From d4bcf0be594e09c187763e9ca56463d7f287037a Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Thu, 2 Feb 2017 18:21:36 -0500 Subject: [PATCH] Initial implementation of improved sever model and logic --- CHANGELOG.md | 3 + app/Http/Controllers/API/ServerController.php | 2 +- .../Controllers/API/User/InfoController.php | 2 +- .../Controllers/API/User/ServerController.php | 6 +- .../Controllers/Admin/NodesController.php | 4 +- .../Controllers/Admin/ServersController.php | 32 ++++---- .../Controllers/Admin/ServiceController.php | 2 +- app/Http/Controllers/Admin/UserController.php | 2 +- .../Controllers/Remote/RemoteController.php | 4 +- .../Controllers/Server/AjaxController.php | 4 +- .../Controllers/Server/ServerController.php | 35 ++++---- .../Controllers/Server/SubuserController.php | 6 +- .../Controllers/Server/TaskController.php | 4 +- app/Http/Middleware/CheckServer.php | 9 ++- app/Models/Server.php | 81 +++++++------------ app/Models/User.php | 21 +++++ app/Observers/ServerObserver.php | 8 +- app/Policies/ServerPolicy.php | 2 +- app/Repositories/ServerRepository.php | 44 +++++----- app/Repositories/SubuserRepository.php | 14 ++-- app/Services/NotificationService.php | 2 +- ..._08_30_213301_modify_ip_storage_method.php | 4 +- ...6_09_17_194246_add_docker_image_column.php | 2 +- .../2017_02_02_175548_UpdateColumnNames.php | 66 +++++++++++++++ .../themes/pterodactyl/base/index.blade.php | 2 +- .../server/settings/allocation.blade.php | 2 +- resources/views/admin/nodes/view.blade.php | 2 +- resources/views/admin/servers/index.blade.php | 4 +- resources/views/admin/servers/view.blade.php | 8 +- .../admin/services/options/view.blade.php | 2 +- resources/views/admin/users/view.blade.php | 2 +- 31 files changed, 223 insertions(+), 158 deletions(-) create mode 100644 database/migrations/2017_02_02_175548_UpdateColumnNames.php diff --git a/CHANGELOG.md b/CHANGELOG.md index 8922f5620..80b459be5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,6 +21,9 @@ This project follows [Semantic Versioning](http://semver.org) guidelines. * User model now defines mass assignment fields using `$fillable` rather than `$guarded`. * 2FA checkpoint on login is now its own page, and not an AJAX based call. Improves security on that front. +### Removed +* `Server::getUserDaemonSecret(Server $server)` was removed and replaced with `User::daemonSecret(Server $server)` in order to clean up models. + ## v0.5.6 (Bodacious Boreopterus) ### Added * Added the following languages: Estonian `et`, Dutch `nl`, Norwegian `nb` (partial), Romanian `ro`, and Russian `ru`. Interested in helping us translate the panel into more languages, or improving existing translations? Contact us on Discord and let us know. diff --git a/app/Http/Controllers/API/ServerController.php b/app/Http/Controllers/API/ServerController.php index bc0d04a40..24a2bc00e 100755 --- a/app/Http/Controllers/API/ServerController.php +++ b/app/Http/Controllers/API/ServerController.php @@ -122,7 +122,7 @@ class ServerController extends BaseController 'pack' )->first(); if ($request->input('daemon') === 'true') { - $node = Models\Node::findOrFail($server->node); + $node = Models\Node::findOrFail($server->node_id); $client = Models\Node::guzzleRequest($node->id); $response = $client->request('GET', '/servers', [ diff --git a/app/Http/Controllers/API/User/InfoController.php b/app/Http/Controllers/API/User/InfoController.php index 00923b866..228a66819 100644 --- a/app/Http/Controllers/API/User/InfoController.php +++ b/app/Http/Controllers/API/User/InfoController.php @@ -37,7 +37,7 @@ class InfoController extends BaseController 'id' => $server->uuidShort, 'uuid' => $server->uuid, 'name' => $server->name, - 'node' => $server->nodeName, + 'node' => $server->node_idName, 'ip' => [ 'set' => $server->ip, 'alias' => $server->ip_alias, diff --git a/app/Http/Controllers/API/User/ServerController.php b/app/Http/Controllers/API/User/ServerController.php index c63a482fa..128c5cf68 100644 --- a/app/Http/Controllers/API/User/ServerController.php +++ b/app/Http/Controllers/API/User/ServerController.php @@ -35,7 +35,7 @@ class ServerController extends BaseController public function info(Request $request, $uuid) { $server = Models\Server::getByUUID($uuid); - $node = Models\Node::findOrFail($server->node); + $node = Models\Node::findOrFail($server->node_id); $client = Models\Node::guzzleRequest($node->id); try { @@ -61,7 +61,7 @@ class ServerController extends BaseController $allocations = Models\Allocation::select('id', 'ip', 'port', 'ip_alias as alias')->where('assigned_to', $server->id)->get(); foreach ($allocations as &$allocation) { - $allocation->default = ($allocation->id === $server->allocation); + $allocation->default = ($allocation->id === $server->allocation_id); unset($allocation->id); } @@ -92,7 +92,7 @@ class ServerController extends BaseController public function power(Request $request, $uuid) { $server = Models\Server::getByUUID($uuid); - $client = Models\Node::guzzleRequest($server->node); + $client = Models\Node::guzzleRequest($server->node_id); Auth::user()->can('power-' . $request->input('action'), $server); diff --git a/app/Http/Controllers/Admin/NodesController.php b/app/Http/Controllers/Admin/NodesController.php index 594365f73..506d8434e 100644 --- a/app/Http/Controllers/Admin/NodesController.php +++ b/app/Http/Controllers/Admin/NodesController.php @@ -108,8 +108,8 @@ class NodesController extends Controller return view('admin.nodes.view', [ 'node' => $node, 'servers' => Models\Server::select('servers.