Add database password rotation to view

This commit is contained in:
Dane Everitt 2019-07-27 15:17:50 -07:00
parent f6ee885f26
commit 48c39abfcb
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
11 changed files with 178 additions and 6 deletions

View file

@ -2,9 +2,11 @@
namespace Pterodactyl\Http\Controllers\Api\Client\Servers;
use Illuminate\Support\Str;
use Illuminate\Http\Response;
use Pterodactyl\Models\Server;
use Pterodactyl\Models\Database;
use Pterodactyl\Services\Databases\DatabasePasswordService;
use Pterodactyl\Transformers\Api\Client\DatabaseTransformer;
use Pterodactyl\Services\Databases\DatabaseManagementService;
use Pterodactyl\Services\Databases\DeployServerDatabaseService;
@ -13,6 +15,7 @@ use Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface;
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\GetDatabasesRequest;
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\StoreDatabaseRequest;
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\DeleteDatabaseRequest;
use Pterodactyl\Http\Requests\Api\Client\Servers\Databases\RotatePasswordRequest;
class DatabaseController extends ClientApiController
{
@ -31,15 +34,22 @@ class DatabaseController extends ClientApiController
*/
private $managementService;
/**
* @var \Pterodactyl\Services\Databases\DatabasePasswordService
*/
private $passwordService;
/**
* DatabaseController constructor.
*
* @param \Pterodactyl\Services\Databases\DatabaseManagementService $managementService
* @param \Pterodactyl\Services\Databases\DatabasePasswordService $passwordService
* @param \Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface $repository
* @param \Pterodactyl\Services\Databases\DeployServerDatabaseService $deployDatabaseService
*/
public function __construct(
DatabaseManagementService $managementService,
DatabasePasswordService $passwordService,
DatabaseRepositoryInterface $repository,
DeployServerDatabaseService $deployDatabaseService
) {
@ -48,6 +58,7 @@ class DatabaseController extends ClientApiController
$this->deployDatabaseService = $deployDatabaseService;
$this->repository = $repository;
$this->managementService = $managementService;
$this->passwordService = $passwordService;
}
/**
@ -81,6 +92,30 @@ class DatabaseController extends ClientApiController
->toArray();
}
/**
* Rotates the password for the given server model and returns a fresh instance to
* the caller.
*
* @param \Pterodactyl\Http\Requests\Api\Client\Servers\Databases\RotatePasswordRequest $request
* @return array
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
public function rotatePassword(RotatePasswordRequest $request)
{
$database = $request->getModel(Database::class);
$this->passwordService->handle($database, Str::random(24));
$database->refresh();
return $this->fractal->item($database)
->parseIncludes(['password'])
->transformWith($this->getTransformer(DatabaseTransformer::class))
->toArray();
}
/**
* @param \Pterodactyl\Http\Requests\Api\Client\Servers\Databases\DeleteDatabaseRequest $request
* @return \Illuminate\Http\Response

View file

@ -6,6 +6,9 @@ use Pterodactyl\Models\Server;
use Pterodactyl\Contracts\Http\ClientPermissionsRequest;
use Pterodactyl\Http\Requests\Api\Application\ApplicationApiRequest;
/**
* @method \Pterodactyl\Models\User user($guard = null)
*/
abstract class ClientApiRequest extends ApplicationApiRequest
{
/**

View file

@ -0,0 +1,19 @@
<?php
namespace Pterodactyl\Http\Requests\Api\Client\Servers\Databases;
use Pterodactyl\Models\Server;
use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
class RotatePasswordRequest extends ClientApiRequest
{
/**
* Check that the user has permission to rotate the password.
*
* @return bool
*/
public function authorize(): bool
{
return $this->user()->can('reset-db-password', $this->getModel(Server::class));
}
}

View file

@ -2,6 +2,7 @@
namespace Pterodactyl\Services\Databases;
use Webmozart\Assert\Assert;
use Pterodactyl\Models\Database;
use Illuminate\Database\ConnectionInterface;
use Illuminate\Contracts\Encryption\Encrypter;
@ -63,6 +64,8 @@ class DatabasePasswordService
public function handle($database, string $password): bool
{
if (! $database instanceof Database) {
Assert::integerish($database);
$database = $this->repository->find($database);
}

