Basic initial subuser management

This commit is contained in:
Dane Everitt 2016-01-18 01:24:33 -05:00
parent 57cf636816
commit b7666bdb05
7 changed files with 381 additions and 1 deletions

View file

@ -0,0 +1,77 @@
<?php
namespace Pterodactyl\Http\Controllers\Server;
use DB;
use Alert;
use Pterodactyl\Models;
use Illuminate\Http\Request;
use Pterodactyl\Http\Controllers\Controller;
class SubuserController extends Controller
{
/**
* Controller Constructor
*
* @return void
*/
public function __construct()
{
//
}
public function getIndex(Request $request, $uuid)
{
$server = Models\Server::getByUUID($uuid);
$this->authorize('list-subusers', $server);
return view('server.users.index', [
'server' => $server,
'node' => Models\Node::find($server->node),
'subusers' => Models\Subuser::select('subusers.*', 'users.email as a_userEmail')
->join('users', 'users.id', '=', 'subusers.user_id')
->where('server_id', $server->id)
->get()
]);
}
public function getView(Request $request, $uuid, $id)
{
$server = Models\Server::getByUUID($uuid);
$this->authorize('view-subuser', $server);
$subuser = Models\Subuser::select('subusers.*', 'users.email as a_userEmail')
->join('users', 'users.id', '=', 'subusers.user_id')
->where(DB::raw('md5(subusers.id)'), $id)->where('subusers.server_id', $server->id)
->first();
if (!$subuser) {
abort(404);
}
$permissions = [];
$modelPermissions = Models\Permission::select('permission')
->where('user_id', $subuser->user_id)->where('server_id', $server->id)
->get();
foreach($modelPermissions as &$perm) {
$permissions[$perm->permission] = true;
}
return view('server.users.view', [
'server' => $server,
'node' => Models\Node::find($server->node),
'subuser' => $subuser,
'permissions' => $permissions,
]);
}
public function postView(Request $request, $uuid, $id)
{
//
}
}

View file

@ -52,6 +52,21 @@ class ServerRoutes {
'uses' => 'Server\AjaxController@postSaveFile'
]);
// Sub-User Routes
$router->get('users', [
'as' => 'server.subusers',
'uses' => 'Server\SubuserController@getIndex'
]);
$router->get('users/view/{id}', [
'as' => 'server.subusers.view',
'uses' => 'Server\SubuserController@getView'
]);
$router->post('users/view/{id}', [
'uses' => 'Server\SubuserController@postView'
]);
// Assorted AJAX Routes
$router->group(['prefix' => 'ajax'], function ($server) use ($router) {
// Returns Server Status

View file

@ -0,0 +1,78 @@
<?php
namespace Pterodactyl\Repositories;
use DB;
use Validator;
use Pterodactyl\Models;
use Pterodactyl\Services\UuidService;
use Pterodactyl\Exceptions\DisplayValidationException;
use Pterodactyl\Exceptions\DisplayException;
class UserRepository
{
/**
* Allowed permissions and their related daemon permission.
* @var array
*/
protected $permissions = [
// Power Permissions
'power-start' => 's:power:start',
'power-stop' => 's:power:stop',
'power-restart' => 's:power:restart',
'power-kill' => 's:power:kill',
// Commands
'send-command' => 's:command',
// File Manager
'list-files' => 's:files:get',
'edit-file' => 's:files:read',
'save-file' => 's:files:post',
'create-file' => 's:files:post',
'download-file' => null,
'upload-file' => 's:files:upload',
'delete-file' => 's:files:delete',
// Subusers
'list-subusers' => null,
'view-subuser' => null,
'edit-subuser' => null,
'create-subuser' => null,
'delete-subuser' => null,
// Management
'set-connection' => null,
'view-sftp' => null,
'reset-sftp' => 's:set-password'
];
public function __construct()
{
//
}
/**
* Updates permissions for a given subuser.
* @param integer $id The ID of the subuser row in MySQL. (Not the user ID)
* @param array $data
* @throws DisplayValidationException
* @throws DisplayException
* @return void
*/
public function update($id, array $data)
{
$validator = Validator::make($data, [
'permissions' => 'required|array'
]);
if ($validator->fails()) {
throw new DisplayValidationException(json_encode($validator->all()));
}
// @TODO the thing.
}

View file

@ -10,10 +10,12 @@
<link rel="stylesheet" href="{{ asset('css/animate.css') }}">
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css">
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.css">
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/fuelux/3.13.0/css/fuelux.min.css" />
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.2/js/bootstrap.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/socket.io/1.3.7/socket.io.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/fuelux/3.13.0/js/fuelux.min.js"></script>
<script src="{{ asset('js/admin.min.js') }}"></script>
<script src="{{ asset('js/bootstrap-notify.min.js') }}"></script>
<script>

View file

@ -448,10 +448,14 @@ $(window).load(function () {
data: JSON.stringify({ command: ccmd })
}).fail(function (jqXHR) {
console.error(jqXHR);
var error = 'An error occured while trying to process this request.';
if (typeof jqXHR.responseJSON !== 'undefined' && typeof jqXHR.responseJSON.error !== 'undefined') {
error = jqXHR.responseJSON.error;
}
swal({
type: 'error',
title: 'Whoops!',
text: 'There was an error while attempting to process your request. Please try again.'
text: error
});
}).done(function () {
$('#ccmd').val('');

