Add database password rotation to view
This commit is contained in:
Dane Everitt
parent
f6ee885f26
commit
48c39abfcb
|
|
@ -2,9 +2,11 @@
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Controllers\Api\Client\Servers;
|
namespace Pterodactyl\Http\Controllers\Api\Client\Servers;
|
||||||
|
|
||||||
|
use Illuminate\Support\Str;
|
||||||
use Illuminate\Http\Response;
|
use Illuminate\Http\Response;
|
||||||
use Pterodactyl\Models\Server;
|
use Pterodactyl\Models\Server;
|
||||||
use Pterodactyl\Models\Database;
|
use Pterodactyl\Models\Database;
|
||||||
|
use Pterodactyl\Services\Databases\DatabasePasswordService;
|
||||||
use Pterodactyl\Transformers\Api\Client\DatabaseTransformer;
|
use Pterodactyl\Transformers\Api\Client\DatabaseTransformer;
|
||||||
use Pterodactyl\Services\Databases\DatabaseManagementService;
|
use Pterodactyl\Services\Databases\DatabaseManagementService;
|
||||||
use Pterodactyl\Services\Databases\DeployServerDatabaseService;
|
use Pterodactyl\Services\Databases\DeployServerDatabaseService;
|
||||||
|
|
@ -13,6 +15,7 @@ use Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface;
|
||||||
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\GetDatabasesRequest;
|
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\GetDatabasesRequest;
|
||||||
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\StoreDatabaseRequest;
|
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\StoreDatabaseRequest;
|
||||||
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\DeleteDatabaseRequest;
|
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\DeleteDatabaseRequest;
|
||||||
|
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\RotatePasswordRequest;
|
||||||
|
|
||||||
class DatabaseController extends ClientApiController
|
class DatabaseController extends ClientApiController
|
||||||
{
|
{
|
||||||
|
|
@ -31,15 +34,22 @@ class DatabaseController extends ClientApiController
|
||||||
*/
|
*/
|
||||||
private $managementService;
|
private $managementService;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var \Pterodactyl\Services\Databases\DatabasePasswordService
|
||||||
|
*/
|
||||||
|
private $passwordService;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* DatabaseController constructor.
|
* DatabaseController constructor.
|
||||||
*
|
*
|
||||||
* @param \Pterodactyl\Services\Databases\DatabaseManagementService $managementService
|
* @param \Pterodactyl\Services\Databases\DatabaseManagementService $managementService
|
||||||
|
* @param \Pterodactyl\Services\Databases\DatabasePasswordService $passwordService
|
||||||
* @param \Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface $repository
|
* @param \Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface $repository
|
||||||
* @param \Pterodactyl\Services\Databases\DeployServerDatabaseService $deployDatabaseService
|
* @param \Pterodactyl\Services\Databases\DeployServerDatabaseService $deployDatabaseService
|
||||||
*/
|
*/
|
||||||
public function __construct(
|
public function __construct(
|
||||||
DatabaseManagementService $managementService,
|
DatabaseManagementService $managementService,
|
||||||
|
DatabasePasswordService $passwordService,
|
||||||
DatabaseRepositoryInterface $repository,
|
DatabaseRepositoryInterface $repository,
|
||||||
DeployServerDatabaseService $deployDatabaseService
|
DeployServerDatabaseService $deployDatabaseService
|
||||||
) {
|
) {
|
||||||
|
|
@ -48,6 +58,7 @@ class DatabaseController extends ClientApiController
|
||||||
$this->deployDatabaseService = $deployDatabaseService;
|
$this->deployDatabaseService = $deployDatabaseService;
|
||||||
$this->repository = $repository;
|
$this->repository = $repository;
|
||||||
$this->managementService = $managementService;
|
$this->managementService = $managementService;
|
||||||
|
$this->passwordService = $passwordService;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -81,6 +92,30 @@ class DatabaseController extends ClientApiController
|
||||||
->toArray();
|
->toArray();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Rotates the password for the given server model and returns a fresh instance to
|
||||||
|
* the caller.
