire\DatabaseServer\Index;
 use App\Models\Backup;
@@ -51,6 +52,18 @@
 
 // --- openAdminer ---
 
+test('openAdminer does nothing when adminer is disabled', function () {
+    AppConfig::set('app.adminer_enabled', false);
+
+    $user = User::factory()->create(['role' => User::ROLE_ADMIN]);
+    $server = DatabaseServer::factory()->withoutBackups()->create(['database_type' => 'mysql']);
+
+    Livewire::actingAs($user)
+        ->test(Index::class)
+        ->call('openAdminer', $server->id)
+        ->assertNotDispatched('open-adminer-modal');
+});
+
 test('openAdminer rejects unsupported database types', function (string $factoryState) {
     $user = User::factory()->create(['role' => User::ROLE_ADMIN]);
     $server = DatabaseServer::factory()->{$factoryState}()->withoutBackups()->create();