First round of API additions

This commit is contained in:
Dane Everitt 2017-11-19 16:30:00 -06:00
parent bf9708fe4f
commit 698c121e11
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
8 changed files with 229 additions and 142 deletions

View file

@ -168,9 +168,10 @@ interface RepositoryInterface
/** /**
* Return all records from the model. * Return all records from the model.
* *
* @param null $paginate
* @return mixed * @return mixed
*/ */
public function all(); public function all($paginate = null);
/** /**
* Insert a single or multiple records into the database at once skipping * Insert a single or multiple records into the database at once skipping

View file

@ -0,0 +1,73 @@
<?php
namespace Pterodactyl\Http\Controllers\API\Admin\Users;
use Spatie\Fractal\Fractal;
use Illuminate\Http\Request;
use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Transformers\Admin\UserTransformer;
use League\Fractal\Pagination\IlluminatePaginatorAdapter;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
use Illuminate\Contracts\Config\Repository as ConfigRepository;
/**
* @SWG\Swagger(
* schemes={"https"},
* basePath="/api/admin/users"
* )
*/
class UserController extends Controller
{
/**
* @var \Spatie\Fractal\Fractal
*/
private $fractal;
/**
* @var \Pterodactyl\Contracts\Repository\UserRepositoryInterface
*/
private $repository;
/**
* @var \Illuminate\Contracts\Config\Repository
*/
private $config;
/**
* UserController constructor.
*
* @param \Illuminate\Contracts\Config\Repository $config
* @param \Spatie\Fractal\Fractal $fractal
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
*/
public function __construct(
ConfigRepository $config,
Fractal $fractal,
UserRepositoryInterface $repository
) {
$this->fractal = $fractal;
$this->repository = $repository;
$this->config = $config;
}
/**
* Handle request to list all users on the panel.
*
* @param \Illuminate\Http\Request $request
* @return array
*/
public function index(Request $request)
{
$users = $this->repository->all($this->config->get('pterodactyl.paginate.api.users'));
$fractal = $this->fractal->collection($users)
->transformWith(new UserTransformer($request))
->withResourceName('user')
->paginateWith(new IlluminatePaginatorAdapter($users));
if ($this->config->get('pterodactyl.api.include_on_list') && $request->input('include')) {
$fractal->parseIncludes(explode(',', $request->input('include')));
}
return $fractal->toArray();
}
}

View file

@ -89,7 +89,7 @@ class User extends Model implements
* *
* @var array * @var array
*/ */
protected $hidden = ['password', 'remember_token', 'totp_secret']; protected $hidden = ['password', 'remember_token', 'totp_secret', 'totp_authenticated_at'];
/** /**
* Parameters for search querying. * Parameters for search querying.

View file

@ -184,16 +184,22 @@ abstract class EloquentRepository extends Repository implements RepositoryInterf
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function all() public function all($paginate = null)
{ {
Assert::nullOrIntegerish($paginate, 'First argument passed to all must be null or integer, received %s.');
$instance = $this->getBuilder(); $instance = $this->getBuilder();
if (is_subclass_of(get_called_class(), SearchableInterface::class)) { if (is_subclass_of(get_called_class(), SearchableInterface::class)) {
$instance = $instance->search($this->searchTerm); $instance = $instance->search($this->searchTerm);
} }
if (is_null($paginate)) {
return $instance->get($this->getColumns()); return $instance->get($this->getColumns());
} }
return $instance->paginate($paginate, $this->getColumns());
}
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */

View file

@ -1,57 +1,37 @@
<?php <?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* This software is licensed under the terms of the MIT license.
* https://opensource.org/licenses/MIT
*/
namespace Pterodactyl\Transformers\Admin; namespace Pterodactyl\Transformers\Admin;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use League\Fractal\TransformerAbstract; use Pterodactyl\Transformers\ApiTransformer;
class UserTransformer extends TransformerAbstract class UserTransformer extends ApiTransformer
{ {
/** /**
* List of resources that can be included. * List of resources that can be included.
* *
* @var array * @var array
*/ */
protected $availableIncludes = [ protected $availableIncludes = ['servers'];
'access',
'servers',
];
/**
* The Illuminate Request object if provided.
*
* @var \Illuminate\Http\Request|bool
*/
protected $request;
/** /**
* Setup request object for transformer. * Setup request object for transformer.
* *
* @param \Illuminate\Http\Request|bool $request * @param \Illuminate\Http\Request $request
*/ */
public function __construct($request = false) public function __construct(Request $request)
{ {
if (! $request instanceof Request && $request !== false) {
throw new DisplayException('Request passed to constructor must be of type Request or false.');
}
$this->request = $request; $this->request = $request;
} }
/** /**
* Return a generic transformed subuser array. * Return a generic transformed subuser array.
* *
* @param \Pterodactyl\Models\User $user
* @return array * @return array
*/ */
public function transform(User $user) public function transform(User $user): array
{ {
return $user->toArray(); return $user->toArray();
} }
@ -59,28 +39,21 @@ class UserTransformer extends TransformerAbstract
/** /**
* Return the servers associated with this user. * Return the servers associated with this user.
* *
* @return \Leauge\Fractal\Resource\Collection * @param \Pterodactyl\Models\User $user
* @return bool|\League\Fractal\Resource\Collection
*
* @throws \Pterodactyl\Exceptions\PterodactylException
*/ */
public function includeServers(User $user) public function includeServers(User $user)
{ {
if ($this->request && ! $this->request->apiKeyHasPermission('server-list')) { if ($this->authorize('server-list')) {
return; return false;
} }
return $this->collection($user->servers, new ServerTransformer($this->request), 'server'); if (! $user->relationLoaded('servers')) {
$user->load('servers');
} }
/** return $this->collection($user->getRelation('servers'), new ServerTransformer($this->request), 'server');
* Return the servers that this user can access.
*
* @return \Leauge\Fractal\Resource\Collection
*/
public function includeAccess(User $user)
{
if ($this->request && ! $this->request->apiKeyHasPermission('server-list')) {
return;
}
return $this->collection($user->access()->get(), new ServerTransformer($this->request), 'server');
} }
} }

View file

@ -0,0 +1,39 @@
<?php
namespace Pterodactyl\Transformers;
use League\Fractal\TransformerAbstract;
use Pterodactyl\Exceptions\PterodactylException;
abstract class ApiTransformer extends TransformerAbstract
{
/**
* @var \Illuminate\Http\Request
*/
protected $request;
/**
* Determine if an API key from the request has permission to access
* a resource. This is used when loading includes on the transformed
* models.
*
* @param string $permission
* @return bool
*
* @throws \Pterodactyl\Exceptions\PterodactylException
*/
protected function authorize(string $permission): bool
{
/** @var \Pterodactyl\Models\APIKey $model */
$model = $this->request->attributes->get('api_key');
if (! $model->relationLoaded('permissions')) {
throw new PterodactylException('Permissions must be loaded onto a model before passing to transformer authorize function.');
}
$count = $model->getRelation('permissions')->filter(function ($model) use ($permission) {
return $model->permission === $permission;
})->count();
return $count > 0;
}
}