|
||||||
|
*
|
||||||
|
* @param \Pterodactyl\Http\Requests\Api\Client\Servers\Databases\RotatePasswordRequest $request
|
||||||
|
* @return array
|
||||||
|
*
|
||||||
|
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
||||||
|
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
||||||
|
*/
|
||||||
|
public function rotatePassword(RotatePasswordRequest $request)
|
||||||
|
{
|
||||||
|
$database = $request->getModel(Database::class);
|
||||||
|
|
||||||
|
$this->passwordService->handle($database, Str::random(24));
|
||||||
|
|
||||||
|
$database->refresh();
|
||||||
|
|
||||||
|
return $this->fractal->item($database)
|
||||||
|
->parseIncludes(['password'])
|
||||||
|
->transformWith($this->getTransformer(DatabaseTransformer::class))
|
||||||
|
->toArray();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param \Pterodactyl\Http\Requests\Api\Client\Servers\Databases\DeleteDatabaseRequest $request
|
* @param \Pterodactyl\Http\Requests\Api\Client\Servers\Databases\DeleteDatabaseRequest $request
|
||||||
* @return \Illuminate\Http\Response
|
* @return \Illuminate\Http\Response
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,9 @@ use Pterodactyl\Models\Server;
|
||||||
use Pterodactyl\Contracts\Http\ClientPermissionsRequest;
|
use Pterodactyl\Contracts\Http\ClientPermissionsRequest;
|
||||||
use Pterodactyl\Http\Requests\Api\Application\ApplicationApiRequest;
|
use Pterodactyl\Http\Requests\Api\Application\ApplicationApiRequest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @method \Pterodactyl\Models\User user($guard = null)
|
||||||
|
*/
|
||||||
abstract class ClientApiRequest extends ApplicationApiRequest
|
abstract class ClientApiRequest extends ApplicationApiRequest
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,19 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Pterodactyl\Http\Requests\Api\Client\Servers\Databases;
|
||||||
|
|
||||||
|
use Pterodactyl\Models\Server;
|
||||||
|
use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
|
||||||
|
|
||||||
|
class RotatePasswordRequest extends ClientApiRequest
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Check that the user has permission to rotate the password.
|
||||||
|
*
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function authorize(): bool
|
||||||
|
{
|
||||||
|
return $this->user()->can('reset-db-password', $this->getModel(Server::class));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
namespace Pterodactyl\Services\Databases;
|
namespace Pterodactyl\Services\Databases;
|
||||||
|
|
||||||
|
use Webmozart\Assert\Assert;
|
||||||
use Pterodactyl\Models\Database;
|
use Pterodactyl\Models\Database;
|
||||||
use Illuminate\Database\ConnectionInterface;
|
use Illuminate\Database\ConnectionInterface;
|
||||||
use Illuminate\Contracts\Encryption\Encrypter;
|
use Illuminate\Contracts\Encryption\Encrypter;
|
||||||
|
|
@ -63,6 +64,8 @@ class DatabasePasswordService
|
||||||
public function handle($database, string $password): bool
|
public function handle($database, string $password): bool
|
||||||
{
|
{
|
||||||
if (! $database instanceof Database) {
|
if (! $database instanceof Database) {
|
||||||
|
Assert::integerish($database);
|
||||||
|
|
||||||
$database = $this->repository->find($database);
|
$database = $this->repository->find($database);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,10 @@
|
||||||
|
import { rawDataToServerDatabase, ServerDatabase } from '@/api/server/getServerDatabases';
|
||||||
|
import http from '@/api/http';
|
||||||
|
|
||||||
|
export default (uuid: string, database: string): Promise<ServerDatabase> => {
|
||||||
|
return new Promise((resolve, reject) => {
|
||||||
|
http.post(`/api/client/servers/${uuid}/databases/${database}/rotate-password`)
|
||||||
|
.then((response) => resolve(rawDataToServerDatabase(response.data.attributes)))
|
||||||
|
.catch(reject);
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
@ -0,0 +1,20 @@
|
||||||
|
