2015-12-06 18:58:49 +00:00
< ? php
2016-12-07 22:46:38 +00:00
2015-12-06 18:58:49 +00:00
namespace Pterodactyl\Models ;
2019-11-04 01:13:47 +00:00
use Illuminate\Support\Collection ;
2019-09-05 05:00:34 +01:00
class Permission extends Validable
2015-12-06 18:58:49 +00:00
{
2018-01-26 03:26:06 +00:00
/**
* The resource name for this model when it is transformed into an
* API representation using fractal .
*/
const RESOURCE_NAME = 'subuser_permission' ;
2020-03-19 04:08:32 +00:00
/**
* Constants defining different permissions available .
*/
2020-03-22 22:31:25 +00:00
const ACTION_WEBSOCKET = 'websocket.*' ;
const ACTION_CONTROL_CONSOLE = 'control.console' ;
const ACTION_CONTROL_START = 'control.start' ;
const ACTION_CONTROL_STOP = 'control.stop' ;
const ACTION_CONTROL_RESTART = 'control.restart' ;
const ACTION_DATABASE_READ = 'database.read' ;
const ACTION_DATABASE_CREATE = 'database.create' ;
const ACTION_DATABASE_UPDATE = 'database.update' ;
const ACTION_DATABASE_DELETE = 'database.delete' ;
const ACTION_DATABASE_VIEW_PASSWORD = 'database.view_password' ;
2020-03-19 04:08:32 +00:00
const ACTION_SCHEDULE_READ = 'schedule.read' ;
const ACTION_SCHEDULE_CREATE = 'schedule.create' ;
const ACTION_SCHEDULE_UPDATE = 'schedule.update' ;
const ACTION_SCHEDULE_DELETE = 'schedule.delete' ;
2020-03-22 22:31:25 +00:00
const ACTION_USER_READ = 'user.read' ;
const ACTION_USER_CREATE = 'user.create' ;
const ACTION_USER_UPDATE = 'user.update' ;
const ACTION_USER_DELETE = 'user.delete' ;
const ACTION_ALLOCATION_READ = 'allocation.read' ;
const ACTION_ALLOCIATION_UPDATE = 'allocation.update' ;
const ACTION_FILE_READ = 'file.read' ;
const ACTION_FILE_CREATE = 'file.create' ;
const ACTION_FILE_UPDATE = 'file.update' ;
const ACTION_FILE_DELETE = 'file.delete' ;
const ACTION_FILE_ARCHIVE = 'file.archive' ;
const ACTION_FILE_SFTP = 'file.sftp' ;
const ACTION_SETTINGS_RENAME = 'settings.rename' ;
const ACTION_SETTINGS_REINSTALL = 'settings.reinstall' ;
2017-02-10 00:38:54 +00:00
/**
* Should timestamps be used on this model .
*
2017-02-12 20:10:39 +00:00
* @ var bool
2017-02-10 00:38:54 +00:00
*/
public $timestamps = false ;
2015-12-06 18:58:49 +00:00
/**
* The table associated with the model .
*
* @ var string
*/
protected $table = 'permissions' ;
2016-01-19 00:57:10 +00:00
/**
* Fields that are not mass assignable .
*
* @ var array
*/
protected $guarded = [ 'id' , 'created_at' , 'updated_at' ];
2017-02-09 23:44:07 +00:00
/**
* Cast values to correct type .
*
* @ var array
*/
protected $casts = [
'subuser_id' => 'integer' ,
];
2016-01-27 03:17:51 +00:00
2017-09-25 03:12:30 +01:00
/**
* @ var array
*/
2019-09-05 06:19:57 +01:00
public static $validationRules = [
'subuser_id' => 'required|numeric|min:1' ,
'permission' => 'required|string' ,
2017-09-25 03:12:30 +01:00
];
2017-03-30 20:30:59 +01:00
/**
2019-11-04 01:13:47 +00:00
* All of the permissions available on the system . You should use self :: permissions ()
* to retrieve them , and not directly access this array as it is subject to change .
