Add initial basic API changes
New route is `/api/me`
This commit is contained in:
parent
126df09152
commit
745c735b32
17 changed files with 587 additions and 40 deletions
58
app/Http/Controllers/API/User/InfoController.php
Normal file
58
app/Http/Controllers/API/User/InfoController.php
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Pterodactyl - Panel
|
||||||
|
* Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
|
||||||
|
*
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
*
|
||||||
|
* The above copyright notice and this permission notice shall be included in all
|
||||||
|
* copies or substantial portions of the Software.
|
||||||
|
*
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
|
* SOFTWARE.
|
||||||
|
*/
|
||||||
|
namespace Pterodactyl\Http\Controllers\API\User;
|
||||||
|
|
||||||
|
use Auth;
|
||||||
|
use Dingo;
|
||||||
|
use Pterodactyl\Models;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
|
||||||
|
use Pterodactyl\Http\Controllers\API\BaseController;
|
||||||
|
|
||||||
|
class InfoController extends BaseController
|
||||||
|
{
|
||||||
|
public function me(Request $request)
|
||||||
|
{
|
||||||
|
$servers = Models\Server::getUserServers();
|
||||||
|
$response = [];
|
||||||
|
|
||||||
|
foreach($servers as &$server) {
|
||||||
|
$response = array_merge($response, [[
|
||||||
|
'id' => $server->uuidShort,
|
||||||
|
'uuid' => $server->uuid,
|
||||||
|
'name' => $server->name,
|
||||||
|
'node' => $server->nodeName,
|
||||||
|
'ip' => [
|
||||||
|
'set' => $server->ip,
|
||||||
|
'alias' => $server->ip_alias
|
||||||
|
],
|
||||||
|
'port' => $server->port,
|
||||||
|
'service' => $server->a_serviceName,
|
||||||
|
'option' => $server->a_serviceOptionName
|
||||||
|
]]);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
}
|
39
app/Http/Controllers/API/User/PowerController.php
Normal file
39
app/Http/Controllers/API/User/PowerController.php
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Pterodactyl - Panel
|
||||||
|
* Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
|
||||||
|
*
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
*
|
||||||
|
* The above copyright notice and this permission notice shall be included in all
|
||||||
|
* copies or substantial portions of the Software.
|
||||||
|
*
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
|
* SOFTWARE.
|
||||||
|
*/
|
||||||
|
namespace Pterodactyl\Http\Controllers\API\User;
|
||||||
|
|
||||||
|
use Pterodactyl\Models;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
|
||||||
|
class PowerController extends BaseController
|
||||||
|
{
|
||||||
|
public function __constructor()
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
public function pass(Request $request, $uuid)
|
||||||
|
{
|
||||||
|
//$server = Models\Server::where('id', $id)->where();
|
||||||
|
}
|
||||||
|
}
|
60
app/Http/Controllers/Base/APIController.php
Normal file
60
app/Http/Controllers/Base/APIController.php
Normal file
|
@ -0,0 +1,60 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Pterodactyl - Panel
|
||||||
|
* Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
|
||||||
|
* Some Modifications (c) 2015 Dylan Seidt <dylan.seidt@gmail.com>
|
||||||
|
*
|
||||||
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
|
* in the Software without restriction, including without limitation the rights
|
||||||
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
|
* furnished to do so, subject to the following conditions:
|
||||||
|
*
|
||||||
|
* The above copyright notice and this permission notice shall be included in all
|
||||||
|
* copies or substantial portions of the Software.
|
||||||
|
*
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||||
|
* SOFTWARE.
