From a85ac87ae85b93eb1b0fa55159fdffabc33f2171 Mon Sep 17 00:00:00 2001 From: spaceemotion Date: Mon, 12 Dec 2016 20:30:57 +0100 Subject: [PATCH] Refactor to use more laravel logic and improve compatibility with older PHP versions (#206) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Fix @param namespaces for PHPDocs in ServerPolicy * Reduce permission check duplication in ServerPolicy This introduces a new checkPermission method to reduce code duplication when checking for permissions. * Simplify logic to list accessible servers for the user We can directly use the pluck function that laravel collections provide to simplify the logic. * Fix pagination issue when databases/servers exceed 20 Laravels strips out the currently selected tab (or any GET query for that matter) by default when using pagination. the appends() methods helps with keeping that information. * Refactor unnecessary array_merge calls We can just append to the array instead of constantly merging a new copy. * Fix accessing “API Access” on some versions of PHP The “new” word is reserved and should not be used as a method name. http://stackoverflow.com/questions/9575590/why-am-i-getting-an-unexpected-t-new-error-in-php * Fix revoking API keys on older versions of php (5.6) “string” was not a valid function argument type yet, so revoking keys results in an error on older installations. * Fix issues with API due to methods named “list” “list” is yet another reserved keyword in PHP and messes up older installations of PHP (5.6). This renames all methods named “list” to “lists”. The API route names are left untouched (e.g. still called “api.admin.users.list”). * Refactor and shorten some API logic Used laravel collection methods where applicable to directly transform the values instead of converting back and forth. This also removes some dead variables that were never used as well as getting rid of a n+1 problem in the Service API (loading service variables afterwards, not during the model creation). * Return model save status in repositories where applicable * Fix typo in ServicePolicy#powerStart * Apply StyleCI corrections --- .../Controllers/API/LocationController.php | 14 +- app/Http/Controllers/API/NodeController.php | 2 +- app/Http/Controllers/API/ServerController.php | 2 +- .../Controllers/API/ServiceController.php | 12 +- .../Controllers/API/User/InfoController.php | 13 +- .../Controllers/API/User/ServerController.php | 1 - app/Http/Controllers/API/UserController.php | 2 +- app/Http/Controllers/Base/APIController.php | 4 +- app/Http/Routes/APIRoutes.php | 10 +- app/Http/Routes/BaseRoutes.php | 2 +- app/Models/ServiceOptions.php | 10 + app/Models/Subuser.php | 9 +- app/Policies/ServerPolicy.php | 375 ++++++------------ app/Repositories/APIRepository.php | 6 +- app/Repositories/Daemon/FileRepository.php | 9 +- app/Repositories/ServerRepository.php | 40 +- app/Repositories/ServiceRepository/Option.php | 3 +- .../ServiceRepository/Service.php | 3 +- .../ServiceRepository/Variable.php | 6 +- app/Repositories/UserRepository.php | 3 +- .../views/admin/databases/index.blade.php | 8 +- 21 files changed, 199 insertions(+), 335 deletions(-) diff --git a/app/Http/Controllers/API/LocationController.php b/app/Http/Controllers/API/LocationController.php index a2c510c35..8b772151c 100755 --- a/app/Http/Controllers/API/LocationController.php +++ b/app/Http/Controllers/API/LocationController.php @@ -47,17 +47,13 @@ class LocationController extends BaseController * @Versions({"v1"}) * @Response(200) */ - public function list(Request $request) + public function lists(Request $request) { - $locations = Location::select('locations.*', DB::raw('GROUP_CONCAT(nodes.id) as nodes')) + return Location::select('locations.*', DB::raw('GROUP_CONCAT(nodes.id) as nodes')) ->join('nodes', 'locations.id', '=', 'nodes.location') ->groupBy('locations.id') - ->get(); - - foreach ($locations as &$location) { - $location->nodes = explode(',', $location->nodes); - } - - return $locations->toArray(); + ->get()->each(function ($location) { + $location->nodes = explode(',', $location->nodes); + })->all(); } } diff --git a/app/Http/Controllers/API/NodeController.php b/app/Http/Controllers/API/NodeController.php index 4c16fcb14..ce71a08da 100755 --- a/app/Http/Controllers/API/NodeController.php +++ b/app/Http/Controllers/API/NodeController.php @@ -56,7 +56,7 @@ class NodeController extends