Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Completed subuser system

Browse source
This commit is contained in:
Dane Everitt 2016-01-18 19:57:10 -05:00
parent 251700bc2e
commit ac6edc4d64
16 changed files with 731 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.env.example
View file

@ -10,7 +10,7 @@ DB_PASSWORD=secret
CACHE_DRIVER=file
SESSION_DRIVER=file
QUEUE_DRIVER=sync
QUEUE_DRIVER=database
REDIS_HOST=localhost
REDIS_PASSWORD=null

108
app/Http/Controllers/Server/SubuserController.php
View file

@ -3,8 +3,15 @@
namespace Pterodactyl\Http\Controllers\Server;
use DB;
use Auth;
use Alert;
use Log;
use Pterodactyl\Models;
use Pterodactyl\Repositories\SubuserRepository;
use Pterodactyl\Exceptions\DisplayException;
use Pterodactyl\Exceptions\DisplayValidationException;
use Illuminate\Http\Request;
use Pterodactyl\Http\Controllers\Controller;
@ -71,7 +78,106 @@ class SubuserController extends Controller
public function postView(Request $request, $uuid, $id)
{
//
$server = Models\Server::getByUUID($uuid);
$this->authorize('edit-subuser', $server);
$subuser = Models\Subuser::where(DB::raw('md5(id)'), $id)->where('server_id', $server->id)->first();
try {
if (!$subuser) {
throw new DisplayException('Unable to locate a subuser by that ID.');
} else if ($subuser->user_id === Auth::user()->id) {
throw new DisplayException('You are not authorized to edit you own account.');
}
$repo = new SubuserRepository;
$repo->update($subuser->id, [
'permissions' => $request->input('permissions'),
'server' => $server->id,
'user' => $subuser->user_id
]);
Alert::success('Subuser permissions have successfully been updated.')->flash();
} catch (DisplayValidationException $ex) {
return redirect()->route('server.subusers.view', [
'uuid' => $uuid,
'id' => $id
])->withErrors(json_decode($ex->getMessage()));
} catch (DisplayException $ex) {
Alert::danger($ex->getMessage())->flash();
} catch (\Exception $ex) {
Log::error($ex);
Alert::danger('An unknown error occured while attempting to update this subuser.')->flash();
}
return redirect()->route('server.subusers.view', [
'uuid' => $uuid,
'id' => $id
]);
}
public function getNew(Request $request, $uuid)
{
$server = Models\Server::getByUUID($uuid);
$this->authorize('create-subuser', $server);
return view('server.users.new', [
'server' => $server,
'node' => Models\Node::find($server->node)
]);
}
public function postNew(Request $request, $uuid)
{
$server = Models\Server::getByUUID($uuid);
$this->authorize('create-subuser', $server);
try {
$repo = new SubuserRepository;
$id = $repo->create($server->id, $request->except([
'_token'
]));
Alert::success('Successfully created new subuser.')->flash();
return redirect()->route('server.subusers.view', [
'uuid' => $uuid,
'id' => md5($id)
]);
} catch (DisplayValidationException $ex) {
return redirect()->route('server.subusers.new', $uuid)->withErrors(json_decode($ex->getMessage()))->withInput();
} catch (DisplayException $ex) {
Alert::danger($ex->getMessage())->flash();
} catch (\Exception $ex) {
Log::error($ex);
Alert::danger('An unknown error occured while attempting to add a new subuser.')->flash();
}
return redirect()->route('server.subusers.new', $uuid)->withInput();
}
public function deleteSubuser(Request $request, $uuid, $id)
{
$server = Models\Server::getByUUID($uuid);
$this->authorize('delete-subuser', $server);
try {
$subuser = Models\Subuser::select('id')->where(DB::raw('md5(id)'), $id)->where('server_id', $server->id)->first();
if (!$subuser) {
throw new DisplayException('No subuser by that ID was found on the system.');
}
$repo = new SubuserRepository;
$repo->delete($subuser->id);
return response('', 204);
} catch (DisplayException $ex) {
response()->json([
'error' => $ex->getMessage()
], 422);
} catch (\Exception $ex) {
Log::error($ex);
response()->json([
'error' => 'An unknown error occured while attempting to delete this subuser.'
], 503);
}
}
}