*', 'users.email as a_ownerEmail', 'services.name as a_serviceName') - ->join('users', 'users.id', '=', 'servers.owner') - ->join('services', 'services.id', '=', 'servers.service') + ->join('users', 'users.id', '=', 'servers.owner_id') + ->join('services', 'services.id', '=', 'servers.service_id') ->where('node', $id)->paginate(10, ['*'], 'servers'), 'stats' => Models\Server::select(DB::raw('SUM(memory) as memory, SUM(disk) as disk'))->where('node', $node->id)->first(), 'locations' => Models\Location::all(), diff --git a/app/Http/Controllers/Admin/ServersController.php b/app/Http/Controllers/Admin/ServersController.php index 9aece9c4e..f75508139 100644 --- a/app/Http/Controllers/Admin/ServersController.php +++ b/app/Http/Controllers/Admin/ServersController.php @@ -54,9 +54,9 @@ class ServersController extends Controller 'allocations.ip', 'allocations.port', 'allocations.ip_alias' - )->join('nodes', 'servers.node', '=', 'nodes.id') - ->join('users', 'servers.owner', '=', 'users.id') - ->join('allocations', 'servers.allocation', '=', 'allocations.id'); + )->join('nodes', 'servers.node_id', '=', 'nodes.id') + ->join('users', 'servers.owner_id', '=', 'users.id') + ->join('allocations', 'servers.allocation_id', '=', 'allocations.id'); if ($request->input('filter') && ! is_null($request->input('filter'))) { preg_match_all('/[^\s"\']+|"([^"]*)"|\'([^\']*)\'/', urldecode($request->input('filter')), $matches); @@ -96,9 +96,9 @@ class ServersController extends Controller 'allocations.ip', 'allocations.port', 'allocations.ip_alias' - )->join('nodes', 'servers.node', '=', 'nodes.id') - ->join('users', 'servers.owner', '=', 'users.id') - ->join('allocations', 'servers.allocation', '=', 'allocations.id') + )->join('nodes', 'servers.node_id', '=', 'nodes.id') + ->join('users', 'servers.owner_id', '=', 'users.id') + ->join('allocations', 'servers.allocation_id', '=', 'allocations.id') ->paginate(20); } @@ -127,11 +127,11 @@ class ServersController extends Controller 'allocations.ip', 'allocations.port', 'allocations.ip_alias' - )->join('nodes', 'servers.node', '=', 'nodes.id') - ->join('users', 'servers.owner', '=', 'users.id') - ->join('services', 'servers.service', '=', 'services.id') - ->join('service_options', 'servers.option', '=', 'service_options.id') - ->join('allocations', 'servers.allocation', '=', 'allocations.id') + )->join('nodes', 'servers.node_id', '=', 'nodes.id') + ->join('users', 'servers.owner_id', '=', 'users.id') + ->join('services', 'servers.service_id', '=', 'services.id') + ->join('service_options', 'servers.option_id', '=', 'service_options.id') + ->join('allocations', 'servers.allocation_id', '=', 'allocations.id') ->where('servers.id', $id) ->first(); @@ -145,13 +145,13 @@ class ServersController extends Controller 'nodes.*', 'locations.long as a_locationName' )->join('locations', 'nodes.location', '=', 'locations.id') - ->where('nodes.id', $server->node) + ->where('nodes.id', $server->node_id) ->first(), 'assigned' => Models\Allocation::where('assigned_to', $id)->orderBy('ip', 'asc')->orderBy('port', 'asc')->get(), - 'unassigned' => Models\Allocation::where('node', $server->node)->whereNull('assigned_to')->orderBy('ip', 'asc')->orderBy('port', 'asc')->get(), + 'unassigned' => Models\Allocation::where('node', $server->node_id)->whereNull('assigned_to')->orderBy('ip', 'asc')->orderBy('port', 'asc')->get(), 'startup' => Models\ServiceVariables::select('service_variables.*', 'server_variables.variable_value as a_serverValue') ->join('server_variables', 'server_variables.variable_id', '=', 'service_variables.id') - ->where('service_variables.option_id', $server->option) + ->where('service_variables.option_id', $server->option_id) ->where('server_variables.server_id', $server->id) ->get(), 'databases' => Models\Database::select('databases.*', 'database_servers.host as a_host', 'database_servers.port as a_port') @@ -334,8 +334,8 @@ class ServersController extends Controller public function postUpdateServerToggleBuild(Request $request, $id) { $server = Models\Server::findOrFail($id); - $node = Models\Node::findOrFail($server->node); - $client = Models\Node::guzzleRequest($server->node); + $node = Models\Node::findOrFail($server->node_id); + $client = Models\Node::guzzleRequest($server->node_id); try { $res = $client->request('POST', '/server/rebuild', [ diff --git a/app/Http/Controllers/Admin/ServiceController.php b/app/Http/Controllers/Admin/ServiceController.php index 7a70c58da..70de4f88e 100644 --- a/app/Http/Controllers/Admin/ServiceController.php +++ b/app/Http/Controllers/Admin/ServiceController.php @@ -137,7 +137,7 @@ class ServiceController extends Controller 'option' => $opt, 'variables' => Models\ServiceVariables::where('option_id', $option)->get(), 'servers' => Models\Server::select('servers.