import React from 'react';
|
||||||
|
import classNames from 'classnames';
|
||||||
|
|
||||||
|
type Props = { isLoading?: boolean } & React.DetailedHTMLProps<React.ButtonHTMLAttributes<HTMLButtonElement>, HTMLButtonElement>;
|
||||||
|
|
||||||
|
export default ({ isLoading, children, className, ...props }: Props) => (
|
||||||
|
<button
|
||||||
|
{...props}
|
||||||
|
className={classNames('btn btn-sm relative', className)}
|
||||||
|
>
|
||||||
|
{isLoading &&
|
||||||
|
<div className={'w-full flex absolute justify-center'} style={{ marginLeft: '-0.75rem' }}>
|
||||||
|
<div className={'spinner-circle spinner-white spinner-sm'}/>
|
||||||
|
</div>
|
||||||
|
}
|
||||||
|
<span className={isLoading ? 'text-transparent' : undefined}>
|
||||||
|
{children}
|
||||||
|
</span>
|
||||||
|
</button>
|
||||||
|
);
|
||||||
|
|
@ -15,19 +15,26 @@ import { ApplicationStore } from '@/state';
|
||||||
import { ServerContext } from '@/state/server';
|
import { ServerContext } from '@/state/server';
|
||||||
import deleteServerDatabase from '@/api/server/deleteServerDatabase';
|
import deleteServerDatabase from '@/api/server/deleteServerDatabase';
|
||||||
import { httpErrorToHuman } from '@/api/http';
|
import { httpErrorToHuman } from '@/api/http';
|
||||||
|
import RotatePasswordButton from '@/components/server/databases/RotatePasswordButton';
|
||||||
|
|
||||||
interface Props {
|
interface Props {
|
||||||
database: ServerDatabase;
|
databaseId: string | number;
|
||||||
className?: string;
|
className?: string;
|
||||||
onDelete: () => void;
|
onDelete: () => void;
|
||||||
}
|
}
|
||||||
|
|
||||||
export default ({ database, className, onDelete }: Props) => {
|
export default ({ databaseId, className, onDelete }: Props) => {
|
||||||
const [visible, setVisible] = useState(false);
|
const [visible, setVisible] = useState(false);
|
||||||
|
const database = ServerContext.useStoreState(state => state.databases.items.find(item => item.id === databaseId));
|
||||||
|
const appendDatabase = ServerContext.useStoreActions(actions => actions.databases.appendDatabase);
|
||||||
const [connectionVisible, setConnectionVisible] = useState(false);
|
const [connectionVisible, setConnectionVisible] = useState(false);
|
||||||
const { addFlash, clearFlashes } = useStoreActions((actions: Actions<ApplicationStore>) => actions.flashes);
|
const { addFlash, clearFlashes } = useStoreActions((actions: Actions<ApplicationStore>) => actions.flashes);
|
||||||
const server = ServerContext.useStoreState(state => state.server.data!);
|
const server = ServerContext.useStoreState(state => state.server.data!);
|
||||||
|
|
||||||
|
if (!database) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
const schema = object().shape({
|
const schema = object().shape({
|
||||||
confirm: string()
|
confirm: string()
|
||||||
.required('The database name must be provided.')
|
.required('The database name must be provided.')
|
||||||
|
|
@ -104,6 +111,7 @@ export default ({ database, className, onDelete }: Props) => {
|
||||||
}
|
}
|
||||||
</Formik>
|
</Formik>
|
||||||
<Modal visible={connectionVisible} onDismissed={() => setConnectionVisible(false)}>
|
<Modal visible={connectionVisible} onDismissed={() => setConnectionVisible(false)}>
|
||||||
|
<FlashMessageRender byKey={'database-connection-modal'} className={'mb-6'}/>
|
||||||
<h3 className={'mb-6'}>Database connection details</h3>
|
<h3 className={'mb-6'}>Database connection details</h3>
|
||||||
<div>
|
<div>
|
||||||
<label className={'input-dark-label'}>Password</label>
|
<label className={'input-dark-label'}>Password</label>
|
||||||
|
|
@ -119,6 +127,7 @@ export default ({ database, className, onDelete }: Props) => {
|
||||||
/>
|
/>
|
||||||
</div>
|
</div>
|
||||||
<div className={'mt-6 text-right'}>
|
<div className={'mt-6 text-right'}>
|
||||||
|
<RotatePasswordButton databaseId={database.id} onUpdate={appendDatabase}/>
|
||||||
