Add initial basic API changes

New route is `/api/me`
This commit is contained in:
Dane Everitt 2016-10-14 20:22:23 -04:00
parent 126df09152
commit 745c735b32
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
17 changed files with 587 additions and 40 deletions

View file

@ -0,0 +1,58 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Http\Controllers\API\User;
use Auth;
use Dingo;
use Pterodactyl\Models;
use Illuminate\Http\Request;
use Pterodactyl\Http\Controllers\API\BaseController;
class InfoController extends BaseController
{
public function me(Request $request)
{
$servers = Models\Server::getUserServers();
$response = [];
foreach($servers as &$server) {
$response = array_merge($response, [[
'id' => $server->uuidShort,
'uuid' => $server->uuid,
'name' => $server->name,
'node' => $server->nodeName,
'ip' => [
'set' => $server->ip,
'alias' => $server->ip_alias
],
'port' => $server->port,
'service' => $server->a_serviceName,
'option' => $server->a_serviceOptionName
]]);
}
return $response;
}
}

View file

@ -0,0 +1,39 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Http\Controllers\API\User;
use Pterodactyl\Models;
use Illuminate\Http\Request;
class PowerController extends BaseController
{
public function __constructor()
{
}
public function pass(Request $request, $uuid)
{
//$server = Models\Server::where('id', $id)->where();
}
}

View file

@ -0,0 +1,60 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
* Some Modifications (c) 2015 Dylan Seidt <dylan.seidt@gmail.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Http\Controllers\Base;
use Alert;
use Pterodactyl\Models;
use Pterodactyl\Exceptions\DisplayException;
use Pterodactyl\Http\Controllers\Controller;
use Illuminate\Http\Request;
class APIController extends Controller
{
public function index(Request $request)
{
$keys = Models\APIKey::where('user', $request->user()->id)->get();
foreach($keys as &$key) {
$key->permissions = Models\APIPermission::where('key_id', $key->id)->get();
}
return view('base.api.index', [
'keys' => $keys
]);
}
public function new(Request $request)
{
return view('base.api.new');
}
public function save(Request $request)
{
}
}

View file

@ -23,12 +23,15 @@
*/ */
namespace Pterodactyl\Http\Middleware; namespace Pterodactyl\Http\Middleware;
use Auth;
use Crypt; use Crypt;
use Config;
use IPTools\IP; use IPTools\IP;
use IPTools\Range; use IPTools\Range;
use Pterodactyl\Models\APIKey; use Pterodactyl\Models\APIKey;
use Pterodactyl\Models\APIPermission; use Pterodactyl\Models\APIPermission;
use Pterodactyl\Models\User;
use Pterodactyl\Services\APILogService; use Pterodactyl\Services\APILogService;
use Illuminate\Http\Request; use Illuminate\Http\Request;
@ -51,7 +54,7 @@ class APISecretToken extends Authorization
public function __construct() public function __construct()
{ {
// Config::set('session.driver', 'array');
} }
public function getAuthorizationMethod() public function getAuthorizationMethod()
@ -90,14 +93,11 @@ class APISecretToken extends Authorization
} }
} }
foreach(APIPermission::where('key_id', $key->id)->get() as &$row) { $permission = APIPermission::where('key_id', $key->id)
if ($row->permission === '*' || $row->permission === $request->route()->getName()) { ->where('permission', $request->route()->getName())
$this->permissionAllowed = true; ->orWhere('permission', '*')
continue; ->first();
} if (!$permission) {
}
if (!$this->permissionAllowed) {
APILogService::log($request, 'You do not have permission to access this resource.'); APILogService::log($request, 'You do not have permission to access this resource.');
throw new AccessDeniedHttpException('You do not have permission to access this resource.'); throw new AccessDeniedHttpException('You do not have permission to access this resource.');
} }
@ -118,7 +118,7 @@ class APISecretToken extends Authorization
// Log the Route Access // Log the Route Access
APILogService::log($request, null, true); APILogService::log($request, null, true);
return true; return Auth::loginUsingId($key->user);
} }