*', 'users.email as a_ownerEmail') - ->join('users', 'users.id', '=', 'servers.owner') + ->join('users', 'users.id', '=', 'servers.owner_id') ->where('option', $option) ->paginate(10), ]); diff --git a/app/Http/Controllers/Admin/UserController.php b/app/Http/Controllers/Admin/UserController.php index 9a2c6fd04..c2dea5f54 100644 --- a/app/Http/Controllers/Admin/UserController.php +++ b/app/Http/Controllers/Admin/UserController.php @@ -87,7 +87,7 @@ class UserController extends Controller return view('admin.users.view', [ 'user' => User::findOrFail($id), 'servers' => Server::select('servers.*', 'nodes.name as nodeName', 'locations.long as location') - ->join('nodes', 'servers.node', '=', 'nodes.id') + ->join('nodes', 'servers.node_id', '=', 'nodes.id') ->join('locations', 'nodes.location', '=', 'locations.id') ->where('owner', $id) ->get(), diff --git a/app/Http/Controllers/Remote/RemoteController.php b/app/Http/Controllers/Remote/RemoteController.php index b0aa0983e..0f168c04b 100644 --- a/app/Http/Controllers/Remote/RemoteController.php +++ b/app/Http/Controllers/Remote/RemoteController.php @@ -66,7 +66,7 @@ class RemoteController extends Controller ], 422); } - $node = Models\Node::findOrFail($server->node); + $node = Models\Node::findOrFail($server->node_id); $hmac = $request->input('signed'); $status = $request->input('installed'); @@ -93,7 +93,7 @@ class RemoteController extends Controller ], 422); } - $node = Models\Node::findOrFail($server->node); + $node = Models\Node::findOrFail($server->node_id); $hmac = $request->input('signed'); if (base64_decode($hmac) !== hash_hmac('sha256', $server->uuid, $node->daemonSecret, true)) { diff --git a/app/Http/Controllers/Server/AjaxController.php b/app/Http/Controllers/Server/AjaxController.php index da4d058ac..9ee9f4284 100644 --- a/app/Http/Controllers/Server/AjaxController.php +++ b/app/Http/Controllers/Server/AjaxController.php @@ -73,7 +73,7 @@ class AjaxController extends Controller return response()->json([], 404); } - $client = Models\Node::guzzleRequest($server->node); + $client = Models\Node::guzzleRequest($server->node_id); try { $res = $client->request('GET', '/server', [ @@ -178,7 +178,7 @@ class AjaxController extends Controller $server = Models\Server::getByUUID($uuid); $this->authorize('set-connection', $server); - if ((int) $request->input('allocation') === $server->allocation) { + if ((int) $request->input('allocation') === $server->allocation_id) { return response()->json([ 'error' => 'You are already using this as your default connection.', ], 409); diff --git a/app/Http/Controllers/Server/ServerController.php b/app/Http/Controllers/Server/ServerController.php index 593049ca1..7f07f977c 100644 --- a/app/Http/Controllers/Server/ServerController.php +++ b/app/Http/Controllers/Server/ServerController.php @@ -55,14 +55,13 @@ class ServerController extends Controller * @param \Illuminate\Http\Request $request * @return \Illuminate\Contracts\View\View */ - public function getIndex(Request $request) + public function getIndex(Request $request, $uuid) { - $server = Models\Server::getByUUID($request->route()->server); - $node = Models\Node::find($server->node); + $server = Models\Server::byUuid($uuid); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'daemonSecret', 'username']), - 'node' => collect($node)->only('fqdn', 'scheme', 'daemonListen'), + 'node' => collect($server->node_id)->only('fqdn', 'scheme', 'daemonListen'), 'meta' => [ 'saveFile' => route('server.files.save', $server->uuidShort), 'csrfToken' => csrf_token(), @@ -71,7 +70,7 @@ class ServerController extends Controller return view('server.index', [ 'server' => $server, - 'node' => $node, + 'node' => $server->node_id, ]); } @@ -86,7 +85,7 @@ class ServerController extends Controller $server = Models\Server::getByUUID($uuid); $this->authorize('list-files', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only('uuid', 'uuidShort', 'daemonSecret'), @@ -122,7 +121,7 @@ class ServerController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('add-files', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'uuidShort', 'daemonSecret', 'username']), @@ -148,7 +147,7 @@ class ServerController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('edit-files', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); $fileInfo = (object) pathinfo($file); $controller = new FileRepository($uuid); @@ -193,7 +192,7 @@ class ServerController extends Controller public function getDownloadFile(Request $request, $uuid, $file) { $server = Models\Server::getByUUID($uuid); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); $this->authorize('download-files', $server); @@ -212,7 +211,7 @@ class ServerController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('view-allocation', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'uuidShort', 'daemonSecret', 'username']), @@ -230,8 +229,8 @@ class ServerController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('view-startup', $server); - $node = Models\Node::find($server->node); - $allocation = Models\Allocation::findOrFail($server->allocation); + $node = Models\Node::find($server->node_id); + $allocation = Models\Allocation::findOrFail($server->allocation_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'uuidShort', 'daemonSecret', 'username']), @@ -242,15 +241,15 @@ class ServerController extends Controller 'service_variables.