View file

@ -0,0 +1,10 @@
import { rawDataToServerDatabase, ServerDatabase } from '@/api/server/getServerDatabases';
import http from '@/api/http';
export default (uuid: string, database: string): Promise<ServerDatabase> => {
return new Promise((resolve, reject) => {
http.post(`/api/client/servers/${uuid}/databases/${database}/rotate-password`)
.then((response) => resolve(rawDataToServerDatabase(response.data.attributes)))
.catch(reject);
});
};

View file

@ -0,0 +1,20 @@
import React from 'react';
import classNames from 'classnames';
type Props = { isLoading?: boolean } & React.DetailedHTMLProps<React.ButtonHTMLAttributes<HTMLButtonElement>, HTMLButtonElement>;
export default ({ isLoading, children, className, ...props }: Props) => (
<button
{...props}
className={classNames('btn btn-sm relative', className)}
>
{isLoading &&
<div className={'w-full flex absolute justify-center'} style={{ marginLeft: '-0.75rem' }}>
<div className={'spinner-circle spinner-white spinner-sm'}/>
</div>
}
<span className={isLoading ? 'text-transparent' : undefined}>
{children}
</span>
</button>
);

View file

@ -15,19 +15,26 @@ import { ApplicationStore } from '@/state';
import { ServerContext } from '@/state/server';
import deleteServerDatabase from '@/api/server/deleteServerDatabase';
import { httpErrorToHuman } from '@/api/http';
import RotatePasswordButton from '@/components/server/databases/RotatePasswordButton';
interface Props {
database: ServerDatabase;
databaseId: string | number;
className?: string;
onDelete: () => void;
}
export default ({ database, className, onDelete }: Props) => {
export default ({ databaseId, className, onDelete }: Props) => {
const [visible, setVisible] = useState(false);
const database = ServerContext.useStoreState(state => state.databases.items.find(item => item.id === databaseId));
const appendDatabase = ServerContext.useStoreActions(actions => actions.databases.appendDatabase);
const [connectionVisible, setConnectionVisible] = useState(false);
const { addFlash, clearFlashes } = useStoreActions((actions: Actions<ApplicationStore>) => actions.flashes);
const server = ServerContext.useStoreState(state => state.server.data!);
if (!database) {
return null;
}
const schema = object().shape({
confirm: string()
.required('The database name must be provided.')
@ -104,6 +111,7 @@ export default ({ database, className, onDelete }: Props) => {
}
</Formik>
<Modal visible={connectionVisible} onDismissed={() => setConnectionVisible(false)}>
<FlashMessageRender byKey={'database-connection-modal'} className={'mb-6'}/>
<h3 className={'mb-6'}>Database connection details</h3>
<div>
<label className={'input-dark-label'}>Password</label>
@ -119,6 +127,7 @@ export default ({ database, className, onDelete }: Props) => {
/>
</div>
<div className={'mt-6 text-right'}>
<RotatePasswordButton databaseId={database.id} onUpdate={appendDatabase}/>
<button className={'btn btn-sm btn-secondary'} onClick={() => setConnectionVisible(false)}>
Close
</button>

View file

@ -12,12 +12,15 @@ import CreateDatabaseButton from '@/components/server/databases/CreateDatabaseBu
export default () => {
const [ loading, setLoading ] = useState(true);
const [ databases, setDatabases ] = useState<ServerDatabase[]>([]);
const server = ServerContext.useStoreState(state => state.server.data!);
const databases = ServerContext.useStoreState(state => state.databases.items);
const { setDatabases, appendDatabase, removeDatabase } = ServerContext.useStoreActions(state => state.databases);
const { addFlash, clearFlashes } = useStoreActions((actions: Actions<ApplicationStore>) => actions.flashes);
useEffect(() => {
setLoading(!databases.length);
clearFlashes('databases');
getServerDatabases(server.uuid)
.then(databases => {
setDatabases(databases);
@ -43,8 +46,8 @@ export default () => {
databases.map((database, index) => (
<DatabaseRow
key={database.id}
database={database}
onDelete={() => setDatabases(s => [ ...s.filter(d => d.id !== database.id) ])}
databaseId={database.id}
onDelete={() => removeDatabase(database)}
className={index > 0 ? 'mt-1' : undefined}
/>
))
@ -54,7 +57,7 @@ export default () => {
</p>
}
<div className={'mt-6 flex justify-end'}>
<CreateDatabaseButton onCreated={database => setDatabases(s => [ ...s, database ])}/>
<CreateDatabaseButton onCreated={appendDatabase}/>
</div>
</React.Fragment>
</CSSTransition>

