Refactor to use more laravel logic and improve compatibility with older PHP versions (#206)
* Fix @param namespaces for PHPDocs in ServerPolicy * Reduce permission check duplication in ServerPolicy This introduces a new checkPermission method to reduce code duplication when checking for permissions. * Simplify logic to list accessible servers for the user We can directly use the pluck function that laravel collections provide to simplify the logic. * Fix pagination issue when databases/servers exceed 20 Laravels strips out the currently selected tab (or any GET query for that matter) by default when using pagination. the appends() methods helps with keeping that information. * Refactor unnecessary array_merge calls We can just append to the array instead of constantly merging a new copy. * Fix accessing “API Access” on some versions of PHP The “new” word is reserved and should not be used as a method name. http://stackoverflow.com/questions/9575590/why-am-i-getting-an-unexpected-t-new-error-in-php * Fix revoking API keys on older versions of php (5.6) “string” was not a valid function argument type yet, so revoking keys results in an error on older installations. * Fix issues with API due to methods named “list” “list” is yet another reserved keyword in PHP and messes up older installations of PHP (5.6). This renames all methods named “list” to “lists”. The API route names are left untouched (e.g. still called “api.admin.users.list”). * Refactor and shorten some API logic Used laravel collection methods where applicable to directly transform the values instead of converting back and forth. This also removes some dead variables that were never used as well as getting rid of a n+1 problem in the Service API (loading service variables afterwards, not during the model creation). * Return model save status in repositories where applicable * Fix typo in ServicePolicy#powerStart * Apply StyleCI corrections
This commit is contained in:
spaceemotion
Dane Everitt
parent
c3abb32c0c
commit
a85ac87ae8
|
|
@ -47,17 +47,13 @@ class LocationController extends BaseController
|
|||
* @Versions({"v1"})
|
||||
* @Response(200)
|
||||
*/
|
||||
public function list(Request $request)
|
||||
public function lists(Request $request)
|
||||
{
|
||||
$locations = Location::select('locations.*', DB::raw('GROUP_CONCAT(nodes.id) as nodes'))
|
||||
return Location::select('locations.*', DB::raw('GROUP_CONCAT(nodes.id) as nodes'))
|
||||
->join('nodes', 'locations.id', '=', 'nodes.location')
|
||||
->groupBy('locations.id')
|
||||
->get();
|
||||
|
||||
foreach ($locations as &$location) {
|
||||
$location->nodes = explode(',', $location->nodes);
|
||||
}
|
||||
|
||||
return $locations->toArray();
|
||||
->get()->each(function ($location) {
|
||||
$location->nodes = explode(',', $location->nodes);
|
||||
})->all();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ class NodeController extends BaseController
|
|||
* })
|
||||
* @Response(200)
|
||||
*/
|
||||
public function list(Request $request)
|
||||
public function lists(Request $request)
|
||||
{
|
||||
return Models\Node::all()->toArray();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ class ServerController extends BaseController
|
|||
* })
|
||||
* @Response(200)
|
||||
*/
|
||||
public function list(Request $request)
|
||||
public function lists(Request $request)
|
||||
{
|
||||
return Models\Server::all()->toArray();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ class ServiceController extends BaseController
|
|||
//
|
||||
}
|
||||
|
||||
public function list(Request $request)
|
||||
public function lists(Request $request)
|
||||
{
|
||||
return Models\Service::all()->toArray();
|
||||
}
|
||||
|
|
@ -50,14 +50,12 @@ class ServiceController extends BaseController
|
|||
throw new NotFoundHttpException('No service by that ID was found.');
|
||||
}
|
||||
|
||||
$options = Models\ServiceOptions::select('id', 'name', 'description', 'tag', 'docker_image')->where('parent_service', $service->id)->get();
|
||||
foreach ($options as &$opt) {
|
||||
$opt->variables = Models\ServiceVariables::where('option_id', $opt->id)->get();
|
||||
}
|
||||
|
||||
return [
|
||||
'service' => $service,
|
||||
'options' => $options,
|
||||
