Merge branch 'develop' into feature/react-admin

app/Http/Controllers/Api/Application/Nodes/NodeController.php

@@ -108,7 +108,7 @@ class NodeController extends ApplicationApiController
         $node = $this->updateService->handle(
             $node,
             $request->validated(),
-            $request->input('reset_secret')
+            $request->input('reset_secret'),
         );
 
         return $this->fractal->item($node)

app/Http/Controllers/Api/Application/Nodes/NodeDeploymentController.php

@@ -35,7 +35,7 @@ class NodeDeploymentController extends ApplicationApiController
         $nodes = $this->viableNodesService->setLocations($data['location_ids'] ?? [])
             ->setMemory($data['memory'])
             ->setDisk($data['disk'])
-            ->handle($request->input('page') ?? 0);
+            ->handle($request->query('per_page'), $request->query('page'));
 
         return $this->fractal->collection($nodes)
             ->transformWith($this->getTransformer(NodeTransformer::class))

app/Http/Controllers/Api/Client/Servers/BackupController.php

@@ -72,11 +72,18 @@ class BackupController extends ClientApiController
     {
         /** @var \Pterodactyl\Models\Backup $backup */
         $backup = $server->audit(AuditLog::SERVER__BACKUP_STARTED, function (AuditLog $model, Server $server) use ($request) {
-            $backup = $this->initiateBackupService
-                ->setIgnoredFiles(
-                    explode(PHP_EOL, $request->input('ignored') ?? '')
-                )
-                ->handle($server, $request->input('name'));
+            $action = $this->initiateBackupService
+                ->setIgnoredFiles(explode(PHP_EOL, $request->input('ignored') ?? ''));
+
+            // Only set the lock status if the user even has permission to delete backups,
+            // otherwise ignore this status. This gets a little funky since it isn't clear
+            // how best to allow a user to create a backup that is locked without also preventing
+            // them from just filling up a server with backups that can never be deleted?
+            if ($request->user()->can(Permission::ACTION_BACKUP_DELETE, $server)) {
+                $action->setIsLocked((bool) $request->input('is_locked'));
+            }
+
+            $backup = $action->handle($server, $request->input('name'));
 
             $model->metadata = ['backup_uuid' => $backup->uuid];
 
@@ -88,6 +95,32 @@ class BackupController extends ClientApiController
             ->toArray();
     }
 
+    /**
+     * Toggles the lock status of a given backup for a server.
+     *
+     * @throws \Throwable
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function toggleLock(Request $request, Server $server, Backup $backup): array
+    {
+        if (!$request->user()->can(Permission::ACTION_BACKUP_DELETE, $server)) {
+            throw new AuthorizationException();
+        }
+
+        $action = $backup->is_locked ? AuditLog::SERVER__BACKUP_UNLOCKED : AuditLog::SERVER__BACKUP_LOCKED;
+        $server->audit($action, function (AuditLog $audit) use ($backup) {
+            $audit->metadata = ['backup_uuid' => $backup->uuid];
+
+            $backup->update(['is_locked' => !$backup->is_locked]);
+        });
+
+        $backup->refresh();
+
+        return $this->fractal->item($backup)
+            ->transformWith($this->getTransformer(BackupTransformer::class))
+            ->toArray();
+    }
+
     /**
      * Returns information about a single backup.
      *

app/Http/Controllers/Api/Client/Servers/ResourceUtilizationController.php

@@ -36,11 +36,10 @@ class ResourceUtilizationController extends ClientApiController
      */
     public function __invoke(GetServerRequest $request, Server $server): array
     {
-        $stats = $this->cache
-            ->tags(['resources'])
-            ->remember($server->uuid, Carbon::now()->addSeconds(20), function () use ($server) {
-                return $this->repository->setServer($server)->getDetails();
-            });
+        $key = "resources:{$server->uuid}";
+        $stats = $this->cache->remember($key, Carbon::now()->addSeconds(20), function () use ($server) {
+            return $this->repository->setServer($server)->getDetails();
+        });
 
         return $this->fractal->item($stats)
             ->transformWith($this->getTransformer(StatsTransformer::class))

