Completed subuser system

This commit is contained in:
Dane Everitt 2016-01-18 19:57:10 -05:00
parent 251700bc2e
commit ac6edc4d64
16 changed files with 731 additions and 15 deletions

View file

@ -10,7 +10,7 @@ DB_PASSWORD=secret
CACHE_DRIVER=file CACHE_DRIVER=file
SESSION_DRIVER=file SESSION_DRIVER=file
QUEUE_DRIVER=sync QUEUE_DRIVER=database
REDIS_HOST=localhost REDIS_HOST=localhost
REDIS_PASSWORD=null REDIS_PASSWORD=null

View file

@ -3,8 +3,15 @@
namespace Pterodactyl\Http\Controllers\Server; namespace Pterodactyl\Http\Controllers\Server;
use DB; use DB;
use Auth;
use Alert; use Alert;
use Log;
use Pterodactyl\Models; use Pterodactyl\Models;
use Pterodactyl\Repositories\SubuserRepository;
use Pterodactyl\Exceptions\DisplayException;
use Pterodactyl\Exceptions\DisplayValidationException;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Pterodactyl\Http\Controllers\Controller; use Pterodactyl\Http\Controllers\Controller;
@ -71,7 +78,106 @@ class SubuserController extends Controller
public function postView(Request $request, $uuid, $id) public function postView(Request $request, $uuid, $id)
{ {
//
$server = Models\Server::getByUUID($uuid);
$this->authorize('edit-subuser', $server);
$subuser = Models\Subuser::where(DB::raw('md5(id)'), $id)->where('server_id', $server->id)->first();
try {
if (!$subuser) {
throw new DisplayException('Unable to locate a subuser by that ID.');
} else if ($subuser->user_id === Auth::user()->id) {
throw new DisplayException('You are not authorized to edit you own account.');
}
$repo = new SubuserRepository;
$repo->update($subuser->id, [
'permissions' => $request->input('permissions'),
'server' => $server->id,
'user' => $subuser->user_id
]);
Alert::success('Subuser permissions have successfully been updated.')->flash();
} catch (DisplayValidationException $ex) {
return redirect()->route('server.subusers.view', [
'uuid' => $uuid,
'id' => $id
])->withErrors(json_decode($ex->getMessage()));
} catch (DisplayException $ex) {
Alert::danger($ex->getMessage())->flash();
} catch (\Exception $ex) {
Log::error($ex);
Alert::danger('An unknown error occured while attempting to update this subuser.')->flash();
}
return redirect()->route('server.subusers.view', [
'uuid' => $uuid,
'id' => $id
]);
}
public function getNew(Request $request, $uuid)
{
$server = Models\Server::getByUUID($uuid);
$this->authorize('create-subuser', $server);
return view('server.users.new', [
'server' => $server,
'node' => Models\Node::find($server->node)
]);
}
public function postNew(Request $request, $uuid)
{
$server = Models\Server::getByUUID($uuid);
$this->authorize('create-subuser', $server);
try {
$repo = new SubuserRepository;
$id = $repo->create($server->id, $request->except([
'_token'
]));
Alert::success('Successfully created new subuser.')->flash();
return redirect()->route('server.subusers.view', [
'uuid' => $uuid,
'id' => md5($id)
]);
} catch (DisplayValidationException $ex) {
return redirect()->route('server.subusers.new', $uuid)->withErrors(json_decode($ex->getMessage()))->withInput();
} catch (DisplayException $ex) {
Alert::danger($ex->getMessage())->flash();
} catch (\Exception $ex) {
Log::error($ex);
Alert::danger('An unknown error occured while attempting to add a new subuser.')->flash();
}
return redirect()->route('server.subusers.new', $uuid)->withInput();
}
public function deleteSubuser(Request $request, $uuid, $id)
{
$server = Models\Server::getByUUID($uuid);
$this->authorize('delete-subuser', $server);
try {
$subuser = Models\Subuser::select('id')->where(DB::raw('md5(id)'), $id)->where('server_id', $server->id)->first();
if (!$subuser) {
throw new DisplayException('No subuser by that ID was found on the system.');
}
$repo = new SubuserRepository;
$repo->delete($subuser->id);
return response('', 204);
} catch (DisplayException $ex) {
response()->json([
'error' => $ex->getMessage()
], 422);
} catch (\Exception $ex) {
Log::error($ex);
response()->json([
'error' => 'An unknown error occured while attempting to delete this subuser.'
], 503);
}
} }
} }