2017-03-30 20:30:59 +01:00
*
* @ var array
2019-11-04 01:13:47 +00:00
* @ see \Pterodactyl\Models\Permission :: permissions ()
2017-03-30 20:30:59 +01:00
*/
protected static $permissions = [
2019-11-04 01:13:47 +00:00
'websocket' => [
2020-03-26 04:58:37 +00:00
'description' => 'Allows the user to connect to the server websocket, giving them access to view console output and realtime server stats.' ,
'keys' => [
'*' => 'Gives user full read access to the websocket.' ,
],
2019-11-04 01:13:47 +00:00
],
'control' => [
2020-03-26 04:58:37 +00:00
'description' => 'Permissions that control a user\'s ability to control the power state of a server, or send commands.' ,
'keys' => [
'console' => 'Allows a user to send commands to the server instance via the console.' ,
'start' => 'Allows a user to start the server if it is stopped.' ,
'stop' => 'Allows a user to stop a server if it is running.' ,
'restart' => 'Allows a user to perform a server restart. This allows them to start the server if it is offline, but not put the server in a completely stopped state.' ,
],
2019-11-04 01:13:47 +00:00
],
'user' => [
2020-03-26 04:58:37 +00:00
'description' => 'Permissions that allow a user to manage other subusers on a server. They will never be able to edit their own account, or assign permissions they do not have themselves.' ,
'keys' => [
'create' => 'Allows a user to create new subusers for the server.' ,
'read' => 'Allows the user to view subusers and their permissions for the server.' ,
'update' => 'Allows a user to modify other subusers.' ,
'delete' => 'Allows a user to delete a subuser from the server.' ,
],
2019-11-04 01:13:47 +00:00
],
'file' => [
2020-03-26 04:58:37 +00:00
'description' => 'Permissions that control a user\'s ability to modify the filesystem for this server.' ,
'keys' => [
'create' => 'Allows a user to create additional files and folders via the Panel or direct upload.' ,
'read' => 'Allows a user to view the contents of a directory and read the contents of a file. Users with this permission can also download files.' ,
'update' => 'Allows a user to update the contents of an existing file or directory.' ,
'delete' => 'Allows a user to delete files or directories.' ,
'archive' => 'Allows a user to archive the contents of a directory as well as decompress existing archives on the system.' ,
'sftp' => 'Allows a user to connect to SFTP and manage server files using the other assigned file permissions.' ,
],
2019-11-04 01:13:47 +00:00
],
// Controls permissions for editing or viewing a server's allocations.
'allocation' => [
2020-03-26 04:58:37 +00:00
'description' => 'Permissions that control a user\'s ability to modify the port allocations for this server.' ,
'keys' => [
'read' => 'Allows a user to view the allocations assigned to this server.' ,
'update' => 'Allows a user to modify the allocations assigned to this server.' ,
],
2019-11-04 01:13:47 +00:00
],
// Controls permissions for editing or viewing a server's startup parameters.
'startup' => [
2020-03-26 04:58:37 +00:00
'description' => 'Permissions that control a user\'s ability to view this server\'s startup parameters.' ,
'keys' => [
'read' => '' ,
'update' => '' ,
],
2019-11-04 01:13:47 +00:00
],
'database' => [
2020-03-26 04:58:37 +00:00
'description' => 'Permissions that control a user\'s access to the database management for this server.' ,
'keys' => [
'create' => 'Allows a user to create a new database for this server.' ,
'read' => 'Allows a user to view the database associated with this server.' ,
'update' => 'Allows a user to rotate the password on a database instance. If the user does not have the view_password permission they will not see the updated password.' ,
'delete' => 'Allows a user to remove a database instance from this server.' ,
'view_password' => 'Allows a user to view the password associated with a database instance for this server.' ,
],
2019-11-04 01:13:47 +00:00
],
'schedule' => [
2020-03-26 04:58:37 +00:00
'description' => 'Permissions that control a user\'s access to the schedule management for this server.' ,
'keys' => [
'create' => '' , // task.create-schedule
'read' => '' , // task.view-schedule, task.list-schedules
'update' => '' , // task.edit-schedule, task.queue-schedule, task.toggle-schedule
'delete' => '' , // task.delete-schedule
],
2019-11-04 01:13:47 +00:00
],
2020-03-22 22:31:25 +00:00
'settings' => [
2020-03-26 04:58:37 +00:00
'description' => 'Permissions that control a user\'s access to the settings for this server.' ,
'keys' => [
'rename' => '' ,
'reinstall' => '' ,
],
2020-03-22 22:31:25 +00:00
],
2019-11-04 01:13:47 +00:00
];
/**
* Returns all of the permissions available on the system for a user to
* have when controlling a server .
