2016-10-15 00:22:23 +00:00
< ? php
/**
* Pterodactyl - Panel
2017-01-24 22:57:08 +00:00
* Copyright ( c ) 2015 - 2017 Dane Everitt < dane @ daneeveritt . com >
2016-12-07 22:46:38 +00:00
* Some Modifications ( c ) 2015 Dylan Seidt < dylan . seidt @ gmail . com >.
2016-10-15 00:22:23 +00:00
*
* Permission is hereby granted , free of charge , to any person obtaining a copy
* of this software and associated documentation files ( the " Software " ), to deal
* in the Software without restriction , including without limitation the rights
* to use , copy , modify , merge , publish , distribute , sublicense , and / or sell
* copies of the Software , and to permit persons to whom the Software is
* furnished to do so , subject to the following conditions :
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software .
*
* THE SOFTWARE IS PROVIDED " AS IS " , WITHOUT WARRANTY OF ANY KIND , EXPRESS OR
* IMPLIED , INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY ,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT . IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM , DAMAGES OR OTHER
* LIABILITY , WHETHER IN AN ACTION OF CONTRACT , TORT OR OTHERWISE , ARISING FROM ,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE .
*/
2016-12-07 22:46:38 +00:00
2016-10-15 00:22:23 +00:00
namespace Pterodactyl\Http\Controllers\Base ;
2016-12-07 22:46:38 +00:00
use Illuminate\Http\Request ;
2017-04-09 22:59:54 +00:00
use Pterodactyl\Models\APIKey ;
2017-06-25 20:31:50 +00:00
use Prologue\Alerts\AlertsMessageBag ;
2017-04-09 22:59:54 +00:00
use Pterodactyl\Models\APIPermission ;
2017-06-25 20:31:50 +00:00
use Pterodactyl\Services\ApiKeyService ;
2016-10-15 00:22:23 +00:00
use Pterodactyl\Http\Controllers\Controller ;
2017-06-25 20:31:50 +00:00
use Pterodactyl\Http\Requests\ApiKeyRequest ;
2016-10-15 00:22:23 +00:00
class APIController extends Controller
{
2017-06-25 20:31:50 +00:00
/**
* @ var \Prologue\Alerts\AlertsMessageBag
*/
protected $alert ;
/**
* @ var \Pterodactyl\Models\APIKey
*/
protected $model ;
/**
* @ var \Pterodactyl\Services\ApiKeyService
*/
protected $service ;
/**
* APIController constructor .
*
* @ param \Prologue\Alerts\AlertsMessageBag $alert
* @ param \Pterodactyl\Services\ApiKeyService $service
*/
public function __construct ( AlertsMessageBag $alert , ApiKeyService $service , APIKey $model )
{
$this -> alert = $alert ;
$this -> model = $model ;
$this -> service = $service ;
}
2017-03-19 23:36:50 +00:00
/**
* Display base API index page .
*
2017-06-25 20:31:50 +00:00
* @ param \Illuminate\Http\Request $request
2017-03-19 23:36:50 +00:00
* @ return \Illuminate\View\View
*/
2016-10-15 00:22:23 +00:00
public function index ( Request $request )
{
return view ( 'base.api.index' , [
2017-04-09 22:59:54 +00:00
'keys' => APIKey :: where ( 'user_id' , $request -> user () -> id ) -> get (),
2016-10-15 00:22:23 +00:00
]);
}
2017-03-19 23:36:50 +00:00
/**
* Display API key creation page .
*
* @ return \Illuminate\View\View
*/
2017-06-25 20:31:50 +00:00
public function create ()
2016-10-15 00:22:23 +00:00
{
2017-04-09 22:59:54 +00:00
return view ( 'base.api.new' , [
'permissions' => [
2017-06-25 20:31:50 +00:00
'user' => collect ( APIPermission :: PERMISSIONS ) -> pull ( '_user' ),
'admin' => collect ( APIPermission :: PERMISSIONS ) -> except ( '_user' ) -> toArray (),
2017-04-09 22:59:54 +00:00
],
]);
2016-10-15 00:22:23 +00:00
}
2017-03-19 23:36:50 +00:00
/**
* Handle saving new API key .
*
2017-06-25 20:31:50 +00:00
* @ param \Pterodactyl\Http\Requests\ApiKeyRequest $request
2017-03-19 23:36:50 +00:00
* @ return \Illuminate\Http\RedirectResponse
2017-06-25 20:31:50 +00:00
*
* @ throws \Exception
* @ throws \Pterodactyl\Exceptions\Model\DataValidationException
2017-03-19 23:36:50 +00:00
*/
2017-06-25 20:31:50 +00:00
public function store ( ApiKeyRequest $request )
2016-10-15 00:22:23 +00:00
{
2017-06-25 20:31:50 +00:00
$adminPermissions = [];
if ( $request -> user () -> isRootAdmin ()) {
$adminPermissions = $request -> input ( 'admin_permissions' ) ? ? [];
2016-10-20 22:20:58 +00:00
}
2016-12-07 22:46:38 +00:00
2017-06-25 20:31:50 +00:00
$secret = $this -> service -> create ([
'user_id' => $request -> user () -> id ,
'allowed_ips' => $request -> input ( 'allowed_ips' ),
'memo' => $request -> input ( 'memo' ),
], $request -> input ( 'permissions' ) ? ? [], $adminPermissions );
$this -> alert -> success ( 'An API Key-Pair has successfully been generated. The API secret for this public key is shown below and will not be shown again.<br /><br /><code>' . $secret . '</code>' ) -> flash ();
return redirect () -> route ( 'account.api' );
2016-10-20 22:20:58 +00:00
}
2016-10-15 00:22:23 +00:00
2017-03-19 23:36:50 +00:00
/**
* @ param \Illuminate\Http\Request $request
* @ param string $key
2017-06-25 20:31:50 +00:00
* @ return \Illuminate\Http\Response
*
* @ throws \Exception
2017-03-19 23:36:50 +00:00
*/
2016-10-20 22:20:58 +00:00
public function revoke ( Request $request , $key )
{
2017-06-25 20:31:50 +00:00
$key = $this -> model -> newQuery ()
-> where ( 'user_id' , $request -> user () -> id )
-> where ( 'public' , $key )
-> firstOrFail ();
2016-12-07 22:46:38 +00:00
2017-06-25 20:31:50 +00:00
$this -> service -> revoke ( $key );
2017-02-19 03:57:50 +00:00
2017-06-25 20:31:50 +00:00
return response ( '' , 204 );
2016-10-15 00:22:23 +00:00
}
}