View file

@ -35,6 +35,7 @@ class AuthRoutes {
// Show Password Reset Form // Show Password Reset Form
$router->get('password', [ $router->get('password', [
'as' => 'auth.password',
'uses' => 'Auth\PasswordController@getEmail' 'uses' => 'Auth\PasswordController@getEmail'
]); ]);
@ -45,6 +46,7 @@ class AuthRoutes {
// Show Verification Checkpoint // Show Verification Checkpoint
$router->get('password/reset/{token}', [ $router->get('password/reset/{token}', [
'as' => 'auth.reset',
'uses' => 'Auth\PasswordController@getReset' 'uses' => 'Auth\PasswordController@getReset'
]); ]);

View file

@ -58,6 +58,15 @@ class ServerRoutes {
'uses' => 'Server\SubuserController@getIndex' 'uses' => 'Server\SubuserController@getIndex'
]); ]);
$router->get('users/new', [
'as' => 'server.subusers.new',
'uses' => 'Server\SubuserController@getNew'
]);
$router->post('users/new', [
'uses' => 'Server\SubuserController@postNew'
]);
$router->get('users/view/{id}', [ $router->get('users/view/{id}', [
'as' => 'server.subusers.view', 'as' => 'server.subusers.view',
'uses' => 'Server\SubuserController@getView' 'uses' => 'Server\SubuserController@getView'
@ -67,6 +76,10 @@ class ServerRoutes {
'uses' => 'Server\SubuserController@postView' 'uses' => 'Server\SubuserController@postView'
]); ]);
$router->delete('users/delete/{id}', [
'uses' => 'Server\SubuserController@deleteSubuser'
]);
// Assorted AJAX Routes // Assorted AJAX Routes
$router->group(['prefix' => 'ajax'], function ($server) use ($router) { $router->group(['prefix' => 'ajax'], function ($server) use ($router) {
// Returns Server Status // Returns Server Status

View file

@ -14,6 +14,13 @@ class Permission extends Model
*/ */
protected $table = 'permissions'; protected $table = 'permissions';
/**
* Fields that are not mass assignable.
*
* @var array
*/
protected $guarded = ['id', 'created_at', 'updated_at'];
public function scopePermission($query, $permission) public function scopePermission($query, $permission)
{ {
return $query->where('permission', $permission); return $query->where('permission', $permission);

View file

@ -15,6 +15,20 @@ class Subuser extends Model
*/ */
protected $table = 'subusers'; protected $table = 'subusers';
/**
* The attributes excluded from the model's JSON form.
*
* @var array
*/
protected $hidden = ['daemonSecret'];
/**
* Fields that are not mass assignable.
*
* @var array
*/
protected $guarded = ['id', 'created_at', 'updated_at'];
/** /**
* @var mixed * @var mixed
*/ */