2
app/Http/Routes/AuthRoutes.php
View file

@ -35,6 +35,7 @@ class AuthRoutes {
// Show Password Reset Form
$router->get('password', [
'as' => 'auth.password',
'uses' => 'Auth\PasswordController@getEmail'
]);
@ -45,6 +46,7 @@ class AuthRoutes {
// Show Verification Checkpoint
$router->get('password/reset/{token}', [
'as' => 'auth.reset',
'uses' => 'Auth\PasswordController@getReset'
]);

13
app/Http/Routes/ServerRoutes.php
View file

@ -58,6 +58,15 @@ class ServerRoutes {
'uses' => 'Server\SubuserController@getIndex'
]);
$router->get('users/new', [
'as' => 'server.subusers.new',
'uses' => 'Server\SubuserController@getNew'
]);
$router->post('users/new', [
'uses' => 'Server\SubuserController@postNew'
]);
$router->get('users/view/{id}', [
'as' => 'server.subusers.view',
'uses' => 'Server\SubuserController@getView'
@ -67,6 +76,10 @@ class ServerRoutes {
'uses' => 'Server\SubuserController@postView'
]);
$router->delete('users/delete/{id}', [
'uses' => 'Server\SubuserController@deleteSubuser'
]);
// Assorted AJAX Routes
$router->group(['prefix' => 'ajax'], function ($server) use ($router) {
// Returns Server Status

7
app/Models/Permission.php
View file

@ -14,6 +14,13 @@ class Permission extends Model
*/
protected $table = 'permissions';
/**
* Fields that are not mass assignable.
*
* @var array
*/
protected $guarded = ['id', 'created_at', 'updated_at'];
public function scopePermission($query, $permission)
{
return $query->where('permission', $permission);

14
app/Models/Subuser.php
View file

@ -15,6 +15,20 @@ class Subuser extends Model
*/
protected $table = 'subusers';
/**
* The attributes excluded from the model's JSON form.
*
* @var array
*/
protected $hidden = ['daemonSecret'];
/**
* Fields that are not mass assignable.
*
* @var array
*/
protected $guarded = ['id', 'created_at', 'updated_at'];
/**
* @var mixed
*/