*', DB::raw('COALESCE(server_variables.variable_value, service_variables.default_value) as a_serverValue') )->leftJoin('server_variables', 'server_variables.variable_id', '=', 'service_variables.id') - ->where('service_variables.option_id', $server->option) + ->where('service_variables.option_id', $server->option_id) ->where('server_variables.server_id', $server->id) ->get(); $service = Models\Service::select( DB::raw('IFNULL(service_options.executable, services.executable) as executable') )->leftJoin('service_options', 'service_options.parent_service', '=', 'services.id') - ->where('service_options.id', $server->option) - ->where('services.id', $server->service) + ->where('service_options.id', $server->option_id) + ->where('services.id', $server->service_id) ->first(); $serverVariables = [ @@ -267,7 +266,7 @@ class ServerController extends Controller return view('server.settings.startup', [ 'server' => $server, - 'node' => Models\Node::find($server->node), + 'node' => Models\Node::find($server->node_id), 'variables' => $variables->where('user_viewable', 1), 'service' => $service, 'processedStartup' => $processed, @@ -278,7 +277,7 @@ class ServerController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('view-databases', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'uuidShort', 'daemonSecret', 'username']), @@ -299,7 +298,7 @@ class ServerController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('view-sftp', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'daemonSecret', 'username']), diff --git a/app/Http/Controllers/Server/SubuserController.php b/app/Http/Controllers/Server/SubuserController.php index a8761c717..1d07b47f7 100644 --- a/app/Http/Controllers/Server/SubuserController.php +++ b/app/Http/Controllers/Server/SubuserController.php @@ -52,7 +52,7 @@ class SubuserController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('list-subusers', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'uuidShort', 'daemonSecret', 'username']), @@ -73,7 +73,7 @@ class SubuserController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('view-subuser', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'uuidShort', 'daemonSecret', 'username']), @@ -150,7 +150,7 @@ class SubuserController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('create-subuser', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'uuidShort', 'daemonSecret', 'username']), diff --git a/app/Http/Controllers/Server/TaskController.php b/app/Http/Controllers/Server/TaskController.php index 8c49ad6bc..51243cc8f 100644 --- a/app/Http/Controllers/Server/TaskController.php +++ b/app/Http/Controllers/Server/TaskController.php @@ -45,7 +45,7 @@ class TaskController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('list-tasks', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'uuidShort', 'daemonSecret', 'username']), @@ -67,7 +67,7 @@ class TaskController extends Controller { $server = Models\Server::getByUUID($uuid); $this->authorize('create-task', $server); - $node = Models\Node::find($server->node); + $node = Models\Node::find($server->node_id); Javascript::put([ 'server' => collect($server->makeVisible('daemonSecret'))->only(['uuid', 'uuidShort', 'daemonSecret', 'username']), diff --git a/app/Http/Middleware/CheckServer.php b/app/Http/Middleware/CheckServer.php index cd83bd9d1..dba9395ac 100644 --- a/app/Http/Middleware/CheckServer.php +++ b/app/Http/Middleware/CheckServer.php @@ -26,6 +26,7 @@ namespace Pterodactyl\Http\Middleware; use Auth; use Closure; +use Illuminate\Http\Request; use Pterodactyl\Models\Server; class CheckServer @@ -37,22 +38,22 @@ class CheckServer * @param \Closure $next * @return mixed */ - public function handle($request, Closure $next) + public function handle(Request $request, Closure $next) { if (! Auth::user()) { return redirect()->guest('auth/login'); } - $server = Server::getByUUID($request->route()->server); + $server = Server::byUuid($request->route()->server); if (! $server) { return response()->view('errors.404', [], 404); } - if ($server->suspended === 1) { + if ($server->suspended) { return response()->view('errors.suspended', [], 403); } - if ($server->installed !== 1) { + if (! $server->installed) { return response()->view('errors.installing', [], 403); } diff --git a/app/Models/Server.php b/app/Models/Server.php index a9f9bd087..32240da44 100644 --- a/app/Models/Server.php +++ b/app/Models/Server.php @@ -101,28 +101,6 @@ class Server extends Model self::$user = Auth::user(); } - /** - * Determine if we need to change the server's daemonSecret value to - * match that of the user if they are a subuser. - * - * @param Illuminate\Database\Eloquent\Model\Server $server - * @return string - */ - public static function getUserDaemonSecret(Server $server) - { - if (self::$user->id === $server->owner || self::$user->root_admin === 1) { - return $server->daemonSecret; - } - - $subuser = Subuser::where('server_id', $server->id)->where('user_id', self::$user->id)->first(); - - if (is_null($subuser)) { - return null; - } - - return $subuser->daemonSecret; - } - /** * Returns array of all servers owned by the logged in user. * Returns all users servers if user is a root admin. @@ -140,11 +118,11 @@ class Server extends Model 'allocations.port', 'services.name as a_serviceName', 'service_options.name as a_serviceOptionName' - )->join('nodes', 'servers.node', '=', 'nodes.id') + )->join('nodes', 'servers.node_id', '=', 'nodes.id') ->join('locations', 'nodes.location', '=', 'locations.id') - ->join('services', 'servers.service', '=', 'services.id') - ->join('service_options', 'servers.option', '=', 'service_options.id') - ->join('allocations', 'servers.allocation', '=', 'allocations.id'); + ->join('services', 'servers.service_id', '=', 'services.id') + ->join('service_options', 'servers.option_id', '=', 'service_options.id') + ->join('allocations', 'servers.allocation_id', '=', 'allocations.id'); if (self::$user->root_admin !