BaseController * }) * @Response(200) */ - public function list(Request $request) + public function lists(Request $request) { return Models\Node::all()->toArray(); } diff --git a/app/Http/Controllers/API/ServerController.php b/app/Http/Controllers/API/ServerController.php index 909353dd4..ee56a3bad 100755 --- a/app/Http/Controllers/API/ServerController.php +++ b/app/Http/Controllers/API/ServerController.php @@ -57,7 +57,7 @@ class ServerController extends BaseController * }) * @Response(200) */ - public function list(Request $request) + public function lists(Request $request) { return Models\Server::all()->toArray(); } diff --git a/app/Http/Controllers/API/ServiceController.php b/app/Http/Controllers/API/ServiceController.php index 06df710d1..7f2bbe765 100755 --- a/app/Http/Controllers/API/ServiceController.php +++ b/app/Http/Controllers/API/ServiceController.php @@ -38,7 +38,7 @@ class ServiceController extends BaseController // } - public function list(Request $request) + public function lists(Request $request) { return Models\Service::all()->toArray(); } @@ -50,14 +50,12 @@ class ServiceController extends BaseController throw new NotFoundHttpException('No service by that ID was found.'); } - $options = Models\ServiceOptions::select('id', 'name', 'description', 'tag', 'docker_image')->where('parent_service', $service->id)->get(); - foreach ($options as &$opt) { - $opt->variables = Models\ServiceVariables::where('option_id', $opt->id)->get(); - } - return [ 'service' => $service, - 'options' => $options, + 'options' => Models\ServiceOptions::select('id', 'name', 'description', 'tag', 'docker_image') + ->where('parent_service', $service->id) + ->with('variables') + ->get(), ]; } } diff --git a/app/Http/Controllers/API/User/InfoController.php b/app/Http/Controllers/API/User/InfoController.php index c71498a7a..326be99c6 100644 --- a/app/Http/Controllers/API/User/InfoController.php +++ b/app/Http/Controllers/API/User/InfoController.php @@ -32,11 +32,8 @@ class InfoController extends BaseController { public function me(Request $request) { - $servers = Models\Server::getUserServers(); - $response = []; - - foreach ($servers as &$server) { - $response = array_merge($response, [[ + return Models\Server::getUserServers()->map(function ($server) { + return [ 'id' => $server->uuidShort, 'uuid' => $server->uuid, 'name' => $server->name, @@ -48,9 +45,7 @@ class InfoController extends BaseController 'port' => $server->port, 'service' => $server->a_serviceName, 'option' => $server->a_serviceOptionName, - ]]); - } - - return $response; + ]; + })->all(); } } diff --git a/app/Http/Controllers/API/User/ServerController.php b/app/Http/Controllers/API/User/ServerController.php index 7399bf8b8..8f0e01956 100644 --- a/app/Http/Controllers/API/User/ServerController.php +++ b/app/Http/Controllers/API/User/ServerController.php @@ -92,7 +92,6 @@ class ServerController extends BaseController public function power(Request $request, $uuid) { $server = Models\Server::getByUUID($uuid); - $node = Models\Node::getByID($server->node); $client = Models\Node::guzzleRequest($server->node); Auth::user()->can('power-' . $request->input('action'), $server); diff --git a/app/Http/Controllers/API/UserController.php b/app/Http/Controllers/API/UserController.php index 3b657bf02..ad7eca5d5 100755 --- a/app/Http/Controllers/API/UserController.php +++ b/app/Http/Controllers/API/UserController.php @@ -55,7 +55,7 @@ class UserController extends BaseController * }) * @Response(200) */ - public function list(Request $request) + public function lists(Request $request) { return Models\User::all()->toArray(); } diff --git a/app/Http/Controllers/Base/APIController.php b/app/Http/Controllers/Base/APIController.php index c041cfa98..46d0e013d 100644 --- a/app/Http/Controllers/Base/APIController.php +++ b/app/Http/Controllers/Base/APIController.php @@ -48,7 +48,7 @@ class APIController extends Controller ]); } - public function new(Request $request) + public function create(Request $request) { return view('base.api.new'); } @@ -57,7 +57,7 @@ class APIController extends Controller { try { $repo = new APIRepository($request->user()); - $secret = $repo->new($request->except(['_token'])); + $secret = $repo->create($request->except(['_token'])); Alert::success('An API Keypair has successfully been generated. The API secret for this public key is shown below and will not be shown again.

