2015-12-06 18:58:49 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace Pterodactyl\Http\Controllers\API;
|
|
|
|
|
|
|
|
use Gate;
|
|
|
|
use Log;
|
|
|
|
use Debugbar;
|
|
|
|
use Pterodactyl\Models\API;
|
|
|
|
use Pterodactyl\Models\User;
|
|
|
|
|
|
|
|
use Pterodactyl\Http\Controllers\Controller;
|
|
|
|
use Illuminate\Http\Request;
|
|
|
|
|
|
|
|
class UserController extends Controller
|
|
|
|
{
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Constructor
|
|
|
|
*/
|
|
|
|
public function __construct()
|
|
|
|
{
|
2016-01-04 21:09:39 +00:00
|
|
|
//
|
2015-12-06 18:58:49 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function getAllUsers(Request $request)
|
|
|
|
{
|
|
|
|
|
|
|
|
// Policies don't work if the user isn't logged in for whatever reason in Laravel...
|
|
|
|
if(!API::checkPermission($request->header('X-Authorization'), 'get-users')) {
|
|
|
|
return API::noPermissionError();
|
|
|
|
}
|
|
|
|
|
|
|
|
return response()->json([
|
|
|
|
'users' => User::all()
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returns JSON response about a user given their ID.
|
|
|
|
* If fields are provided only those fields are returned.
|
|
|
|
*
|
|
|
|
* Does not return protected fields (i.e. password & totp_secret)
|
|
|
|
*
|
|
|
|
* @param Request $request
|
|
|
|
* @param int $id
|
|
|
|
* @param string $fields
|
|
|
|
* @return Response
|
|
|
|
*/
|
|
|
|
public function getUser(Request $request, $id, $fields = null)
|
|
|
|
{
|
|
|
|
|
|
|
|
// Policies don't work if the user isn't logged in for whatever reason in Laravel...
|
|
|
|
if(!API::checkPermission($request->header('X-Authorization'), 'get-users')) {
|
|
|
|
return API::noPermissionError();
|
|
|
|
}
|
|
|
|
|
|
|
|
if (is_null($fields)) {
|
|
|
|
return response()->json(User::find($id));
|
|
|
|
}
|
|
|
|
|
|
|
|
$query = User::where('id', $id);
|
|
|
|
$explode = explode(',', $fields);
|
|
|
|
|
|
|
|
foreach($explode as &$exploded) {
|
|
|
|
if(!empty($exploded)) {
|
|
|
|
$query->addSelect($exploded);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
return response()->json($query->get());
|
|
|
|
} catch (\Exception $e) {
|
|
|
|
if ($e instanceof \Illuminate\Database\QueryException) {
|
|
|
|
return response()->json([
|
|
|
|
'error' => 'One of the fields provided in your argument list is invalid.'
|
|
|
|
], 500);
|
|
|
|
}
|
|
|
|
throw $e;
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|