*
2019-12-28 20:03:19 +00:00
* @ return \Illuminate\Database\Eloquent\Collection
2019-11-04 01:13:47 +00:00
*/
public static function permissions () : Collection
{
return Collection :: make ( self :: $permissions );
}
/**
* A list of all permissions available for a user .
*
* @ var array
* @ deprecated
*/
protected static $deprecatedPermissions = [
2017-03-30 20:30:59 +01:00
'power' => [
'power-start' => 's:power:start' ,
'power-stop' => 's:power:stop' ,
'power-restart' => 's:power:restart' ,
'power-kill' => 's:power:kill' ,
'send-command' => 's:command' ,
],
'subuser' => [
'list-subusers' => null ,
'view-subuser' => null ,
'edit-subuser' => null ,
'create-subuser' => null ,
'delete-subuser' => null ,
],
'server' => [
2017-10-21 03:32:57 +01:00
'view-allocations' => null ,
'edit-allocation' => null ,
2017-03-30 20:30:59 +01:00
'view-startup' => null ,
2017-08-22 04:10:48 +01:00
'edit-startup' => null ,
2017-03-30 20:30:59 +01:00
],
2018-02-17 22:10:44 +00:00
'database' => [
'view-databases' => null ,
'reset-db-password' => null ,
2018-03-03 01:03:55 +00:00
'delete-database' => null ,
'create-database' => null ,
2017-03-30 20:30:59 +01:00
],
'file' => [
2018-02-17 22:10:44 +00:00
'access-sftp' => null ,
2017-03-30 20:30:59 +01:00
'list-files' => 's:files:get' ,
'edit-files' => 's:files:read' ,
'save-files' => 's:files:post' ,
'move-files' => 's:files:move' ,
'copy-files' => 's:files:copy' ,
'compress-files' => 's:files:compress' ,
'decompress-files' => 's:files:decompress' ,
'create-files' => 's:files:create' ,
'upload-files' => 's:files:upload' ,
'delete-files' => 's:files:delete' ,
2018-02-17 22:10:44 +00:00
'download-files' => 's:files:download' ,
2017-03-30 20:30:59 +01:00
],
'task' => [
2017-09-14 03:46:43 +01:00
'list-schedules' => null ,
'view-schedule' => null ,
'toggle-schedule' => null ,
'queue-schedule' => null ,
'edit-schedule' => null ,
'create-schedule' => null ,
'delete-schedule' => null ,
2017-03-30 20:30:59 +01:00
],
];
/**
* Return a collection of permissions available .
*
2017-08-24 03:34:11 +01:00
* @ param bool $array
2019-12-28 20:03:19 +00:00
* @ return array | \Illuminate\Database\Eloquent\Collection
2019-11-04 01:13:47 +00:00
* @ deprecated
2017-03-30 20:30:59 +01:00
*/
2017-08-24 03:34:11 +01:00
public static function getPermissions ( $array = false )
2017-03-30 20:30:59 +01:00
{
2017-08-24 03:34:11 +01:00
if ( $array ) {
2019-11-04 01:13:47 +00:00
return collect ( self :: $deprecatedPermissions ) -> mapWithKeys ( function ( $item ) {
2017-03-30 20:30:59 +01:00
return $item ;
}) -> all ();
}
2019-11-04 01:13:47 +00:00
return collect ( self :: $deprecatedPermissions );
2017-03-30 20:30:59 +01:00
}
2015-12-06 18:58:49 +00:00
}