' . $secret . '')->flash(); return redirect()->route('account.api'); diff --git a/app/Http/Routes/APIRoutes.php b/app/Http/Routes/APIRoutes.php index 9417e0846..b897ce1c3 100755 --- a/app/Http/Routes/APIRoutes.php +++ b/app/Http/Routes/APIRoutes.php @@ -55,7 +55,7 @@ class APIRoutes */ $api->get('users', [ 'as' => 'api.admin.users.list', - 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@list', + 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@lists', ]); $api->post('users', [ @@ -83,7 +83,7 @@ class APIRoutes */ $api->get('servers', [ 'as' => 'api.admin.servers.list', - 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@list', + 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@lists', ]); $api->post('servers', [ @@ -126,7 +126,7 @@ class APIRoutes */ $api->get('nodes', [ 'as' => 'api.admin.nodes.list', - 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@list', + 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@lists', ]); $api->post('nodes', [ @@ -164,7 +164,7 @@ class APIRoutes */ $api->get('locations', [ 'as' => 'api.admin.locations.list', - 'uses' => 'Pterodactyl\Http\Controllers\API\LocationController@list', + 'uses' => 'Pterodactyl\Http\Controllers\API\LocationController@lists', ]); /* @@ -172,7 +172,7 @@ class APIRoutes */ $api->get('services', [ 'as' => 'api.admin.services.list', - 'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@list', + 'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@lists', ]); $api->get('services/{id}', [ diff --git a/app/Http/Routes/BaseRoutes.php b/app/Http/Routes/BaseRoutes.php index a4cabe1b1..2cf012e0f 100644 --- a/app/Http/Routes/BaseRoutes.php +++ b/app/Http/Routes/BaseRoutes.php @@ -85,7 +85,7 @@ class BaseRoutes ]); $router->get('/new', [ 'as' => 'account.api.new', - 'uses' => 'Base\APIController@new', + 'uses' => 'Base\APIController@create', ]); $router->post('/new', [ 'uses' => 'Base\APIController@save', diff --git a/app/Models/ServiceOptions.php b/app/Models/ServiceOptions.php index e74bae281..ca2c0fbc3 100644 --- a/app/Models/ServiceOptions.php +++ b/app/Models/ServiceOptions.php @@ -50,4 +50,14 @@ class ServiceOptions extends Model protected $casts = [ 'parent_service' => 'integer', ]; + + /** + * Gets all variables associated with this service. + * + * @return \Illuminate\Database\Eloquent\Relations\HasMany + */ + public function variables() + { + return $this->hasMany(ServiceVariables::class, 'option_id'); + } } diff --git a/app/Models/Subuser.php b/app/Models/Subuser.php index 3c2bfe9e0..798f54f79 100644 --- a/app/Models/Subuser.php +++ b/app/Models/Subuser.php @@ -80,15 +80,8 @@ class Subuser extends Model */ public static function accessServers() { - $access = []; - $union = self::select('server_id')->where('user_id', self::$user->id); - $select = Server::select('id')->where('owner', self::$user->id)->union($union)->get(); - foreach ($select as &$select) { - $access = array_merge($access, [$select->id]); - } - - return $access; + return Server::select('id')->where('owner', self::$user->id)->union($union)->pluck('id'); } } diff --git a/app/Policies/ServerPolicy.php b/app/Policies/ServerPolicy.php index 56ae09df3..b5c29966c 100644 --- a/app/Policies/ServerPolicy.php +++ b/app/Policies/ServerPolicy.php @@ -42,8 +42,8 @@ class ServerPolicy /** * Determine if current user is the owner of a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ protected function isOwner(User $user, Server $server) @@ -54,7 +54,7 @@ class ServerPolicy /** * Runs before any of the functions are called. Used to determine if user is root admin, if so, ignore permissions. * - * @param Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\User $user * @param string $ability * @return bool */ @@ -68,577 +68,450 @@ class ServerPolicy /** * Check if user has permission to control power for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function power(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('power')->exists(); + return $this->checkPermission($user, $server, 'power'); } /** * Check if user has permission to start a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function powerStart(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('power-start')->exists(); + return $this->checkPermission($user, $server, 'power-start'); } /** * Check if user has permission to stop a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function powerStop(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('power-stop')->exists(); + return $this->checkPermission($user, $server, 'power-stop'); } /** * Check if user has permission to restart a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function powerRestart(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('power-restart')->exists(); + return $this->checkPermission($user, $server, 'power-restart'); } /** * Check if user has permission to kill a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function powerKill(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('power-kill')->exists(); + return $this->checkPermission($user, $server, 'power-kill'); } /** * Check if user has permission to run a command on a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function sendCommand(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('send-command')->exists(); + return $this->checkPermission($user, $server, 'send-command'); } /** * Check if user has permission to list files on