misc_pterodactyl-panel/app/Http/Middleware/Server/AccessingValidServer.php

<?php

namespace Pterodactyl\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Pterodactyl\Models\Server;
use Illuminate\Contracts\Session\Session;
use Illuminate\Contracts\Config\Repository as ConfigRepository;
use Pterodactyl\Contracts\Repository\ServerRepositoryInterface;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

class AccessingValidServer
{
    /**
     * @var \Illuminate\Contracts\Config\Repository
     */
    private $config;

    /**
     * @var \Pterodactyl\Contracts\Repository\ServerRepositoryInterface
     */
    private $repository;

    /**
     * @var \Illuminate\Contracts\Session\Session
     */
    private $session;

    /**
     * AccessingValidServer constructor.
     *
     * @param \Illuminate\Contracts\Config\Repository                     $config
     * @param \Pterodactyl\Contracts\Repository\ServerRepositoryInterface $repository
     * @param \Illuminate\Contracts\Session\Session                       $session
     */
    public function __construct(
        ConfigRepository $config,
        ServerRepositoryInterface $repository,
        Session $session
    ) {
        $this->config = $config;
        $this->repository = $repository;
        $this->session = $session;
    }

    /**
     * Determine if a given user has permission to access a server.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure                 $next
     * @return \Illuminate\Http\Response|mixed
     *
     * @throws \Illuminate\Auth\AuthenticationException
     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
     * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
     * @throws \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
     */
    public function handle(Request $request, Closure $next)
    {
        $attributes = $request->route()->parameter('server');
        $isApiRequest = $request->expectsJson() || $request->is(...$this->config->get('pterodactyl.json_routes', []));
        $server = $this->repository->getByUuid($attributes instanceof Server ? $attributes->uuid : $attributes);

        if (! $server) {
            if ($isApiRequest) {
                throw new NotFoundHttpException('The requested server was not found on the system.');
            }

            return response()->view('errors.404', [], 404);
        }

        if ($server->suspended) {
            if ($isApiRequest) {
                throw new AccessDeniedHttpException('Server is suspended.');
            }

            return response()->view('errors.suspended', [], 403);
        }

        // Servers can have install statuses other than 1 or 0, so don't check
        // for a bool-type operator here.
        if ($server->installed !== 1) {
            if ($isApiRequest) {
                throw new AccessDeniedHttpException('Server is not marked as installed.');
            }

            return response()->view('errors.installing', [], 403);
        }

        // Store the server in the session.
        // @todo remove from session. use request attributes.
        $this->session->now('server_data.model', $server);

        // Add server to the request attributes. This will replace sessions
        // as files are updated.
        $request->attributes->set('server', $server);

        return $next($request);
    }
}
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00			`<?php`
Apply fixes from StyleCI 2016-12-07 22:46:38 +00:00
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00			`namespace Pterodactyl\Http\Middleware;`