'options' => Models\ServiceOptions::select('id', 'name', 'description', 'tag', 'docker_image')
|
||||
->where('parent_service', $service->id)
|
||||
->with('variables')
|
||||
->get(),
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -32,11 +32,8 @@ class InfoController extends BaseController
|
|||
{
|
||||
public function me(Request $request)
|
||||
{
|
||||
$servers = Models\Server::getUserServers();
|
||||
$response = [];
|
||||
|
||||
foreach ($servers as &$server) {
|
||||
$response = array_merge($response, [[
|
||||
return Models\Server::getUserServers()->map(function ($server) {
|
||||
return [
|
||||
'id' => $server->uuidShort,
|
||||
'uuid' => $server->uuid,
|
||||
'name' => $server->name,
|
||||
|
|
@ -48,9 +45,7 @@ class InfoController extends BaseController
|
|||
'port' => $server->port,
|
||||
'service' => $server->a_serviceName,
|
||||
'option' => $server->a_serviceOptionName,
|
||||
]]);
|
||||
}
|
||||
|
||||
return $response;
|
||||
];
|
||||
})->all();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -92,7 +92,6 @@ class ServerController extends BaseController
|
|||
public function power(Request $request, $uuid)
|
||||
{
|
||||
$server = Models\Server::getByUUID($uuid);
|
||||
$node = Models\Node::getByID($server->node);
|
||||
$client = Models\Node::guzzleRequest($server->node);
|
||||
|
||||
Auth::user()->can('power-' . $request->input('action'), $server);
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ class UserController extends BaseController
|
|||
* })
|
||||
* @Response(200)
|
||||
*/
|
||||
public function list(Request $request)
|
||||
public function lists(Request $request)
|
||||
{
|
||||
return Models\User::all()->toArray();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ class APIController extends Controller
|
|||
]);
|
||||
}
|
||||
|
||||
public function new(Request $request)
|
||||
public function create(Request $request)
|
||||
{
|
||||
return view('base.api.new');
|
||||
}
|
||||
|
|
@ -57,7 +57,7 @@ class APIController extends Controller
|
|||
{
|
||||
try {
|
||||
$repo = new APIRepository($request->user());
|
||||
$secret = $repo->new($request->except(['_token']));
|
||||
$secret = $repo->create($request->except(['_token']));
|
||||
Alert::success('An API Keypair has successfully been generated. The API secret for this public key is shown below and will not be shown again.<br /><br /><code>' . $secret . '</code>')->flash();
|
||||
|
||||
return redirect()->route('account.api');
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ class APIRoutes
|
|||
*/
|
||||
$api->get('users', [
|
||||
'as' => 'api.admin.users.list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@lists',
|
||||
]);
|
||||
|
||||
$api->post('users', [
|
||||
|
|
@ -83,7 +83,7 @@ class APIRoutes
|
|||
*/
|
||||
$api->get('servers', [
|
||||
'as' => 'api.admin.servers.list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@lists',
|
||||
]);
|
||||
|
||||
$api->post('servers', [
|
||||
|
|
@ -126,7 +126,7 @@ class APIRoutes
|
|||
*/
|
||||
$api->get('nodes', [
|
||||
'as' => 'api.admin.nodes.list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@lists',
|
||||
]);
|
||||
|
||||
$api->post('nodes', [
|
||||
|
|
@ -164,7 +164,7 @@ class APIRoutes
|
|||
*/
|
||||
$api->get('locations', [
|
||||
'as' => 'api.admin.locations.list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\LocationController@list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\LocationController@lists',
|
||||
]);
|
||||
|
||||
/*
|
||||
|
|
@ -172,7 +172,7 @@ class APIRoutes
|
|||
*/
|
||||
$api->get('services', [
|
||||
'as' => 'api.admin.services.list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@list',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@lists',
|
||||
]);
|
||||
|
||||
$api->get('services/{id}', [
|
||||
|
|
|
|||
|
|
@ -85,7 +85,7 @@ class BaseRoutes
|
|||
]);
|
||||
$router->get('/new', [
|
||||
'as' => 'account.api.new',
|
||||
'uses' => 'Base\APIController@new',
|
||||
'uses' => 'Base\APIController@create',
|
||||
]);
|
||||
$router->post('/new', [
|
||||
'uses' => 'Base\APIController@save',
|
||||
|
|
|
|||
|
|
@ -50,4 +50,14 @@ class ServiceOptions extends Model
|
|||
protected $casts = [
|
||||
'parent_service' => 'integer',
|
||||
];
|
||||
|
||||
/**
|
||||
* Gets all variables associated with this service.