|
||||||
|
*/
|
||||||
|
namespace Pterodactyl\Http\Controllers\Base;
|
||||||
|
|
||||||
|
use Alert;
|
||||||
|
|
||||||
|
use Pterodactyl\Models;
|
||||||
|
|
||||||
|
use Pterodactyl\Exceptions\DisplayException;
|
||||||
|
use Pterodactyl\Http\Controllers\Controller;
|
||||||
|
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
|
||||||
|
class APIController extends Controller
|
||||||
|
{
|
||||||
|
public function index(Request $request)
|
||||||
|
{
|
||||||
|
$keys = Models\APIKey::where('user', $request->user()->id)->get();
|
||||||
|
foreach($keys as &$key) {
|
||||||
|
$key->permissions = Models\APIPermission::where('key_id', $key->id)->get();
|
||||||
|
}
|
||||||
|
|
||||||
|
return view('base.api.index', [
|
||||||
|
'keys' => $keys
|
||||||
|
]);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public function new(Request $request)
|
||||||
|
{
|
||||||
|
return view('base.api.new');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function save(Request $request)
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
|
@ -23,12 +23,15 @@
|
||||||
*/
|
*/
|
||||||
namespace Pterodactyl\Http\Middleware;
|
namespace Pterodactyl\Http\Middleware;
|
||||||
|
|
||||||
|
use Auth;
|
||||||
use Crypt;
|
use Crypt;
|
||||||
|
use Config;
|
||||||
use IPTools\IP;
|
use IPTools\IP;
|
||||||
use IPTools\Range;
|
use IPTools\Range;
|
||||||
|
|
||||||
use Pterodactyl\Models\APIKey;
|
use Pterodactyl\Models\APIKey;
|
||||||
use Pterodactyl\Models\APIPermission;
|
use Pterodactyl\Models\APIPermission;
|
||||||
|
use Pterodactyl\Models\User;
|
||||||
use Pterodactyl\Services\APILogService;
|
use Pterodactyl\Services\APILogService;
|
||||||
|
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
|
@ -51,7 +54,7 @@ class APISecretToken extends Authorization
|
||||||
|
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
//
|
Config::set('session.driver', 'array');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getAuthorizationMethod()
|
public function getAuthorizationMethod()
|
||||||
|
@ -90,14 +93,11 @@ class APISecretToken extends Authorization
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach(APIPermission::where('key_id', $key->id)->get() as &$row) {
|
$permission = APIPermission::where('key_id', $key->id)
|
||||||
if ($row->permission === '*' || $row->permission === $request->route()->getName()) {
|
->where('permission', $request->route()->getName())
|
||||||
$this->permissionAllowed = true;
|
->orWhere('permission', '*')
|
||||||
continue;
|
->first();
|
||||||
}
|
if (!$permission) {
|
||||||
}
|
|
||||||
|
|
||||||
if (!$this->permissionAllowed) {
|
|
||||||
APILogService::log($request, 'You do not have permission to access this resource.');
|
APILogService::log($request, 'You do not have permission to access this resource.');
|
||||||
throw new AccessDeniedHttpException('You do not have permission to access this resource.');
|
throw new AccessDeniedHttpException('You do not have permission to access this resource.');
|
||||||
}
|
}
|
||||||
|
@ -118,7 +118,7 @@ class APISecretToken extends Authorization
|
||||||
|
|
||||||
// Log the Route Access
|
// Log the Route Access
|
||||||
APILogService::log($request, null, true);
|
APILogService::log($request, null, true);
|
||||||
return true;
|
return Auth::loginUsingId($key->user);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -32,33 +32,40 @@ class APIRoutes
|
||||||
public function map(Router $router) {
|
public function map(Router $router) {
|
||||||
|
|
||||||
$api = app('Dingo\Api\Routing\Router');
|
$api = app('Dingo\Api\Routing\Router');
|
||||||
$api->version('v1', ['middleware' => 'api.auth'], function ($api) {
|
$api->version('v1', ['prefix' => 'api/me', 'middleware' => 'api.auth'], function ($api) {
|
||||||
|
$api->get('/', [
|
||||||
|
'as' => 'api.user',
|
||||||
|
'uses' => 'Pterodactyl\Http\Controllers\API\User\InfoController@me'
|
||||||
|
]);
|
||||||
|
});
|
||||||
|
|
||||||
|
$api->version('v1', ['prefix' => 'api', 'middleware' => 'api.auth'], function ($api) {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* User Routes
|
* User Routes
|
||||||
*/
|
*/
|
||||||
$api->get('users', [
|
$api->get('users', [
|
||||||
'as' => 'api.users.list',
|
'as' => 'api.admin.users.list',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@list'
|
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@list'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->post('users', [
|
$api->post('users', [
|
||||||
'as' => 'api.users.create',
|