View file

@ -1,97 +1,19 @@
<?php <?php
/* /*
* Pterodactyl - Panel |--------------------------------------------------------------------------
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>. | User Controller Routes
* |--------------------------------------------------------------------------
* This software is licensed under the terms of the MIT license. |
* https://opensource.org/licenses/MIT | Endpoint: /api/admin/users
*/ |
//Route::get('/', 'CoreController@index'); */
// Route::group(['prefix' => '/users'], function () {
///* Route::get('/', 'Users\UserController@index')->name('api.admin.user.list');
//|-------------------------------------------------------------------------- Route::get('/{id}', 'Users\UserController@view');
//| Server Controller Routes
//|-------------------------------------------------------------------------- Route::post('/', 'Users\UserController@store');
//| Route::put('/{id}', 'Users\UserController@update');
//| Endpoint: /api/admin/servers
//| Route::delete('/{id}', 'Users\UserController@delete');
//*/ });
//Route::group(['prefix' => '/servers'], function () {
// Route::get('/', 'ServerController@index');
// Route::get('/{id}', 'ServerController@view');
//
// Route::post('/', 'ServerController@store');
//
// Route::put('/{id}/details', 'ServerController@details');
// Route::put('/{id}/container', 'ServerController@container');
// Route::put('/{id}/build', 'ServerController@build');
// Route::put('/{id}/startup', 'ServerController@startup');
//
// Route::patch('/{id}/install', 'ServerController@install');
// Route::patch('/{id}/rebuild', 'ServerController@rebuild');
// Route::patch('/{id}/suspend', 'ServerController@suspend');
//
// Route::delete('/{id}', 'ServerController@delete');
//});
//
///*
//|--------------------------------------------------------------------------
//| Location Controller Routes
//|--------------------------------------------------------------------------
//|
//| Endpoint: /api/admin/locations
//|
//*/
//Route::group(['prefix' => '/locations'], function () {
// Route::get('/', 'LocationController@index');
//});
//
///*
//|--------------------------------------------------------------------------
//| Node Controller Routes
//|--------------------------------------------------------------------------
//|
//| Endpoint: /api/admin/nodes
//|
//*/
//Route::group(['prefix' => '/nodes'], function () {
// Route::get('/', 'NodeController@index');
// Route::get('/{id}', 'NodeController@view');
// Route::get('/{id}/config', 'NodeController@viewConfig');
//
// Route::post('/', 'NodeController@store');
//
// Route::delete('/{id}', 'NodeController@delete');
//});
//
///*
//|--------------------------------------------------------------------------
//| User Controller Routes
//|--------------------------------------------------------------------------
//|
//| Endpoint: /api/admin/users
//|
//*/
//Route::group(['prefix' => '/users'], function () {
// Route::get('/', 'UserController@index');
// Route::get('/{id}', 'UserController@view');
//
// Route::post('/', 'UserController@store');
//
// Route::put('/{id}', 'UserController@update');
//
// Route::delete('/{id}', 'UserController@delete');
//});
//
///*
//|--------------------------------------------------------------------------
//| Service Controller Routes
//|--------------------------------------------------------------------------
//|
//| Endpoint: /api/admin/services
//|
//*/
//Route::group(['prefix' => '/services'], function () {
// Route::get('/', 'ServiceController@index');
// Route::get('/{id}', 'ServiceController@view');
//});

73
spec/admin/swagger.yaml Normal file
View file

@ -0,0 +1,73 @@
swagger: "2.0"
info:
version: 1.0.0
title: Pterodactyl Admin API Reference
description: Pterodactyl Panel API Documentation
contact:
name: Dane Everitt
url: https://pterodactyl.io
email: support@pterodactyl.io
license:
name: MIT
host: example.com
basePath: /api/admin
schemes:
- http
- https
consumes:
- application/vnd.pterodactyl.v1+json
produces:
- application/json
paths:
/users:
get:
description: |
Returns all users that exist on the Panel.
operationId: findUsers
responses:
"200":
description: OK
schema:
type: object
required: ["data"]
properties:
data:
type: array
items:
$ref: '#/definitions/User'
properties:
id:
type: integer
attributes:
type: object
definitions:
User:
allOf:
- required:
- email
- username
- uuid
properties:
external_id:
type: string
uuid:
type: string
email:
type: string
username:
type: string
name_first:
type: string
name_last:
type: string
language:
type: string
root_admin:
type: boolean
use_totp:
type: boolean
updated_at:
type: string
created_at:
type: string