|
||||
*
|
||||
* @return \Illuminate\Database\Eloquent\Relations\HasMany
|
||||
*/
|
||||
public function variables()
|
||||
{
|
||||
return $this->hasMany(ServiceVariables::class, 'option_id');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -80,15 +80,8 @@ class Subuser extends Model
|
|||
*/
|
||||
public static function accessServers()
|
||||
{
|
||||
$access = [];
|
||||
|
||||
$union = self::select('server_id')->where('user_id', self::$user->id);
|
||||
$select = Server::select('id')->where('owner', self::$user->id)->union($union)->get();
|
||||
|
||||
foreach ($select as &$select) {
|
||||
$access = array_merge($access, [$select->id]);
|
||||
}
|
||||
|
||||
return $access;
|
||||
return Server::select('id')->where('owner', self::$user->id)->union($union)->pluck('id');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -42,8 +42,8 @@ class ServerPolicy
|
|||
/**
|
||||
* Determine if current user is the owner of a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
protected function isOwner(User $user, Server $server)
|
||||
|
|
@ -54,7 +54,7 @@ class ServerPolicy
|
|||
/**
|
||||
* Runs before any of the functions are called. Used to determine if user is root admin, if so, ignore permissions.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param string $ability
|
||||
* @return bool
|
||||
*/
|
||||
|
|
@ -68,577 +68,450 @@ class ServerPolicy
|
|||
/**
|
||||
* Check if user has permission to control power for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function power(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('power')->exists();
|
||||
return $this->checkPermission($user, $server, 'power');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to start a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function powerStart(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('power-start')->exists();
|
||||
return $this->checkPermission($user, $server, 'power-start');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to stop a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function powerStop(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('power-stop')->exists();
|
||||
return $this->checkPermission($user, $server, 'power-stop');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to restart a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function powerRestart(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('power-restart')->exists();
|
||||
return $this->checkPermission($user, $server, 'power-restart');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to kill a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function powerKill(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('power-kill')->exists();
|
||||
return $this->checkPermission($user, $server, 'power-kill');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to run a command on a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function sendCommand(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('send-command')->exists();
|
||||
return $this->checkPermission($user, $server, 'send-command');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to list files on a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function listFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('list-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'list-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to edit files on a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function editFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('edit-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'edit-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to save files on a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function saveFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('save-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'save-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to move and rename files and folders on a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function moveFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('move-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'move-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to copy folders and files on a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function copyFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('copy-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'copy-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to compress files and folders on a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function compressFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('compress-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'compress-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to decompress files on a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function decompressFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('decompress-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'decompress-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to add files to a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function addFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('add-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'add-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to upload files to a server.