View file

@ -0,0 +1,38 @@
@extends('layouts.master')
@section('title')
Viewing Subusers
@endsection
@section('content')
<div class="col-md-12">
<h3 class="nopad">Manage Sub-Users</h3><hr />
<table class="table table-bordered table-hover">
<thead>
<tr>
<th>Email</th>
<th>Created</th>
<th>Modified</th>
@can('view-subuser', $server)<th></th>@endcan
@can('delete-subuser', $server)<th></th>@endcan
</tr>
</thead>
<tbody>
@foreach($subusers as $user)
<tr>
<td><code>{{ $user->a_userEmail }}</code></td>
<td>{{ $user->created_at }}</td>
<td>{{ $user->updated_at }}</td>
@can('view-subuser', $server)<td class="text-center"><a href="{{ route('server.subusers.view', ['server' => $server->uuidShort, 'id' => md5($user->id)]) }}" class="text-success"><i class="fa fa-wrench"></i></a></td>@endcan
@can('delete-subuser', $server)<td class="text-center"><a href="#/delete/{{ md5($user->id) }}" class="text-danger"><i class="fa fa-trash-o"></i></a></td>@endcan
</tr>
@endforeach
</tbody>
</table>
</div>
<script>
$(document).ready(function () {
$('.server-users').addClass('active');
});
</script>
@endsection

View file

@ -0,0 +1,166 @@
@extends('layouts.master')
@section('title')
Manage Subuser: {{ $subuser->a_userEmail }}
@endsection
@section('content')
<div class="col-md-12">
<h3 class="nopad">Manage Subuser <span class="label label-primary">{{ $subuser->a_userEmail }}</span></h3><hr />
@can('edit-subuser', $server)
<form action="{{ route('server.subusers.view', ['uuid' => $server->uuidShort, 'id' => md5($subuser->id) ])}}" method="POST">
@endcan
<div class="row">
<div class="col-md-6 fuelux">
<h4>Power Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['power-start']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="power-start"> <strong>Start Server</strong>
<p class="text-muted"><small>Allows user to start server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['power-stop']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="power-stop"> <strong>Stop Server</strong>
<p class="text-muted"><small>Allows user to stop server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['power-restart']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="power-restart"> <strong>Restart Server</strong>
<p class="text-muted"><small>Allows user to restart server. A user with this permission can stop or start a server even without the above permissions.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['power-kill']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="power-kill"> <strong>Kill Server</strong>
<p class="text-muted"><small>Allows user to kill server process.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['send-command']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="send-command"> <strong>Send Console Command</strong>
<p class="text-muted"><small>Allows sending a command from the console. If the user does not have stop or restart permissions they cannot send the application's stop command.</small><p>
</label>
</div>
</div>
<div class="col-md-6 fuelux">
<h4>File Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['list-files']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="list-files"> <strong>List Files</strong>
<p class="text-muted"><small>Allows user to list all files and folders on the server but not view file contents.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['edit-files']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="edit-files"> <strong>Edit Files</strong>
<p class="text-muted"><small>Allows user to open a file for <em>viewing only</em>.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['save-files']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="save-files"> <strong>Save Files</strong>
<p class="text-muted"><small>Allows user to save modified file contents.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['add-files']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="add-files"> <strong>Create Files</strong>
<p class="text-muted"><small>Allows user to create a new file within the panel.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['upload-files']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="upload-files"> <strong>Upload Files</strong>
<p class="text-muted"><small>Allows user to upload files.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['delete-files']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="delete-files"> <strong>Delete Files</strong>
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows user to delete files from the system.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['download-files']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="download-files"> <strong>Download Files</strong>
<p class="text-muted"><small><span class="label label-danger">Danger</span> Allows user to download files. If a user is given this permission they can download and view file contents.</small><p>
</label>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6 fuelux">
<h4>Subuser Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['list-subusers']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="list-subusers"> <strong>List Subusers</strong>
<p class="text-muted"><small>Allows user to view all subusers assigned to the server.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['view-subuser']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="view-subuser"> <strong>View Subuser</strong>
<p class="text-muted"><small>Allows user to view specific subuser permissions.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['edit-subuser']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="edit-subuser"> <strong>Edit Subuser</strong>
<p class="text-muted"><small>Allows user to modify permissions for a subuser. <em>They will not have permission to modify themselves.</em></small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['create-subuser']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="create-subuser"> <strong>Create Subuser</strong>
<p class="text-muted"><small>Allows a user to create a new subuser.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['delete-subuser']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="delete-subuser"> <strong>Delete Subuser</strong>
<p class="text-muted"><small>Allows a user to delete a subuser.</small><p>
</label>
</div>
</div>
<div class="col-md-6 fuelux">
<h4>Server Management</h4><hr />
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['set-connection']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="set-connection"> <strong>Set Default Connection</strong>
<p class="text-muted"><small>Allows user to set the default connection used for a server as well as view avaliable ports.</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['view-sftp']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="view-sftp"> <strong>View SFTP Details</strong>
<p class="text-muted"><small>Allows user to view the server's SFTP information (not the password).</small><p>
</label>
</div>
<div class="checkbox highlight">
<label class="checkbox-custom highlight" data-initialize="checkbox">
<input class="sr-only" name="permissions[]" type="checkbox" @if(isset($permissions['reset-sftp']))checked="checked"@endif @cannot('edit-subuser', $server)disabled="disabled"@endcannot value="reset-sftp"> <strong>Reset SFTP Password</strong>
<p class="text-muted"><small>Allows user to change the SFTP password for the server.</small><p>
</label>
</div>
</div>
</div>
@can('edit-subuser', $server)
<div class="well">
<div class="row">
<div class="col-md-12">
{!! csrf_field() !!}
<input type="submit" class="btn btn-sm btn-primary" value="Modify Subuser" />
</div>
</div>
</div>
</form>
@endcan
</div>
<script>
$(document).ready(function () {
$('.server-users').addClass('active');
});
</script>
@endsection