View file

@ -4,16 +4,29 @@ namespace Pterodactyl\Repositories;
use DB; use DB;
use Validator; use Validator;
use Mail;
use Pterodactyl\Models; use Pterodactyl\Models;
use Pterodactyl\Repositories\UserRepository;
use Pterodactyl\Services\UuidService; use Pterodactyl\Services\UuidService;
use Pterodactyl\Exceptions\DisplayValidationException; use Pterodactyl\Exceptions\DisplayValidationException;
use Pterodactyl\Exceptions\DisplayException; use Pterodactyl\Exceptions\DisplayException;
class UserRepository class SubuserRepository
{ {
/**
* Core permissions required for every subuser on the daemon.
* Without this we cannot connect the websocket or get basic
* information about the server.
* @var array
*/
protected $coreDaemonPermissions = [
's:get',
's:console'
];
/** /**
* Allowed permissions and their related daemon permission. * Allowed permissions and their related daemon permission.
* @var array * @var array
@ -30,12 +43,12 @@ class UserRepository
// File Manager // File Manager
'list-files' => 's:files:get', 'list-files' => 's:files:get',
'edit-file' => 's:files:read', 'edit-files' => 's:files:read',
'save-file' => 's:files:post', 'save-files' => 's:files:post',
'create-file' => 's:files:post', 'create-files' => 's:files:post',
'download-file' => null, 'download-files' => null,
'upload-file' => 's:files:upload', 'upload-files' => 's:files:upload',
'delete-file' => 's:files:delete', 'delete-files' => 's:files:delete',
// Subusers // Subusers
'list-subusers' => null, 'list-subusers' => null,
@ -46,6 +59,8 @@ class UserRepository
// Management // Management
'set-connection' => null, 'set-connection' => null,
'view-startup' => null,
'edit-startup' => null,
'view-sftp' => null, 'view-sftp' => null,
'reset-sftp' => 's:set-password' 'reset-sftp' => 's:set-password'
]; ];
@ -55,6 +70,154 @@ class UserRepository
// //
} }
/**
* Creates a new subuser on the server.
* @param integer $id The ID of the server to add this subuser to.
* @param array $data
* @throws DisplayValidationException
* @throws DisplayException
* @return integer Returns the ID of the newly created subuser.
*/
public function create($sid, array $data)
{
$server = Models\Server::findOrFail($sid);
$validator = Validator::make($data, [
'permissions' => 'required|array',
'email' => 'required|email'
]);
if ($validator->fails()) {
throw new DisplayValidationException(json_encode($validator->all()));
}
DB::beginTransaction();
// Determine if this user exists or if we need to make them an account.
$user = Models\User::where('email', $data['email'])->first();
if (!$user) {
$password = str_random(16);
try {
$repo = new UserRepository;
$uid = $repo->create($data['email'], $password);
$user = Models\User::findOrFail($uid);
} catch (\Exception $ex) {
throw $ex;
}
}
$uuid = new UuidService;
$subuser = new Models\Subuser;
$subuser->fill([
'user_id' => $user->id,
'server_id' => $server->id,
'daemonSecret' => (string) $uuid->generate('servers', 'uuid')
]);
$subuser->save();
$daemonPermissions = $this->coreDaemonPermissions;
foreach($data['permissions'] as $permission) {
if (array_key_exists($permission, $this->permissions)) {
// Build the daemon permissions array for sending.
if (!is_null($this->permissions[$permission])) {
array_push($daemonPermissions, $this->permissions[$permission]);
}
$model = new Models\Permission;
$model->fill([
'user_id' => $user->id,
'server_id' => $server->id,
'permission' => $permission
]);
$model->save();
}
}
// Contact Daemon
// We contact even if they don't have any daemon permissions to overwrite
// if they did have them previously.
try {
$node = Models\Node::getByID($server->node);
$client = Models\Node::guzzleRequest($server->node);
$res = $client->request('PATCH', '/server', [
'headers' => [
'X-Access-Server' => $server->uuid,
'X-Access-Token' => $node->daemonSecret
],
'json' => [
'keys' => [
$subuser->daemonSecret => $daemonPermissions
]
]