|
||||
* This permission relies on the user having the 'add-files' permission as well due to page authorization.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function uploadFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('upload-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'upload-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to download files from a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function downloadFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('download-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'download-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to delete files from a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function deleteFiles(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('delete-files')->exists();
|
||||
return $this->checkPermission($user, $server, 'delete-files');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to view subusers for the server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function listSubusers(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('list-subusers')->exists();
|
||||
return $this->checkPermission($user, $server, 'list-subusers');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to view specific subuser permissions.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function viewSubuser(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('view-subuser')->exists();
|
||||
return $this->checkPermission($user, $server, 'view-subuser');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to edit a subuser.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function editSubuser(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('edit-subuser')->exists();
|
||||
return $this->checkPermission($user, $server, 'edit-subuser');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to delete a subuser.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function deleteSubuser(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('delete-subuser')->exists();
|
||||
return $this->checkPermission($user, $server, 'delete-subuser');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to edit a subuser.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function createSubuser(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('create-subuser')->exists();
|
||||
return $this->checkPermission($user, $server, 'create-subuser');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to set the default connection for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function setConnection(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('set-connection')->exists();
|
||||
return $this->checkPermission($user, $server, 'set-connection');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to view the startup command used for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function viewStartup(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('view-startup')->exists();
|
||||
return $this->checkPermission($user, $server, 'view-startup');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to edit the startup command used for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function editStartup(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('edit-startup')->exists();
|
||||
return $this->checkPermission($user, $server, 'edit-startup');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to view the SFTP information for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function viewSftp(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('view-sftp')->exists();
|
||||
return $this->checkPermission($user, $server, 'view-sftp');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to reset the SFTP password for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function resetSftp(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('reset-sftp')->exists();
|
||||
return $this->checkPermission($user, $server, 'reset-sftp');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to view the SFTP password for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function viewSftpPassword(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('view-sftp-password')->exists();
|
||||
return $this->checkPermission($user, $server, 'view-sftp-password');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to view databases for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function viewDatabases(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('view-databases')->exists();
|
||||
return $this->checkPermission($user, $server, 'view-databases');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to reset database passwords.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function resetDbPassword(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('reset-db-password')->exists();
|
||||
return $this->checkPermission($user, $server, 'reset-db-password');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to view all tasks for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function listTasks(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('list-tasks')->exists();
|
||||
return $this->checkPermission($user, $server, 'list-tasks');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to view a specific task for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function viewTask(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('view-task')->exists();
|
||||
return $this->checkPermission($user, $server, 'view-task');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to view a toggle a task for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function toggleTask(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('toggle-task')->exists();
|
||||
return $this->checkPermission($user, $server, 'toggle-task');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to queue a task for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function queueTask(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('queue-task')->exists();
|
||||
return $this->checkPermission($user, $server, 'queue-task');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to delete a specific task for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function deleteTask(User $user, Server $server)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('delete-task')->exists();
|
||||
return $this->checkPermission($user, $server, 'delete-task');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if user has permission to create a task for a server.
|
||||
*
|
||||
* @param Pterodactyl\Models\User $user
|
||||
* @param Pterodactyl\Models\Server $server
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return bool
|
||||
*/
|
||||
public function createTask(User $user, Server $server)
|
||||
{
|
||||
return $this->checkPermission($user, $server, 'create-task');
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if the user has the given permission on/for the server.
|
||||
*
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @param $permission
|
||||
* @return bool
|
||||
*/
|
||||
private function checkPermission(User $user, Server $server, $permission)
|
||||
{
|
||||
if ($this->isOwner($user, $server)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $user->permissions()->server($server)->permission('create-task')->exists();
|
||||
return $user->permissions()->server($server)->permission($permission)->exists();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -116,7 +116,7 @@ class APIRepository
|
|||
*
|
||||
* @return string Returns the generated secret token.