<button className={'btn btn-sm btn-secondary'} onClick={() => setConnectionVisible(false)}>
|
<button className={'btn btn-sm btn-secondary'} onClick={() => setConnectionVisible(false)}>
|
||||||
Close
|
Close
|
||||||
</button>
|
</button>
|
||||||
|
|
|
||||||
|
|
@ -12,12 +12,15 @@ import CreateDatabaseButton from '@/components/server/databases/CreateDatabaseBu
|
||||||
|
|
||||||
export default () => {
|
export default () => {
|
||||||
const [ loading, setLoading ] = useState(true);
|
const [ loading, setLoading ] = useState(true);
|
||||||
const [ databases, setDatabases ] = useState<ServerDatabase[]>([]);
|
|
||||||
const server = ServerContext.useStoreState(state => state.server.data!);
|
const server = ServerContext.useStoreState(state => state.server.data!);
|
||||||
|
const databases = ServerContext.useStoreState(state => state.databases.items);
|
||||||
|
const { setDatabases, appendDatabase, removeDatabase } = ServerContext.useStoreActions(state => state.databases);
|
||||||
const { addFlash, clearFlashes } = useStoreActions((actions: Actions<ApplicationStore>) => actions.flashes);
|
const { addFlash, clearFlashes } = useStoreActions((actions: Actions<ApplicationStore>) => actions.flashes);
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
|
setLoading(!databases.length);
|
||||||
clearFlashes('databases');
|
clearFlashes('databases');
|
||||||
|
|
||||||
getServerDatabases(server.uuid)
|
getServerDatabases(server.uuid)
|
||||||
.then(databases => {
|
.then(databases => {
|
||||||
setDatabases(databases);
|
setDatabases(databases);
|
||||||
|
|
@ -43,8 +46,8 @@ export default () => {
|
||||||
databases.map((database, index) => (
|
databases.map((database, index) => (
|
||||||
<DatabaseRow
|
<DatabaseRow
|
||||||
key={database.id}
|
key={database.id}
|
||||||
database={database}
|
databaseId={database.id}
|
||||||
onDelete={() => setDatabases(s => [ ...s.filter(d => d.id !== database.id) ])}
|
onDelete={() => removeDatabase(database)}
|
||||||
className={index > 0 ? 'mt-1' : undefined}
|
className={index > 0 ? 'mt-1' : undefined}
|
||||||
/>
|
/>
|
||||||
))
|
))
|
||||||
|
|
@ -54,7 +57,7 @@ export default () => {
|
||||||
</p>
|
</p>
|
||||||
}
|
}
|
||||||
<div className={'mt-6 flex justify-end'}>
|
<div className={'mt-6 flex justify-end'}>
|
||||||
<CreateDatabaseButton onCreated={database => setDatabases(s => [ ...s, database ])}/>
|
<CreateDatabaseButton onCreated={appendDatabase}/>
|
||||||
</div>
|
</div>
|
||||||
</React.Fragment>
|
</React.Fragment>
|
||||||
</CSSTransition>
|
</CSSTransition>
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,45 @@
|
||||||
|
import React, { useState } from 'react';
|
||||||
|
import rotateDatabasePassword from '@/api/server/rotateDatabasePassword';
|
||||||
|
import { Actions, useStoreActions } from 'easy-peasy';
|
||||||
|
import { ApplicationStore } from '@/state';
|
||||||
|
import { ServerContext } from '@/state/server';
|
||||||
|
import { ServerDatabase } from '@/api/server/getServerDatabases';
|
||||||
|
import { httpErrorToHuman } from '@/api/http';
|
||||||
|
import Button from '@/components/elements/Button';
|
||||||
|
|
||||||
|
export default ({ databaseId, onUpdate }: {
|
||||||
|
databaseId: string;
|
||||||
|
onUpdate: (database: ServerDatabase) => void;
|
||||||
|
}) => {
|
||||||
|
const [ loading, setLoading ] = useState(false);
|
||||||
|
const { addFlash, clearFlashes } = useStoreActions((actions: Actions<ApplicationStore>) => actions.flashes);
|
||||||
|
const server = ServerContext.useStoreState(state => state.server.data!);
|
||||||
|
|
||||||
|
if (!databaseId) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
const rotate = () => {
|
||||||
|
setLoading(true);
|
||||||
|
clearFlashes();
|
||||||
|
|
||||||
|
rotateDatabasePassword(server.uuid, databaseId)
|
||||||
|
.then(database => onUpdate(database))
|
||||||
|
.catch(error => {
|
||||||
|
console.error(error);
|
||||||
|
addFlash({
|
||||||
|
type: 'error',
|
||||||
|