]);
$email = $data['email'];
Mail::queue('emails.added-subuser', [
'serverName' => $server->name,
'url' => route('server.index', $server->uuidShort),
], function ($message) use ($email) {
$message->to($email);
$message->subject('Pterodactyl - Added to Server');
});
DB::commit();
return $subuser->id;
} catch (\GuzzleHttp\Exception\TransferException $ex) {
DB::rollBack();
throw new DisplayException('There was an error attempting to connect to the daemon to add this user.');
} catch (\Exception $ex) {
DB::rollBack();
throw $ex;
}
return false;
}
/**
* Revokes a users permissions on a server.
* @param integer $id The ID of the subuser row in MySQL.
* @param array $data
* @throws DisplayValidationException
* @throws DisplayException
* @return void
*/
public function delete($id)
{
$subuser = Models\Subuser::findOrFail($id);
$server = Models\Server::findOrFail($subuser->server_id);
DB::beginTransaction();
Models\Permission::where('user_id', $subuser->user_id)->where('server_id', $subuser->server_id)->delete();
try {
$node = Models\Node::getByID($server->node);
$client = Models\Node::guzzleRequest($server->node);
$res = $client->request('PATCH', '/server', [
'headers' => [
'X-Access-Server' => $server->uuid,
'X-Access-Token' => $node->daemonSecret
],
'json' => [
'keys' => [
$subuser->daemonSecret => []
]
]
]);
$subuser->delete();
DB::commit();
return true;
} catch (\GuzzleHttp\Exception\TransferException $ex) {
DB::rollBack();
throw new DisplayException('There was an error attempting to connect to the daemon to delete this subuser.');
} catch (\Exception $ex) {
DB::rollBack();
throw $ex;
}
return false;
}
/** /**
* Updates permissions for a given subuser. * Updates permissions for a given subuser.
* @param integer $id The ID of the subuser row in MySQL. (Not the user ID) * @param integer $id The ID of the subuser row in MySQL. (Not the user ID)
@ -66,13 +229,67 @@ class UserRepository
public function update($id, array $data) public function update($id, array $data)
{ {
$validator = Validator::make($data, [ $validator = Validator::make($data, [
'permissions' => 'required|array' 'permissions' => 'required|array',
'user' => 'required|exists:users,id',
'server' => 'required|exists:servers,id',
]); ]);
if ($validator->fails()) { if ($validator->fails()) {
throw new DisplayValidationException(json_encode($validator->all())); throw new DisplayValidationException(json_encode($validator->all()));
} }
// @TODO the thing. $subuser = Models\Subuser::findOrFail($id);
$server = Models\Server::findOrFail($data['server']);
DB::beginTransaction();
Models\Permission::where('user_id', $subuser->user_id)->where('server_id', $subuser->server_id)->delete();
$daemonPermissions = $this->coreDaemonPermissions;
foreach($data['permissions'] as $permission) {
if (array_key_exists($permission, $this->permissions)) {
// Build the daemon permissions array for sending.
if (!is_null($this->permissions[$permission])) {
array_push($daemonPermissions, $this->permissions[$permission]);
}
$model = new Models\Permission;
$model->fill([
'user_id' => $data['user'],
'server_id' => $data['server'],
'permission' => $permission
]);
$model->save();
}
}
// Contact Daemon
// We contact even if they don't have any daemon permissions to overwrite
// if they did have them previously.
try {
$node = Models\Node::getByID($server->node);
$client = Models\Node::guzzleRequest($server->node);
$res = $client->request('PATCH', '/server', [
'headers' => [
'X-Access-Server' => $server->uuid,
'X-Access-Token' => $node->daemonSecret
],
'json' => [
'keys' => [
$subuser->daemonSecret => $daemonPermissions
]
]
]);
DB::commit();
return true;
} catch (\GuzzleHttp\Exception\TransferException $ex) {
DB::rollBack();
throw new DisplayException('There was an error attempting to connect to the daemon to update permissions.');
} catch (\Exception $ex) {
DB::rollBack();
throw $ex;
}
return false;
} }
}

