diff --git a/app/Http/Requests/Api/Application/ApplicationApiRequest.php b/app/Http/Requests/Api/Application/ApplicationApiRequest.php index 143549dbf..29e09b4f5 100644 --- a/app/Http/Requests/Api/Application/ApplicationApiRequest.php +++ b/app/Http/Requests/Api/Application/ApplicationApiRequest.php @@ -3,9 +3,7 @@ namespace Pterodactyl\Http\Requests\Api\Application; use Pterodactyl\Models\ApiKey; -use Pterodactyl\Services\Acl\Api\AdminAcl; use Illuminate\Foundation\Http\FormRequest; -use Pterodactyl\Exceptions\PterodactylException; use Pterodactyl\Http\Middleware\Api\ApiSubstituteBindings; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; use Symfony\Component\Routing\Exception\InvalidParameterException; @@ -19,38 +17,12 @@ abstract class ApplicationApiRequest extends FormRequest private bool $hasValidated = false; /** - * The resource that should be checked when performing the authorization - * function for this request. - * - * @var string|null - */ - protected string $resource; - - /** - * The permission level that a given API key should have for accessing - * the defined $resource during the request cycle. - * - * @var int - */ - protected int $permission = AdminAcl::NONE; - - /** - * Determine if the current user is authorized to perform - * the requested action against the API. - * - * @throws \Pterodactyl\Exceptions\PterodactylException + * Determine if the current user is authorized to perform the requested + * action against the API. */ public function authorize(): bool { - if (is_null($this->resource)) { - throw new PterodactylException('An ACL resource must be defined on API requests.'); - } - - if ($this->key()->key_type === ApiKey::TYPE_ACCOUNT) { - return $this->user()->root_admin; - } - - return AdminAcl::check($this->key(), $this->resource, $this->permission); + return false; } /** diff --git a/app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php b/app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php index f1c926813..b4405e3e9 100644 --- a/app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php +++ b/app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php @@ -3,9 +3,9 @@ namespace Pterodactyl\Http\Requests\Api\Client\Account; use Pterodactyl\Models\PersonalAccessToken; -use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; +use Pterodactyl\Http\Requests\Api\Client\AccountApiRequest; -class StoreApiKeyRequest extends ClientApiRequest +class StoreApiKeyRequest extends AccountApiRequest { public function rules(): array { diff --git a/app/Http/Requests/Api/Client/Account/StoreSSHKeyRequest.php b/app/Http/Requests/Api/Client/Account/StoreSSHKeyRequest.php index 359b3400d..ed5df22c4 100644 --- a/app/Http/Requests/Api/Client/Account/StoreSSHKeyRequest.php +++ b/app/Http/Requests/Api/Client/Account/StoreSSHKeyRequest.php @@ -3,9 +3,9 @@ namespace Pterodactyl\Http\Requests\Api\Client\Account; use Pterodactyl\Models\UserSSHKey; -use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; +use Pterodactyl\Http\Requests\Api\Client\AccountApiRequest; -class StoreSSHKeyRequest extends ClientApiRequest +class StoreSSHKeyRequest extends AccountApiRequest { public function rules(): array { diff --git a/app/Http/Requests/Api/Client/Account/UpdateEmailRequest.php b/app/Http/Requests/Api/Client/Account/UpdateEmailRequest.php index 193d2fd70..25f885ce3 100644 --- a/app/Http/Requests/Api/Client/Account/UpdateEmailRequest.php +++ b/app/Http/Requests/Api/Client/Account/UpdateEmailRequest.php @@ -3,20 +3,16 @@ namespace Pterodactyl\Http\Requests\Api\Client\Account; use Pterodactyl\Models\User; -use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; +use Pterodactyl\Http\Requests\Api\Client\AccountApiRequest; use Pterodactyl\Exceptions\Http\Base\InvalidPasswordProvidedException; -class UpdateEmailRequest extends ClientApiRequest +class UpdateEmailRequest extends AccountApiRequest { /** * @throws \Pterodactyl\Exceptions\Http\Base\InvalidPasswordProvidedException */ public function authorize(): bool { - if (!parent::authorize()) { - return false; - } - // Verify password matches when changing password or email. if (!password_verify($this->input('password'), $this->user()->password)) { throw new InvalidPasswordProvidedException(trans('validation.internal.invalid_password')); diff --git a/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php b/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php index c0e27bdb5..56d771338 100644 --- a/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php +++ b/app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php @@ -2,20 +2,16 @@ namespace