View file

@ -32,33 +32,40 @@ class APIRoutes
public function map(Router $router) { public function map(Router $router) {
$api = app('Dingo\Api\Routing\Router'); $api = app('Dingo\Api\Routing\Router');
$api->version('v1', ['middleware' => 'api.auth'], function ($api) { $api->version('v1', ['prefix' => 'api/me', 'middleware' => 'api.auth'], function ($api) {
$api->get('/', [
'as' => 'api.user',
'uses' => 'Pterodactyl\Http\Controllers\API\User\InfoController@me'
]);
});
$api->version('v1', ['prefix' => 'api', 'middleware' => 'api.auth'], function ($api) {
/** /**
* User Routes * User Routes
*/ */
$api->get('users', [ $api->get('users', [
'as' => 'api.users.list', 'as' => 'api.admin.users.list',
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@list' 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@list'
]); ]);
$api->post('users', [ $api->post('users', [
'as' => 'api.users.create', 'as' => 'api.admin.users.create',
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@create' 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@create'
]); ]);
$api->get('users/{id}', [ $api->get('users/{id}', [
'as' => 'api.users.view', 'as' => 'api.admin.users.view',
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@view' 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@view'
]); ]);
$api->patch('users/{id}', [ $api->patch('users/{id}', [
'as' => 'api.users.update', 'as' => 'api.admin.users.update',
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@update' 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@update'
]); ]);
$api->delete('users/{id}', [ $api->delete('users/{id}', [
'as' => 'api.users.delete', 'as' => 'api.admin.users.delete',
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@delete' 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@delete'
]); ]);
@ -66,42 +73,42 @@ class APIRoutes
* Server Routes * Server Routes
*/ */
$api->get('servers', [ $api->get('servers', [
'as' => 'api.servers.list', 'as' => 'api.admin.servers.list',
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@list' 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@list'
]); ]);
$api->post('servers', [ $api->post('servers', [
'as' => 'api.servers.create', 'as' => 'api.admin.servers.create',
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@create' 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@create'
]); ]);
$api->get('servers/{id}', [ $api->get('servers/{id}', [
'as' => 'api.servers.view', 'as' => 'api.admin.servers.view',
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@view' 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@view'
]); ]);
$api->patch('servers/{id}/config', [ $api->patch('servers/{id}/config', [
'as' => 'api.servers.config', 'as' => 'api.admin.servers.config',
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@config' 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@config'
]); ]);
$api->patch('servers/{id}/build', [ $api->patch('servers/{id}/build', [
'as' => 'api.servers.build', 'as' => 'api.admin.servers.build',
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@build' 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@build'
]); ]);
$api->post('servers/{id}/suspend', [ $api->post('servers/{id}/suspend', [
'as' => 'api.servers.suspend', 'as' => 'api.admin.servers.suspend',
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@suspend' 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@suspend'
]); ]);
$api->post('servers/{id}/unsuspend', [ $api->post('servers/{id}/unsuspend', [
'as' => 'api.servers.unsuspend', 'as' => 'api.admin.servers.unsuspend',
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@unsuspend' 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@unsuspend'
]); ]);
$api->delete('servers/{id}/{force?}', [ $api->delete('servers/{id}/{force?}', [
'as' => 'api.servers.delete', 'as' => 'api.admin.servers.delete',
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@delete' 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@delete'
]); ]);
@ -109,32 +116,32 @@ class APIRoutes
* Node Routes * Node Routes
*/ */
$api->get('nodes', [ $api->get('nodes', [
'as' => 'api.nodes.list', 'as' => 'api.admin.nodes.list',
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@list' 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@list'
]); ]);
$api->post('nodes', [ $api->post('nodes', [
'as' => 'api.nodes.create', 'as' => 'api.admin.nodes.create',
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@create' 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@create'
]); ]);
$api->get('nodes/allocations', [ $api->get('nodes/allocations', [
'as' => 'api.nodes.allocations', 'as' => 'api.admin.nodes.allocations',
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@allocations' 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@allocations'
]); ]);
$api->get('nodes/{id}', [ $api->get('nodes/{id}', [
'as' => 'api.nodes.view', 'as' => 'api.admin.nodes.view',
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@view' 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@view'
]); ]);
$api->get('nodes/{id}/config', [ $api->get('nodes/{id}/config', [
'as' => 'api.nodes.view', 'as' => 'api.admin.nodes.view',
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@config' 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@config'
]); ]);
$api->delete('nodes/{id}', [ $api->delete('nodes/{id}', [
'as' => 'api.nodes.delete', 'as' => 'api.admin.nodes.delete',
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@delete' 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@delete'
]); ]);
@ -142,7 +149,7 @@ class APIRoutes
* Location Routes * Location Routes
*/ */
$api->get('locations', [ $api->get('locations', [
'as' => 'api.locations.list', 'as' => 'api.admin.locations.list',
'uses' => 'Pterodactyl\Http\Controllers\API\LocationController@list' 'uses' => 'Pterodactyl\Http\Controllers\API\LocationController@list'
]); ]);
@ -150,12 +157,12 @@ class APIRoutes
* Service Routes * Service Routes
*/ */
$api->get('services', [ $api->get('services', [
'as' => 'api.services.list', 'as' => 'api.admin.services.list',
'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@list' 'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@list'
]); ]);
$api->get('services/{id}', [ $api->get('services/{id}', [
'as' => 'api.services.view', 'as' => 'api.admin.services.view',
'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@view' 'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@view'
]); ]);

