From 6e5c365018e51d17641f96445bf2974f67d5c74f Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Mon, 28 May 2018 13:23:40 -0700
Subject: [PATCH] Use the client API to load servers on the listing page

---
 .../Api/Client/ClientController.php           |  4 +-
 app/Http/Middleware/Api/AuthenticateKey.php   | 17 ++++++++
 app/Http/Middleware/Api/SetSessionDriver.php  |  5 ---
 .../Api/Client/ServerTransformer.php          |  4 ++
 resources/assets/scripts/bootstrap.js         |  8 ++++
 .../components/dashboard/Dashboard.vue        | 10 +++--
 resources/assets/scripts/models/allocation.js | 19 +++++++++
 resources/assets/scripts/models/server.js     | 40 +++++++++++++++++++
 8 files changed, 98 insertions(+), 9 deletions(-)
 create mode 100644 resources/assets/scripts/models/allocation.js
 create mode 100644 resources/assets/scripts/models/server.js

diff --git a/app/Http/Controllers/Api/Client/ClientController.php b/app/Http/Controllers/Api/Client/ClientController.php
index d2e1f33a9..62b5d2c4a 100644
--- a/app/Http/Controllers/Api/Client/ClientController.php
+++ b/app/Http/Controllers/Api/Client/ClientController.php
@@ -35,7 +35,9 @@ class ClientController extends ClientApiController
      */
     public function index(GetServersRequest $request): array
     {
-        $servers = $this->repository->filterUserAccessServers($request->user(), User::FILTER_LEVEL_SUBUSER);
+        $servers = $this->repository
+            ->setSearchTerm($request->input('query'))
+            ->filterUserAccessServers($request->user(), User::FILTER_LEVEL_ALL);
 
         return $this->fractal->collection($servers)
             ->transformWith($this->getTransformer(ServerTransformer::class))
diff --git a/app/Http/Middleware/Api/AuthenticateKey.php b/app/Http/Middleware/Api/AuthenticateKey.php
index 774fb930b..3ae04f6fe 100644
--- a/app/Http/Middleware/Api/AuthenticateKey.php
+++ b/app/Http/Middleware/Api/AuthenticateKey.php
@@ -3,6 +3,7 @@
 namespace Pterodactyl\Http\Middleware\Api;
 
 use Closure;
+use Lcobucci\JWT\Parser;
 use Cake\Chronos\Chronos;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\ApiKey;
@@ -64,6 +65,22 @@ class AuthenticateKey
 
         $raw = $request->bearerToken();
 
+        // This is an internal JWT, treat it differently to get the correct user
+        // before passing it along.
+        if (strlen($raw) > ApiKey::IDENTIFIER_LENGTH + ApiKey::KEY_LENGTH) {
+            $token = (new Parser)->parse($raw);
+
+            $model = (new ApiKey)->fill([
+                'user_id' => $token->getClaim('uid'),
+                'key_type' => ApiKey::TYPE_ACCOUNT,
+            ]);
+
+            $this->auth->guard()->loginUsingId($token->getClaim('uid'));
+            $request->attributes->set('api_key', $model);
+
+            return $next($request);
+        }
+
         $identifier = substr($raw, 0, ApiKey::IDENTIFIER_LENGTH);
         $token = substr($raw, ApiKey::IDENTIFIER_LENGTH);
 
diff --git a/app/Http/Middleware/Api/SetSessionDriver.php b/app/Http/Middleware/Api/SetSessionDriver.php
index 3d5c16617..e61604dbd 100644
--- a/app/Http/Middleware/Api/SetSessionDriver.php
+++ b/app/Http/Middleware/Api/SetSessionDriver.php
@@ -4,7 +4,6 @@ namespace Pterodactyl\Http\Middleware\Api;
 
 use Closure;
 use Illuminate\Http\Request;
-use Barryvdh\Debugbar\LaravelDebugbar;
 use Illuminate\Contracts\Foundation\Application;
 use Illuminate\Contracts\Config\Repository as ConfigRepository;
 