== 1) { $query->whereIn('servers.id', Subuser::accessServers()); @@ -165,30 +143,21 @@ class Server extends Model * @param string $uuid The Short-UUID of the server to return an object about. * @return \Illuminate\Database\Eloquent\Collection */ - public static function getByUUID($uuid) + public static function byUuid($uuid) { - if (array_key_exists($uuid, self::$serverUUIDInstance)) { - return self::$serverUUIDInstance[$uuid]; - } + $query = self::with('service', 'node')->where('uuidShort', $uuid)->orWhere('uuid', $uuid); - $query = self::select('servers.*', 'services.file as a_serviceFile') - ->join('services', 'services.id', '=', 'servers.service') - ->where('uuidShort', $uuid) - ->orWhere('uuid', $uuid); - - if (self::$user->root_admin !== 1) { - $query->whereIn('servers.id', Subuser::accessServers()); + if (! Auth::user()->isRootAdmin()) { + $query->whereIn('id', Subuser::accessServers()); } $result = $query->first(); if (! is_null($result)) { - $result->daemonSecret = self::getUserDaemonSecret($result); + $result->daemonSecret = Auth::user()->daemonToken($result); } - self::$serverUUIDInstance[$uuid] = $result; - - return self::$serverUUIDInstance[$uuid]; + return $result; } /** @@ -197,16 +166,12 @@ class Server extends Model * @param string $uuid * @return array */ - public static function getGuzzleHeaders($uuid) + public function getHeaders() { - if (array_key_exists($uuid, self::$serverUUIDInstance)) { - return [ - 'X-Access-Server' => self::$serverUUIDInstance[$uuid]->uuid, - 'X-Access-Token' => self::$serverUUIDInstance[$uuid]->daemonSecret, - ]; - } - - return []; + return [ + 'X-Access-Server' => $this->uuid, + 'X-Access-Token' => Auth::user()->daemonToken($this), + ]; } /** @@ -226,7 +191,7 @@ class Server extends Model */ public function pack() { - return $this->hasOne(ServicePack::class, 'id', 'pack'); + return $this->hasOne(ServicePack::class, 'id', 'pack_id'); } /** @@ -236,7 +201,7 @@ class Server extends Model */ public function service() { - return $this->hasOne(Service::class, 'id', 'service'); + return $this->hasOne(Service::class, 'id', 'service_id'); } /** @@ -246,7 +211,7 @@ class Server extends Model */ public function option() { - return $this->hasOne(ServiceOptions::class, 'id', 'option'); + return $this->hasOne(ServiceOptions::class, 'id', 'option_id'); } /** @@ -258,4 +223,14 @@ class Server extends Model { return $this->hasMany(ServerVariables::class); } + + /** + * Gets information for the node associated with this server. + * + * @return \Illuminate\Database\Eloquent\Relations\HasOne + */ + public function node() + { + return $this->hasOne(Node::class, 'id', 'node_id'); + } } diff --git a/app/Models/User.php b/app/Models/User.php index 80d9192fa..0de3eb5ae 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -24,6 +24,7 @@ namespace Pterodactyl\Models; +use Auth; use Hash; use Google2FA; use Illuminate\Auth\Authenticatable; @@ -156,4 +157,24 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac { return $this->root_admin === 1; } + + /** + * Returns the user's daemon secret for a given server. + * @param Server $server \Pterodactyl\Models\Server + * @return null|string + */ + public function daemonToken(Server $server) + { + if ($this->id === $server->owner_id || $this->isRootAdmin()) { + return $server->daemonSecret; + } + + $subuser = Subuser::where('server_id', $server->id)->where('user_id', $this->id)->first(); + + if (is_null($subuser)) { + return null; + } + + return $subuser->daemonSecret; + } } diff --git a/app/Observers/ServerObserver.php b/app/Observers/ServerObserver.php index 6506f03f2..cacb9c82f 100644 --- a/app/Observers/ServerObserver.php +++ b/app/Observers/ServerObserver.php @@ -59,12 +59,12 @@ class ServerObserver event(new Events\Server\Created($server)); // Queue Notification Email - $user = Models\User::findOrFail($server->owner); - $node = Models\Node::select('name')->where('id', $server->node)->first(); + $user = Models\User::findOrFail($server->owner_id); + $node = Models\Node::select('name')->where('id', $server->node_id)->first(); $service = Models\Service::select('services.name', 'service_options.name as optionName') ->join('service_options', 'service_options.parent_service', '=', 'services.id') - ->where('services.id', $server->service) - ->where('service_options.id', $server->option) + ->where('services.id', $server->service_id) + ->where('service_options.id', $server->option_id) ->first(); $user->notify((new ServerCreated([ diff --git