View file

@ -69,6 +69,27 @@ class BaseRoutes {
]); ]);
}); });
// API Management Routes
$router->group([
'prefix' => 'account/api',
'middleware' => [
'auth',
'csrf'
]
], function () use ($router) {
$router->get('/', [
'as' => 'account.api',
'uses' => 'Base\APIController@index'
]);
$router->get('/new', [
'as' => 'account.api.new',
'uses' => 'Base\APIController@new'
]);
$router->post('/new', [
'uses' => 'Base\APIController@save'
]);
});
// TOTP Routes // TOTP Routes
$router->group([ $router->group([
'prefix' => 'account/security', 'prefix' => 'account/security',

View file

@ -28,6 +28,7 @@ use Illuminate\Routing\Router;
class ServerRoutes { class ServerRoutes {
public function map(Router $router) { public function map(Router $router) {
$router->group([ $router->group([
'prefix' => 'server/{server}', 'prefix' => 'server/{server}',
'middleware' => [ 'middleware' => [
@ -36,6 +37,7 @@ class ServerRoutes {
'csrf' 'csrf'
] ]
], function ($server) use ($router) { ], function ($server) use ($router) {
// Index View for Server // Index View for Server
$router->get('/', [ $router->get('/', [
'as' => 'server.index', 'as' => 'server.index',

View file

@ -24,7 +24,6 @@
namespace Pterodactyl\Models; namespace Pterodactyl\Models;
use Auth; use Auth;
use Pterodactyl\Models\Subuser; use Pterodactyl\Models\Subuser;
use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\Model;
@ -91,7 +90,11 @@ class Server extends Model
*/ */
public function __construct() public function __construct()
{ {
if (!is_null(Auth::user())) {
self::$user = Auth::user(); self::$user = Auth::user();
} else {
throw new \Exception('Auth::user and Dingo::user cannot both be null.');
}
} }
/** /**
@ -133,9 +136,13 @@ class Server extends Model
'locations.short as a_locationShort', 'locations.short as a_locationShort',
'allocations.ip', 'allocations.ip',
'allocations.ip_alias', 'allocations.ip_alias',
'allocations.port' 'allocations.port',
'services.name as a_serviceName',
'service_options.name as a_serviceOptionName'
)->join('nodes', 'servers.node', '=', 'nodes.id') )->join('nodes', 'servers.node', '=', 'nodes.id')
->join('locations', 'nodes.location', '=', 'locations.id') ->join('locations', 'nodes.location', '=', 'locations.id')
->join('services', 'servers.service', '=', 'services.id')
->join('service_options', 'servers.option', '=', 'service_options.id')
->join('allocations', 'servers.allocation', '=', 'allocations.id'); ->join('allocations', 'servers.allocation', '=', 'allocations.id');
if (self::$user->root_admin !== 1) { if (self::$user->root_admin !== 1) {

View file

@ -70,7 +70,11 @@ class Subuser extends Model
*/ */
public function __construct() public function __construct()
{ {
if (!is_null(Auth::user())) {
self::$user = Auth::user(); self::$user = Auth::user();
} else {
throw new \Exception('Auth::user and Dingo::user cannot both be null.');
}
} }
/** /**