@@ -41,10 +40,6 @@ class SetSessionDriver
      */
     public function handle(Request $request, Closure $next)
     {
-        if ($this->config->get('app.debug')) {
-            $this->app->make(LaravelDebugbar::class)->disable();
-        }
-
         $this->config->set('session.driver', 'array');
 
         return $next($request);
diff --git a/app/Transformers/Api/Client/ServerTransformer.php b/app/Transformers/Api/Client/ServerTransformer.php
index 6816d6d74..c44630b5c 100644
--- a/app/Transformers/Api/Client/ServerTransformer.php
+++ b/app/Transformers/Api/Client/ServerTransformer.php
@@ -29,6 +29,10 @@ class ServerTransformer extends BaseClientTransformer
             'uuid' => $server->uuid,
             'name' => $server->name,
             'description' => $server->description,
+            'allocation' => [
+                'ip' => $server->allocation->alias,
+                'port' => $server->allocation->port,
+            ],
             'limits' => [
                 'memory' => $server->memory,
                 'swap' => $server->swap,
diff --git a/resources/assets/scripts/bootstrap.js b/resources/assets/scripts/bootstrap.js
index 24ea8c7f0..562a7adf3 100644
--- a/resources/assets/scripts/bootstrap.js
+++ b/resources/assets/scripts/bootstrap.js
@@ -21,6 +21,14 @@ window.axios = require('axios');
 window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
 window.axios.defaults.headers.common['Authorization'] = 'Bearer ' + localStorage.token || '';
 
+if (typeof phpdebugbar !== 'undefined') {
+    window.axios.interceptors.response.use(function (response) {
+        phpdebugbar.ajaxHandler.handle(response.request);
+
+        return response;
+    });
+}
+
 /**
  * Next we will register the CSRF Token as a common header with Axios so that
  * all outgoing HTTP requests automatically have it attached. This is just
diff --git a/resources/assets/scripts/components/dashboard/Dashboard.vue b/resources/assets/scripts/components/dashboard/Dashboard.vue
index f12f2fd02..5ee5199ce 100644
--- a/resources/assets/scripts/components/dashboard/Dashboard.vue
+++ b/resources/assets/scripts/components/dashboard/Dashboard.vue
@@ -9,7 +9,7 @@
         </div>
         <transition-group class="w-full m-auto mt-4 animate fadein sm:flex flex-wrap content-start">
             <div class="server-box" :key="index" v-for="(server, index) in servers">
-                <router-link :to="{ name: 'server', params: { id: server.uuidShort }}" class="content">
+                <router-link :to="{ name: 'server', params: { id: server.identifier }}" class="content">
                     <div class="float-right">
                         <div class="indicator"></div>
                     </div>
@@ -49,6 +49,7 @@
 </template>
 
 <script>
+    import Server from '../../models/server';
     import _ from 'lodash';
 
     export default {
@@ -73,11 +74,14 @@
             loadServers: function (query = '') {
                 const self = this;
 
-                window.axios.get(this.route('dashboard.servers'), {
+                window.axios.get(this.route('api.client.index'), {
                     params: { query },
                 })
                     .then(function (response) {
-                        self.servers = response.data;
+                        self.servers = [];
+                        response.data.data.forEach(function (obj) {
+                           self.servers.push(new Server().fill(obj.attributes))
+                        });
                     })
                     .catch(function (error) {
                         console.error(error);
diff --git a/resources/assets/scripts/models/allocation.js b/resources/assets/scripts/models/allocation.js
new file mode 100644
index 000000000..27f2f62bd
--- /dev/null
+++ b/resources/assets/scripts/models/allocation.js
@@ -0,0 +1,19 @@
+const Allocation = function () {
+    this.ip = null;
+    this.port = null;
+};
+
+/**
+ * Return a new allocation model.
+ *
+ * @param obj
+ * @returns {Allocation}
+ */
+Allocation.prototype.fill = function (obj) {
+    this.ip = obj.ip || null;
+    this.port = obj.port || null;
+
+    return this;
+};
+
+export default Allocation;
diff --git a/resources/assets/scripts/models/server.js b/resources/assets/scripts/models/server.js
new file mode 100644
index 000000000..5d259c2e8
--- /dev/null
+++ b/resources/assets/scripts/models/server.js
@@ -0,0 +1,40 @@
+import Allocation from './allocation';
+
+const Server = function () {
+    this.identifier = null;
+    this.uuid = null;
+    this.name = '';
+    this.description = '';
+    this.allocation = null;
+    this.limits = {
+        memory: 0,
+        swap: 0,
+        disk: 0,
+        io: 0,
+        cpu: 0,
+    };
+    this.feature_limits = {
+        databases: 0,
+        allocations: 0,
+    };
+};
+
+/**
+ * Return a new server model filled with data from the provided object.
+ *
+ * @param {object} obj
+ * @returns {Server}
+ */
+Server.prototype.fill = function (obj) {
+    this.identifier = obj.identifier;
+    this.uuid = obj.uuid;
+    this.name = obj.name;
+    this.description = obj.description;
+    this.allocation = new Allocation().fill(obj.allocation || {});
+    this.limits = obj.limits;
+    this.feature_limits = obj.feature_limits;
+
+    return this;
+};
+
+export default Server;