app/Http/Controllers/Api/Client/Servers/ScheduleController.php

@@ -15,7 +15,6 @@ use Pterodactyl\Services\Schedules\ProcessScheduleService;
 use Pterodactyl\Transformers\Api\Client\ScheduleTransformer;
 use Pterodactyl\Http\Controllers\Api\Client\ClientApiController;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
-use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Pterodactyl\Http\Requests\Api\Client\Servers\Schedules\ViewScheduleRequest;
 use Pterodactyl\Http\Requests\Api\Client\Servers\Schedules\StoreScheduleRequest;
 use Pterodactyl\Http\Requests\Api\Client\Servers\Schedules\DeleteScheduleRequest;
@@ -72,6 +71,7 @@ class ScheduleController extends ClientApiController
             'cron_hour' => $request->input('hour'),
             'cron_minute' => $request->input('minute'),
             'is_active' => (bool) $request->input('is_active'),
+            'only_when_online' => (bool) $request->input('only_when_online'),
             'next_run_at' => $this->getNextRunAt($request),
         ]);
 
@@ -118,6 +118,7 @@ class ScheduleController extends ClientApiController
             'cron_hour' => $request->input('hour'),
             'cron_minute' => $request->input('minute'),
             'is_active' => $active,
+            'only_when_online' => (bool) $request->input('only_when_online'),
             'next_run_at' => $this->getNextRunAt($request),
         ];
 

app/Http/Controllers/Api/Client/Servers/ScheduleTaskController.php

@@ -33,6 +33,7 @@ class ScheduleTaskController extends ClientApiController
     /**
      * Create a new task for a given schedule and store it in the database.
      *
+     * @throws \Pterodactyl\Exceptions\Http\HttpForbiddenException
      * @throws \Pterodactyl\Exceptions\Model\DataValidationException
      * @throws \Pterodactyl\Exceptions\Service\ServiceLimitExceededException
      * @throws \Illuminate\Contracts\Container\BindingResolutionException
@@ -44,6 +45,10 @@ class ScheduleTaskController extends ClientApiController
             throw new ServiceLimitExceededException("Schedules may not have more than {$limit} tasks associated with them. Creating this task would put this schedule over the limit.");
         }
 
+        if ($server->backup_limit === 0 && $request->action === 'backup') {
+            throw new HttpForbiddenException("A backup task cannot be created when the server's backup limit is set to 0.");
+        }
+
         /** @var \Pterodactyl\Models\Task|null $lastTask */
         $lastTask = $schedule->tasks()->orderByDesc('sequence_id')->first();
 
@@ -54,6 +59,7 @@ class ScheduleTaskController extends ClientApiController
             'action' => $request->input('action'),
             'payload' => $request->input('payload') ?? '',
             'time_offset' => $request->input('time_offset'),
+            'continue_on_failure' => (bool) $request->input('continue_on_failure'),
         ]);
 
         return $this->fractal->item($task)
@@ -64,6 +70,7 @@ class ScheduleTaskController extends ClientApiController
     /**
      * Updates a given task for a server.
      *
+     * @throws \Pterodactyl\Exceptions\Http\HttpForbiddenException
      * @throws \Pterodactyl\Exceptions\Model\DataValidationException
      * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
      * @throws \Illuminate\Contracts\Container\BindingResolutionException
@@ -74,10 +81,15 @@ class ScheduleTaskController extends ClientApiController
             throw new NotFoundHttpException();
         }
 
+        if ($server->backup_limit === 0 && $request->action === 'backup') {
+            throw new HttpForbiddenException("A backup task cannot be created when the server's backup limit is set to 0.");
+        }
+
         $this->repository->update($task->id, [
             'action' => $request->input('action'),
             'payload' => $request->input('payload') ?? '',
             'time_offset' => $request->input('time_offset'),
+            'continue_on_failure' => (bool) $request->input('continue_on_failure'),
         ]);
 
         return $this->fractal->item($task->refresh())

app/Http/Controllers/Api/Remote/Servers/ServerDetailsController.php

@@ -90,7 +90,7 @@ class ServerDetailsController extends Controller
         /** @var \Pterodactyl\Models\Server[] $servers */
         $servers = Server::query()
             ->select('servers.*')
-            ->selectRaw('started.metadata->>"$.backup_uuid" as backup_uuid')
+            ->selectRaw('JSON_UNQUOTE(JSON_EXTRACT(started.metadata, "$.backup_uuid")) as backup_uuid')
             ->leftJoinSub(function (Builder $builder) {
                 $builder->select('*')->from('audit_logs')
                     ->where('action', AuditLog::SERVER__BACKUP_RESTORE_STARTED)