'as' => 'api.admin.users.create',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@create'
|
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@create'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->get('users/{id}', [
|
$api->get('users/{id}', [
|
||||||
'as' => 'api.users.view',
|
'as' => 'api.admin.users.view',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@view'
|
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@view'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->patch('users/{id}', [
|
$api->patch('users/{id}', [
|
||||||
'as' => 'api.users.update',
|
'as' => 'api.admin.users.update',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@update'
|
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@update'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->delete('users/{id}', [
|
$api->delete('users/{id}', [
|
||||||
'as' => 'api.users.delete',
|
'as' => 'api.admin.users.delete',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@delete'
|
'uses' => 'Pterodactyl\Http\Controllers\API\UserController@delete'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
@ -66,42 +73,42 @@ class APIRoutes
|
||||||
* Server Routes
|
* Server Routes
|
||||||
*/
|
*/
|
||||||
$api->get('servers', [
|
$api->get('servers', [
|
||||||
'as' => 'api.servers.list',
|
'as' => 'api.admin.servers.list',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@list'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@list'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->post('servers', [
|
$api->post('servers', [
|
||||||
'as' => 'api.servers.create',
|
'as' => 'api.admin.servers.create',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@create'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@create'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->get('servers/{id}', [
|
$api->get('servers/{id}', [
|
||||||
'as' => 'api.servers.view',
|
'as' => 'api.admin.servers.view',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@view'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@view'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->patch('servers/{id}/config', [
|
$api->patch('servers/{id}/config', [
|
||||||
'as' => 'api.servers.config',
|
'as' => 'api.admin.servers.config',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@config'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@config'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->patch('servers/{id}/build', [
|
$api->patch('servers/{id}/build', [
|
||||||
'as' => 'api.servers.build',
|
'as' => 'api.admin.servers.build',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@build'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@build'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->post('servers/{id}/suspend', [
|
$api->post('servers/{id}/suspend', [
|
||||||
'as' => 'api.servers.suspend',
|
'as' => 'api.admin.servers.suspend',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@suspend'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@suspend'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->post('servers/{id}/unsuspend', [
|
$api->post('servers/{id}/unsuspend', [
|
||||||
'as' => 'api.servers.unsuspend',
|
'as' => 'api.admin.servers.unsuspend',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@unsuspend'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@unsuspend'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->delete('servers/{id}/{force?}', [
|
$api->delete('servers/{id}/{force?}', [
|
||||||
'as' => 'api.servers.delete',
|
'as' => 'api.admin.servers.delete',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@delete'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@delete'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
@ -109,32 +116,32 @@ class APIRoutes
|
||||||
* Node Routes
|
* Node Routes
|
||||||
*/
|
*/
|
||||||
$api->get('nodes', [
|
$api->get('nodes', [
|
||||||
'as' => 'api.nodes.list',
|
'as' => 'api.admin.nodes.list',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@list'
|
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@list'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->post('nodes', [
|
$api->post('nodes', [
|
||||||
'as' => 'api.nodes.create',
|
'as' => 'api.admin.nodes.create',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@create'
|
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@create'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->get('nodes/allocations', [
|
$api->get('nodes/allocations', [
|
||||||
'as' => 'api.nodes.allocations',
|