235
app/Repositories/SubuserRepository.php
View file

@ -4,16 +4,29 @@ namespace Pterodactyl\Repositories;
use DB;
use Validator;
use Mail;
use Pterodactyl\Models;
use Pterodactyl\Repositories\UserRepository;
use Pterodactyl\Services\UuidService;
use Pterodactyl\Exceptions\DisplayValidationException;
use Pterodactyl\Exceptions\DisplayException;
class UserRepository
class SubuserRepository
{
/**
* Core permissions required for every subuser on the daemon.
* Without this we cannot connect the websocket or get basic
* information about the server.
* @var array
*/
protected $coreDaemonPermissions = [
's:get',
's:console'
];
/**
* Allowed permissions and their related daemon permission.
* @var array
@ -30,12 +43,12 @@ class UserRepository
// File Manager
'list-files' => 's:files:get',
'edit-file' => 's:files:read',
'save-file' => 's:files:post',
'create-file' => 's:files:post',
'download-file' => null,
'upload-file' => 's:files:upload',
'delete-file' => 's:files:delete',
'edit-files' => 's:files:read',
'save-files' => 's:files:post',
'create-files' => 's:files:post',
'download-files' => null,
'upload-files' => 's:files:upload',
'delete-files' => 's:files:delete',
// Subusers
'list-subusers' => null,
@ -46,6 +59,8 @@ class UserRepository
// Management
'set-connection' => null,
'view-startup' => null,
'edit-startup' => null,
'view-sftp' => null,
'reset-sftp' => 's:set-password'
];
@ -55,6 +70,154 @@ class UserRepository
//
}
/**
* Creates a new subuser on the server.
* @param integer $id The ID of the server to add this subuser to.
* @param array $data
* @throws DisplayValidationException
* @throws DisplayException
* @return integer Returns the ID of the newly created subuser.
*/
public function create($sid, array $data)
{
$server = Models\Server::findOrFail($sid);
$validator = Validator::make($data, [
'permissions' => 'required|array',
'email' => 'required|email'
]);
if ($validator->fails()) {
throw new DisplayValidationException(json_encode($validator->all()));
}
DB::beginTransaction();
// Determine if this user exists or if we need to make them an account.
$user = Models\User::where('email', $data['email'])->first();
if (!$user) {
$password = str_random(16);
try {
$repo = new UserRepository;
$uid = $repo->create($data['email'], $password);
$user = Models\User::findOrFail($uid);
} catch (\Exception $ex) {
throw $ex;
}
}
$uuid = new UuidService;
$subuser = new Models\Subuser;
$subuser->fill([
'user_id' => $user->id,
'server_id' => $server->id,
'daemonSecret' => (string) $uuid->generate('servers', 'uuid')
]);
$subuser->save();
$daemonPermissions = $this->coreDaemonPermissions;
foreach($data['permissions'] as $permission) {
if (array_key_exists($permission, $this->permissions)) {
// Build the daemon permissions array for sending.
if (!is_null($this->permissions[$permission])) {
array_push($daemonPermissions, $this->permissions[$permission]);
}
$model = new Models\Permission;
$model->fill([
'user_id' => $user->id,
'server_id' => $server->id,
'permission' => $permission
]);
$model->save();
}
}
// Contact Daemon
// We contact even if they don't have any daemon permissions to overwrite
// if they did have them previously.
try {
$node = Models\Node::getByID($server->node);
$client = Models\Node::guzzleRequest($server->node);
$res = $client->request('PATCH', '/server', [
'headers' => [
'X-Access-Server' => $server->uuid,
'X-Access-Token' => $node->daemonSecret
],
'json' => [
'keys' => [
$subuser->daemonSecret => $daemonPermissions
]
]
]);
$email = $data['email'];
Mail::queue('emails.added-subuser', [
'serverName' => $server->name,
'url' => route('server.index', $server->uuidShort),
], function ($message) use ($email) {
$message->to($email);
$message->subject('Pterodactyl - Added to Server');
});
DB::commit();
return $subuser->id;
} catch (\GuzzleHttp\Exception\TransferException $ex) {
DB::rollBack();
throw new DisplayException('There was an error attempting to connect to the daemon to add this user.');
} catch (\Exception $ex) {
DB::rollBack();
throw $ex;
}
return false;
}
/**
* Revokes a users permissions on a server.
* @param integer $id The ID of the subuser row in MySQL.
* @param array $data
* @throws DisplayValidationException
* @throws DisplayException
* @return void
*/
public function delete($id)
{
$subuser = Models\Subuser::findOrFail($id);
$server = Models\Server::findOrFail($subuser->server_id);
DB::beginTransaction();
Models\Permission::where('user_id', $subuser->user_id)->where('server_id', $subuser->server_id)->delete();
try {
$node = Models\Node::getByID($server->node);
$client = Models\Node::guzzleRequest($server->node);
$res = $client->request('PATCH', '/server', [
'headers' => [
'X-Access-Server' => $server->uuid,
'X-Access-Token' => $node->daemonSecret
],
'json' => [
'keys' => [
$subuser->daemonSecret => []
]
]
]);
$subuser->delete();
DB::commit();
return true;
} catch (\GuzzleHttp\Exception\TransferException $ex) {
DB::rollBack();
throw new DisplayException('There was an error attempting to connect to the daemon to delete this subuser.');
} catch (\Exception $ex) {
DB::rollBack();
throw $ex;
}
return false;
}
/**
* Updates permissions for a given subuser.
* @param integer $id The ID of the subuser row in MySQL. (Not the user ID)
@ -66,13 +229,67 @@ class UserRepository
public function update($id, array $data)
{
$validator = Validator::make($data, [
'permissions' => 'required|array'
'permissions' => 'required|array',
'user' => 'required|exists:users,id',
'server' => 'required|exists:servers,id',
]);
if ($validator->fails()) {
throw new DisplayValidationException(json_encode($validator->all()));
}
// @TODO the thing.
$subuser = Models\Subuser::findOrFail($id);
$server = Models\Server::findOrFail($data['server']);
DB::beginTransaction();
Models\Permission::where('user_id', $subuser->user_id)->where('server_id', $subuser->server_id)->delete();
$daemonPermissions = $this->coreDaemonPermissions;
foreach($data['permissions'] as $permission) {
if (array_key_exists($permission, $this->permissions)) {
// Build the daemon permissions array for sending.
if (!is_null($this->permissions[$permission])) {
array_push($daemonPermissions, $this->permissions[$permission]);
}
$model = new Models\Permission;
$model->fill([
'user_id' => $data['user'],
'server_id' => $data['server'],
'permission' => $permission
]);
$model->save();
}
}
// Contact Daemon
// We contact even if they don't have any daemon permissions to overwrite
// if they did have them previously.
try {
$node = Models\Node::getByID($server->node);
$client = Models\Node::guzzleRequest($server->node);
$res = $client->request('PATCH', '/server', [
'headers' => [
'X-Access-Server' => $server->uuid,
'X-Access-Token' => $node->daemonSecret
],
'json' => [
'keys' => [
$subuser->daemonSecret => $daemonPermissions
]
]
]);
DB::commit();
return true;
} catch (\GuzzleHttp\Exception\TransferException $ex) {
DB::rollBack();
throw new DisplayException('There was an error attempting to connect to the daemon to update permissions.');
} catch (\Exception $ex) {
DB::rollBack();
throw $ex;
}
return false;
}
}