View file

@ -162,7 +162,8 @@ class UserRepository
throw new DisplayException('Cannot delete a user with active servers attached to thier account.'); throw new DisplayException('Cannot delete a user with active servers attached to thier account.');
} }
if(Auth::user()->id === $id) { // @TODO: this should probably be checked outside of this method because we won't always have Auth::user()
if(!is_null(Auth::user()) && Auth::user()->id === $id) {
throw new DisplayException('Cannot delete your own account.'); throw new DisplayException('Cannot delete your own account.');
} }

View file

@ -188,6 +188,8 @@ return [
'Crypt' => Illuminate\Support\Facades\Crypt::class, 'Crypt' => Illuminate\Support\Facades\Crypt::class,
'DB' => Illuminate\Support\Facades\DB::class, 'DB' => Illuminate\Support\Facades\DB::class,
'Debugbar' => Barryvdh\Debugbar\Facade::class, 'Debugbar' => Barryvdh\Debugbar\Facade::class,
'Dingo' => Dingo\Api\Facade\API::class,
'DingoRoute'=> Dingo\Api\Facade\Route::class,
'Eloquent' => Illuminate\Database\Eloquent\Model::class, 'Eloquent' => Illuminate\Database\Eloquent\Model::class,
'Event' => Illuminate\Support\Facades\Event::class, 'Event' => Illuminate\Support\Facades\Event::class,
'File' => Illuminate\Support\Facades\File::class, 'File' => Illuminate\Support\Facades\File::class,

View file

@ -29,9 +29,9 @@ return [
| |
*/ */
'lifetime' => 120, 'lifetime' => 30,
'expire_on_close' => false, 'expire_on_close' => true,
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------

View file

@ -0,0 +1,36 @@
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class UpdateApiKeys extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('api_keys', function (Blueprint $table) {
$table->unsignedInteger('user')->after('id');
$table->text('memo')->after('allowed_ips')->nullable();
$table->timestamp('expires_at')->after('memo')->nullable();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('api_keys', function (Blueprint $table) {
$table->dropColumn('user');
$table->dropColumn('memo');
$table->dropColumn('expires_at');
});
}
}

View file

@ -263,3 +263,7 @@ li.btn.btn-default.pill:active,li.btn.btn-default.pill:focus,li.btn.btn-default.
.left-icon + td { .left-icon + td {
border-left: 0px !important; border-left: 0px !important;
} }
.fuelux .wizard .step-content > .alert {
margin-bottom: 0 !important;
}

View file

@ -0,0 +1,66 @@
{{-- Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com> --}}
{{-- Permission is hereby granted, free of charge, to any person obtaining a copy --}}
{{-- of this software and associated documentation files (the "Software"), to deal --}}
{{-- in the Software without restriction, including without limitation the rights --}}
{{-- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell --}}
{{-- copies of the Software, and to permit persons to whom the Software is --}}
{{-- furnished to do so, subject to the following conditions: --}}
{{-- The above copyright notice and this permission notice shall be included in all --}}
{{-- copies or substantial portions of the Software. --}}
{{-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR --}}
{{-- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, --}}
{{-- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE --}}
{{-- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER --}}
{{-- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, --}}
{{-- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE --}}
{{-- SOFTWARE. --}}
@extends('layouts.master')
@section('title', 'API Access')
@section('sidebar-server')
@endsection
@section('content')
<div class="col-md-12">
<table class="table table-bordered table-hover">
<thead>
<tr>
<th>Public Key</th>
<th>Memo</th>
<th class="text-center">Created</th>
<th class="text-center">Expires</th>
<th class="text-center"></th>
</tr>
</thead>
<tbody>
@foreach ($keys as $key)
<tr class="align-middle">
<td><code>{{ $key->public }}</code></td>
<td>{{ $key->memo }}</td>
<td class="text-center">{{ (new Carbon($key->created_at))->toDayDateTimeString() }}</td>
<td class="text-center">
@if(is_null($key->expires_at))
<span class="label label-default">Never</span>
@else
{{ (new Carbon($key->expires_at))->toDayDateTimeString() }}
@endif
</td>
<td class="text-center"><a href="#delete" class="text-danger" data-action="delete" data-attr="{{ $key->public }}"><i class="fa fa-trash"></i></a></td>
</tr>
@endforeach
</tbody>
</table>
<div class="well">
<a href="{{ route('account.api.new') }}"><button class="btn btn-success btn-sm">Create New API Key</button></a>
</div>
</div>
<script>
$(document).ready(function () {
$('#sidebar_links').find('a[href="/account/api"]').addClass('active');
});
</script>
@endsection