a/app/Policies/ServerPolicy.php b/app/Policies/ServerPolicy.php index f297fe829..3ef54f436 100644 --- a/app/Policies/ServerPolicy.php +++ b/app/Policies/ServerPolicy.php @@ -48,7 +48,7 @@ class ServerPolicy */ protected function isOwner(User $user, Server $server) { - return $server->owner === $user->id; + return $server->owner_id === $user->id; } /** diff --git a/app/Repositories/ServerRepository.php b/app/Repositories/ServerRepository.php index beb5d94a6..3cd3d32ba 100644 --- a/app/Repositories/ServerRepository.php +++ b/app/Repositories/ServerRepository.php @@ -374,7 +374,7 @@ class ServerRepository try { $server = Models\Server::findOrFail($id); - $owner = Models\User::findOrFail($server->owner); + $owner = Models\User::findOrFail($server->owner_id); // Update daemon secret if it was passed. if ((isset($data['reset_token']) && $data['reset_token'] === true) || (isset($data['owner']) && $data['owner'] !== $owner->email)) { @@ -386,7 +386,7 @@ class ServerRepository // Update Server Owner if it was passed. if (isset($data['owner']) && $data['owner'] !== $owner->email) { $newOwner = Models\User::select('id')->where('email', $data['owner'])->first(); - $server->owner = $newOwner->id; + $server->owner_id = $newOwner->id; } // Update Server Name if it was passed. @@ -405,8 +405,8 @@ class ServerRepository } // If we need to update do it here. - $node = Models\Node::getByID($server->node); - $client = Models\Node::guzzleRequest($server->node); + $node = Models\Node::getByID($server->node_id); + $client = Models\Node::guzzleRequest($server->node_id); $res = $client->request('PATCH', '/server', [ 'headers' => [ @@ -461,8 +461,8 @@ class ServerRepository $server->image = $data['image']; $server->save(); - $node = Models\Node::getByID($server->node); - $client = Models\Node::guzzleRequest($server->node); + $node = Models\Node::getByID($server->node_id); + $client = Models\Node::guzzleRequest($server->node_id); $client->request('PATCH', '/server', [ 'headers' => [ @@ -520,7 +520,7 @@ class ServerRepository try { $server = Models\Server::findOrFail($id); - $allocation = Models\Allocation::findOrFail($server->allocation); + $allocation = Models\Allocation::findOrFail($server->allocation_id); $newBuild = []; @@ -532,14 +532,14 @@ class ServerRepository throw new DisplayException('The requested default connection (' . $ip . ':' . $port . ') is not allocated to this server.'); } - $server->allocation = $selection->id; + $server->allocation_id = $selection->id; $newBuild['default'] = [ 'ip' => $ip, 'port' => (int) $port, ]; // Re-Run to keep updated for rest of function - $allocation = Models\Allocation::findOrFail($server->allocation); + $allocation = Models\Allocation::findOrFail($server->allocation_id); } } @@ -635,8 +635,8 @@ class ServerRepository $server->save(); if (! empty($newBuild)) { - $node = Models\Node::getByID($server->node); - $client = Models\Node::guzzleRequest($server->node); + $node = Models\Node::getByID($server->node_id); + $client = Models\Node::guzzleRequest($server->node_id); $client->request('PATCH', '/server', [ 'headers' => [ @@ -679,7 +679,7 @@ class ServerRepository 'service_variables.*', DB::raw('COALESCE(server_variables.variable_value, service_variables.default_value) as a_currentValue') )->leftJoin('server_variables', 'server_variables.variable_id', '=', 'service_variables.id') - ->where('option_id', $server->option) + ->where('option_id', $server->option_id) ->get(); $variableList = []; @@ -747,8 +747,8 @@ class ServerRepository $model->save(); } - $node = Models\Node::getByID($server->node); - $client = Models\Node::guzzleRequest($server->node); + $node = Models\Node::getByID($server->node_id); + $client = Models\Node::guzzleRequest($server->node_id); $client->request('PATCH', '/server', [ 'headers' => [ @@ -797,7 +797,7 @@ class ServerRepository public function deleteNow($id, $force = false) { $server = Models\Server::withTrashed()->findOrFail($id); - $node = Models\Node::findOrFail($server->node); + $node = Models\Node::findOrFail($server->node_id); // Handle server being restored previously or // an accidental queue. @@ -835,7 +835,7 @@ class ServerRepository $repository->drop($database->id); } - $client = Models\Node::guzzleRequest($server->node); + $client = Models\Node::guzzleRequest($server->node_id); $client->request('DELETE', '/servers', [ 'headers' => [ 'X-Access-Token' => $node->daemonSecret, @@ -888,7 +888,7 @@ class ServerRepository public function suspend($id, $deleted = false) { $server = ($deleted) ? Models\Server::withTrashed()->findOrFail($id) : Models\Server::findOrFail($id); - $node = Models\Node::findOrFail($server->node); + $node = Models\Node::findOrFail($server->node_id); DB::beginTransaction(); @@ -902,7 +902,7 @@ class ServerRepository $server->suspended = 1; $server->save(); - $client = Models\Node::guzzleRequest($server->node); + $client = Models\Node::guzzleRequest($server->node_id); $client->request('POST', '/server/suspend', [ 'headers' => [ 'X-Access-Token' => $node->daemonSecret, @@ -928,7 +928,7 @@ class ServerRepository public function unsuspend($id) { $server = Models\Server::findOrFail($id); - $node = Models\Node::findOrFail($server->node); + $node = Models\Node::findOrFail($server->node_id); DB::beginTransaction(); @@ -942,7 +942,7 @@ class ServerRepository $server->suspended = 0; $server->save(); - $client = Models\Node::guzzleRequest($server->node); + $client = Models\Node::guzzleRequest($server->node_id); $client->request('POST', '/server/unsuspend', [ 'headers' => [ 'X-Access-Token' => $node->daemonSecret, @@ -963,7 +963,7 @@ class ServerRepository public function updateSFTPPassword($id, $password) { $server = Models\Server::findOrFail($id); - $node = Models\Node::findOrFail($server->node); + $node = Models\Node::findOrFail($server->node_id); $validator = Validator::make([ 'password' => $password, @@ -981,7 +981,7 @@ class ServerRepository try { $server->save(); - $client = Models\Node::guzzleRequest($server->node); + $client = Models\Node::guzzleRequest($server->node_id); $client->request('POST', '/server/password', [ 'headers' => [ 'X-Access-Token' => $node->daemonSecret, diff --git a/app/Repositories/SubuserRepository.php b/app/Repositories/SubuserRepository.php index afa27493e..335e6926d 100644 --- a/app/Repositories/SubuserRepository.php +++ b/app/Repositories/SubuserRepository.php @@ -146,7 +146,7 @@ class SubuserRepository } catch (\Exception $ex) { throw $ex; } - } elseif ($server->owner === $user->id) { + } elseif ($server->owner_id === $user->id) { throw new DisplayException('You cannot add the owner of a server as a subuser.'); } elseif (Models\Subuser::select('id')->where('user_id', $user->id)->where('server_id', $server->id)->first()) { throw new DisplayException('A subuser with that email already exists for this server.'); @@ -184,8 +184,8 @@ class SubuserRepository // We contact even if they don't have any daemon permissions to overwrite // if they did have them previously. - $node = Models\Node::getByID($server->node); - $client = Models\Node::guzzleRequest($server->node); + $node = Models\Node::getByID($server->node_id); + $client = Models\Node::guzzleRequest($server->node_id); $res = $client->request('PATCH', '/server', [ 'headers' => [ @@ -240,8 +240,8 @@ class SubuserRepository try { Models\Permission::where('user_id', $subuser->user_id)->where('server_id', $subuser->server_id)->delete(); - $node = Models\Node::getByID($server->node); - $client = Models\Node::guzzleRequest($server->node); + $node = Models\Node::getByID($server->node_id); + $client = Models\Node::guzzleRequest($server->node_id); $res = $client->request('PATCH', '/server', [ 'headers' => [ @@ -318,8 +318,8 @@ class SubuserRepository // Contact Daemon // We contact even if they don't have any daemon permissions to overwrite // if they did have them previously. - $node = Models\Node::getByID($server->node); - $client = Models\Node::guzzleRequest($server->node); + $node = Models\Node::getByID($server->node_id); + $client = Models\Node::guzzleRequest($server->node_id); $res = $client->request('PATCH', '/server', [ 'headers' => [ diff --git a/app/Services/NotificationService.php b/app/Services/NotificationService.php index bb76db9b6..abd2155b1 100644 --- a/app/Services/NotificationService.php +++ b/app/Services/NotificationService.php @@ -48,7 +48,7 @@ class NotificationService public function __construct(Server $server) { $this->server = $server; - $this->user = User::findOrFail($server->owner); + $this->user = User::findOrFail($server->owner_id); } public function pass(array $notification) diff --git a/database/migrations/2016_08_30_213301_modify_ip_storage_method.php b/database/migrations/2016_08_30_213301_modify_ip_storage_method.php index b77ccbea6..768ef0b55 100644 --- a/database/migrations/2016_08_30_213301_modify_ip_storage_method.php +++ b/database/migrations/2016_08_30_213301_modify_ip_storage_method.php @@ -24,7 +24,7 @@ class ModifyIpStorageMethod extends Migration [ 'ip' => $server->ip, 'port' => $server->port, - 'node' => $server->node, + 'node' => $server->node_id, ] ); @@ -61,7 +61,7 @@ class ModifyIpStorageMethod extends Migration // Find the allocations and reset the servers... $servers = DB::select('SELECT id, allocation FROM servers'); foreach ($servers as $server) { - $allocation = DB::select('SELECT * FROM allocations WHERE id = :alocid', ['alocid' => $server->allocation]); + $allocation = DB::select('SELECT * FROM allocations WHERE id = :alocid', ['alocid' => $server->allocation_id]); if (isset($allocation[0])) { DB::update( diff --git a/database/migrations/2016_09_17_194246_add_docker_image_column.php b/database/migrations/2016_09_17_194246_add_docker_image_column.php index 58e4b87a3..ce7d91203 100644 --- a/database/migrations/2016_09_17_194246_add_docker_image_column.php +++ b/database/migrations/2016_09_17_194246_add_docker_image_column.php @@ -22,7 +22,7 @@ class AddDockerImageColumn extends Migration $servers = DB::table('servers')->select( 'servers.id', 'service_options.docker_image as s_optionImage' - )->join('service_options', 'service_options.id', '=', 'servers.option')->get(); + )->join('service_options', 'service_options.id', '=', 'servers.option_id')->get(); foreach ($servers as $server) { $server->image = $server->s_optionImage; diff --git a/database/migrations/2017_02_02_175548_UpdateColumnNames.php b/database/migrations/2017_02_02_175548_UpdateColumnNames.php new file mode 100644 index 