15
app/Repositories/UserRepository.php
View file

@ -5,6 +5,7 @@ namespace Pterodactyl\Repositories;
use DB;
use Hash;
use Validator;
use Mail;
use Pterodactyl\Models;
use Pterodactyl\Services\UuidService;
@ -48,16 +49,28 @@ class UserRepository
$user = new Models\User;
$uuid = new UuidService;
DB::beginTransaction();
$user->uuid = $uuid->generate('users', 'uuid');
$user->email = $email;
$user->password = Hash::make($password);
$user->language = 'en';
$user->root_admin = ($admin) ? 1 : 0;
$user->save();
try {
$user->save();
Mail::queue('emails.new-account', [
'email' => $user->email,
'forgot' => route('auth.password'),
'login' => route('auth.login')
], function ($message) use ($email) {
$message->to($email);
$message->subject('Pterodactyl - New Account');
});
DB::commit();
return $user->id;
} catch (\Exception $ex) {
DB::rollBack();
throw $e;
}
}

2
config/queue.php
View file

@ -16,7 +16,7 @@ return [
|
*/
'default' => env('QUEUE_DRIVER', 'sync'),
'default' => env('QUEUE_DRIVER', 'database'),
/*
|--------------------------------------------------------------------------

37
database/migrations/2016_01_18_235655_create_jobs_table.php Normal file
View file

@ -0,0 +1,37 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateJobsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('jobs', function (Blueprint $table) {
$table->bigIncrements('id');
$table->string('queue');
$table->longText('payload');
$table->tinyInteger('attempts')->unsigned();
$table->tinyInteger('reserved')->unsigned();
$table->unsignedInteger('reserved_at')->nullable();
$table->unsignedInteger('available_at');
$table->unsignedInteger('created_at');
$table->index(['queue', 'reserved', 'reserved_at']);
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::drop('jobs');
}
}

33
database/migrations/2016_01_18_235846_create_failed_jobs_table.php Normal file
View file

@ -0,0 +1,33 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateFailedJobsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('failed_jobs', function (Blueprint $table) {
$table->increments('id');
$table->text('connection');
$table->text('queue');
$table->longText('payload');
$table->timestamp('failed_at');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::drop('failed_jobs');
}
}

9
resources/views/emails/added-subuser.blade.php Normal file
View file

@ -0,0 +1,9 @@
<html>
<head>
<title>Pterodactyl - You've been added to a Server</title>
</head>
<body>
<center><h1>Pterodactyl - Added to Server</h1></center>
<p>You are recieving this email because you have been added as a subuser for <a href="{{ $url }}">{{ $serverName }}</a> on Pterodactyl Panel.</p>
</body>
</html>

12
resources/views/emails/new-account.blade.php Normal file
View file

@ -0,0 +1,12 @@
<html>
<head>
<title>Pterodactyl - New Account</title>
</head>
<body>
<center><h1>Pterodactyl - Account Created</h1></center>
<p>You are recieving this email because an account has been created for you on Pterodactyl Panel.</p>
<p>Login: <a href="{{ $login }}">{{ $login }}</a></p>
<p>Email: {{ $email }}</p>
<p>Forgot your password? <a href="{{ $forgot }}">{{ $forgot }}</a></p>
</body>
</html>