Pterodactyl\Http\Requests\Api\Client\Account; -use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; +use Pterodactyl\Http\Requests\Api\Client\AccountApiRequest; use Pterodactyl\Exceptions\Http\Base\InvalidPasswordProvidedException; -class UpdatePasswordRequest extends ClientApiRequest +class UpdatePasswordRequest extends AccountApiRequest { /** * @throws \Pterodactyl\Exceptions\Http\Base\InvalidPasswordProvidedException */ public function authorize(): bool { - if (!parent::authorize()) { - return false; - } - // Verify password matches when changing password or email. if (!password_verify($this->input('current_password'), $this->user()->password)) { throw new InvalidPasswordProvidedException(trans('validation.internal.invalid_password')); diff --git a/app/Http/Requests/Api/Client/AccountApiRequest.php b/app/Http/Requests/Api/Client/AccountApiRequest.php new file mode 100644 index 000000000..f060f3f0a --- /dev/null +++ b/app/Http/Requests/Api/Client/AccountApiRequest.php @@ -0,0 +1,16 @@ +route()->parameter('server'); + $server = $this->route()->parameter('server'); - if ($server instanceof Server) { - return $this->user()->can($this->permission(), $server); - } - - // If there is no server available on the reqest, trigger a failure since - // we expect there to be one at this point. - return false; + if ($server instanceof Server) { + return $this->user()->can($this->permission(), $server); } - return true; + // If there is no server available on the reqest, trigger a failure since + // we expect there to be one at this point. + return false; } } diff --git a/app/Http/Requests/Api/Client/GetServersRequest.php b/app/Http/Requests/Api/Client/GetServersRequest.php index 28b4c2ded..02d9bf5b5 100644 --- a/app/Http/Requests/Api/Client/GetServersRequest.php +++ b/app/Http/Requests/Api/Client/GetServersRequest.php @@ -2,10 +2,6 @@ namespace Pterodactyl\Http\Requests\Api\Client; -class GetServersRequest extends ClientApiRequest +class GetServersRequest extends AccountApiRequest { - public function authorize(): bool - { - return true; - } } diff --git a/app/Http/Requests/Api/Client/Servers/Backups/StoreBackupRequest.php b/app/Http/Requests/Api/Client/Servers/Backups/StoreBackupRequest.php index 5fbdaf728..2871c039c 100644 --- a/app/Http/Requests/Api/Client/Servers/Backups/StoreBackupRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Backups/StoreBackupRequest.php @@ -7,10 +7,7 @@ use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; class StoreBackupRequest extends ClientApiRequest { - /** - * @return string - */ - public function permission() + public function permission(): string { return Permission::ACTION_BACKUP_CREATE; } diff --git a/app/Http/Requests/Api/Client/Servers/Databases/DeleteDatabaseRequest.php b/app/Http/Requests/Api/Client/Servers/Databases/DeleteDatabaseRequest.php index 92b14157a..f6ccaa3bf 100644 --- a/app/Http/Requests/Api/Client/Servers/Databases/DeleteDatabaseRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Databases/DeleteDatabaseRequest.php @@ -2,21 +2,13 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers\Databases; -use Pterodactyl\Models\Server; -use Pterodactyl\Models\Database; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class DeleteDatabaseRequest extends ClientApiRequest implements ClientPermissionsRequest +class DeleteDatabaseRequest extends ClientApiRequest { public function permission(): string { return Permission::ACTION_DATABASE_DELETE; } - - public function resourceExists(): bool - { - return $this->getModel(Server::class)->id === $this->getModel(Database::class)->server_id; - } } diff --git a/app/Http/Requests/Api/Client/Servers/Databases/GetDatabasesRequest.php b/app/Http/Requests/Api/Client/Servers/Databases/GetDatabasesRequest.php index 80eabf945..383285e1a 100644 --- a/app/Http/Requests/Api/Client/Servers/Databases/GetDatabasesRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Databases/GetDatabasesRequest.php @@ -3,10 +3,9 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers\Databases; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class GetDatabasesRequest extends ClientApiRequest implements ClientPermissionsRequest +class GetDatabasesRequest extends ClientApiRequest { public function permission(): string { diff --git a/app/Http/Requests/Api/Client/Servers/Databases/RotatePasswordRequest.php b/app/Http/Requests/Api/Client/Servers/Databases/RotatePasswordRequest.php index b2a9163ad..b7ce7210e 100644 --- a/app/Http/Requests/Api/Client/Servers/Databases/RotatePasswordRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Databases/RotatePasswordRequest.php @@ -7,9 +7,6 @@ use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; class