View file

@ -0,0 +1,238 @@
{{-- Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com> --}}
{{-- Permission is hereby granted, free of charge, to any person obtaining a copy --}}
{{-- of this software and associated documentation files (the "Software"), to deal --}}
{{-- in the Software without restriction, including without limitation the rights --}}
{{-- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell --}}
{{-- copies of the Software, and to permit persons to whom the Software is --}}
{{-- furnished to do so, subject to the following conditions: --}}
{{-- The above copyright notice and this permission notice shall be included in all --}}
{{-- copies or substantial portions of the Software. --}}
{{-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR --}}
{{-- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, --}}
{{-- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE --}}
{{-- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER --}}
{{-- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, --}}
{{-- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE --}}
{{-- SOFTWARE. --}}
@extends('layouts.master')
@section('title', 'API Access')
@section('sidebar-server')
@endsection
@section('content')
<div class="col-md-12 fuelux">
<div class="wizard" data-initialize="wizard" id="apiWizard">
<div class="steps-container">
<ul class="steps">
<li data-step="1" data-name="user" class="active">
<span class="badge">1</span>Permissions
<span class="chevron"></span>
</li>
<li data-step="2" data-name="admin">
<span class="badge">2</span>Admin
<span class="chevron"></span>
</li>
<li data-step="3" data-name="ips">
<span class="badge">3</span>Security
<span class="chevron"></span>
</li>
<li data-step="4" data-name="ips">
<span class="badge">4</span>Finish
<span class="chevron"></span>
</li>
</ul>
</div>
<div class="actions">
<button type="button" class="btn btn-sm btn-default btn-prev">
<span class="fa fa-arrow-left"></span>Prev</button>
<button type="button" class="btn btn-sm btn-primary btn-next" data-last="Complete">Next
<span class="fa fa-arrow-right"></span>
</button>
</div>
<div class="step-content">
{{-- <form action="{{ route('admin.api.admin.new') }}" method="POST" id="perms_form"> --}}
<div class="step-pane active alert" data-step="1"></div>
<div class="step-pane alert" data-step="2">
<div class="row">
<div class="col-md-12 fuelux">
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="*"> <strong>*</strong>
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows performing any action aganist the api.admin.</small><p>
</label>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6 fuelux">
<h4>User Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.list"> <strong><span class="label label-default">GET</span> /users</strong>
<p class="text-muted"><small>Allows listing of all users currently on the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.create"> <strong><span class="label label-default">POST</span> /users</strong>
<p class="text-muted"><small>Allows creating a new user on the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.view"> <strong><span class="label label-default">GET</span> /users/{id}</strong>
<p class="text-muted"><small>Allows viewing details about a specific user including active services.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.update"> <strong><span class="label label-default">PATCH</span> /users/{id}</strong>
<p class="text-muted"><small>Allows modifying user details (email, password, TOTP information).</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.delete"> <strong><span class="label label-danger">DELETE</span> /users/{id}</strong>
<p class="text-muted"><small>Allows deleting a user.</small><p>
</label>
</div>
</div>
<div class="col-md-6 fuelux">
<h4>Server Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.list"> <strong><span class="label label-default">GET</span> /servers</strong>
<p class="text-muted"><small>Allows listing of all servers currently on the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.create"> <strong><span class="label label-default">POST</span> /servers</strong>
<p class="text-muted"><small>Allows creating a new server on the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.view"> <strong><span class="label label-default">GET</span> /servers/{id}</strong>
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows viewing details about a specific server including the <code>daemon_token</code> as current process information.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.config"> <strong><span class="label label-default">PATCH</span> /servers/{id}/config</strong>
<p class="text-muted"><small>Allows modifying server config (name, owner, and access token).</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.build"> <strong><span class="label label-default">PATCH</span> /servers/{id}/build</strong>
<p class="text-muted"><small>Allows modifying a server's build parameters such as memory, CPU, and disk space along with assigned and default IPs.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.suspend"> <strong><span class="label label-default">POST</span> /servers/{id}/suspend</strong>
<p class="text-muted"><small>Allows suspending a server instance.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.unsuspend"> <strong><span class="label label-default">POST</span> /servers/{id}/unsuspend</strong>
<p class="text-muted"><small>Allows unsuspending a server instance.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.delete"> <strong><span class="label label-danger">DELETE</span> /servers/{id}</strong>
<p class="text-muted"><small>Allows deleting a server.</small><p>
</label>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6 fuelux">
<h4>Node Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.list"> <strong><span class="label label-default">GET</span> /nodes</strong>
<p class="text-muted"><small>Allows listing of all nodes currently on the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.create"> <strong><span class="label label-default">POST</span> /nodes</strong>
<p class="text-muted"><small>Allows creating a new node on the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.view"> <strong><span class="label label-default">GET</span> /nodes/{id}</strong>
<p class="text-muted"><small>Allows viewing details about a specific node including active services.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.allocations"> <strong><span class="label label-default">GET</span> /nodes/allocations</strong>
<p class="text-muted"><small>Allows viewing all allocations on the panel for all nodes.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.delete"> <strong><span class="label label-danger">DELETE</span> /nodes/{id}</strong>
<p class="text-muted"><small>Allows deleting a node.</small><p>
</label>
</div>
</div>
<div class="col-md-6 fuelux">
<h4>Service Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.services.list"> <strong><span class="label label-default">GET</span> /services</strong>
<p class="text-muted"><small>Allows listing of all services configured on the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.services.view"> <strong><span class="label label-default">GET</span> /services/{id}</strong>
<p class="text-muted"><small>Allows listing details about each service on the system including service options and variables.</small><p>
</label>
</div>
<h4>Location Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.locations.list"> <strong><span class="label label-default">GET</span> /locations</strong>
<p class="text-muted"><small>Allows listing all locations and thier associated nodes.</small><p>
</label>
</div>
</div>
</div>
</div>
<div class="step-pane alert" data-step="3">
<div class="form-group">
<label for="allowed_ips" class="control-label">Allowed IPs</label>
<div>
<textarea name="allowed_ips" class="form-control" rows="5">{{ old('allowed_ips') }}</textarea>
<p class="text-muted">Enter a line delimitated list of IPs that are allowed to access the API using this key. CIDR notation is allowed. Leave blank to allow any IP.</p>
</div>
</div>
</div>
<div class="step-pane bg-danger alert" data-step="4">
Whoa
</div>
</form>
</div>
</div>
{{-- </form> --}}
</div>
<script>
$(document).ready(function () {
$('#sidebar_links').find('a[href="/account/api"]').addClass('active');
});
</script>
@endsection