View file

@ -5,6 +5,7 @@ namespace Pterodactyl\Repositories;
use DB; use DB;
use Hash; use Hash;
use Validator; use Validator;
use Mail;
use Pterodactyl\Models; use Pterodactyl\Models;
use Pterodactyl\Services\UuidService; use Pterodactyl\Services\UuidService;
@ -48,16 +49,28 @@ class UserRepository
$user = new Models\User; $user = new Models\User;
$uuid = new UuidService; $uuid = new UuidService;
DB::beginTransaction();
$user->uuid = $uuid->generate('users', 'uuid'); $user->uuid = $uuid->generate('users', 'uuid');
$user->email = $email; $user->email = $email;
$user->password = Hash::make($password); $user->password = Hash::make($password);
$user->language = 'en'; $user->language = 'en';
$user->root_admin = ($admin) ? 1 : 0; $user->root_admin = ($admin) ? 1 : 0;
$user->save();
try { try {
$user->save(); Mail::queue('emails.new-account', [
'email' => $user->email,
'forgot' => route('auth.password'),
'login' => route('auth.login')
], function ($message) use ($email) {
$message->to($email);
$message->subject('Pterodactyl - New Account');
});
DB::commit();
return $user->id; return $user->id;
} catch (\Exception $ex) { } catch (\Exception $ex) {
DB::rollBack();
throw $e; throw $e;
} }
} }

View file

@ -16,7 +16,7 @@ return [
| |
*/ */
'default' => env('QUEUE_DRIVER', 'sync'), 'default' => env('QUEUE_DRIVER', 'database'),
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------

View file

@ -0,0 +1,37 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateJobsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('jobs', function (Blueprint $table) {
$table->bigIncrements('id');
$table->string('queue');
$table->longText('payload');
$table->tinyInteger('attempts')->unsigned();
$table->tinyInteger('reserved')->unsigned();
$table->unsignedInteger('reserved_at')->nullable();
$table->unsignedInteger('available_at');
$table->unsignedInteger('created_at');
$table->index(['queue', 'reserved', 'reserved_at']);
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::drop('jobs');
}
}

View file

@ -0,0 +1,33 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateFailedJobsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('failed_jobs', function (Blueprint $table) {
$table->increments('id');
$table->text('connection');
$table->text('queue');
$table->longText('payload');
$table->timestamp('failed_at');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::drop('failed_jobs');
}
}

View file

@ -0,0 +1,9 @@
<html>
<head>
<title>Pterodactyl - You've been added to a Server</title>
</head>
<body>
<center><h1>Pterodactyl - Added to Server</h1></center>
<p>You are recieving this email because you have been added as a subuser for <a href="{{ $url }}">{{ $serverName }}</a> on Pterodactyl Panel.</p>
</body>
</html>

View file

@ -0,0 +1,12 @@
<html>
<head>
<title>Pterodactyl - New Account</title>
</head>
<body>
<center><h1>Pterodactyl - Account Created</h1></center>
<p>You are recieving this email because an account has been created for you on Pterodactyl Panel.</p>
<p>Login: <a href="{{ $login }}">{{ $login }}</a></p>
<p>Email: {{ $email }}</p>
<p>Forgot your password? <a href="{{ $forgot }}">{{ $forgot }}</a></p>
</body>
</html>