a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function listFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('list-files')->exists(); + return $this->checkPermission($user, $server, 'list-files'); } /** * Check if user has permission to edit files on a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function editFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('edit-files')->exists(); + return $this->checkPermission($user, $server, 'edit-files'); } /** * Check if user has permission to save files on a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function saveFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('save-files')->exists(); + return $this->checkPermission($user, $server, 'save-files'); } /** * Check if user has permission to move and rename files and folders on a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function moveFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('move-files')->exists(); + return $this->checkPermission($user, $server, 'move-files'); } /** * Check if user has permission to copy folders and files on a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function copyFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('copy-files')->exists(); + return $this->checkPermission($user, $server, 'copy-files'); } /** * Check if user has permission to compress files and folders on a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function compressFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('compress-files')->exists(); + return $this->checkPermission($user, $server, 'compress-files'); } /** * Check if user has permission to decompress files on a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function decompressFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('decompress-files')->exists(); + return $this->checkPermission($user, $server, 'decompress-files'); } /** * Check if user has permission to add files to a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function addFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('add-files')->exists(); + return $this->checkPermission($user, $server, 'add-files'); } /** * Check if user has permission to upload files to a server. * This permission relies on the user having the 'add-files' permission as well due to page authorization. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function uploadFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('upload-files')->exists(); + return $this->checkPermission($user, $server, 'upload-files'); } /** * Check if user has permission to download files from a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function downloadFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('download-files')->exists(); + return $this->checkPermission($user, $server, 'download-files'); } /** * Check if user has permission to delete files from a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function deleteFiles(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('delete-files')->exists(); + return $this->checkPermission($user, $server, 'delete-files'); } /** * Check if user has permission to view subusers for the server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function listSubusers(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('list-subusers')->exists(); + return $this->checkPermission($user, $server, 'list-subusers'); } /** * Check if user has permission to view specific subuser permissions. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function viewSubuser(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('view-subuser')->exists(); + return $this->checkPermission($user, $server, 'view-subuser'); } /** * Check if user has permission to edit a subuser. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function editSubuser(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('edit-subuser')->exists(); + return $this->checkPermission($user, $server, 'edit-subuser'); } /** * Check if user has permission to delete a subuser. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function deleteSubuser(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('delete-subuser')->exists(); + return $this->checkPermission($user, $server, 'delete-subuser'); } /** * Check if user has permission to edit a subuser. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function createSubuser(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('create-subuser')->exists(); + return $this->checkPermission($user, $server, 'create-subuser'); } /** * Check if user has permission to set the default connection for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function setConnection(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('set-connection')->exists(); + return $this->checkPermission($user, $server, 'set-connection'); } /** * Check if user has permission to view the startup command used for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function viewStartup(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('view-startup')->exists(); + return $this->checkPermission($user, $server, 'view-startup'); } /** * Check if user has permission to edit the startup command used for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function editStartup(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('edit-startup')->exists(); + return $this->checkPermission($user, $server, 'edit-startup'); } /** * Check if