RotatePasswordRequest extends ClientApiRequest { - /** - * Check that the user has permission to rotate the password. - */ public function permission(): string { return Permission::ACTION_DATABASE_UPDATE; diff --git a/app/Http/Requests/Api/Client/Servers/Databases/StoreDatabaseRequest.php b/app/Http/Requests/Api/Client/Servers/Databases/StoreDatabaseRequest.php index b8f12bd8a..d93b02821 100644 --- a/app/Http/Requests/Api/Client/Servers/Databases/StoreDatabaseRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Databases/StoreDatabaseRequest.php @@ -7,11 +7,10 @@ use Pterodactyl\Models\Server; use Illuminate\Validation\Rule; use Pterodactyl\Models\Permission; use Illuminate\Database\Query\Builder; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; use Pterodactyl\Services\Databases\DatabaseManagementService; -class StoreDatabaseRequest extends ClientApiRequest implements ClientPermissionsRequest +class StoreDatabaseRequest extends ClientApiRequest { public function permission(): string { diff --git a/app/Http/Requests/Api/Client/Servers/Files/ChmodFilesRequest.php b/app/Http/Requests/Api/Client/Servers/Files/ChmodFilesRequest.php index bf94cb6ba..bb4e4365d 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/ChmodFilesRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/ChmodFilesRequest.php @@ -3,10 +3,9 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers\Files; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class ChmodFilesRequest extends ClientApiRequest implements ClientPermissionsRequest +class ChmodFilesRequest extends ClientApiRequest { public function permission(): string { diff --git a/app/Http/Requests/Api/Client/Servers/Files/CompressFilesRequest.php b/app/Http/Requests/Api/Client/Servers/Files/CompressFilesRequest.php index 3d6e96aac..993f67a2b 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/CompressFilesRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/CompressFilesRequest.php @@ -7,9 +7,6 @@ use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; class CompressFilesRequest extends ClientApiRequest { - /** - * Checks that the authenticated user is allowed to create archives for this server. - */ public function permission(): string { return Permission::ACTION_FILE_ARCHIVE; diff --git a/app/Http/Requests/Api/Client/Servers/Files/CopyFileRequest.php b/app/Http/Requests/Api/Client/Servers/Files/CopyFileRequest.php index 686c23a23..0bf32bc92 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/CopyFileRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/CopyFileRequest.php @@ -3,10 +3,9 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers\Files; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class CopyFileRequest extends ClientApiRequest implements ClientPermissionsRequest +class CopyFileRequest extends ClientApiRequest { public function permission(): string { diff --git a/app/Http/Requests/Api/Client/Servers/Files/CreateFolderRequest.php b/app/Http/Requests/Api/Client/Servers/Files/CreateFolderRequest.php index e4655575d..eaf1fc130 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/CreateFolderRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/CreateFolderRequest.php @@ -7,9 +7,6 @@ use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; class CreateFolderRequest extends ClientApiRequest { - /** - * Checks that the authenticated user is allowed to create files on the server. - */ public function permission(): string { return Permission::ACTION_FILE_CREATE; diff --git a/app/Http/Requests/Api/Client/Servers/Files/DeleteFileRequest.php b/app/Http/Requests/Api/Client/Servers/Files/DeleteFileRequest.php index 10db32811..ea700378a 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/DeleteFileRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/DeleteFileRequest.php @@ -3,10 +3,9 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers\Files; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class DeleteFileRequest extends ClientApiRequest implements ClientPermissionsRequest +class DeleteFileRequest extends ClientApiRequest { public function permission(): string { diff --git a/app/Http/Requests/Api/Client/Servers/Files/DownloadFileRequest.php b/app/Http/Requests/Api/Client/Servers/Files/DownloadFileRequest.php deleted file mode 100644 index 0386b8555..000000000 --- a/app/Http/Requests/Api/Client/Servers/Files/DownloadFileRequest.php +++ /dev/null @@ -1,18 +0,0 @@ -user()->can('file.read', $this->getModel(Server::class)); - } -} diff --git a/app/Http/Requests/Api/Client/Servers/Files/GetFileContentsRequest.php b/app/Http/Requests/Api/Client/Servers/Files/GetFileContentsRequest.php