000000000..bc49c7d45 --- /dev/null +++ b/database/migrations/2017_02_02_175548_UpdateColumnNames.php @@ -0,0 +1,66 @@ +dropForeign('servers_node_foreign'); + $table->dropForeign('servers_owner_foreign'); + $table->dropForeign('servers_allocation_foreign'); + $table->dropForeign('servers_service_foreign'); + $table->dropForeign('servers_option_foreign'); + + $table->dropIndex('servers_node_foreign'); + $table->dropIndex('servers_owner_foreign'); + $table->dropIndex('servers_allocation_foreign'); + $table->dropIndex('servers_service_foreign'); + $table->dropIndex('servers_option_foreign'); + + $table->renameColumn('node', 'node_id'); + $table->renameColumn('owner', 'owner_id'); + $table->renameColumn('allocation', 'allocation_id'); + $table->renameColumn('service', 'service_id'); + $table->renameColumn('option', 'option_id'); + $table->renameColumn('pack', 'pack_id'); + + $table->foreign('node_id')->references('id')->on('nodes'); + $table->foreign('owner_id')->references('id')->on('users'); + $table->foreign('allocation_id')->references('id')->on('allocations'); + $table->foreign('service_id')->references('id')->on('services'); + $table->foreign('option_id')->references('id')->on('service_options'); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('servers', function (Blueprint $table) { + $table->renameColumn('node_id', 'node'); + $table->renameColumn('owner_id', 'owner'); + $table->renameColumn('allocation_id', 'allocation'); + $table->renameColumn('service_id', 'service'); + $table->renameColumn('option_id', 'option'); + $table->renameColumn('pack_id', 'pack'); + + $table->foreign('node')->references('id')->on('nodes'); + $table->foreign('owner')->references('id')->on('users'); + $table->foreign('allocation')->references('id')->on('allocations'); + $table->foreign('service')->references('id')->on('services'); + $table->foreign('option')->references('id')->on('service_options'); + }); + } +} diff --git a/resources/themes/pterodactyl/base/index.blade.php b/resources/themes/pterodactyl/base/index.blade.php index c6066c25a..d029a37a9 100644 --- a/resources/themes/pterodactyl/base/index.blade.php +++ b/resources/themes/pterodactyl/base/index.blade.php @@ -62,7 +62,7 @@ {{ $server->uuidShort }} {{ $server->name }} - {{ $server->nodeName }} + {{ $server->node_idName }} @if(!is_null($server->ip_alias)){{ $server->ip_alias }}@else{{ $server->ip }}@endif:{{ $server->port }} -- / {{ $server->memory === 0 ? '∞' : $server->memory }} MB -- % diff --git a/resources/themes/pterodactyl/server/settings/allocation.blade.php b/resources/themes/pterodactyl/server/settings/allocation.blade.php index f2782a88c..773281e96 100644 --- a/resources/themes/pterodactyl/server/settings/allocation.blade.php +++ b/resources/themes/pterodactyl/server/settings/allocation.blade.php @@ -63,7 +63,7 @@ {{ $allocation->port }} - @if($allocation->id === $server->allocation) + @if($allocation->id === $server->allocation_id) @lang('strings.primary') @else @lang('strings.make_primary') diff --git a/resources/views/admin/nodes/view.blade.php b/resources/views/admin/nodes/view.blade.php index a0ed696e7..8485c9a50 100644 --- a/resources/views/admin/nodes/view.blade.php +++ b/resources/views/admin/nodes/view.blade.php @@ -405,7 +405,7 @@ @foreach($servers as $server) {{ $server->name }} - {{ $server->a_ownerEmail }} + {{ $server->a_ownerEmail }} {{ $server->a_serviceName }} -- / {{ $server->memory === 0 ? '∞' : $server->memory }} MB {{ $server->disk }} MB diff --git a/resources/views/admin/servers/index.blade.php b/resources/views/admin/servers/index.blade.php index 612d2905c..11d852ecf 100644 --- a/resources/views/admin/servers/index.blade.php +++ b/resources/views/admin/servers/index.blade.php @@ -64,8 +64,8 @@ Pending Deletion @endif - {{ $server->a_ownerEmail }} - {{ $server->a_nodeName }} + {{ $server->a_ownerEmail }} + {{ $server->a_nodeName }} {{ $server->username }} @endforeach diff --git a/resources/views/admin/servers/view.blade.php b/resources/views/admin/servers/view.blade.php index abad871d9..7def73236 100644 --- a/resources/views/admin/servers/view.blade.php +++ b/resources/views/admin/servers/view.blade.php @@ -89,7 +89,7 @@ Owner - {{ $server->a_ownerEmail }} + {{ $server->a_ownerEmail }} Location @@ -97,7 +97,7 @@ Node - {{ $node->name }} + {{ $node->name }} Service @@ -304,7 +304,7 @@
@@ -398,7 +398,7 @@ diff --git a/resources/views/admin/services/options/view.blade.php b/resources/views/admin/services/options/view.blade.php index bffb2057e..e3eb61a12 100644 --- a/resources/views/admin/services/options/view.blade.php +++ b/resources/views/admin/services/options/view.blade.php @@ -178,7 +178,7 @@ @foreach ($servers as $server) {{ $server->name }} - {{ $server->a_ownerEmail }} + {{ $server->a_ownerEmail }} {{ $server->updated_at }} @endforeach diff --git a/resources/views/admin/users/view.blade.php b/resources/views/admin/users/view.blade.php index 0a5d8230d..314fc8ba7 100644 --- a/resources/views/admin/users/view.blade.php +++ b/resources/views/admin/users/view.blade.php @@ -117,7 +117,7 @@ {{ $server->uuidShort }} {{ $server->name }} - {{ $server->nodeName }} + {{ $server->node_idName }} {{ $server->username }} @if($server->suspended === 0)Active@elseSuspended@endif