user has permission to view the SFTP information for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function viewSftp(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('view-sftp')->exists(); + return $this->checkPermission($user, $server, 'view-sftp'); } /** * Check if user has permission to reset the SFTP password for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function resetSftp(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('reset-sftp')->exists(); + return $this->checkPermission($user, $server, 'reset-sftp'); } /** * Check if user has permission to view the SFTP password for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function viewSftpPassword(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('view-sftp-password')->exists(); + return $this->checkPermission($user, $server, 'view-sftp-password'); } /** * Check if user has permission to view databases for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function viewDatabases(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('view-databases')->exists(); + return $this->checkPermission($user, $server, 'view-databases'); } /** * Check if user has permission to reset database passwords. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function resetDbPassword(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('reset-db-password')->exists(); + return $this->checkPermission($user, $server, 'reset-db-password'); } /** * Check if user has permission to view all tasks for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function listTasks(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('list-tasks')->exists(); + return $this->checkPermission($user, $server, 'list-tasks'); } /** * Check if user has permission to view a specific task for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function viewTask(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('view-task')->exists(); + return $this->checkPermission($user, $server, 'view-task'); } /** * Check if user has permission to view a toggle a task for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function toggleTask(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('toggle-task')->exists(); + return $this->checkPermission($user, $server, 'toggle-task'); } /** * Check if user has permission to queue a task for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function queueTask(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('queue-task')->exists(); + return $this->checkPermission($user, $server, 'queue-task'); } /** * Check if user has permission to delete a specific task for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function deleteTask(User $user, Server $server) { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission('delete-task')->exists(); + return $this->checkPermission($user, $server, 'delete-task'); } /** * Check if user has permission to create a task for a server. * - * @param Pterodactyl\Models\User $user - * @param Pterodactyl\Models\Server $server + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server * @return bool */ public function createTask(User $user, Server $server) + { + return $this->checkPermission($user, $server, 'create-task'); + } + + /** + * Checks if the user has the given permission on/for the server. + * + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server + * @param $permission + * @return bool + */ + private function checkPermission(User $user, Server $server, $permission) { if ($this->isOwner($user, $server)) { return true; } - return $user->permissions()->server($server)->permission('create-task')->exists(); + return $user->permissions()->server($server)->permission($permission)->exists(); } } diff --git a/app/Repositories/APIRepository.php b/app/Repositories/APIRepository.php index c9e2581b2..bbe4aaca9 100644 --- a/app/Repositories/APIRepository.php +++ b/app/Repositories/APIRepository.php @@ -116,7 +116,7 @@ class APIRepository * * @return string Returns the generated secret token. */ - public function new(array $data) + public function create(array $data) { $validator = Validator::make($data, [ 'memo' => 'string|max:500', @@ -219,13 +219,13 @@ class APIRepository * * @return void */ - public function revoke(string $key) + public function revoke($key) { DB::beginTransaction(); try { $model = Models\APIKey::where('public', $key)->where('user', $this->user->id)->firstOrFail(); - $permissions = Models\APIPermission::where('key_id', $model->id)->delete(); + Models\APIPermission::where('key_id', $model->id)->delete(); $model->delete(); DB::commit(); diff --git a/app/Repositories/Daemon/FileRepository.php b/app/Repositories/Daemon/FileRepository.php index 716a8e387..3994eca2b 100644 --- a/app/Repositories/Daemon/FileRepository.php +++ b/app/Repositories/Daemon/FileRepository.php @@ -181,24 +181,23 @@ class FileRepository $folders = []; foreach ($json as &$value) { if ($value->directory === true) { - // @TODO Handle Symlinks - $folders = array_merge($folders, [[ + $folders[] = [ 'entry' => $value->name, 'directory' => trim($directory, '/'), 'size' => null, 'date' => strtotime($value->modified), 'mime' => $value->mime, - ]]); + ]; } elseif ($value->file === true) { - $files = array_merge($files, [[ + $files[] = [ 'entry' => $value->name, 'directory' => trim($directory, '/'), 'extension' => pathinfo($value->name, PATHINFO_EXTENSION), 'size' => HelperRepository::bytesToHuman($value->size), 