View file

@ -23,16 +23,68 @@
<td><code>{{ $user->a_userEmail }}</code></td> <td><code>{{ $user->a_userEmail }}</code></td>
<td>{{ $user->created_at }}</td> <td>{{ $user->created_at }}</td>
<td>{{ $user->updated_at }}</td> <td>{{ $user->updated_at }}</td>
@can('view-subuser', $server)<td class="text-center"><a href="{{ route('server.subusers.view', ['server' => $server->uuidShort, 'id' => md5($user->id)]) }}" class="text-success"><i class="fa fa-wrench"></i></a></td>@endcan @can('view-subuser', $server)
@can('delete-subuser', $server)<td class="text-center"><a href="#/delete/{{ md5($user->id) }}" class="text-danger"><i class="fa fa-trash-o"></i></a></td>@endcan <td class="text-center"><a href="{{ route('server.subusers.view', ['server' => $server->uuidShort, 'id' => md5($user->id)]) }}" class="text-success"><i class="fa fa-wrench"></i></a></td>
@endcan
@can('delete-subuser', $server)
<td class="text-center"><a href="#/delete/{{ md5($user->id) }}" data-action="delete" data-id="{{ md5($user->id) }}" class="text-danger"><i class="fa fa-trash-o"></i></a></td>
@endcan
</tr> </tr>
@endforeach @endforeach
</tbody> </tbody>
</table> </table>
@can('create-subuser', $server)
<div class="well">
<div class="row">
<div class="col-md-12">
<a href="{{ route('server.subusers.new', $server->uuidShort) }}"><button class="btn btn-sm btn-success">Add New Subuser</button></a>
</div>
</div>
</div>
@endcan
</div> </div>
<script> <script>
$(document).ready(function () { $(document).ready(function () {
$('.server-users').addClass('active'); $('.server-users').addClass('active');
$('[data-action="delete"]').click(function (event) {
event.preventDefault();
var self = $(this);
swal({
type: 'warning',
title: 'Delete Subuser',
text: 'This will immediately remove this user from this server and revoke all permissions.',
showCancelButton: true,
showConfirmButton: true,
closeOnConfirm: false,
showLoaderOnConfirm: true
}, function () {
$.ajax({
method: 'DELETE',
url: '{{ route('server.subusers', $server->uuidShort) }}/delete/' + self.data('id'),
headers: {
'X-CSRF-Token': '{{ csrf_token() }}'
}
}).done(function () {
self.parent().parent().slideUp();
swal({
type: 'success',
title: '',
text: 'Subuser was successfully deleted.'
});
}).fail(function (jqXHR) {
console.error(jqXHR);
var error = 'An error occured while trying to process this request.';
if (typeof jqXHR.responseJSON !== 'undefined' && typeof jqXHR.responseJSON.error !== 'undefined') {
error = jqXHR.responseJSON.error;
}
swal({
type: 'error',
title: 'Whoops!',
text: error
});
});
});
});
}); });
</script> </script>
@endsection @endsection