'as' => 'api.admin.nodes.allocations',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@allocations'
|
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@allocations'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->get('nodes/{id}', [
|
$api->get('nodes/{id}', [
|
||||||
'as' => 'api.nodes.view',
|
'as' => 'api.admin.nodes.view',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@view'
|
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@view'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->get('nodes/{id}/config', [
|
$api->get('nodes/{id}/config', [
|
||||||
'as' => 'api.nodes.view',
|
'as' => 'api.admin.nodes.view',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@config'
|
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@config'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->delete('nodes/{id}', [
|
$api->delete('nodes/{id}', [
|
||||||
'as' => 'api.nodes.delete',
|
'as' => 'api.admin.nodes.delete',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@delete'
|
'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@delete'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
@ -142,7 +149,7 @@ class APIRoutes
|
||||||
* Location Routes
|
* Location Routes
|
||||||
*/
|
*/
|
||||||
$api->get('locations', [
|
$api->get('locations', [
|
||||||
'as' => 'api.locations.list',
|
'as' => 'api.admin.locations.list',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\LocationController@list'
|
'uses' => 'Pterodactyl\Http\Controllers\API\LocationController@list'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
@ -150,12 +157,12 @@ class APIRoutes
|
||||||
* Service Routes
|
* Service Routes
|
||||||
*/
|
*/
|
||||||
$api->get('services', [
|
$api->get('services', [
|
||||||
'as' => 'api.services.list',
|
'as' => 'api.admin.services.list',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@list'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@list'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$api->get('services/{id}', [
|
$api->get('services/{id}', [
|
||||||
'as' => 'api.services.view',
|
'as' => 'api.admin.services.view',
|
||||||
'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@view'
|
'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@view'
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
|
|
@ -69,6 +69,27 @@ class BaseRoutes {
|
||||||
]);
|
]);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// API Management Routes
|
||||||
|
$router->group([
|
||||||
|
'prefix' => 'account/api',
|
||||||
|
'middleware' => [
|
||||||
|
'auth',
|
||||||
|
'csrf'
|
||||||
|
]
|
||||||
|
], function () use ($router) {
|
||||||
|
$router->get('/', [
|
||||||
|
'as' => 'account.api',
|
||||||
|
'uses' => 'Base\APIController@index'
|
||||||
|
]);
|
||||||
|
$router->get('/new', [
|
||||||
|
'as' => 'account.api.new',
|
||||||
|
'uses' => 'Base\APIController@new'
|
||||||
|
]);
|
||||||
|
$router->post('/new', [
|
||||||
|
'uses' => 'Base\APIController@save'
|
||||||
|
]);
|
||||||
|
});
|
||||||
|
|
||||||
// TOTP Routes
|
// TOTP Routes
|
||||||
$router->group([
|
$router->group([
|
||||||
'prefix' => 'account/security',
|
'prefix' => 'account/security',
|
||||||
|
|
|
@ -28,6 +28,7 @@ use Illuminate\Routing\Router;
|
||||||
class ServerRoutes {
|
class ServerRoutes {
|
||||||
|
|
||||||
public function map(Router $router) {
|
public function map(Router $router) {
|
||||||
|
|
||||||
$router->group([
|
$router->group([
|
||||||
'prefix' => 'server/{server}',
|
'prefix' => 'server/{server}',
|
||||||
'middleware' => [
|
'middleware' => [
|
||||||
|
@ -36,6 +37,7 @@ class ServerRoutes {
|
||||||
'csrf'
|
'csrf'
|
||||||
]
|
]
|
||||||
], function ($server) use ($router) {
|
], function ($server) use ($router) {
|
||||||
|
|
||||||
// Index View for Server
|
// Index View for Server
|
||||||
$router->get('/', [
|
$router->get('/', [
|
||||||
'as' => 'server.index',
|
'as' => 'server.index',
|
||||||
|
|
|
@ -24,7 +24,6 @@
|
||||||
namespace Pterodactyl\Models;
|
namespace Pterodactyl\Models;
|
||||||
|
|
||||||
use Auth;
|
use Auth;
|
||||||
|
|
||||||
use Pterodactyl\Models\Subuser;
|
use Pterodactyl\Models\Subuser;
|
||||||
use Illuminate\Database\Eloquent\Model;
|
use Illuminate\Database\Eloquent\Model;
|
||||||
|
|
||||||
|
@ -91,7 +90,11 @@ class Server extends Model
|
||||||
*/
|
*/
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
|
if (!is_null(Auth::user())) {
|
||||||
self::$user = Auth::user();
|
self::$user = Auth::user();
|
||||||
|
} else {
|
||||||
|
throw new \Exception('Auth::user and Dingo::user cannot both be null.');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -133,9 +136,13 @@ class Server extends Model
|
||||||
'locations.short as a_locationShort',
|
'locations.short as a_locationShort',
|
||||||
'allocations.ip',
|
'allocations.ip',
|
||||||
'allocations.ip_alias',
|
'allocations.ip_alias',
|
||||||
'allocations.port'
|
'allocations.port',
|
||||||
|
'services.name as a_serviceName',
|
||||||
|
'service_options.name as a_serviceOptionName'
|
||||||
)->join('nodes', 'servers.node', '=', 'nodes.id')
|
)->join('nodes', 'servers.node', '=', 'nodes.id')
|
||||||
->join('locations', 'nodes.location', '=', 'locations.id')
|
->join('locations', 'nodes.location', '=', 'locations.id')
|
||||||
|
->join('services', 'servers.service', '=', 'services.id')
|
||||||
|
->join('service_options', 'servers.option', '=', 'service_options.id')
|
||||||
->join('allocations', 'servers.allocation', '=', 'allocations.id');
|
->join('allocations', 'servers.allocation', '=', 'allocations.id');
|
||||||
|
|
||||||
if (self::$user->root_admin !== 1) {
|
if (self::$user->root_admin !== 1) {
|
||||||
|
|
|
@ -70,7 +70,11 @@ class Subuser extends Model
|
||||||
*/
|
*/
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
|
if (!is_null(Auth::user())) {
|
||||||
self::$user = Auth::user();
|
self::$user = Auth::user();
|
||||||
|
} else {
|
||||||
|
throw new \Exception('Auth::user and Dingo::user cannot both be null.');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -162,7 +162,8 @@ class UserRepository
|
||||||
throw new DisplayException('Cannot delete a user with active servers attached to thier account.');
|
throw new DisplayException('Cannot delete a user with active servers attached to thier account.');
|
||||||
}
|
}
|
||||||
|
|
||||||
if(Auth::user()->id === $id) {
|
// @TODO: this should probably be checked outside of this method because we won't always have Auth::user()
|
||||||
|
if(!is_null(Auth::user()) && Auth::user()->id === $id) {
|
||||||
throw new DisplayException('Cannot delete your own account.');
|
throw new DisplayException('Cannot delete your own account.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -188,6 +188,8 @@ return [
|
||||||
'Crypt' => Illuminate\Support\Facades\Crypt::class,
|
'Crypt' => Illuminate\Support\Facades\Crypt::class,
|
||||||
'DB' => Illuminate\Support\Facades\DB::class,
|
'DB' => Illuminate\Support\Facades\DB::class,
|
||||||
'Debugbar' => Barryvdh\Debugbar\Facade::class,
|
'Debugbar' => Barryvdh\Debugbar\Facade::class,
|
||||||
|
'Dingo' => Dingo\Api\Facade\API::class,
|
||||||
|
'DingoRoute'=> Dingo\Api\Facade\Route::class,
|
||||||
'Eloquent' => Illuminate\Database\Eloquent\Model::class,
|
'Eloquent' => Illuminate\Database\Eloquent\Model::class,
|
||||||
'Event' => Illuminate\Support\Facades\Event::class,
|
'Event' => Illuminate\Support\Facades\Event::class,
|
||||||
'File' => Illuminate\Support\Facades\File::class,
|
'File' => Illuminate\Support\Facades\File::class,
|
||||||
|
|
|
@ -29,9 +29,9 @@ return [
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
'lifetime' => 120,
|
'lifetime' => 30,
|
||||||
|
|
||||||
'expire_on_close' => false,
|
'expire_on_close' => true,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
36
database/migrations/2016_10_14_164802_update_api_keys.php
Normal file
36
database/migrations/2016_10_14_164802_update_api_keys.php
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
use Illuminate\Support\Facades\Schema;
|
||||||
|
use Illuminate\Database\Schema\Blueprint;
|
||||||
|
use Illuminate\Database\Migrations\Migration;
|
||||||
|
|
||||||
|
class UpdateApiKeys extends Migration
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Run the migrations.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function up()
|
||||||
|
{
|
||||||
|
Schema::table('api_keys', function (Blueprint $table) {
|
||||||
|
$table->unsignedInteger('user')->after('id');
|
||||||
|
$table->text('memo')->after('allowed_ips')->nullable();
|
||||||
|
$table->timestamp('expires_at')->after('memo')->nullable();
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reverse the migrations.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function down()
|
||||||
|
{
|
||||||
|
Schema::table('api_keys', function (Blueprint $table) {
|
||||||
|
$table->dropColumn('user');
|
||||||
|
$table->dropColumn('memo');
|
||||||
|
$table->dropColumn('expires_at');
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
|
@ -263,3 +263,7 @@ li.btn.btn-default.pill:active,li.btn.btn-default.pill:focus,li.btn.btn-default.
|
||||||
.left-icon + td {
|
.left-icon + td {
|
||||||
border-left: 0px !important;
|
border-left: 0px !important;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.fuelux .wizard .step-content > .alert {
|
||||||
|
margin-bottom: 0 !important;
|
||||||
|
}
|
||||||
|
|
66
resources/views/base/api/index.blade.php
Normal file
66
resources/views/base/api/index.blade.php
Normal file
|
@ -0,0 +1,66 @@
|
||||||
|
{{-- Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com> --}}
|
||||||
|
|
||||||
|
{{-- Permission is hereby granted, free of charge, to any person obtaining a copy --}}
|
||||||
|
{{-- of this software and associated documentation files (the "Software"), to deal --}}
|
||||||
|
{{-- in the Software without restriction, including without limitation the rights --}}
|
||||||
|
{{-- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell --}}
|
||||||
|
{{-- copies of the Software, and to permit persons to whom the Software is --}}
|
||||||
|
{{-- furnished to do so, subject to the following conditions: --}}
|
||||||
|
|
||||||
|
{{-- The above copyright notice and this permission notice shall be included in all --}}
|
||||||
|
{{-- copies or substantial portions of the Software. --}}
|
||||||
|
|
||||||
|
{{-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR --}}
|
||||||
|
{{-- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, --}}
|
||||||
|
{{-- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE --}}
|
||||||
|
{{-- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER --}}
|
||||||
|
{{-- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, --}}
|
||||||
|
{{-- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE --}}
|
||||||
|
{{-- SOFTWARE. --}}
|
||||||
|
@extends('layouts.master')
|
||||||
|
|
||||||
|
@section('title', 'API Access')
|
||||||
|
|
||||||
|
@section('sidebar-server')
|
||||||
|
@endsection
|
||||||
|
|
||||||
|
@section('content')
|
||||||
|
<div class="col-md-12">
|
||||||
|
<table class="table table-bordered table-hover">
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th>Public Key</th>
|
||||||
|
<th>Memo</th>
|
||||||
|
<th class="text-center">Created</th>
|
||||||
|
<th class="text-center">Expires</th>
|
||||||
|
<th class="text-center"></th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
@foreach ($keys as $key)
|
||||||
|
<tr class="align-middle">
|
||||||
|
<td><code>{{ $key->public }}</code></td>
|
||||||
|
<td>{{ $key->memo }}</td>
|
||||||
|
<td class="text-center">{{ (new Carbon($key->created_at))->toDayDateTimeString() }}</td>
|
||||||
|
<td class="text-center">
|
||||||
|
@if(is_null($key->expires_at))
|
||||||
|
<span class="label label-default">Never</span>
|
||||||
|
@else
|
||||||
|
{{ (new Carbon($key->expires_at))->toDayDateTimeString() }}
|
||||||
|
@endif
|
||||||
|
</td>
|
||||||
|
<td class="text-center"><a href="#delete" class="text-danger" data-action="delete" data-attr="{{ $key->public }}"><i class="fa fa-trash"></i></a></td>
|
||||||
|
</tr>
|
||||||
|
@endforeach
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<div class="well">
|
||||||
|
<a href="{{ route('account.api.new') }}"><button class="btn btn-success btn-sm">Create New API Key</button></a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<script>
|
||||||
|
$(document).ready(function () {
|
||||||
|
$('#sidebar_links').find('a[href="/account/api"]').addClass('active');
|
||||||
|
});
|
||||||
|
</script>
|
||||||
|
@endsection
|
238
resources/views/base/api/new.blade.php
Normal file
238
resources/views/base/api/new.blade.php
Normal file
|
@ -0,0 +1,238 @@
|
||||||
|
{{-- Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com> --}}
|
||||||
|
|
||||||
|
{{-- Permission is hereby granted, free of charge, to any person obtaining a copy --}}
|
||||||
|
{{-- of this software and associated documentation files (the "Software"), to deal --}}
|
||||||
|
{{-- in the Software without restriction, including without limitation the rights --}}
|
||||||
|
{{-- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell --}}
|
||||||
|
{{-- copies of the Software, and to permit persons to whom the Software is --}}
|
||||||
|
{{-- furnished to do so, subject to the following conditions: --}}
|
||||||
|
|
||||||
|
{{-- The above copyright notice and this permission notice shall be included in all --}}
|
||||||
|
{{-- copies or substantial portions of the Software. --}}
|
||||||
|
|
||||||
|
{{-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR --}}
|
||||||
|
{{-- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, --}}
|
||||||
|
{{-- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE --}}
|
||||||
|
{{-- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER --}}
|
||||||
|
{{-- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, --}}
|
||||||
|
{{-- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE --}}
|
||||||
|
{{-- SOFTWARE. --}}
|
||||||
|
@extends('layouts.master')
|
||||||
|
|
||||||
|
@section('title', 'API Access')
|
||||||
|
|
||||||
|
@section('sidebar-server')
|
||||||
|
@endsection
|
||||||
|
|
||||||
|
@section('content')
|
||||||
|
<div class="col-md-12 fuelux">
|
||||||
|
<div class="wizard" data-initialize="wizard" id="apiWizard">
|
||||||
|
<div class="steps-container">
|
||||||
|
<ul class="steps">
|
||||||
|
<li data-step="1" data-name="user" class="active">
|
||||||
|
<span class="badge">1</span>Permissions
|
||||||
|
<span class="chevron"></span>
|
||||||
|
</li>
|
||||||
|
<li data-step="2" data-name="admin">
|
||||||
|
<span class="badge">2</span>Admin
|
||||||
|
<span class="chevron"></span>
|
||||||
|
</li>
|
||||||
|
<li data-step="3" data-name="ips">
|
||||||
|
<span class="badge">3</span>Security
|
||||||
|
<span class="chevron"></span>
|
||||||
|
</li>
|
||||||
|
<li data-step="4" data-name="ips">
|
||||||
|
<span class="badge">4</span>Finish
|
||||||
|
<span class="chevron"></span>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
<div class="actions">
|
||||||
|
<button type="button" class="btn btn-sm btn-default btn-prev">
|
||||||
|
<span class="fa fa-arrow-left"></span>Prev</button>
|
||||||
|
<button type="button" class="btn btn-sm btn-primary btn-next" data-last="Complete">Next
|
||||||
|
<span class="fa fa-arrow-right"></span>
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
<div class="step-content">
|
||||||
|
{{-- <form action="{{ route('admin.api.admin.new') }}" method="POST" id="perms_form"> --}}
|
||||||
|
<div class="step-pane active alert" data-step="1"></div>
|
||||||
|
<div class="step-pane alert" data-step="2">
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-12 fuelux">
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="*"> <strong>*</strong>
|
||||||
|
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows performing any action aganist the api.admin.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-6 fuelux">
|
||||||
|
<h4>User Management</h4><hr />
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.list"> <strong><span class="label label-default">GET</span> /users</strong>
|
||||||
|
<p class="text-muted"><small>Allows listing of all users currently on the system.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.create"> <strong><span class="label label-default">POST</span> /users</strong>
|
||||||
|
<p class="text-muted"><small>Allows creating a new user on the system.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.view"> <strong><span class="label label-default">GET</span> /users/{id}</strong>
|
||||||
|
<p class="text-muted"><small>Allows viewing details about a specific user including active services.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.update"> <strong><span class="label label-default">PATCH</span> /users/{id}</strong>
|
||||||
|
<p class="text-muted"><small>Allows modifying user details (email, password, TOTP information).</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.users.delete"> <strong><span class="label label-danger">DELETE</span> /users/{id}</strong>
|
||||||
|
<p class="text-muted"><small>Allows deleting a user.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="col-md-6 fuelux">
|
||||||
|
<h4>Server Management</h4><hr />
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.list"> <strong><span class="label label-default">GET</span> /servers</strong>
|
||||||
|
<p class="text-muted"><small>Allows listing of all servers currently on the system.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.create"> <strong><span class="label label-default">POST</span> /servers</strong>
|
||||||
|
<p class="text-muted"><small>Allows creating a new server on the system.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.view"> <strong><span class="label label-default">GET</span> /servers/{id}</strong>
|
||||||
|
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows viewing details about a specific server including the <code>daemon_token</code> as current process information.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.config"> <strong><span class="label label-default">PATCH</span> /servers/{id}/config</strong>
|
||||||
|
<p class="text-muted"><small>Allows modifying server config (name, owner, and access token).</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.build"> <strong><span class="label label-default">PATCH</span> /servers/{id}/build</strong>
|
||||||
|
<p class="text-muted"><small>Allows modifying a server's build parameters such as memory, CPU, and disk space along with assigned and default IPs.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.suspend"> <strong><span class="label label-default">POST</span> /servers/{id}/suspend</strong>
|
||||||
|
<p class="text-muted"><small>Allows suspending a server instance.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.unsuspend"> <strong><span class="label label-default">POST</span> /servers/{id}/unsuspend</strong>
|
||||||
|
<p class="text-muted"><small>Allows unsuspending a server instance.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.servers.delete"> <strong><span class="label label-danger">DELETE</span> /servers/{id}</strong>
|
||||||
|
<p class="text-muted"><small>Allows deleting a server.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-6 fuelux">
|
||||||
|
<h4>Node Management</h4><hr />
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.list"> <strong><span class="label label-default">GET</span> /nodes</strong>
|
||||||
|
<p class="text-muted"><small>Allows listing of all nodes currently on the system.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.create"> <strong><span class="label label-default">POST</span> /nodes</strong>
|
||||||
|
<p class="text-muted"><small>Allows creating a new node on the system.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.view"> <strong><span class="label label-default">GET</span> /nodes/{id}</strong>
|
||||||
|
<p class="text-muted"><small>Allows viewing details about a specific node including active services.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.allocations"> <strong><span class="label label-default">GET</span> /nodes/allocations</strong>
|
||||||
|
<p class="text-muted"><small>Allows viewing all allocations on the panel for all nodes.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.nodes.delete"> <strong><span class="label label-danger">DELETE</span> /nodes/{id}</strong>
|
||||||
|
<p class="text-muted"><small>Allows deleting a node.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="col-md-6 fuelux">
|
||||||
|
<h4>Service Management</h4><hr />
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.services.list"> <strong><span class="label label-default">GET</span> /services</strong>
|
||||||
|
<p class="text-muted"><small>Allows listing of all services configured on the system.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.services.view"> <strong><span class="label label-default">GET</span> /services/{id}</strong>
|
||||||
|
<p class="text-muted"><small>Allows listing details about each service on the system including service options and variables.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<h4>Location Management</h4><hr />
|
||||||
|
<div class="checkbox highlight">
|
||||||
|
<label class="checkbox-custom highlight" data-initialize="checkbox">
|
||||||
|
<input class="sr-only" name="adminPermissions[]" type="checkbox" value="api.admin.locations.list"> <strong><span class="label label-default">GET</span> /locations</strong>
|
||||||
|
<p class="text-muted"><small>Allows listing all locations and thier associated nodes.</small><p>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="step-pane alert" data-step="3">
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="allowed_ips" class="control-label">Allowed IPs</label>
|
||||||
|
<div>
|
||||||
|
<textarea name="allowed_ips" class="form-control" rows="5">{{ old('allowed_ips') }}</textarea>
|
||||||
|
<p class="text-muted">Enter a line delimitated list of IPs that are allowed to access the API using this key. CIDR notation is allowed. Leave blank to allow any IP.</p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="step-pane bg-danger alert" data-step="4">
|
||||||
|
Whoa
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{{-- </form> --}}
|
||||||
|
</div>
|
||||||
|
<script>
|
||||||
|
$(document).ready(function () {
|
||||||
|
$('#sidebar_links').find('a[href="/account/api"]').addClass('active');
|
||||||
|
});
|
||||||
|
</script>
|
||||||
|
@endsection
|
|
@ -184,6 +184,7 @@
|
||||||
<ul class="dropdown-menu">
|
<ul class="dropdown-menu">
|
||||||
<li><a href="/account">{{ trans('pagination.sidebar.account_settings') }}</a></li>
|
<li><a href="/account">{{ trans('pagination.sidebar.account_settings') }}</a></li>
|
||||||
<li><a href="/account/security">{{ trans('pagination.sidebar.account_security') }}</a></li>
|
<li><a href="/account/security">{{ trans('pagination.sidebar.account_security') }}</a></li>
|
||||||
|
<li><a href="/account/api">API Settings</a></li>
|
||||||
<li><a href="/index">{{ trans('pagination.sidebar.servers') }}</a></li>
|
<li><a href="/index">{{ trans('pagination.sidebar.servers') }}</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
|
@ -237,6 +238,7 @@
|
||||||
<a href="#" class="list-group-item list-group-item-heading"><strong>{{ trans('pagination.sidebar.account_controls') }}</strong></a>
|
<a href="#" class="list-group-item list-group-item-heading"><strong>{{ trans('pagination.sidebar.account_controls') }}</strong></a>
|
||||||
<a href="/account" class="list-group-item">{{ trans('pagination.sidebar.account_settings') }}</a>
|
<a href="/account" class="list-group-item">{{ trans('pagination.sidebar.account_settings') }}</a>
|
||||||
<a href="/account/security" class="list-group-item">{{ trans('pagination.sidebar.account_security') }}</a>
|
<a href="/account/security" class="list-group-item">{{ trans('pagination.sidebar.account_security') }}</a>
|
||||||
|
<a href="/account/api" class="list-group-item">API Access</a>
|
||||||
<a href="/" class="list-group-item">{{ trans('pagination.sidebar.servers') }}</a>
|
<a href="/" class="list-group-item">{{ trans('pagination.sidebar.servers') }}</a>
|
||||||
</div>
|
</div>
|
||||||
@section('sidebar-server')
|
@section('sidebar-server')
|
||||||
|
|
Loading…
Reference in a new issue