index ea6ed7b69..4b8a3d4f5 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/GetFileContentsRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/GetFileContentsRequest.php @@ -3,16 +3,10 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers\Files; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class GetFileContentsRequest extends ClientApiRequest implements ClientPermissionsRequest +class GetFileContentsRequest extends ClientApiRequest { - /** - * Returns the permissions string indicating which permission should be used to - * validate that the authenticated user has permission to perform this action aganist - * the given resource (server). - */ public function permission(): string { return Permission::ACTION_FILE_READ_CONTENT; diff --git a/app/Http/Requests/Api/Client/Servers/Files/PullFileRequest.php b/app/Http/Requests/Api/Client/Servers/Files/PullFileRequest.php index cfcaf29bb..c8c686b1a 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/PullFileRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/PullFileRequest.php @@ -3,10 +3,9 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers\Files; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class PullFileRequest extends ClientApiRequest implements ClientPermissionsRequest +class PullFileRequest extends ClientApiRequest { public function permission(): string { diff --git a/app/Http/Requests/Api/Client/Servers/Files/RenameFileRequest.php b/app/Http/Requests/Api/Client/Servers/Files/RenameFileRequest.php index 61c4a0c5f..90852d8c4 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/RenameFileRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/RenameFileRequest.php @@ -3,10 +3,9 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers\Files; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class RenameFileRequest extends ClientApiRequest implements ClientPermissionsRequest +class RenameFileRequest extends ClientApiRequest { /** * The permission the user is required to have in order to perform this diff --git a/app/Http/Requests/Api/Client/Servers/Files/UploadFileRequest.php b/app/Http/Requests/Api/Client/Servers/Files/UploadFileRequest.php index 6808a5497..a591fdf68 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/UploadFileRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/UploadFileRequest.php @@ -7,10 +7,7 @@ use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; class UploadFileRequest extends ClientApiRequest { - /** - * @return string - */ - public function permission() + public function permission(): string { return Permission::ACTION_FILE_CREATE; } diff --git a/app/Http/Requests/Api/Client/Servers/Files/WriteFileContentRequest.php b/app/Http/Requests/Api/Client/Servers/Files/WriteFileContentRequest.php index 82a994c36..bd43dd6c1 100644 --- a/app/Http/Requests/Api/Client/Servers/Files/WriteFileContentRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Files/WriteFileContentRequest.php @@ -3,10 +3,9 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers\Files; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class WriteFileContentRequest extends ClientApiRequest implements ClientPermissionsRequest +class WriteFileContentRequest extends ClientApiRequest { /** * Returns the permissions string indicating which permission should be used to diff --git a/app/Http/Requests/Api/Client/Servers/GetServerRequest.php b/app/Http/Requests/Api/Client/Servers/GetServerRequest.php index 3798d77ab..bf8f9c78f 100644 --- a/app/Http/Requests/Api/Client/Servers/GetServerRequest.php +++ b/app/Http/Requests/Api/Client/Servers/GetServerRequest.php @@ -2,17 +2,8 @@ namespace Pterodactyl\Http\Requests\Api\Client\Servers; -use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; +use Pterodactyl\Http\Requests\Api\Client\AccountApiRequest; -class GetServerRequest extends ClientApiRequest +class GetServerRequest extends AccountApiRequest { - /** - * Determine if a client has permission to view this server on the API. This - * should never be false since this would be checking the same permission as - * resourceExists(). - */ - public function authorize(): bool - { - return true; - } } diff --git a/app/Http/Requests/Api/Client/Servers/Settings/ReinstallServerRequest.php b/app/Http/Requests/Api/Client/Servers/Settings/ReinstallServerRequest.php index 9edc8ad1c..63f01dbae 100644 --- a/app/Http/Requests/Api/Client/Servers/Settings/ReinstallServerRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Settings/ReinstallServerRequest.php @@ -7,10 +7,7 @@ use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; class ReinstallServerRequest extends ClientApiRequest { - /** - * @return string - */ - public function permission() + public function permission(): string { return Permission::ACTION_SETTINGS_REINSTALL; } diff --git a/app/Http/Requests/Api/Client/Servers/Settings/RenameServerRequest.php b/app/Http/Requests/Api/Client/Servers/Settings/RenameServerRequest.php index 8cb5efa35..f27666eb3 100644 --- a/app/Http/Requests/Api/Client/Servers/Settings/RenameServerRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Settings/RenameServerRequest.php @@ -7,7 +7,7 @@ use Pterodactyl\Models\Permission; use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class RenameServerRequest extends ClientApiRequest implements ClientPermissionsRequest +class RenameServerRequest extends ClientApiRequest { /** * Returns the permissions string indicating which permission should be used to diff --git a/app/Http/Requests/Api/Client/Servers/Settings/SetDockerImageRequest.php b/app/Http/Requests/Api/Client/Servers/Settings/SetDockerImageRequest.php index bd3a1e65f..237de4f57 100644 --- a/app/Http/Requests/Api/Client/Servers/Settings/SetDockerImageRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Settings/SetDockerImageRequest.php @@ -6,10 +6,9 @@ use Webmozart\Assert\Assert; use Pterodactyl\Models\Server; use Illuminate\Validation\Rule; use Pterodactyl\Models\Permission; -use Pterodactyl\Contracts\Http\ClientPermissionsRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; -class SetDockerImageRequest extends ClientApiRequest implements ClientPermissionsRequest +class SetDockerImageRequest extends ClientApiRequest { public function permission(): string { diff --git a/app/Http/Requests/Api/Client/Servers/Startup/GetStartupRequest.php b/app/Http/Requests/Api/Client/Servers/Startup/GetStartupRequest.php index 25ab2ce21..fee92bcbc 100644 --- a/app/Http/Requests/Api/Client/Servers/Startup/GetStartupRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Startup/GetStartupRequest.php @@ -7,10 +7,7 @@ use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; class GetStartupRequest extends ClientApiRequest { - /** - * @return string - */ - public function permission() + public function permission(): string { return Permission::ACTION_STARTUP_READ; } diff --git a/app/Http/Requests/Api/Client/Servers/Startup/UpdateStartupVariableRequest.php b/app/Http/Requests/Api/Client/Servers/Startup/UpdateStartupVariableRequest.php index b46e6ea9a..9859c8a6d 100644 --- a/app/Http/Requests/Api/Client/Servers/Startup/UpdateStartupVariableRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Startup/UpdateStartupVariableRequest.php @@ -7,10 +7,7 @@ use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; class UpdateStartupVariableRequest extends ClientApiRequest { - /** - * @return string - */ - public function permission() + public function permission(): string { return Permission::ACTION_STARTUP_UPDATE; } diff --git a/app/Http/Requests/Api/Client/Servers/Subusers/DeleteSubuserRequest.php b/app/Http/Requests/Api/Client/Servers/Subusers/DeleteSubuserRequest.php index ef0a09aaa..eabd84e61 100644 --- a/app/Http/Requests/Api/Client/Servers/Subusers/DeleteSubuserRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Subusers/DeleteSubuserRequest.php @@ -6,10 +6,7 @@ use Pterodactyl\Models\Permission; class DeleteSubuserRequest extends SubuserRequest { - /** - * @return string - */ - public function permission() + public function permission(): string { return Permission::ACTION_USER_DELETE; } diff --git a/app/Http/Requests/Api/Client/Servers/Subusers/StoreSubuserRequest.php b/app/Http/Requests/Api/Client/Servers/Subusers/StoreSubuserRequest.php index 5bc93ab2f..6e8722516 100644 --- a/app/Http/Requests/Api/Client/Servers/Subusers/StoreSubuserRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Subusers/StoreSubuserRequest.php @@ -6,10 +6,7 @@ use Pterodactyl\Models\Permission; class StoreSubuserRequest extends SubuserRequest { - /** - * @return string - */ - public function permission() + public function permission(): string { return Permission::ACTION_USER_CREATE; } diff --git a/app/Http/Requests/Api/Client/Servers/Subusers/UpdateSubuserRequest.php b/app/Http/Requests/Api/Client/Servers/Subusers/UpdateSubuserRequest.php index 997b2daee..bd8929a98 100644 --- a/app/Http/Requests/Api/Client/Servers/Subusers/UpdateSubuserRequest.php +++ b/app/Http/Requests/Api/Client/Servers/Subusers/UpdateSubuserRequest.php @@ -6,10 +6,7 @@ use Pterodactyl\Models\Permission; class UpdateSubuserRequest extends SubuserRequest { - /** - * @return string - */ - public function permission() + public function permission(): string { return Permission::ACTION_USER_UPDATE; }