View file

@ -0,0 +1,188 @@
@extends('layouts.master')
@section('title')
Create New Subuser
@endsection
@section('content')
<div class="col-md-12">
<h3 class="nopad">Create New Subuser<hr />
@can('edit-subuser', $server)
<form action="{{ route('server.subusers.new', $server->uuidShort) }}" method="POST">
@endcan
<?php $oldInput = array_flip(is_array(old('permissions')) ? old('permissions') : []) ?>
<div class="row">
<div class="form-group col-md-12">
<label class="control-label">User Email:</label>
<div>
<input type="text" name="email" autocomplete="off" value="{{ old('email') }}" class="form-control" />
</div>
</div>
</div>
<div class="row">
<div class="col-md-6 fuelux">
<h4>Power Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['power-start']))checked="checked"@endif value="power-start"> <strong>Start Server</strong>
<p class="text-muted"><small>Allows user to start server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['power-stop']))checked="checked"@endif value="power-stop"> <strong>Stop Server</strong>
<p class="text-muted"><small>Allows user to stop server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['power-restart']))checked="checked"@endif value="power-restart"> <strong>Restart Server</strong>
<p class="text-muted"><small>Allows user to restart server. A user with this permission can stop or start a server even without the above permissions.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['power-kill']))checked="checked"@endif value="power-kill"> <strong>Kill Server</strong>
<p class="text-muted"><small>Allows user to kill server process.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['send-command']))checked="checked"@endif value="send-command"> <strong>Send Console Command</strong>
<p class="text-muted"><small>Allows sending a command from the console. If the user does not have stop or restart permissions they cannot send the application's stop command.</small><p>
</label>
</div>
</div>
<div class="col-md-6 fuelux">
<h4>File Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['list-files']))checked="checked"@endif value="list-files"> <strong>List Files</strong>
<p class="text-muted"><small>Allows user to list all files and folders on the server but not view file contents.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['edit-files']))checked="checked"@endif value="edit-files"> <strong>Edit Files</strong>
<p class="text-muted"><small>Allows user to open a file for <em>viewing only</em>.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['save-files']))checked="checked"@endif value="save-files"> <strong>Save Files</strong>
<p class="text-muted"><small>Allows user to save modified file contents.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['add-files']))checked="checked"@endif value="add-files"> <strong>Create Files</strong>
<p class="text-muted"><small>Allows user to create a new file within the panel.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['upload-files']))checked="checked"@endif value="upload-files"> <strong>Upload Files</strong>
<p class="text-muted"><small>Allows user to upload files.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['delete-files']))checked="checked"@endif value="delete-files"> <strong>Delete Files</strong>
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows user to delete files from the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['download-files']))checked="checked"@endif value="download-files"> <strong>Download Files</strong>
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows user to download files. If a user is given this permission they can download and view file contents.</small><p>
</label>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6 fuelux">
<h4>Subuser Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['list-subusers']))checked="checked"@endif value="list-subusers"> <strong>List Subusers</strong>
<p class="text-muted"><small>Allows user to view all subusers assigned to the server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['view-subuser']))checked="checked"@endif value="view-subuser"> <strong>View Subuser</strong>
<p class="text-muted"><small>Allows user to view specific subuser permissions.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['edit-subuser']))checked="checked"@endif value="edit-subuser"> <strong>Edit Subuser</strong>
<p class="text-muted"><small>Allows user to modify permissions for a subuser. <em>They will not have permission to modify themselves.</em></small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['create-subuser']))checked="checked"@endif value="create-subuser"> <strong>Create Subuser</strong>
<p class="text-muted"><small>Allows a user to create a new subuser.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['delete-subuser']))checked="checked"@endif value="delete-subuser"> <strong>Delete Subuser</strong>
<p class="text-muted"><small>Allows a user to delete a subuser.</small><p>
</label>
</div>
</div>
<div class="col-md-6 fuelux">
<h4>Server Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['set-connection']))checked="checked"@endif value="set-connection"> <strong>Set Default Connection</strong>
<p class="text-muted"><small>Allows user to set the default connection used for a server as well as view avaliable ports.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['view-startup']))checked="checked"@endif value="view-startup"> <strong>View Startup Command</strong>
<p class="text-muted"><small>Allows user to view the startup command and associated variables for a server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['edit-startup']))checked="checked"@endif value="edit-startup"> <strong>Edit Startup Command</strong>
<p class="text-muted"><small>Allows a user to modify startup variables for a server.</small><p>
</label>
</div>
<h4>SFTP Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['view-sftp']))checked="checked"@endif value="view-sftp"> <strong>View SFTP Details</strong>
<p class="text-muted"><small>Allows user to view the server's SFTP information (not the password).</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($oldInput['reset-sftp']))checked="checked"@endif value="reset-sftp"> <strong>Reset SFTP Password</strong>
<p class="text-muted"><small>Allows user to change the SFTP password for the server.</small><p>
</label>
</div>
</div>
</div>
@can('edit-subuser', $server)
<div class="well">
<div class="row">
<div class="col-md-12">
{!! csrf_field() !!}
<input type="submit" class="btn btn-sm btn-primary" value="Add New Subuser" />
</div>
</div>
</div>
</form>
@endcan
</div>
<script>
$(document).ready(function () {
$('.server-users').addClass('active');
});
</script>
@endsection

View file

@ -132,6 +132,19 @@
<p class="text-muted"><small>Allows user to set the default connection used for a server as well as view avaliable ports.</small><p> <p class="text-muted"><small>Allows user to set the default connection used for a server as well as view avaliable ports.</small><p>
</label> </label>
</div> </div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['view-startup']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="view-startup"> <strong>View Startup Command</strong>
<p class="text-muted"><small>Allows user to view the startup command and associated variables for a server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['edit-startup']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="edit-startup"> <strong>Edit Startup Command</strong>
<p class="text-muted"><small>Allows a user to modify startup variables for a server.</small><p>
</label>
</div>
<h4>SFTP Management</h4><hr />
<div class="checkbox highlight"> <div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox"> <label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['view-sftp']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="view-sftp"> <strong>View SFTP Details</strong> <input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['view-sftp']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="view-sftp"> <strong>View SFTP Details</strong>