fix: add null checks and validation to OAuth bulk update method

- Add null check before updating OAuth settings to prevent calling methods on null - Apply couldBeEnabled() validation for all settings in bulk update (not just instant save) - Disable OAuth providers that fail validation and collect error messages - Surface all validation errors to the user instead of silently failing - Update oauth_settings_map with fresh data after saving each setting This ensures bulk updates follow the same validation logic as instant-save paths and prevents bypassing model validation by directly calling update. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-28 05:34:50 +00:00 · 2025-10-27 17:04:33 +01:00 · 2025-10-27 17:04:33 +01:00 · b1a68df65c
commit b1a68df65c
parent 8a3dc19d19
1 changed files with 33 additions and 2 deletions
--- a/app/Livewire/SettingsOauth.php
+++ b/app/Livewire/SettingsOauth.php
@ -50,7 +50,7 @@ class SettingsOauth extends Component
            $oauthData = $this->oauth_settings_map[$provider];
            $oauth = OauthSetting::find($oauthData['id']);

-            if (!$oauth) {
+            if (! $oauth) {
                throw new \Exception('OAuth setting for '.$provider.' not found. It may have been deleted.');
            }

@ -83,9 +83,17 @@ class SettingsOauth extends Component

            $this->dispatch('success', 'OAuth settings for '.$oauth->provider.' updated successfully!');
        } else {
+            $errors = [];
            foreach (array_values($this->oauth_settings_map) as $settingData) {
                $oauth = OauthSetting::find($settingData['id']);
-                $oauth->update([
+
+                if (! $oauth) {
+                    $errors[] = "OAuth setting for provider '{$settingData['provider']}' not found. It may have been deleted.";
+
+                    continue;
+                }
+
+                $oauth->fill([
                    'enabled' => $settingData['enabled'],
                    'client_id' => $settingData['client_id'],
                    'client_secret' => $settingData['client_secret'],
@ -93,6 +101,29 @@ class SettingsOauth extends Component
                    'tenant' => $settingData['tenant'],
                    'base_url' => $settingData['base_url'],
                ]);
+
+                if ($settingData['enabled'] && ! $oauth->couldBeEnabled()) {
+                    $oauth->enabled = false;
+                    $errors[] = "OAuth settings are incomplete for '{$oauth->provider}'. Required fields are missing. The provider has been disabled.";
+                }
+
+                $oauth->save();
+
+                // Update the array with fresh data
+                $this->oauth_settings_map[$oauth->provider] = [
+                    'id' => $oauth->id,
+                    'provider' => $oauth->provider,
+                    'enabled' => $oauth->enabled,
+                    'client_id' => $oauth->client_id,
+                    'client_secret' => $oauth->client_secret,
+                    'redirect_uri' => $oauth->redirect_uri,
+                    'tenant' => $oauth->tenant,
+                    'base_url' => $oauth->base_url,
+                ];
+            }
+
+            if (! empty($errors)) {
+                $this->dispatch('error', implode('<br/>', $errors));
            }
        }
    }