Add proper permissions for role application routes, allow admins to access application api

2020-12-28 12:47:08 -07:00 · 2020-12-28 12:47:08 -07:00 · 9c7b49e2b9
commit 9c7b49e2b9
parent b6abeb0994
16 changed files with 287 additions and 112 deletions
--- a/app/Http/Controllers/Api/Application/RoleController.php
+++ b/app/Http/Controllers/Api/Application/RoleController.php
@ -1,76 +0,0 @@
-<?php
-
-namespace Pterodactyl\Http\Controllers\Api\Application;
-
-use Illuminate\Http\JsonResponse;
-use Pterodactyl\Http\Requests\Admin\RoleFormRequest;
-use Pterodactyl\Repositories\Eloquent\AdminRolesRepository;
-
-class RoleController extends ApplicationApiController
-{
-    /**
-     * @var \Pterodactyl\Repositories\Eloquent\AdminRolesRepository
-     */
-    private $repository;
-
-    /**
-     * RolesController constructor.
-     *
-     * @param \Pterodactyl\Repositories\Eloquent\AdminRolesRepository $repository
-     */
-    public function __construct(AdminRolesRepository $repository)
-    {
-        parent::__construct();
-
-        $this->repository = $repository;
-    }
-
-    /**
-     * Returns an array of all roles.
-     *
-     * @return \Illuminate\Http\JsonResponse
-     */
-    public function index()
-    {
-        return new JsonResponse($this->repository->all());
-    }
-
-    /**
-     * Creates a new role.
-     *
-     * @param \Pterodactyl\Http\Requests\Admin\RoleFormRequest $request
-     *
-     * @return \Illuminate\Http\JsonResponse
-     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
-     */
-    public function create(RoleFormRequest $request)
-    {
-        $role = $this->repository->create($request->normalize());
-
-        return new JsonResponse($role);
-    }
-
-    /**
-     * Updates a role.
-     *
-     * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\Response
-     */
-    public function update()
-    {
-        return response('', 204);
-    }
-
-    /**
-     * Deletes a role.
-     *
-     * @param int $role_id
-     *
-     * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\Response
-     */
-    public function delete(int $role_id)
-    {
-        $this->repository->delete($role_id);
-
-        return response('', 204);
-    }
-}
--- a/app/Http/Controllers/Api/Application/Roles/RoleController.php
+++ b/app/Http/Controllers/Api/Application/Roles/RoleController.php
@ -0,0 +1,110 @@
+<?php
+
+namespace Pterodactyl\Http\Controllers\Api\Application\Roles;
+
+use Illuminate\Http\JsonResponse;
+use Pterodactyl\Models\AdminRole;
+use Pterodactyl\Repositories\Eloquent\AdminRolesRepository;
+use Pterodactyl\Transformers\Api\Application\AdminRoleTransformer;
+use Pterodactyl\Http\Requests\Api\Application\Roles\GetRolesRequest;
+use Pterodactyl\Http\Requests\Api\Application\Roles\StoreRoleRequest;
+use Pterodactyl\Http\Requests\Api\Application\Roles\DeleteRoleRequest;
+use Pterodactyl\Http\Requests\Api\Application\Roles\UpdateRoleRequest;
+use Pterodactyl\Http\Controllers\Api\Application\ApplicationApiController;
+
+class RoleController extends ApplicationApiController
+{
+    /**
+     * @var \Pterodactyl\Repositories\Eloquent\AdminRolesRepository
+     */
+    private $repository;
+
+    /**
+     * RolesController constructor.
+     *
+     * @param \Pterodactyl\Repositories\Eloquent\AdminRolesRepository $repository
+     */
+    public function __construct(AdminRolesRepository $repository)
+    {
+        parent::__construct();
+
+        $this->repository = $repository;
+    }
+
+    /**
+     * Returns an array of all roles.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Application\Roles\GetRolesRequest $request
+     *
+     * @return array
+     */
+    public function index(GetRolesRequest $request)
+    {
+        return $this->fractal->collection(AdminRole::all())
+            ->transformWith($this->getTransformer(AdminRoleTransformer::class))
+            ->toArray();
+    }
+
+    /**
+     * Returns a single role.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Application\Roles\GetRolesRequest $request
+     * @param \Pterodactyl\Models\AdminRole $role
+     *
+     * @return array
+     */
+    public function view(GetRolesRequest $request, AdminRole $role): array
+    {
+        return $this->fractal->item($role)
+            ->transformWith($this->getTransformer(AdminRoleTransformer::class))
+            ->toArray();
+    }
+
+    /**
+     * Creates a new role.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Application\Roles\StoreRoleRequest $request
+     *
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function store(StoreRoleRequest $request)
+    {
+        $role = AdminRole::query()->create($request->validated());
+
+        return $this->fractal->item($role)
+            ->transformWith($this->getTransformer(AdminRoleTransformer::class))
+            ->respond(JsonResponse::HTTP_CREATED);
+    }
+
+    /**
+     * Updates a role.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Application\Roles\UpdateRoleRequest $request
+     * @param \Pterodactyl\Models\AdminRole $role
+     *
+     * @return array
+     */
+    public function update(UpdateRoleRequest $request, AdminRole $role)
+    {
+        $role->update($request->validated());
+
+        return $this->fractal->item($role)
+            ->transformWith($this->getTransformer(AdminRoleTransformer::class))
+            ->toArray();
+    }
+
+    /**
+     * Deletes a role.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Application\Roles\DeleteRoleRequest $request
+     * @param \Pterodactyl\Models\AdminRole $role
+     *
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function delete(DeleteRoleRequest $request, AdminRole $role)
+    {
+        $this->repository->delete($role->id);
+
+        return new JsonResponse([], JsonResponse::HTTP_NO_CONTENT);
+    }
+}