Apply fixes from StyleCI 2016-12-07 22:46:38 +00:00			`use Closure;`
Initial implementation of improved sever model and logic 2017-02-02 23:21:36 +00:00			`use Illuminate\Http\Request;`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00			`use Pterodactyl\Models\Server;`
Apply fixes from StyleCI 2017-09-03 21:41:03 +00:00			`use Illuminate\Contracts\Session\Session;`
			`use Illuminate\Contracts\Config\Repository as ConfigRepository;`
			`use Pterodactyl\Contracts\Repository\ServerRepositoryInterface;`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00			`use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;`
			`use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00
Cleanup frontend controllers and middleware 2017-10-28 02:42:53 +00:00			`class AccessingValidServer`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00			`{`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00			`/**`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`* @var \Illuminate\Contracts\Config\Repository`
			`*/`
Begin adding unit tests for middleware 2017-10-30 02:40:34 +00:00			`private $config;`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00
			`/**`
			`* @var \Pterodactyl\Contracts\Repository\ServerRepositoryInterface`
			`*/`
Begin adding unit tests for middleware 2017-10-30 02:40:34 +00:00			`private $repository;`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00
			`/**`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`* @var \Illuminate\Contracts\Session\Session`
			`*/`
Begin adding unit tests for middleware 2017-10-30 02:40:34 +00:00			`private $session;`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00
			`/**`
Cleanup frontend controllers and middleware 2017-10-28 02:42:53 +00:00			`* AccessingValidServer constructor.`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00			`*`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`* @param \Illuminate\Contracts\Config\Repository $config`
			`* @param \Pterodactyl\Contracts\Repository\ServerRepositoryInterface $repository`
			`* @param \Illuminate\Contracts\Session\Session $session`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00			`*/`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`public function __construct(`
			`ConfigRepository $config,`
			`ServerRepositoryInterface $repository,`
			`Session $session`
			`) {`
			`$this->config = $config;`
			`$this->repository = $repository;`
			`$this->session = $session;`
			`}`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00			`/**`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`* Determine if a given user has permission to access a server.`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00			`*`
Massive PHPCS linting 2017-08-22 03:10:48 +00:00			`* @param \Illuminate\Http\Request $request`
			`* @param \Closure $next`
Begin adding unit tests for middleware 2017-10-30 02:40:34 +00:00			`* @return \Illuminate\Http\Response\|mixed`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`*`
			`* @throws \Illuminate\Auth\AuthenticationException`
			`* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException`
Begin implementation of new daemon authentication scheme 2017-09-24 01:45:25 +00:00			`* @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException`
			`* @throws \Symfony\Component\HttpKernel\Exception\NotFoundHttpException`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00			`*/`
Initial implementation of improved sever model and logic 2017-02-02 23:21:36 +00:00			`public function handle(Request $request, Closure $next)`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00			`{`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`$attributes = $request->route()->parameter('server');`
			`$isApiRequest = $request->expectsJson() \|\| $request->is(...$this->config->get('pterodactyl.json_routes', []));`
			`$server = $this->repository->getByUuid($attributes instanceof Server ? $attributes->uuid : $attributes);`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`if (! $server) {`
			`if ($isApiRequest) {`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00			`throw new NotFoundHttpException('The requested server was not found on the system.');`
			`}`

Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`return response()->view('errors.404', [], 404);`
			`}`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`if ($server->suspended) {`
			`if ($isApiRequest) {`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00			`throw new AccessDeniedHttpException('Server is suspended.');`
			`}`

Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`return response()->view('errors.suspended', [], 403);`
			`}`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00
Begin adding unit tests for middleware 2017-10-30 02:40:34 +00:00			`// Servers can have install statuses other than 1 or 0, so don't check`
			`// for a bool-type operator here.`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`if ($server->installed !== 1) {`
			`if ($isApiRequest) {`
Begin adding unit tests for middleware 2017-10-30 02:40:34 +00:00			`throw new AccessDeniedHttpException('Server is not marked as installed.');`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00			`}`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00
			`return response()->view('errors.installing', [], 403);`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00			`}`

Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`// Store the server in the session.`
Add database management back to front-end and begin some refactoring Here we go again boys... 2017-10-19 03:32:19 +00:00			`// @todo remove from session. use request attributes.`
Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`$this->session->now('server_data.model', $server);`

Add database management back to front-end and begin some refactoring Here we go again boys... 2017-10-19 03:32:19 +00:00			`// Add server to the request attributes. This will replace sessions`
			`// as files are updated.`
			`$request->attributes->set('server', $server);`

Improved middleware, console page now using new setup 2017-09-03 02:35:33 +00:00			`return $next($request);`
Better middleware for routes, cleaned up API, removed old API calls New API routes for Server allow specifying which fractal objects to load into the request, thus making it possible to fine-tune what data is returned. 2017-04-02 17:19:39 +00:00			`}`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 18:58:49 +00:00			`}`