56
resources/views/server/users/index.blade.php
View file

@ -23,16 +23,68 @@
<td><code>{{ $user->a_userEmail }}</code></td>
<td>{{ $user->created_at }}</td>
<td>{{ $user->updated_at }}</td>
@can('view-subuser', $server)<td class="text-center"><a href="{{ route('server.subusers.view', ['server' => $server->uuidShort, 'id' => md5($user->id)]) }}" class="text-success"><i class="fa fa-wrench"></i></a></td>@endcan
@can('delete-subuser', $server)<td class="text-center"><a href="#/delete/{{ md5($user->id) }}" class="text-danger"><i class="fa fa-trash-o"></i></a></td>@endcan
@can('view-subuser', $server)
<td class="text-center"><a href="{{ route('server.subusers.view', ['server' => $server->uuidShort, 'id' => md5($user->id)]) }}" class="text-success"><i class="fa fa-wrench"></i></a></td>
@endcan
@can('delete-subuser', $server)
<td class="text-center"><a href="#/delete/{{ md5($user->id) }}" data-action="delete" data-id="{{ md5($user->id) }}" class="text-danger"><i class="fa fa-trash-o"></i></a></td>
@endcan
</tr>
@endforeach
</tbody>
</table>
@can('create-subuser', $server)
<div class="well">
<div class="row">
<div class="col-md-12">
<a href="{{ route('server.subusers.new', $server->uuidShort) }}"><button class="btn btn-sm btn-success">Add New Subuser</button></a>
</div>
</div>
</div>
@endcan
</div>
<script>
$(document).ready(function () {
$('.server-users').addClass('active');
$('[data-action="delete"]').click(function (event) {
event.preventDefault();
var self = $(this);
swal({
type: 'warning',
title: 'Delete Subuser',
text: 'This will immediately remove this user from this server and revoke all permissions.',
showCancelButton: true,
showConfirmButton: true,
closeOnConfirm: false,
showLoaderOnConfirm: true
}, function () {
$.ajax({
method: 'DELETE',
url: '{{ route('server.subusers', $server->uuidShort) }}/delete/' + self.data('id'),
headers: {
'X-CSRF-Token': '{{ csrf_token() }}'
}
}).done(function () {
self.parent().parent().slideUp();
swal({
type: 'success',
title: '',
text: 'Subuser was successfully deleted.'
});
}).fail(function (jqXHR) {
console.error(jqXHR);
var error = 'An error occured while trying to process this request.';
if (typeof jqXHR.responseJSON !== 'undefined' && typeof jqXHR.responseJSON.error !== 'undefined') {
error = jqXHR.responseJSON.error;
}
swal({
type: 'error',
title: 'Whoops!',
text: error
});
});
});
});
});
</script>
@endsection