|
||||
*/
|
||||
public function new(array $data)
|
||||
public function create(array $data)
|
||||
{
|
||||
$validator = Validator::make($data, [
|
||||
'memo' => 'string|max:500',
|
||||
|
|
@ -219,13 +219,13 @@ class APIRepository
|
|||
*
|
||||
* @return void
|
||||
*/
|
||||
public function revoke(string $key)
|
||||
public function revoke($key)
|
||||
{
|
||||
DB::beginTransaction();
|
||||
|
||||
try {
|
||||
$model = Models\APIKey::where('public', $key)->where('user', $this->user->id)->firstOrFail();
|
||||
$permissions = Models\APIPermission::where('key_id', $model->id)->delete();
|
||||
Models\APIPermission::where('key_id', $model->id)->delete();
|
||||
$model->delete();
|
||||
|
||||
DB::commit();
|
||||
|
|
|
|||
|
|
@ -181,24 +181,23 @@ class FileRepository
|
|||
$folders = [];
|
||||
foreach ($json as &$value) {
|
||||
if ($value->directory === true) {
|
||||
|
||||
// @TODO Handle Symlinks
|
||||
$folders = array_merge($folders, [[
|
||||
$folders[] = [
|
||||
'entry' => $value->name,
|
||||
'directory' => trim($directory, '/'),
|
||||
'size' => null,
|
||||
'date' => strtotime($value->modified),
|
||||
'mime' => $value->mime,
|
||||
]]);
|
||||
];
|
||||
} elseif ($value->file === true) {
|
||||
$files = array_merge($files, [[
|
||||
$files[] = [
|
||||
'entry' => $value->name,
|
||||
'directory' => trim($directory, '/'),
|
||||
'extension' => pathinfo($value->name, PATHINFO_EXTENSION),
|
||||
'size' => HelperRepository::bytesToHuman($value->size),
|
||||
'date' => strtotime($value->modified),
|
||||
'mime' => $value->mime,
|
||||
]]);
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -170,11 +170,11 @@ class ServerRepository
|
|||
if ($variable->required === 1) {
|
||||
throw new DisplayException('A required service option variable field (env_' . $variable->env_variable . ') was missing from the request.');
|
||||
}
|
||||
$variableList = array_merge($variableList, [[
|
||||
$variableList[] = [
|
||||
'id' => $variable->id,
|
||||
'env' => $variable->env_variable,
|
||||
'val' => $variable->default_value,
|
||||
]]);
|
||||
];
|
||||
continue;
|
||||
}
|
||||
|
||||
|
|
@ -183,11 +183,11 @@ class ServerRepository
|
|||
throw new DisplayException('Failed to validate service option variable field (env_' . $variable->env_variable . ') aganist regex (' . $variable->regex . ').');
|
||||
}
|
||||
|
||||
$variableList = array_merge($variableList, [[
|
||||
$variableList[] = [
|
||||
'id' => $variable->id,
|
||||
'env' => $variable->env_variable,
|
||||
'val' => $data['env_' . $variable->env_variable],
|
||||
]]);
|
||||
];
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
|
@ -260,14 +260,13 @@ class ServerRepository
|
|||
$allocation->save();
|
||||
|
||||
// Add Variables
|
||||
$environmentVariables = [];
|
||||
$environmentVariables = array_merge($environmentVariables, [
|
||||
$environmentVariables = [
|
||||
'STARTUP' => $data['startup'],
|
||||
]);
|
||||
];
|
||||
|
||||
foreach ($variableList as $item) {
|
||||
$environmentVariables = array_merge($environmentVariables, [
|
||||
$item['env'] => $item['val'],
|
||||
]);
|
||||
$environmentVariables[$item['env']] = $item['val'];
|
||||
|
||||
Models\ServerVariables::create([
|
||||
'server_id' => $server->id,
|
||||
'variable_id' => $item['id'],
|
||||
|
|
@ -672,21 +671,21 @@ class ServerRepository
|
|||
foreach ($variables as &$variable) {
|
||||
// Move on if the new data wasn't even sent
|
||||
if (! isset($data[$variable->env_variable])) {
|
||||
$variableList = array_merge($variableList, [[
|
||||
$variableList[] = [
|
||||
'id' => $variable->id,
|
||||
'env' => $variable->env_variable,
|
||||
'val' => $variable->a_currentValue,
|
||||
]]);
|
||||
];
|
||||
continue;
|
||||
}
|
||||
|
||||
