To Reproduce
- Log in as an admin.
- Create or maintain a global SSH key intended for shared Git access.
- Invite a regular user and let them register successfully.
- Ensure the regular user does not have Access to SSH Keys section permission.
- Log in as that regular user.
- Try to configure or deploy an application from a Git repository using the admin-managed SSH key.
- Observe that the SSH key cannot be used.
- Then grant the user Access to SSH Keys section permission.
- Log in again as the regular user.
- Observe that the Git pull now works, but the user can also access/manage the global SSH keys.
Current vs. Expected behavior
Current behavior:
- Regular users cannot use admin-managed global SSH keys unless they are granted Access to SSH Keys section permission.
- Granting that permission also exposes global SSH key management capabilities to those users.
Expected behavior:
- Regular users should be able to use admin-managed/shared SSH keys for Git operations without being able to access or manage the global SSH keys themselves.
- Permissions for using a shared key and managing the SSH keys section should be separated.
Provide environment information
Operating System:
OS: Ubuntu 24.04
Arch: amd64
Dokploy version: 0.28.8
VPS Provider: Local VM
What applications/services are you trying to deploy?
Staic Web
Which area(s) are affected? (Select all that apply)
Application
Are you deploying the applications where Dokploy is installed or on a remote server?
Both
Additional context
This worked as expected in v0.28.6.
The issue appears to have been introduced in v0.28.7+, where the permission check now blocks usage of admin-managed SSH keys unless the user is also allowed to access the SSH Keys section itself.
From a security perspective, granting ordinary users access to manage global/shared SSH keys is too risky, but denying that permission also breaks normal Git-based deployment workflows.
Will you send a PR to fix it?
No
To Reproduce
Current vs. Expected behavior
Current behavior:
Expected behavior:
Provide environment information
Operating System: OS: Ubuntu 24.04 Arch: amd64 Dokploy version: 0.28.8 VPS Provider: Local VM What applications/services are you trying to deploy? Staic WebWhich area(s) are affected? (Select all that apply)
Application
Are you deploying the applications where Dokploy is installed or on a remote server?
Both
Additional context
This worked as expected in v0.28.6.
The issue appears to have been introduced in v0.28.7+, where the permission check now blocks usage of admin-managed SSH keys unless the user is also allowed to access the SSH Keys section itself.
From a security perspective, granting ordinary users access to manage global/shared SSH keys is too risky, but denying that permission also breaks normal Git-based deployment workflows.
Will you send a PR to fix it?
No