188
resources/views/server/users/new.blade.php Normal file
View file

@ -0,0 +1,188 @@
@extends('layouts.master')
@section('title')
Create New Subuser
@endsection
@section('content')
<div class="col-md-12">
<h3 class="nopad">Create New Subuser<hr />
@can('edit-subuser', $server)
<form action="{{ route('server.subusers.new', $server->uuidShort) }}" method="POST">
@endcan
<?php $oldInput = array_flip(is_array(old('permissions')) ? old('permissions') : []) ?>
<div class="row">
<div class="form-group col-md-12">
<label class="control-label">User Email:</label>
<div>
<input type="text" name="email" autocomplete="off" value="{{ old('email') }}" class="form-control" />
</div>
</div>
</div>
<div class="row">
<div class="col-md-6 fuelux">
<h4>Power Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['power-start']))checked="checked"@endif value="power-start"> <strong>Start Server</strong>
<p class="text-muted"><small>Allows user to start server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['power-stop']))checked="checked"@endif value="power-stop"> <strong>Stop Server</strong>
<p class="text-muted"><small>Allows user to stop server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['power-restart']))checked="checked"@endif value="power-restart"> <strong>Restart Server</strong>
<p class="text-muted"><small>Allows user to restart server. A user with this permission can stop or start a server even without the above permissions.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['power-kill']))checked="checked"@endif value="power-kill"> <strong>Kill Server</strong>
<p class="text-muted"><small>Allows user to kill server process.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['send-command']))checked="checked"@endif value="send-command"> <strong>Send Console Command</strong>
<p class="text-muted"><small>Allows sending a command from the console. If the user does not have stop or restart permissions they cannot send the application's stop command.</small><p>
</label>
</div>
</div>
<div class="col-md-6 fuelux">
<h4>File Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['list-files']))checked="checked"@endif value="list-files"> <strong>List Files</strong>
<p class="text-muted"><small>Allows user to list all files and folders on the server but not view file contents.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['edit-files']))checked="checked"@endif value="edit-files"> <strong>Edit Files</strong>
<p class="text-muted"><small>Allows user to open a file for <em>viewing only</em>.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['save-files']))checked="checked"@endif value="save-files"> <strong>Save Files</strong>
<p class="text-muted"><small>Allows user to save modified file contents.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['add-files']))checked="checked"@endif value="add-files"> <strong>Create Files</strong>
<p class="text-muted"><small>Allows user to create a new file within the panel.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['upload-files']))checked="checked"@endif value="upload-files"> <strong>Upload Files</strong>
<p class="text-muted"><small>Allows user to upload files.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['delete-files']))checked="checked"@endif value="delete-files"> <strong>Delete Files</strong>
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows user to delete files from the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['download-files']))checked="checked"@endif value="download-files"> <strong>Download Files</strong>
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows user to download files. If a user is given this permission they can download and view file contents.</small><p>
</label>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6 fuelux">
<h4>Subuser Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['list-subusers']))checked="checked"@endif value="list-subusers"> <strong>List Subusers</strong>
<p class="text-muted"><small>Allows user to view all subusers assigned to the server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['view-subuser']))checked="checked"@endif value="view-subuser"> <strong>View Subuser</strong>
<p class="text-muted"><small>Allows user to view specific subuser permissions.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['edit-subuser']))checked="checked"@endif value="edit-subuser"> <strong>Edit Subuser</strong>
<p class="text-muted"><small>Allows user to modify permissions for a subuser. <em>They will not have permission to modify themselves.</em></small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['create-subuser']))checked="checked"@endif value="create-subuser"> <strong>Create Subuser</strong>
<p class="text-muted"><small>Allows a user to create a new subuser.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['delete-subuser']))checked="checked"@endif value="delete-subuser"> <strong>Delete Subuser</strong>
<p class="text-muted"><small>Allows a user to delete a subuser.</small><p>
</label>
</div>
</div>
<div class="col-md-6 fuelux">
<h4>Server Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['set-connection']))checked="checked"@endif value="set-connection"> <strong>Set Default Connection</strong>
<p class="text-muted"><small>Allows user to set the default connection used for a server as well as view avaliable ports.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['view-startup']))checked="checked"@endif value="view-startup"> <strong>View Startup Command</strong>
<p class="text-muted"><small>Allows user to view the startup command and associated variables for a server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['edit-startup']))checked="checked"@endif value="edit-startup"> <strong>Edit Startup Command</strong>
<p class="text-muted"><small>Allows a user to modify startup variables for a server.</small><p>
</label>
</div>
<h4>SFTP Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['view-sftp']))checked="checked"@endif value="view-sftp"> <strong>View SFTP Details</strong>
<p class="text-muted"><small>Allows user to view the server's SFTP information (not the password).</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['reset-sftp']))checked="checked"@endif value="reset-sftp"> <strong>Reset SFTP Password</strong>
<p class="text-muted"><small>Allows user to change the SFTP password for the server.</small><p>
</label>
</div>
</div>
</div>
@can('edit-subuser', $server)
<div class="well">
<div class="row">
<div class="col-md-12">
{!! csrf_field() !!}
<input type="submit" class="btn btn-sm btn-primary" value="Add New Subuser" />
</div>
</div>
</div>
</form>
@endcan
</div>
<script>
$(document).ready(function () {
$('.server-users').addClass('active');
});
</script>
@endsection

13
resources/views/server/users/view.blade.php
View file

@ -132,6 +132,19 @@
<p class="text-muted"><small>Allows user to set the default connection used for a server as well as view avaliable ports.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['view-startup']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="view-startup"> <strong>View Startup Command</strong>
<p class="text-muted"><small>Allows user to view the startup command and associated variables for a server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['edit-startup']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="edit-startup"> <strong>Edit Startup Command</strong>
<p class="text-muted"><small>Allows a user to modify startup variables for a server.</small><p>
</label>
</div>
<h4>SFTP Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['view-sftp']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="view-sftp"> <strong>View SFTP Details</strong>