// Update Empty but skip validation
|
||||
if (empty($data[$variable->env_variable])) {
|
||||
$variableList = array_merge($variableList, [[
|
||||
$variableList[] = [
|
||||
'id' => $variable->id,
|
||||
'env' => $variable->env_variable,
|
||||
'val' => null,
|
||||
]]);
|
||||
];
|
||||
continue;
|
||||
}
|
||||
|
||||
|
|
@ -708,23 +707,20 @@ class ServerRepository
|
|||
throw new DisplayException('Failed to validate service option variable field (' . $variable->env_variable . ') aganist regex (' . $variable->regex . ').');
|
||||
}
|
||||
|
||||
$variableList = array_merge($variableList, [[
|
||||
$variableList[] = [
|
||||
'id' => $variable->id,
|
||||
'env' => $variable->env_variable,
|
||||
'val' => $data[$variable->env_variable],
|
||||
]]);
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
// Add Variables
|
||||
$environmentVariables = [];
|
||||
$environmentVariables = array_merge($environmentVariables, [
|
||||
$environmentVariables = [
|
||||
'STARTUP' => $server->startup,
|
||||
]);
|
||||
];
|
||||
foreach ($variableList as $item) {
|
||||
$environmentVariables = array_merge($environmentVariables, [
|
||||
$item['env'] => $item['val'],
|
||||
]);
|
||||
$environmentVariables[$item['env']] = $item['val'];
|
||||
|
||||
// Update model or make a new record if it doesn't exist.
|
||||
$model = Models\ServerVariables::firstOrNew([
|
||||
|
|
|
|||
|
|
@ -118,6 +118,7 @@ class Option
|
|||
}
|
||||
|
||||
$option->fill($data);
|
||||
$option->save();
|
||||
|
||||
return $option->save();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -82,7 +82,8 @@ class Service
|
|||
}
|
||||
|
||||
$service->fill($data);
|
||||
$service->save();
|
||||
|
||||
return $service->save();
|
||||
}
|
||||
|
||||
public function delete($id)
|
||||
|
|
|
|||
|
|
@ -71,7 +71,8 @@ class Variable
|
|||
$variable = new Models\ServiceVariables;
|
||||
$variable->option_id = $option->id;
|
||||
$variable->fill($data);
|
||||
$variable->save();
|
||||
|
||||
return $variable->save();
|
||||
}
|
||||
|
||||
public function delete($id)
|
||||
|
|
@ -125,6 +126,7 @@ class Variable
|
|||
$data['required'] = (isset($data['required']) && in_array((int) $data['required'], [0, 1])) ? $data['required'] : $variable->required;
|
||||
|
||||
$variable->fill($data);
|
||||
$variable->save();
|
||||
|
||||
return $variable->save();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -144,7 +144,8 @@ class UserRepository
|
|||
}
|
||||
|
||||
$user->fill($data);
|
||||
$user->save();
|
||||
|
||||
return $user->save();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@
|
|||
<li><a href="{{ route('admin.databases.new') }}"><i class="fa fa-plus"></i></a></li>
|
||||
</ul>
|
||||
<div class="tab-content">
|
||||
<div class="tab-pane active" id="tab_databases">
|
||||
<div class="tab-pane {{ Request::input('tab') == 'tab_dbservers' ? '' : 'active' }}" id="tab_databases">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading"></div>
|
||||
<div class="panel-body">
|
||||
|
|
@ -65,12 +65,12 @@
|
|||
</tbody>
|
||||
</table>
|
||||
<div class="col-md-12 text-center">
|
||||
{{ $databases->render() }}
|
||||
{{ $databases->appends('tab', 'tab_databases')->render() }}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="tab-pane" id="tab_dbservers">
|
||||
<div class="tab-pane {{ Request::input('tab') == 'tab_dbservers' ? 'active' : '' }}" id="tab_dbservers">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading"></div>
|
||||
<div class="panel-body">
|
||||
|
|
@ -99,7 +99,7 @@
|
|||
</tbody>
|
||||
</table>
|
||||
<div class="col-md-12 text-center">
|
||||
{{ $dbh->render() }}
|
||||
{{ $dbh->appends('tab', 'tab_dbservers')->render() }}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in New Issue