'date' => strtotime($value->modified), 'mime' => $value->mime, - ]]); + ]; } } diff --git a/app/Repositories/ServerRepository.php b/app/Repositories/ServerRepository.php index a70188c85..14c0a42dc 100644 --- a/app/Repositories/ServerRepository.php +++ b/app/Repositories/ServerRepository.php @@ -170,11 +170,11 @@ class ServerRepository if ($variable->required === 1) { throw new DisplayException('A required service option variable field (env_' . $variable->env_variable . ') was missing from the request.'); } - $variableList = array_merge($variableList, [[ + $variableList[] = [ 'id' => $variable->id, 'env' => $variable->env_variable, 'val' => $variable->default_value, - ]]); + ]; continue; } @@ -183,11 +183,11 @@ class ServerRepository throw new DisplayException('Failed to validate service option variable field (env_' . $variable->env_variable . ') aganist regex (' . $variable->regex . ').'); } - $variableList = array_merge($variableList, [[ + $variableList[] = [ 'id' => $variable->id, 'env' => $variable->env_variable, 'val' => $data['env_' . $variable->env_variable], - ]]); + ]; continue; } } @@ -260,14 +260,13 @@ class ServerRepository $allocation->save(); // Add Variables - $environmentVariables = []; - $environmentVariables = array_merge($environmentVariables, [ + $environmentVariables = [ 'STARTUP' => $data['startup'], - ]); + ]; + foreach ($variableList as $item) { - $environmentVariables = array_merge($environmentVariables, [ - $item['env'] => $item['val'], - ]); + $environmentVariables[$item['env']] = $item['val']; + Models\ServerVariables::create([ 'server_id' => $server->id, 'variable_id' => $item['id'], @@ -672,21 +671,21 @@ class ServerRepository foreach ($variables as &$variable) { // Move on if the new data wasn't even sent if (! isset($data[$variable->env_variable])) { - $variableList = array_merge($variableList, [[ + $variableList[] = [ 'id' => $variable->id, 'env' => $variable->env_variable, 'val' => $variable->a_currentValue, - ]]); + ]; continue; } // Update Empty but skip validation if (empty($data[$variable->env_variable])) { - $variableList = array_merge($variableList, [[ + $variableList[] = [ 'id' => $variable->id, 'env' => $variable->env_variable, 'val' => null, - ]]); + ]; continue; } @@ -708,23 +707,20 @@ class ServerRepository throw new DisplayException('Failed to validate service option variable field (' . $variable->env_variable . ') aganist regex (' . $variable->regex . ').'); } - $variableList = array_merge($variableList, [[ + $variableList[] = [ 'id' => $variable->id, 'env' => $variable->env_variable, 'val' => $data[$variable->env_variable], - ]]); + ]; } } // Add Variables - $environmentVariables = []; - $environmentVariables = array_merge($environmentVariables, [ + $environmentVariables = [ 'STARTUP' => $server->startup, - ]); + ]; foreach ($variableList as $item) { - $environmentVariables = array_merge($environmentVariables, [ - $item['env'] => $item['val'], - ]); + $environmentVariables[$item['env']] = $item['val']; // Update model or make a new record if it doesn't exist. $model = Models\ServerVariables::firstOrNew([ diff --git a/app/Repositories/ServiceRepository/Option.php b/app/Repositories/ServiceRepository/Option.php index dad7e8644..d6408d9ef 100644 --- a/app/Repositories/ServiceRepository/Option.php +++ b/app/Repositories/ServiceRepository/Option.php @@ -118,6 +118,7 @@ class Option } $option->fill($data); - $option->save(); + + return $option->save(); } } diff --git a/app/Repositories/ServiceRepository/Service.php b/app/Repositories/ServiceRepository/Service.php index 39dcf5fbe..565e52468 100644 --- a/app/Repositories/ServiceRepository/Service.php +++ b/app/Repositories/ServiceRepository/Service.php @@ -82,7 +82,8 @@ class Service } $service->fill($data); - $service->save(); + + return $service->save(); } public function delete($id) diff --git a/app/Repositories/ServiceRepository/Variable.php b/app/Repositories/ServiceRepository/Variable.php index b74801207..4f95e5c3a 100644 --- a/app/Repositories/ServiceRepository/Variable.php +++ b/app/Repositories/ServiceRepository/Variable.php @@ -71,7 +71,8 @@ class Variable $variable = new Models\ServiceVariables; $variable->option_id = $option->id; $variable->fill($data); - $variable->save(); + + return $variable->save(); } public function delete($id) @@ -125,6 +126,7 @@ class Variable $data['required'] = (isset($data['required']) && in_array((int) $data['required'], [0, 1])) ? $data['required'] : $variable->required; $variable->fill($data); - $variable->save(); + + return $variable->save(); } } diff --git a/app/Repositories/UserRepository.php b/app/Repositories/UserRepository.php index 6bb7f2491..add04c920 100644 --- a/app/Repositories/UserRepository.php +++ b/app/Repositories/UserRepository.php @@ -144,7 +144,8 @@ class UserRepository } $user->fill($data); - $user->save(); + + return $user->save(); } /** diff --git a/resources/views/admin/databases/index.blade.php b/resources/views/admin/databases/index.blade.php index 5417473ab..a4aa30e7b 100644 --- a/resources/views/admin/databases/index.blade.php +++ b/resources/views/admin/databases/index.blade.php @@ -36,7 +36,7 @@
    • -
    +
    @@ -65,12 +65,12 @@
    - {{ $databases->render() }} + {{ $databases->appends('tab', 'tab_databases')->render() }}
    -
    +
    @@ -99,7 +99,7 @@
    - {{ $dbh->render() }} + {{ $dbh->appends('tab', 'tab_dbservers')->render() }}