View file

@ -0,0 +1,45 @@
import React, { useState } from 'react';
import rotateDatabasePassword from '@/api/server/rotateDatabasePassword';
import { Actions, useStoreActions } from 'easy-peasy';
import { ApplicationStore } from '@/state';
import { ServerContext } from '@/state/server';
import { ServerDatabase } from '@/api/server/getServerDatabases';
import { httpErrorToHuman } from '@/api/http';
import Button from '@/components/elements/Button';
export default ({ databaseId, onUpdate }: {
databaseId: string;
onUpdate: (database: ServerDatabase) => void;
}) => {
const [ loading, setLoading ] = useState(false);
const { addFlash, clearFlashes } = useStoreActions((actions: Actions<ApplicationStore>) => actions.flashes);
const server = ServerContext.useStoreState(state => state.server.data!);
if (!databaseId) {
return null;
}
const rotate = () => {
setLoading(true);
clearFlashes();
rotateDatabasePassword(server.uuid, databaseId)
.then(database => onUpdate(database))
.catch(error => {
console.error(error);
addFlash({
type: 'error',
title: 'Error',
message: httpErrorToHuman(error),
key: 'database-connection-modal',
});
})
.then(() => setLoading(false));
};
return (
<Button className={'btn-secondary mr-2'} onClick={rotate} isLoading={loading}>
Rotate Password
</Button>
);
};

View file

@ -1,6 +1,7 @@
import getServer, { Server } from '@/api/server/getServer';
import { action, Action, createContextStore, thunk, Thunk } from 'easy-peasy';
import socket, { SocketStore } from './socket';
import { ServerDatabase } from '@/api/server/getServerDatabases';
export type ServerStatus = 'offline' | 'starting' | 'stopping' | 'running';
@ -32,8 +33,29 @@ const status: ServerStatusStore = {
}),
};
interface ServerDatabaseStore {
items: ServerDatabase[];
setDatabases: Action<ServerDatabaseStore, ServerDatabase[]>;
appendDatabase: Action<ServerDatabaseStore, ServerDatabase>;
removeDatabase: Action<ServerDatabaseStore, ServerDatabase>;
}
const databases: ServerDatabaseStore = {
items: [],
setDatabases: action((state, payload) => {
state.items = payload;
}),
appendDatabase: action((state, payload) => {
state.items = state.items.filter(item => item.id !== payload.id).concat(payload);
}),
removeDatabase: action((state, payload) => {
state.items = state.items.filter(item => item.id !== payload.id);
}),
};
export interface ServerStore {
server: ServerDataStore;
databases: ServerDatabaseStore;
socket: SocketStore;
status: ServerStatusStore;
clearServerState: Action<ServerStore>;
@ -43,8 +65,10 @@ export const ServerContext = createContextStore<ServerStore>({
server,
socket,
status,
databases,
clearServerState: action(state => {
state.server.data = undefined;
state.databases.items = [];
if (state.socket.instance) {
state.socket.instance.removeAllListeners();

View file

@ -38,6 +38,7 @@ Route::group(['prefix' => '/servers/{server}', 'middleware' => [AuthenticateServ
Route::group(['prefix' => '/databases'], function () {
Route::get('/', 'Servers\DatabaseController@index')->name('api.client.servers.databases');
Route::post('/', 'Servers\DatabaseController@store');
Route::post('/{database}/rotate-password', 'Servers\DatabaseController@rotatePassword');
Route::delete('/{database}', 'Servers\DatabaseController@delete')->name('api.client.servers.databases.delete');
});