View file

@ -184,6 +184,7 @@
<ul class="dropdown-menu"> <ul class="dropdown-menu">
<li><a href="/account">{{ trans('pagination.sidebar.account_settings') }}</a></li> <li><a href="/account">{{ trans('pagination.sidebar.account_settings') }}</a></li>
<li><a href="/account/security">{{ trans('pagination.sidebar.account_security') }}</a></li> <li><a href="/account/security">{{ trans('pagination.sidebar.account_security') }}</a></li>
<li><a href="/account/api">API Settings</a></li>
<li><a href="/index">{{ trans('pagination.sidebar.servers') }}</a></li> <li><a href="/index">{{ trans('pagination.sidebar.servers') }}</a></li>
</ul> </ul>
</li> </li>
@ -237,6 +238,7 @@
<a href="#" class="list-group-item list-group-item-heading"><strong>{{ trans('pagination.sidebar.account_controls') }}</strong></a> <a href="#" class="list-group-item list-group-item-heading"><strong>{{ trans('pagination.sidebar.account_controls') }}</strong></a>
<a href="/account" class="list-group-item">{{ trans('pagination.sidebar.account_settings') }}</a> <a href="/account" class="list-group-item">{{ trans('pagination.sidebar.account_settings') }}</a>
<a href="/account/security" class="list-group-item">{{ trans('pagination.sidebar.account_security') }}</a> <a href="/account/security" class="list-group-item">{{ trans('pagination.sidebar.account_security') }}</a>
<a href="/account/api" class="list-group-item">API Access</a>
<a href="/" class="list-group-item">{{ trans('pagination.sidebar.servers') }}</a> <a href="/" class="list-group-item">{{ trans('pagination.sidebar.servers') }}</a>
</div> </div>
@section('sidebar-server') @section('sidebar-server')