feat: add configurable Horizon dashboard admin access#9353
Closed
SelimSalihovic wants to merge 1 commit intocoollabsio:nextfrom
Closed
feat: add configurable Horizon dashboard admin access#9353SelimSalihovic wants to merge 1 commit intocoollabsio:nextfrom
SelimSalihovic wants to merge 1 commit intocoollabsio:nextfrom
Conversation
Add support for HORIZON_ALLOWED_EMAILS environment variable to grant additional users access to the Horizon dashboard (/horizon). Changes: - Modified HorizonServiceProvider gate to check HORIZON_ALLOWED_EMAILS - Accepts comma-separated list of email addresses - Root user (User ID 0) always retains access - Added documentation to .env.development.example - Backward compatible (works without the env var) This allows team members to access Horizon monitoring without needing to be the root user, useful in multi-admin environments. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Contributor
|
This PR did not pass quality checks so it will be closed. If you believe this is a mistake please let us know. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Related Issue
Fixes #9351
Description
Adds support for
HORIZON_ALLOWED_EMAILSenvironment variable to grant additional users access to the Horizon dashboard (/horizon). Currently, only the root user (User ID 0) can access Horizon, which limits monitoring capabilities in multi-admin team environments.Changes Made
HorizonServiceProvider::gate()to checkHORIZON_ALLOWED_EMAILSenvironment variable.env.development.examplewith usage examplesWhy This Is Needed
In production environments with multiple team administrators, restricting Horizon access to only the root user creates operational bottlenecks. DevOps team members need visibility into queue health, job failures, and worker performance without requiring root user credentials.
How to Test
Start development environment:
Add additional admin emails to
.env:Restart Horizon:
docker exec coolify php artisan horizon:terminateTest access scenarios:
/horizon→ Should work ✅HORIZON_ALLOWED_EMAILS→ Access/horizon→ Should work ✅/horizon→ Should get 403 Forbidden ✅Breaking Changes
None. This change is fully backward compatible. Without the
HORIZON_ALLOWED_EMAILSenvironment variable, behavior remains unchanged (only root user has access).Contributor Agreement