title: 'Error',
|
||||||
|
message: httpErrorToHuman(error),
|
||||||
|
key: 'database-connection-modal',
|
||||||
|
});
|
||||||
|
})
|
||||||
|
.then(() => setLoading(false));
|
||||||
|
};
|
||||||
|
|
||||||
|
return (
|
||||||
|
<Button className={'btn-secondary mr-2'} onClick={rotate} isLoading={loading}>
|
||||||
|
Rotate Password
|
||||||
|
</Button>
|
||||||
|
);
|
||||||
|
};
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
import getServer, { Server } from '@/api/server/getServer';
|
import getServer, { Server } from '@/api/server/getServer';
|
||||||
import { action, Action, createContextStore, thunk, Thunk } from 'easy-peasy';
|
import { action, Action, createContextStore, thunk, Thunk } from 'easy-peasy';
|
||||||
import socket, { SocketStore } from './socket';
|
import socket, { SocketStore } from './socket';
|
||||||
|
import { ServerDatabase } from '@/api/server/getServerDatabases';
|
||||||
|
|
||||||
export type ServerStatus = 'offline' | 'starting' | 'stopping' | 'running';
|
export type ServerStatus = 'offline' | 'starting' | 'stopping' | 'running';
|
||||||
|
|
||||||
|
|
@ -32,8 +33,29 @@ const status: ServerStatusStore = {
|
||||||
}),
|
}),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
interface ServerDatabaseStore {
|
||||||
|
items: ServerDatabase[];
|
||||||
|
setDatabases: Action<ServerDatabaseStore, ServerDatabase[]>;
|
||||||
|
appendDatabase: Action<ServerDatabaseStore, ServerDatabase>;
|
||||||
|
removeDatabase: Action<ServerDatabaseStore, ServerDatabase>;
|
||||||
|
}
|
||||||
|
|
||||||
|
const databases: ServerDatabaseStore = {
|
||||||
|
items: [],
|
||||||
|
setDatabases: action((state, payload) => {
|
||||||
|
state.items = payload;
|
||||||
|
}),
|
||||||
|
appendDatabase: action((state, payload) => {
|
||||||
|
state.items = state.items.filter(item => item.id !== payload.id).concat(payload);
|
||||||
|
}),
|
||||||
|
removeDatabase: action((state, payload) => {
|
||||||
|
state.items = state.items.filter(item => item.id !== payload.id);
|
||||||
|
}),
|
||||||
|
};
|
||||||
|
|
||||||
export interface ServerStore {
|
export interface ServerStore {
|
||||||
server: ServerDataStore;
|
server: ServerDataStore;
|
||||||
|
databases: ServerDatabaseStore;
|
||||||
socket: SocketStore;
|
socket: SocketStore;
|
||||||
status: ServerStatusStore;
|
status: ServerStatusStore;
|
||||||
clearServerState: Action<ServerStore>;
|
clearServerState: Action<ServerStore>;
|
||||||
|
|
@ -43,8 +65,10 @@ export const ServerContext = createContextStore<ServerStore>({
|
||||||
server,
|
server,
|
||||||
socket,
|
socket,
|
||||||
status,
|
status,
|
||||||
|
databases,
|
||||||
clearServerState: action(state => {
|
clearServerState: action(state => {
|
||||||
state.server.data = undefined;
|
state.server.data = undefined;
|
||||||
|
state.databases.items = [];
|
||||||
|
|
||||||
if (state.socket.instance) {
|
if (state.socket.instance) {
|
||||||
state.socket.instance.removeAllListeners();
|
state.socket.instance.removeAllListeners();
|
||||||
|
|
|
||||||
|
|
@ -38,6 +38,7 @@ Route::group(['prefix' => '/servers/{server}', 'middleware' => [AuthenticateServ
|
||||||
Route::group(['prefix' => '/databases'], function () {
|
Route::group(['prefix' => '/databases'], function () {
|
||||||
Route::get('/', 'Servers\DatabaseController@index')->name('api.client.servers.databases');
|
Route::get('/', 'Servers\DatabaseController@index')->name('api.client.servers.databases');
|
||||||
Route::post('/', 'Servers\DatabaseController@store');
|
Route::post('/', 'Servers\DatabaseController@store');
|
||||||
|
Route::post('/{database}/rotate-password', 'Servers\DatabaseController@rotatePassword');
|
||||||
Route::delete('/{database}', 'Servers\DatabaseController@delete')->name('api.client.servers.databases.delete');
|
Route::delete('/{database}', 'Servers\DatabaseController@delete')->name('api.client.servers.databases.delete');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue