Update all the client API endpoints to use new permissions codes
This commit is contained in:
parent
1153101a57
commit
867dbf3bd2
32 changed files with 141 additions and 1187 deletions
|
@ -45,7 +45,7 @@ class WebsocketController extends ClientApiController
|
||||||
*/
|
*/
|
||||||
public function __invoke(Request $request, Server $server)
|
public function __invoke(Request $request, Server $server)
|
||||||
{
|
{
|
||||||
if (! $request->user()->can('connect-to-ws', $server)) {
|
if (! $request->user()->can('websocket.*', $server)) {
|
||||||
throw new HttpException(
|
throw new HttpException(
|
||||||
Response::HTTP_FORBIDDEN, 'You do not have permission to connect to this server\'s websocket.'
|
Response::HTTP_FORBIDDEN, 'You do not have permission to connect to this server\'s websocket.'
|
||||||
);
|
);
|
||||||
|
|
|
@ -14,7 +14,7 @@ class DeleteDatabaseRequest extends ClientApiRequest implements ClientPermission
|
||||||
*/
|
*/
|
||||||
public function permission(): string
|
public function permission(): string
|
||||||
{
|
{
|
||||||
return 'delete-database';
|
return 'database.delete';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -12,6 +12,6 @@ class GetDatabasesRequest extends ClientApiRequest implements ClientPermissionsR
|
||||||
*/
|
*/
|
||||||
public function permission(): string
|
public function permission(): string
|
||||||
{
|
{
|
||||||
return 'view-databases';
|
return 'database.read';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,6 +14,6 @@ class RotatePasswordRequest extends ClientApiRequest
|
||||||
*/
|
*/
|
||||||
public function authorize(): bool
|
public function authorize(): bool
|
||||||
{
|
{
|
||||||
return $this->user()->can('reset-db-password', $this->getModel(Server::class));
|
return $this->user()->can('database.update', $this->getModel(Server::class));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,7 @@ class StoreDatabaseRequest extends ClientApiRequest implements ClientPermissions
|
||||||
*/
|
*/
|
||||||
public function permission(): string
|
public function permission(): string
|
||||||
{
|
{
|
||||||
return 'create-database';
|
return 'database.create';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -12,7 +12,7 @@ class CopyFileRequest extends ClientApiRequest implements ClientPermissionsReque
|
||||||
*/
|
*/
|
||||||
public function permission(): string
|
public function permission(): string
|
||||||
{
|
{
|
||||||
return 'copy-files';
|
return 'file.create';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -14,7 +14,7 @@ class CreateFolderRequest extends ClientApiRequest
|
||||||
*/
|
*/
|
||||||
public function authorize(): bool
|
public function authorize(): bool
|
||||||
{
|
{
|
||||||
return $this->user()->can('create-files', $this->getModel(Server::class));
|
return $this->user()->can('file.create', $this->getModel(Server::class));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -12,7 +12,7 @@ class DeleteFileRequest extends ClientApiRequest implements ClientPermissionsReq
|
||||||
*/
|
*/
|
||||||
public function permission(): string
|
public function permission(): string
|
||||||
{
|
{
|
||||||
return 'delete-files';
|
return 'file.delete';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -15,6 +15,6 @@ class DownloadFileRequest extends ClientApiRequest
|
||||||
*/
|
*/
|
||||||
public function authorize(): bool
|
public function authorize(): bool
|
||||||
{
|
{
|
||||||
return $this->user()->can('download-files', $this->getModel(Server::class));
|
return $this->user()->can('file.read', $this->getModel(Server::class));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,7 +16,7 @@ class GetFileContentsRequest extends ClientApiRequest implements ClientPermissio
|
||||||
*/
|
*/
|
||||||
public function permission(): string
|
public function permission(): string
|
||||||
{
|
{
|
||||||
return 'edit-files';
|
return 'file.read';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -15,7 +15,7 @@ class ListFilesRequest extends ClientApiRequest
|
||||||
*/
|
*/
|
||||||
public function authorize(): bool
|
public function authorize(): bool
|
||||||
{
|
{
|
||||||
return $this->user()->can('list-files', $this->getModel(Server::class));
|
return $this->user()->can('file.read', $this->getModel(Server::class));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -15,7 +15,7 @@ class RenameFileRequest extends ClientApiRequest implements ClientPermissionsReq
|
||||||
*/
|
*/
|
||||||
public function permission(): string
|
public function permission(): string
|
||||||
{
|
{
|
||||||
return 'move-files';
|
return 'file.update';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -16,7 +16,7 @@ class WriteFileContentRequest extends ClientApiRequest implements ClientPermissi
|
||||||
*/
|
*/
|
||||||
public function permission(): string
|
public function permission(): string
|
||||||
{
|
{
|
||||||
return 'save-files';
|
return 'file.create';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -15,6 +15,6 @@ class GetNetworkRequest extends ClientApiRequest
|
||||||
*/
|
*/
|
||||||
public function authorize(): bool
|
public function authorize(): bool
|
||||||
{
|
{
|
||||||
return $this->user()->can('view-allocations', $this->getModel(Server::class));
|
return $this->user()->can('allocation.read', $this->getModel(Server::class));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,7 +13,7 @@ class SendCommandRequest extends GetServerRequest
|
||||||
*/
|
*/
|
||||||
public function authorize(): bool
|
public function authorize(): bool
|
||||||
{
|
{
|
||||||
return $this->user()->can('send-command', $this->getModel(Server::class));
|
return $this->user()->can('control.console', $this->getModel(Server::class));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -14,7 +14,7 @@ class SendPowerRequest extends ClientApiRequest
|
||||||
*/
|
*/
|
||||||
public function authorize(): bool
|
public function authorize(): bool
|
||||||
{
|
{
|
||||||
return $this->user()->can('power-' . $this->input('signal', '_undefined'), $this->getModel(Server::class));
|
return $this->user()->can('control.' . $this->input('signal', ''), $this->getModel(Server::class));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -13,6 +13,6 @@ class GetSubuserRequest extends ClientApiRequest
|
||||||
*/
|
*/
|
||||||
public function authorize(): bool
|
public function authorize(): bool
|
||||||
{
|
{
|
||||||
return $this->user()->can('view-subusers', $this->route()->parameter('server'));
|
return $this->user()->can('user.read', $this->route()->parameter('server'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,40 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Requests\Server\Database;
|
|
||||||
|
|
||||||
use Pterodactyl\Http\Requests\Server\ServerFormRequest;
|
|
||||||
|
|
||||||
class DeleteServerDatabaseRequest extends ServerFormRequest
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public function authorize()
|
|
||||||
{
|
|
||||||
if (! parent::authorize()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return config('pterodactyl.client_features.databases.enabled');
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return the user permission to validate this request against.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
protected function permission(): string
|
|
||||||
{
|
|
||||||
return 'delete-database';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Rules to validate this request against.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function rules()
|
|
||||||
{
|
|
||||||
return [];
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,43 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Requests\Server\Database;
|
|
||||||
|
|
||||||
use Pterodactyl\Http\Requests\Server\ServerFormRequest;
|
|
||||||
|
|
||||||
class StoreServerDatabaseRequest extends ServerFormRequest
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public function authorize()
|
|
||||||
{
|
|
||||||
if (! parent::authorize()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return config('pterodactyl.client_features.databases.enabled');
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return the user permission to validate this request against.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
protected function permission(): string
|
|
||||||
{
|
|
||||||
return 'create-database';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Rules to validate this request against.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function rules()
|
|
||||||
{
|
|
||||||
return [
|
|
||||||
'database' => 'required|string|min:1',
|
|
||||||
'remote' => 'required|string|regex:/^[0-9%.]{1,15}$/',
|
|
||||||
];
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,79 +0,0 @@
|
||||||
<?php
|
|
||||||
/**
|
|
||||||
* Pterodactyl - Panel
|
|
||||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
|
||||||
*
|
|
||||||
* This software is licensed under the terms of the MIT license.
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Requests\Server;
|
|
||||||
|
|
||||||
class ScheduleCreationFormRequest extends ServerFormRequest
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Permission to validate this request against.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
protected function permission(): string
|
|
||||||
{
|
|
||||||
if ($this->method() === 'PATCH') {
|
|
||||||
return 'edit-schedule';
|
|
||||||
}
|
|
||||||
|
|
||||||
return 'create-schedule';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validation rules to apply to the request.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function rules()
|
|
||||||
{
|
|
||||||
return [
|
|
||||||
'name' => 'nullable|string|max:255',
|
|
||||||
'cron_day_of_week' => 'required|string',
|
|
||||||
'cron_day_of_month' => 'required|string',
|
|
||||||
'cron_hour' => 'required|string',
|
|
||||||
'cron_minute' => 'required|string',
|
|
||||||
'tasks' => 'sometimes|array|size:4',
|
|
||||||
'tasks.time_value' => 'required_with:tasks|max:5',
|
|
||||||
'tasks.time_interval' => 'required_with:tasks|max:5',
|
|
||||||
'tasks.action' => 'required_with:tasks|max:5',
|
|
||||||
'tasks.payload' => 'required_with:tasks|max:5',
|
|
||||||
'tasks.time_value.*' => 'numeric|between:0,59',
|
|
||||||
'tasks.time_interval.*' => 'string|in:s,m',
|
|
||||||
'tasks.action.*' => 'string|in:power,command',
|
|
||||||
'tasks.payload.*' => 'string',
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Normalize the request into a format that can be used by the application.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function normalize()
|
|
||||||
{
|
|
||||||
return $this->only('name', 'cron_day_of_week', 'cron_day_of_month', 'cron_hour', 'cron_minute');
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return the tasks provided in the request that are associated with this schedule.
|
|
||||||
*
|
|
||||||
* @return array|null
|
|
||||||
*/
|
|
||||||
public function getTasks()
|
|
||||||
{
|
|
||||||
$restructured = [];
|
|
||||||
foreach (array_get($this->all(), 'tasks', []) as $key => $values) {
|
|
||||||
for ($i = 0; $i < count($values); $i++) {
|
|
||||||
$restructured[$i][$key] = $values[$i];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return empty($restructured) ? null : $restructured;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,35 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Requests\Server;
|
|
||||||
|
|
||||||
use Pterodactyl\Models\Server;
|
|
||||||
use Pterodactyl\Http\Requests\FrontendUserFormRequest;
|
|
||||||
|
|
||||||
abstract class ServerFormRequest extends FrontendUserFormRequest
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Return the user permission to validate this request against.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
abstract protected function permission(): string;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Determine if a user has permission to access this resource.
|
|
||||||
*
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public function authorize()
|
|
||||||
{
|
|
||||||
if (! parent::authorize()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this->user()->can($this->permission(), $this->getServer());
|
|
||||||
}
|
|
||||||
|
|
||||||
public function getServer(): Server
|
|
||||||
{
|
|
||||||
return $this->attributes->get('server');
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,31 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Requests\Server\Settings;
|
|
||||||
|
|
||||||
use Pterodactyl\Models\Server;
|
|
||||||
use Pterodactyl\Http\Requests\Server\ServerFormRequest;
|
|
||||||
|
|
||||||
class ChangeServerNameRequest extends ServerFormRequest
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Permission to use when checking if a user can access this resource.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
protected function permission(): string
|
|
||||||
{
|
|
||||||
return 'edit-name';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Rules to use when validating the submitted data.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function rules()
|
|
||||||
{
|
|
||||||
return [
|
|
||||||
'name' => Server::getRules()['name'],
|
|
||||||
];
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,31 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Requests\Server\Subuser;
|
|
||||||
|
|
||||||
use Pterodactyl\Http\Requests\Server\ServerFormRequest;
|
|
||||||
|
|
||||||
class SubuserStoreFormRequest extends ServerFormRequest
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Return the user permission to validate this request against.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
protected function permission(): string
|
|
||||||
{
|
|
||||||
return 'create-subuser';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The rules to validate this request submission against.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function rules()
|
|
||||||
{
|
|
||||||
return [
|
|
||||||
'email' => 'required|email',
|
|
||||||
'permissions' => 'sometimes|array',
|
|
||||||
];
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,30 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Requests\Server\Subuser;
|
|
||||||
|
|
||||||
use Pterodactyl\Http\Requests\Server\ServerFormRequest;
|
|
||||||
|
|
||||||
class SubuserUpdateFormRequest extends ServerFormRequest
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Return the user permission to validate this request against.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
protected function permission(): string
|
|
||||||
{
|
|
||||||
return 'edit-subuser';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The rules to validate this request submission against.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function rules()
|
|
||||||
{
|
|
||||||
return [
|
|
||||||
'permissions' => 'present|array',
|
|
||||||
];
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,101 +0,0 @@
|
||||||
<?php
|
|
||||||
/**
|
|
||||||
* Pterodactyl - Panel
|
|
||||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
|
||||||
*
|
|
||||||
* This software is licensed under the terms of the MIT license.
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Requests\Server;
|
|
||||||
|
|
||||||
use GuzzleHttp\Exception\RequestException;
|
|
||||||
use Illuminate\Contracts\Config\Repository;
|
|
||||||
use Pterodactyl\Exceptions\Http\Server\FileSizeTooLargeException;
|
|
||||||
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
|
|
||||||
use Pterodactyl\Contracts\Repository\Daemon\FileRepositoryInterface;
|
|
||||||
use Pterodactyl\Exceptions\Http\Server\FileTypeNotEditableException;
|
|
||||||
use Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException;
|
|
||||||
|
|
||||||
class UpdateFileContentsFormRequest extends ServerFormRequest
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* Return the permission string to validate this request against.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
protected function permission(): string
|
|
||||||
{
|
|
||||||
return 'edit-files';
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Authorize a request to edit a file.
|
|
||||||
*
|
|
||||||
* @return bool
|
|
||||||
*
|
|
||||||
* @throws \Pterodactyl\Exceptions\DisplayException
|
|
||||||
* @throws \Pterodactyl\Exceptions\Http\Server\FileSizeTooLargeException
|
|
||||||
* @throws \Pterodactyl\Exceptions\Http\Server\FileTypeNotEditableException
|
|
||||||
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
|
||||||
*/
|
|
||||||
public function authorize()
|
|
||||||
{
|
|
||||||
if (! parent::authorize()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$server = $this->attributes->get('server');
|
|
||||||
$token = $this->attributes->get('server_token');
|
|
||||||
|
|
||||||
return $this->checkFileCanBeEdited($server, $token);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function rules()
|
|
||||||
{
|
|
||||||
return [];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Checks if a given file can be edited by a user on this server.
|
|
||||||
*
|
|
||||||
* @param \Pterodactyl\Models\Server $server
|
|
||||||
* @param string $token
|
|
||||||
* @return bool
|
|
||||||
*
|
|
||||||
* @throws \Pterodactyl\Exceptions\DisplayException
|
|
||||||
* @throws \Pterodactyl\Exceptions\Http\Server\FileSizeTooLargeException
|
|
||||||
* @throws \Pterodactyl\Exceptions\Http\Server\FileTypeNotEditableException
|
|
||||||
*/
|
|
||||||
private function checkFileCanBeEdited($server, $token)
|
|
||||||
{
|
|
||||||
$config = app()->make(Repository::class);
|
|
||||||
$repository = app()->make(FileRepositoryInterface::class);
|
|
||||||
|
|
||||||
try {
|
|
||||||
$stats = $repository->setServer($server)->setToken($token)->getFileStat($this->route()->parameter('file'));
|
|
||||||
} catch (RequestException $exception) {
|
|
||||||
switch ($exception->getCode()) {
|
|
||||||
case 404:
|
|
||||||
throw new NotFoundHttpException;
|
|
||||||
default:
|
|
||||||
throw new DaemonConnectionException($exception);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ((! $stats->file && ! $stats->symlink) || ! in_array($stats->mime, $config->get('pterodactyl.files.editable'))) {
|
|
||||||
throw new FileTypeNotEditableException(trans('server.files.exceptions.invalid_mime'));
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($stats->size > $config->get('pterodactyl.files.max_edit_size')) {
|
|
||||||
throw new FileSizeTooLargeException(trans('server.files.exceptions.max_size'));
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->attributes->set('file_stats', $stats);
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,61 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace Pterodactyl\Http\Requests\Server;
|
|
||||||
|
|
||||||
use Pterodactyl\Http\Requests\FrontendUserFormRequest;
|
|
||||||
use Pterodactyl\Contracts\Repository\EggVariableRepositoryInterface;
|
|
||||||
|
|
||||||
class UpdateStartupParametersFormRequest extends FrontendUserFormRequest
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
private $validationAttributes = [];
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Determine if the user has permission to update the startup parameters
|
|
||||||
* for this server.
|
|
||||||
*
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public function authorize()
|
|
||||||
{
|
|
||||||
if (! parent::authorize()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this->user()->can('edit-startup', $this->attributes->get('server'));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate that all of the required fields were passed and that the environment
|
|
||||||
* variable values meet the defined criteria for those fields.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function rules()
|
|
||||||
{
|
|
||||||
$repository = $this->container->make(EggVariableRepositoryInterface::class);
|
|
||||||
|
|
||||||
$variables = $repository->getEditableVariables($this->attributes->get('server')->egg_id);
|
|
||||||
$rules = $variables->mapWithKeys(function ($variable) {
|
|
||||||
$this->validationAttributes['environment.' . $variable->env_variable] = $variable->name;
|
|
||||||
|
|
||||||
return ['environment.' . $variable->env_variable => $variable->rules];
|
|
||||||
})->toArray();
|
|
||||||
|
|
||||||
return array_merge($rules, [
|
|
||||||
'environment' => 'required|array',
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return attributes to provide better naming conventions for error messages.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function attributes()
|
|
||||||
{
|
|
||||||
return $this->validationAttributes;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -2,6 +2,8 @@
|
||||||
|
|
||||||
namespace Pterodactyl\Models;
|
namespace Pterodactyl\Models;
|
||||||
|
|
||||||
|
use Illuminate\Support\Collection;
|
||||||
|
|
||||||
class Permission extends Validable
|
class Permission extends Validable
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
|
@ -48,12 +50,130 @@ class Permission extends Validable
|
||||||
'permission' => 'required|string',
|
'permission' => 'required|string',
|
||||||
];
|
];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* All of the permissions available on the system. You should use self::permissions()
|
||||||
|
* to retrieve them, and not directly access this array as it is subject to change.
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
* @see \Pterodactyl\Models\Permission::permissions()
|
||||||
|
*/
|
||||||
|
protected static $permissions = [
|
||||||
|
'websocket' => [
|
||||||
|
// Allows the user to connect to the server websocket, this will give them
|
||||||
|
// access to view the console output as well as realtime server stats (CPU
|
||||||
|
// and Memory usage).
|
||||||
|
'*',
|
||||||
|
],
|
||||||
|
|
||||||
|
'control' => [
|
||||||
|
// Allows the user to send data to the server console process. A user with this
|
||||||
|
// permission will not be able to stop the server directly by issuing the specified
|
||||||
|
// stop command for the Egg, however depending on plugins and server configuration
|
||||||
|
// they may still be able to control the server power state.
|
||||||
|
'console', // power.send-command
|
||||||
|
|
||||||
|
// Allows the user to start/stop/restart/kill the server process.
|
||||||
|
'start', // power.power-start
|
||||||
|
'stop', // power.power-stop
|
||||||
|
'restart', // power.power-restart
|
||||||
|
'kill', // power.power-kill
|
||||||
|
],
|
||||||
|
|
||||||
|
'user' => [
|
||||||
|
// Allows a user to create a new user assigned to the server. They will not be able
|
||||||
|
// to assign any permissions they do not already have on their account as well.
|
||||||
|
'create', // subuser.create-subuser
|
||||||
|
'read', // subuser.list-subusers, subuser.view-subuser
|
||||||
|
'update', // subuser.edit-subuser
|
||||||
|
'delete', // subuser.delete-subuser
|
||||||
|
],
|
||||||
|
|
||||||
|
'file' => [
|
||||||
|
// Allows a user to create additional files and folders either via the Panel,
|
||||||
|
// or via a direct upload.
|
||||||
|
'create', // files.create-files, files.upload-files, files.copy-files, files.move-files
|
||||||
|
|
||||||
|
// Allows a user to view the contents of a directory as well as read the contents
|
||||||
|
// of a given file. A user with this permission will be able to download files
|
||||||
|
// as well.
|
||||||
|
'read', // files.list-files, files.download-files
|
||||||
|
|
||||||
|
// Allows a user to update the contents of an existing file or directory.
|
||||||
|
'update', // files.edit-files, files.save-files
|
||||||
|
|
||||||
|
// Allows a user to delete a file or directory.
|
||||||
|
'delete', // files.delete-files
|
||||||
|
|
||||||
|
// Allows a user to archive the contents of a directory as well as decompress existing
|
||||||
|
// archives on the system.
|
||||||
|
'archive', // files.compress-files, files.decompress-files
|
||||||
|
|
||||||
|
// Allows the user to connect and manage server files using their account
|
||||||
|
// credentials and a SFTP client.
|
||||||
|
'sftp', // files.access-sftp
|
||||||
|
],
|
||||||
|
|
||||||
|
// Controls permissions for editing or viewing a server's allocations.
|
||||||
|
'allocation' => [
|
||||||
|
'read', // server.view-allocations
|
||||||
|
'update', // server.edit-allocation
|
||||||
|
],
|
||||||
|
|
||||||
|
// Controls permissions for editing or viewing a server's startup parameters.
|
||||||
|
'startup' => [
|
||||||
|
'read', // server.view-startup
|
||||||
|
'update', // server.edit-startup
|
||||||
|
],
|
||||||
|
|
||||||
|
'database' => [
|
||||||
|
// Allows a user to create a new database for a server.
|
||||||
|
'create', // database.create-database
|
||||||
|
|
||||||
|
// Allows a user to view the databases associated with the server. If they do not also
|
||||||
|
// have the view_password permission they will only be able to see the connection address
|
||||||
|
// and the name of the user.
|
||||||
|
'read', // database.view-databases
|
||||||
|
|
||||||
|
// Allows a user to rotate the password on a database instance. If the user does not
|
||||||
|
// alow have the view_password permission they will not be able to see the updated password
|
||||||
|
// anywhere, but it will still be rotated.
|
||||||
|
'update', // database.reset-db-password
|
||||||
|
|
||||||
|
// Allows a user to delete a database instance.
|
||||||
|
'delete', // database.delete-database
|
||||||
|
|
||||||
|
// Allows a user to view the password associated with a database instance for the
|
||||||
|
// server. Note that a user without this permission may still be able to access these
|
||||||
|
// credentials by viewing files or the console.
|
||||||
|
'view_password', // database.reset-db-password
|
||||||
|
],
|
||||||
|
|
||||||
|
'schedule' => [
|
||||||
|
'create', // task.create-schedule
|
||||||
|
'read', // task.view-schedule, task.list-schedules
|
||||||
|
'update', // task.edit-schedule, task.queue-schedule, task.toggle-schedule
|
||||||
|
'delete', // task.delete-schedule
|
||||||
|
],
|
||||||
|
];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns all of the permissions available on the system for a user to
|
||||||
|
* have when controlling a server.
|
||||||
|
*
|
||||||
|
* @return \Illuminate\Support\Collection
|
||||||
|
*/
|
||||||
|
public static function permissions(): Collection
|
||||||
|
{
|
||||||
|
return Collection::make(self::$permissions);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A list of all permissions available for a user.
|
* A list of all permissions available for a user.
|
||||||
*
|
*
|
||||||
* @var array
|
* @var array
|
||||||
|
* @deprecated
|
||||||
*/
|
*/
|
||||||
protected static $permissions = [
|
protected static $deprecatedPermissions = [
|
||||||
'power' => [
|
'power' => [
|
||||||
'power-start' => 's:power:start',
|
'power-start' => 's:power:start',
|
||||||
'power-stop' => 's:power:stop',
|
'power-stop' => 's:power:stop',
|
||||||
|
@ -110,16 +230,17 @@ class Permission extends Validable
|
||||||
*
|
*
|
||||||
* @param bool $array
|
* @param bool $array
|
||||||
* @return array|\Illuminate\Support\Collection
|
* @return array|\Illuminate\Support\Collection
|
||||||
|
* @deprecated
|
||||||
*/
|
*/
|
||||||
public static function getPermissions($array = false)
|
public static function getPermissions($array = false)
|
||||||
{
|
{
|
||||||
if ($array) {
|
if ($array) {
|
||||||
return collect(self::$permissions)->mapWithKeys(function ($item) {
|
return collect(self::$deprecatedPermissions)->mapWithKeys(function ($item) {
|
||||||
return $item;
|
return $item;
|
||||||
})->all();
|
})->all();
|
||||||
}
|
}
|
||||||
|
|
||||||
return collect(self::$permissions);
|
return collect(self::$deprecatedPermissions);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -1,77 +0,0 @@
|
||||||
<?php
|
|
||||||
/**
|
|
||||||
* Pterodactyl - Panel
|
|
||||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
|
||||||
*
|
|
||||||
* This software is licensed under the terms of the MIT license.
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
namespace Tests\Unit\Http\Controllers\Server;
|
|
||||||
|
|
||||||
use Mockery as m;
|
|
||||||
use Pterodactyl\Models\Server;
|
|
||||||
use Illuminate\Contracts\Config\Repository;
|
|
||||||
use Tests\Unit\Http\Controllers\ControllerTestCase;
|
|
||||||
use Pterodactyl\Http\Controllers\Server\ConsoleController;
|
|
||||||
|
|
||||||
class ConsoleControllerTest extends ControllerTestCase
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var \Illuminate\Contracts\Config\Repository|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $config;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Setup tests.
|
|
||||||
*/
|
|
||||||
public function setUp()
|
|
||||||
{
|
|
||||||
parent::setUp();
|
|
||||||
|
|
||||||
$this->config = m::mock(Repository::class);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test both controllers as they do effectively the same thing.
|
|
||||||
*
|
|
||||||
* @dataProvider controllerDataProvider
|
|
||||||
*/
|
|
||||||
public function testAllControllers($function, $view)
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->mockInjectJavascript();
|
|
||||||
|
|
||||||
$this->config->shouldReceive('get')->with('pterodactyl.console.count')->once()->andReturn(100);
|
|
||||||
$this->config->shouldReceive('get')->with('pterodactyl.console.frequency')->once()->andReturn(10);
|
|
||||||
|
|
||||||
$response = $controller->$function($this->request);
|
|
||||||
$this->assertIsViewResponse($response);
|
|
||||||
$this->assertViewNameEquals($view, $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Provide data for the tests.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function controllerDataProvider()
|
|
||||||
{
|
|
||||||
return [
|
|
||||||
['index', 'server.index'],
|
|
||||||
['console', 'server.console'],
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return a mocked instance of the controller to allow access to authorization functionality.
|
|
||||||
*
|
|
||||||
* @return \Pterodactyl\Http\Controllers\Server\ConsoleController|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
private function getController()
|
|
||||||
{
|
|
||||||
return $this->buildMockedController(ConsoleController::class, [$this->config]);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,70 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace Tests\Unit\Http\Controllers\Server\Files;
|
|
||||||
|
|
||||||
use Mockery as m;
|
|
||||||
use Pterodactyl\Models\Node;
|
|
||||||
use Tests\Traits\MocksUuids;
|
|
||||||
use Pterodactyl\Models\Server;
|
|
||||||
use Illuminate\Cache\Repository;
|
|
||||||
use Tests\Unit\Http\Controllers\ControllerTestCase;
|
|
||||||
use Pterodactyl\Http\Controllers\Server\Files\DownloadController;
|
|
||||||
|
|
||||||
class DownloadControllerTest extends ControllerTestCase
|
|
||||||
{
|
|
||||||
use MocksUuids;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var \Illuminate\Cache\Repository|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $cache;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Setup tests.
|
|
||||||
*/
|
|
||||||
public function setUp()
|
|
||||||
{
|
|
||||||
parent::setUp();
|
|
||||||
|
|
||||||
$this->cache = m::mock(Repository::class);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the download controller redirects correctly.
|
|
||||||
*/
|
|
||||||
public function testIndexController()
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
$server->setRelation('node', factory(Node::class)->make());
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('download-files', $server)->once()->andReturnNull();
|
|
||||||
|
|
||||||
$this->cache->shouldReceive('put')
|
|
||||||
->once()
|
|
||||||
->with('Server:Downloads:' . $this->getKnownUuid(), ['server' => $server->uuid, 'path' => '/my/file.txt'], 5)
|
|
||||||
->andReturnNull();
|
|
||||||
|
|
||||||
$response = $controller->index($this->request, $server->uuidShort, '/my/file.txt');
|
|
||||||
$this->assertIsRedirectResponse($response);
|
|
||||||
$this->assertRedirectUrlEquals(sprintf(
|
|
||||||
'%s://%s:%s/v1/server/file/download/%s',
|
|
||||||
$server->node->scheme,
|
|
||||||
$server->node->fqdn,
|
|
||||||
$server->node->daemonListen,
|
|
||||||
$this->getKnownUuid()
|
|
||||||
), $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return a mocked instance of the controller to allow access to authorization functionality.
|
|
||||||
*
|
|
||||||
* @return \Pterodactyl\Http\Controllers\Server\Files\DownloadController|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
private function getController()
|
|
||||||
{
|
|
||||||
return $this->buildMockedController(DownloadController::class, [$this->cache]);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,185 +0,0 @@
|
||||||
<?php
|
|
||||||
/**
|
|
||||||
* Pterodactyl - Panel
|
|
||||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
|
||||||
*
|
|
||||||
* This software is licensed under the terms of the MIT license.
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
namespace Tests\Unit\Http\Controllers\Server\Files;
|
|
||||||
|
|
||||||
use Mockery as m;
|
|
||||||
use Pterodactyl\Models\Server;
|
|
||||||
use Tests\Traits\MocksRequestException;
|
|
||||||
use GuzzleHttp\Exception\RequestException;
|
|
||||||
use Pterodactyl\Exceptions\PterodactylException;
|
|
||||||
use Tests\Unit\Http\Controllers\ControllerTestCase;
|
|
||||||
use Pterodactyl\Http\Requests\Server\UpdateFileContentsFormRequest;
|
|
||||||
use Pterodactyl\Contracts\Repository\Daemon\FileRepositoryInterface;
|
|
||||||
use Pterodactyl\Http\Controllers\Server\Files\FileActionsController;
|
|
||||||
use Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException;
|
|
||||||
|
|
||||||
class FileActionsControllerTest extends ControllerTestCase
|
|
||||||
{
|
|
||||||
use MocksRequestException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var \Pterodactyl\Contracts\Repository\Daemon\FileRepositoryInterface|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $repository;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Setup tests.
|
|
||||||
*/
|
|
||||||
public function setUp()
|
|
||||||
{
|
|
||||||
parent::setUp();
|
|
||||||
|
|
||||||
$this->repository = m::mock(FileRepositoryInterface::class);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the index view controller.
|
|
||||||
*/
|
|
||||||
public function testIndexController()
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->mockInjectJavascript();
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('list-files', $server)->once()->andReturnNull();
|
|
||||||
$this->request->shouldReceive('user->can')->andReturn(true);
|
|
||||||
|
|
||||||
$response = $controller->index($this->request);
|
|
||||||
$this->assertIsViewResponse($response);
|
|
||||||
$this->assertViewNameEquals('server.files.index', $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the file creation view controller.
|
|
||||||
*
|
|
||||||
* @dataProvider directoryNameProvider
|
|
||||||
*/
|
|
||||||
public function testCreateController($directory, $expected)
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->mockInjectJavascript();
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('create-files', $server)->once()->andReturnNull();
|
|
||||||
$this->request->shouldReceive('get')->with('dir')->andReturn($directory);
|
|
||||||
|
|
||||||
$response = $controller->create($this->request);
|
|
||||||
$this->assertIsViewResponse($response);
|
|
||||||
$this->assertViewNameEquals('server.files.add', $response);
|
|
||||||
$this->assertViewHasKey('directory', $response);
|
|
||||||
$this->assertViewKeyEquals('directory', $expected, $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the update controller.
|
|
||||||
*
|
|
||||||
* @dataProvider fileNameProvider
|
|
||||||
*/
|
|
||||||
public function testUpdateController($file, $expected)
|
|
||||||
{
|
|
||||||
$this->setRequestMockClass(UpdateFileContentsFormRequest::class);
|
|
||||||
|
|
||||||
$controller = $this->getController();
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->setRequestAttribute('server_token', 'abc123');
|
|
||||||
$this->setRequestAttribute('file_stats', 'fileStatsObject');
|
|
||||||
$this->mockInjectJavascript(['stat' => 'fileStatsObject']);
|
|
||||||
|
|
||||||
$this->repository->shouldReceive('setServer')->with($server)->once()->andReturnSelf()
|
|
||||||
->shouldReceive('setToken')->with('abc123')->once()->andReturnSelf()
|
|
||||||
->shouldReceive('getContent')->with($file)->once()->andReturn('test');
|
|
||||||
|
|
||||||
$response = $controller->view($this->request, '1234', $file);
|
|
||||||
$this->assertIsViewResponse($response);
|
|
||||||
$this->assertViewNameEquals('server.files.edit', $response);
|
|
||||||
$this->assertViewHasKey('file', $response);
|
|
||||||
$this->assertViewHasKey('stat', $response);
|
|
||||||
$this->assertViewHasKey('contents', $response);
|
|
||||||
$this->assertViewHasKey('directory', $response);
|
|
||||||
$this->assertViewKeyEquals('file', $file, $response);
|
|
||||||
$this->assertViewKeyEquals('stat', 'fileStatsObject', $response);
|
|
||||||
$this->assertViewKeyEquals('contents', 'test', $response);
|
|
||||||
$this->assertViewKeyEquals('directory', $expected, $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test that an exception is handled correctly in the controller.
|
|
||||||
*/
|
|
||||||
public function testExceptionRenderedByUpdateController()
|
|
||||||
{
|
|
||||||
$this->setRequestMockClass(UpdateFileContentsFormRequest::class);
|
|
||||||
$this->configureExceptionMock();
|
|
||||||
|
|
||||||
$controller = $this->getController();
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->setRequestAttribute('server_token', 'abc123');
|
|
||||||
$this->setRequestAttribute('file_stats', 'fileStatsObject');
|
|
||||||
|
|
||||||
$this->repository->shouldReceive('setServer')->with($server)->once()->andThrow($this->getExceptionMock());
|
|
||||||
|
|
||||||
try {
|
|
||||||
$controller->view($this->request, '1234', 'file.txt');
|
|
||||||
} catch (PterodactylException $exception) {
|
|
||||||
$this->assertInstanceOf(DaemonConnectionException::class, $exception);
|
|
||||||
$this->assertInstanceOf(RequestException::class, $exception->getPrevious());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Provides a list of directory names and the expected output from formatting.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function directoryNameProvider()
|
|
||||||
{
|
|
||||||
return [
|
|
||||||
[null, ''],
|
|
||||||
['/', ''],
|
|
||||||
['', ''],
|
|
||||||
['my/directory', 'my/directory/'],
|
|
||||||
['/my/directory/', 'my/directory/'],
|
|
||||||
['/////my/directory////', 'my/directory/'],
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Provides a list of file names and the expected output from formatting.
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
public function fileNameProvider()
|
|
||||||
{
|
|
||||||
return [
|
|
||||||
['/my/file.txt', 'my/'],
|
|
||||||
['my/file.txt', 'my/'],
|
|
||||||
['file.txt', '/'],
|
|
||||||
['/file.txt', '/'],
|
|
||||||
['./file.txt', '/'],
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return a mocked instance of the controller to allow access to authorization functionality.
|
|
||||||
*
|
|
||||||
* @return \Pterodactyl\Http\Controllers\Server\Files\FileActionsController|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
private function getController()
|
|
||||||
{
|
|
||||||
return $this->buildMockedController(FileActionsController::class, [$this->repository]);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,158 +0,0 @@
|
||||||
<?php
|
|
||||||
/**
|
|
||||||
* Pterodactyl - Panel
|
|
||||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
|
||||||
*
|
|
||||||
* This software is licensed under the terms of the MIT license.
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
namespace Tests\Unit\Http\Controllers\Server\Files;
|
|
||||||
|
|
||||||
use Mockery as m;
|
|
||||||
use GuzzleHttp\Psr7\Response;
|
|
||||||
use Pterodactyl\Models\Server;
|
|
||||||
use Tests\Traits\MocksRequestException;
|
|
||||||
use GuzzleHttp\Exception\RequestException;
|
|
||||||
use Illuminate\Contracts\Config\Repository;
|
|
||||||
use Pterodactyl\Exceptions\PterodactylException;
|
|
||||||
use Tests\Unit\Http\Controllers\ControllerTestCase;
|
|
||||||
use Pterodactyl\Contracts\Repository\Daemon\FileRepositoryInterface;
|
|
||||||
use Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException;
|
|
||||||
use Pterodactyl\Http\Controllers\Server\Files\RemoteRequestController;
|
|
||||||
|
|
||||||
class RemoteRequestControllerTest extends ControllerTestCase
|
|
||||||
{
|
|
||||||
use MocksRequestException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var \Illuminate\Contracts\Config\Repository|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $config;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var \Pterodactyl\Contracts\Repository\Daemon\FileRepositoryInterface|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $repository;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Setup tests.
|
|
||||||
*/
|
|
||||||
public function setUp()
|
|
||||||
{
|
|
||||||
parent::setUp();
|
|
||||||
|
|
||||||
$this->config = m::mock(Repository::class);
|
|
||||||
$this->repository = m::mock(FileRepositoryInterface::class);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the directory listing controller.
|
|
||||||
*/
|
|
||||||
public function testDirectoryController()
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->setRequestAttribute('server_token', 'abc123');
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('list-files', $server)->once()->andReturnNull();
|
|
||||||
$this->request->shouldReceive('input')->with('directory', '/')->once()->andReturn('/');
|
|
||||||
$this->repository->shouldReceive('setServer')->with($server)->once()->andReturnSelf()
|
|
||||||
->shouldReceive('setToken')->with('abc123')->once()->andReturnSelf()
|
|
||||||
->shouldReceive('getDirectory')->with('/')->once()->andReturn(['folders' => 1, 'files' => 2]);
|
|
||||||
$this->config->shouldReceive('get')->with('pterodactyl.files.editable')->once()->andReturn([]);
|
|
||||||
|
|
||||||
$response = $controller->directory($this->request);
|
|
||||||
$this->assertIsViewResponse($response);
|
|
||||||
$this->assertViewNameEquals('server.files.list', $response);
|
|
||||||
$this->assertViewHasKey('files', $response);
|
|
||||||
$this->assertViewHasKey('folders', $response);
|
|
||||||
$this->assertViewHasKey('editableMime', $response);
|
|
||||||
$this->assertViewHasKey('directory', $response);
|
|
||||||
$this->assertViewKeyEquals('files', 2, $response);
|
|
||||||
$this->assertViewKeyEquals('folders', 1, $response);
|
|
||||||
$this->assertViewKeyEquals('editableMime', [], $response);
|
|
||||||
$this->assertViewKeyEquals('directory.first', false, $response);
|
|
||||||
$this->assertViewKeyEquals('directory.header', '', $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test that the controller properly handles an exception thrown by the daemon connection.
|
|
||||||
*/
|
|
||||||
public function testExceptionThrownByDaemonConnectionIsHandledByDisplayController()
|
|
||||||
{
|
|
||||||
$this->configureExceptionMock();
|
|
||||||
$controller = $this->getController();
|
|
||||||
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('list-files', $server)->once()->andReturnNull();
|
|
||||||
$this->request->shouldReceive('input')->with('directory', '/')->once()->andReturn('/');
|
|
||||||
$this->repository->shouldReceive('setServer')->with($server)->once()->andThrow($this->getExceptionMock());
|
|
||||||
|
|
||||||
try {
|
|
||||||
$controller->directory($this->request);
|
|
||||||
} catch (PterodactylException $exception) {
|
|
||||||
$this->assertInstanceOf(DaemonConnectionException::class, $exception);
|
|
||||||
$this->assertInstanceOf(RequestException::class, $exception->getPrevious());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the store controller.
|
|
||||||
*/
|
|
||||||
public function testStoreController()
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->setRequestAttribute('server_token', 'abc123');
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('save-files', $server)->once()->andReturnNull();
|
|
||||||
$this->request->shouldReceive('input')->with('file')->once()->andReturn('file.txt');
|
|
||||||
$this->request->shouldReceive('input')->with('contents')->once()->andReturn('file contents');
|
|
||||||
$this->repository->shouldReceive('setServer')->with($server)->once()->andReturnSelf()
|
|
||||||
->shouldReceive('setToken')->with('abc123')->once()->andReturnSelf()
|
|
||||||
->shouldReceive('putContent')->with('file.txt', 'file contents')->once()->andReturn(new Response);
|
|
||||||
|
|
||||||
$response = $controller->store($this->request);
|
|
||||||
$this->assertIsResponse($response);
|
|
||||||
$this->assertResponseCodeEquals(204, $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test that the controller properly handles an exception thrown by the daemon connection.
|
|
||||||
*/
|
|
||||||
public function testExceptionThrownByDaemonConnectionIsHandledByStoreController()
|
|
||||||
{
|
|
||||||
$this->configureExceptionMock();
|
|
||||||
$controller = $this->getController();
|
|
||||||
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('save-files', $server)->once()->andReturnNull();
|
|
||||||
$this->repository->shouldReceive('setServer')->with($server)->once()->andThrow($this->getExceptionMock());
|
|
||||||
|
|
||||||
try {
|
|
||||||
$controller->store($this->request);
|
|
||||||
} catch (PterodactylException $exception) {
|
|
||||||
$this->assertInstanceOf(DaemonConnectionException::class, $exception);
|
|
||||||
$this->assertInstanceOf(RequestException::class, $exception->getPrevious());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return a mocked instance of the controller to allow access to authorization functionality.
|
|
||||||
*
|
|
||||||
* @return \Pterodactyl\Http\Controllers\Server\Files\RemoteRequestController|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
private function getController()
|
|
||||||
{
|
|
||||||
return $this->buildMockedController(RemoteRequestController::class, [$this->config, $this->repository]);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,226 +0,0 @@
|
||||||
<?php
|
|
||||||
/**
|
|
||||||
* Pterodactyl - Panel
|
|
||||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
|
||||||
*
|
|
||||||
* This software is licensed under the terms of the MIT license.
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
|
|
||||||
namespace Tests\Unit\Http\Controllers\Server;
|
|
||||||
|
|
||||||
use Mockery as m;
|
|
||||||
use Pterodactyl\Models\Server;
|
|
||||||
use Pterodactyl\Models\Subuser;
|
|
||||||
use Pterodactyl\Models\Permission;
|
|
||||||
use Prologue\Alerts\AlertsMessageBag;
|
|
||||||
use Tests\Unit\Http\Controllers\ControllerTestCase;
|
|
||||||
use Pterodactyl\Services\Subusers\SubuserUpdateService;
|
|
||||||
use Pterodactyl\Services\Subusers\SubuserCreationService;
|
|
||||||
use Pterodactyl\Services\Subusers\SubuserDeletionService;
|
|
||||||
use Pterodactyl\Http\Controllers\Server\SubuserController;
|
|
||||||
use Pterodactyl\Contracts\Repository\SubuserRepositoryInterface;
|
|
||||||
use Pterodactyl\Http\Requests\Server\Subuser\SubuserStoreFormRequest;
|
|
||||||
use Pterodactyl\Http\Requests\Server\Subuser\SubuserUpdateFormRequest;
|
|
||||||
|
|
||||||
class SubuserControllerTest extends ControllerTestCase
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @var \Prologue\Alerts\AlertsMessageBag|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $alert;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var \Pterodactyl\Contracts\Repository\SubuserRepositoryInterface|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $repository;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var \Pterodactyl\Services\Subusers\SubuserCreationService|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $subuserCreationService;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var \Pterodactyl\Services\Subusers\SubuserDeletionService|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $subuserDeletionService;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @var \Pterodactyl\Services\Subusers\SubuserUpdateService|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
protected $subuserUpdateService;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Setup tests.
|
|
||||||
*/
|
|
||||||
public function setUp()
|
|
||||||
{
|
|
||||||
parent::setUp();
|
|
||||||
|
|
||||||
$this->alert = m::mock(AlertsMessageBag::class);
|
|
||||||
$this->repository = m::mock(SubuserRepositoryInterface::class);
|
|
||||||
$this->subuserCreationService = m::mock(SubuserCreationService::class);
|
|
||||||
$this->subuserDeletionService = m::mock(SubuserDeletionService::class);
|
|
||||||
$this->subuserUpdateService = m::mock(SubuserUpdateService::class);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Test index controller.
|
|
||||||
*/
|
|
||||||
public function testIndexController()
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->mockInjectJavascript();
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('list-subusers', $server)->once()->andReturnNull();
|
|
||||||
$this->repository->shouldReceive('findWhere')->with([['server_id', '=', $server->id]])->once()->andReturn(collect());
|
|
||||||
|
|
||||||
$response = $controller->index($this->request);
|
|
||||||
$this->assertIsViewResponse($response);
|
|
||||||
$this->assertViewNameEquals('server.users.index', $response);
|
|
||||||
$this->assertViewHasKey('subusers', $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test view controller.
|
|
||||||
*/
|
|
||||||
public function testViewController()
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
$subuser = factory(Subuser::class)->make();
|
|
||||||
$subuser->setRelation('permissions', collect([
|
|
||||||
(object) ['permission' => 'some.permission'],
|
|
||||||
(object) ['permission' => 'another.permission'],
|
|
||||||
]));
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->setRequestAttribute('subuser', $subuser);
|
|
||||||
$this->mockInjectJavascript();
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('view-subuser', $server)->once()->andReturnNull();
|
|
||||||
$this->repository->shouldReceive('getWithPermissions')->with($subuser)->once()->andReturn($subuser);
|
|
||||||
|
|
||||||
$response = $controller->view($this->request);
|
|
||||||
$this->assertIsViewResponse($response);
|
|
||||||
$this->assertViewNameEquals('server.users.view', $response);
|
|
||||||
$this->assertViewHasKey('subuser', $response);
|
|
||||||
$this->assertViewHasKey('permlist', $response);
|
|
||||||
$this->assertViewHasKey('permissions', $response);
|
|
||||||
$this->assertViewKeyEquals('subuser', $subuser, $response);
|
|
||||||
$this->assertViewKeyEquals('permlist', Permission::getPermissions(), $response);
|
|
||||||
$this->assertViewKeyEquals('permissions', collect([
|
|
||||||
'some.permission' => true,
|
|
||||||
'another.permission' => true,
|
|
||||||
]), $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the update controller.
|
|
||||||
*/
|
|
||||||
public function testUpdateController()
|
|
||||||
{
|
|
||||||
$this->setRequestMockClass(SubuserUpdateFormRequest::class);
|
|
||||||
|
|
||||||
$controller = $this->getController();
|
|
||||||
$subuser = factory(Subuser::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('subuser', $subuser);
|
|
||||||
|
|
||||||
$this->request->shouldReceive('input')->with('permissions', [])->once()->andReturn(['some.permission']);
|
|
||||||
$this->subuserUpdateService->shouldReceive('handle')->with($subuser, ['some.permission'])->once()->andReturnNull();
|
|
||||||
$this->alert->shouldReceive('success')->with(trans('server.users.user_updated'))->once()->andReturnSelf();
|
|
||||||
$this->alert->shouldReceive('flash')->withNoArgs()->once()->andReturnNull();
|
|
||||||
|
|
||||||
$response = $controller->update($this->request, 'abcd1234', $subuser->hashid);
|
|
||||||
$this->assertIsRedirectResponse($response);
|
|
||||||
$this->assertRedirectRouteEquals('server.subusers.view', $response, ['uuid' => 'abcd1234', 'id' => $subuser->hashid]);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the create controller.
|
|
||||||
*/
|
|
||||||
public function testCreateController()
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->mockInjectJavascript();
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('create-subuser', $server)->once()->andReturnNull();
|
|
||||||
|
|
||||||
$response = $controller->create($this->request);
|
|
||||||
$this->assertIsViewResponse($response);
|
|
||||||
$this->assertViewNameEquals('server.users.new', $response);
|
|
||||||
$this->assertViewHasKey('permissions', $response);
|
|
||||||
$this->assertViewKeyEquals('permissions', Permission::getPermissions(), $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the store controller.
|
|
||||||
*/
|
|
||||||
public function testStoreController()
|
|
||||||
{
|
|
||||||
$this->setRequestMockClass(SubuserStoreFormRequest::class);
|
|
||||||
$controller = $this->getController();
|
|
||||||
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
$subuser = factory(Subuser::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
|
|
||||||
$this->request->shouldReceive('input')->with('email')->once()->andReturn('user@test.com');
|
|
||||||
$this->request->shouldReceive('input')->with('permissions', [])->once()->andReturn(['some.permission']);
|
|
||||||
$this->subuserCreationService->shouldReceive('handle')->with($server, 'user@test.com', ['some.permission'])->once()->andReturn($subuser);
|
|
||||||
$this->alert->shouldReceive('success')->with(trans('server.users.user_assigned'))->once()->andReturnSelf();
|
|
||||||
$this->alert->shouldReceive('flash')->withNoArgs()->once()->andReturnNull();
|
|
||||||
|
|
||||||
$response = $controller->store($this->request);
|
|
||||||
$this->assertIsRedirectResponse($response);
|
|
||||||
$this->assertRedirectRouteEquals('server.subusers.view', $response, [
|
|
||||||
'uuid' => $server->uuidShort,
|
|
||||||
'id' => $subuser->hashid,
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Test the delete controller.
|
|
||||||
*/
|
|
||||||
public function testDeleteController()
|
|
||||||
{
|
|
||||||
$controller = $this->getController();
|
|
||||||
|
|
||||||
$server = factory(Server::class)->make();
|
|
||||||
$subuser = factory(Subuser::class)->make();
|
|
||||||
|
|
||||||
$this->setRequestAttribute('server', $server);
|
|
||||||
$this->setRequestAttribute('subuser', $subuser);
|
|
||||||
|
|
||||||
$controller->shouldReceive('authorize')->with('delete-subuser', $server)->once()->andReturnNull();
|
|
||||||
$this->subuserDeletionService->shouldReceive('handle')->with($subuser)->once()->andReturnNull();
|
|
||||||
|
|
||||||
$response = $controller->delete($this->request);
|
|
||||||
$this->assertIsResponse($response);
|
|
||||||
$this->assertResponseCodeEquals(204, $response);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Return a mocked instance of the controller to allow access to authorization functionality.
|
|
||||||
*
|
|
||||||
* @return \Pterodactyl\Http\Controllers\Server\SubuserController|\Mockery\Mock
|
|
||||||
*/
|
|
||||||
private function getController()
|
|
||||||
{
|
|
||||||
return $this->buildMockedController(SubuserController::class, [
|
|
||||||
$this->alert,
|
|
||||||
$this->subuserCreationService,
|
|
||||||
$this->subuserDeletionService,
|
|
||||||
$this->repository,
|
|
||||||
$this->subuserUpdateService,
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
}
|
|
Loading…
Reference in a new issue