Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update users & locations to use new permissions format

Browse source
This commit is contained in:
Dane Everitt 2018-01-12 20:39:15 -06:00
parent a31e5875dc
commit d644a53951
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
15 changed files with 355 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
app/Http/Controllers/API/Admin/Locations/LocationController.php
View file

@ -3,18 +3,19 @@
namespace Pterodactyl\Http\Controllers\API\Admin\Locations;
use Spatie\Fractal\Fractal;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Pterodactyl\Models\Location;
use Illuminate\Http\JsonResponse;
use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Http\Requests\Admin\LocationFormRequest;
use League\Fractal\Pagination\IlluminatePaginatorAdapter;
use Pterodactyl\Services\Locations\LocationUpdateService;
use Pterodactyl\Services\Locations\LocationCreationService;
use Pterodactyl\Services\Locations\LocationDeletionService;
use Pterodactyl\Transformers\Api\Admin\LocationTransformer;
use Pterodactyl\Contracts\Repository\LocationRepositoryInterface;
use Pterodactyl\Http\Requests\API\Admin\Locations\GetLocationsRequest;
use Pterodactyl\Http\Requests\API\Admin\Locations\DeleteLocationRequest;
use Pterodactyl\Http\Requests\API\Admin\Locations\UpdateLocationRequest;
class LocationController extends Controller
{
@ -69,15 +70,15 @@ class LocationController extends Controller
/**
* Return all of the locations currently registered on the Panel.
*
* @param \Illuminate\Http\Request $request
* @param \Pterodactyl\Http\Requests\API\Admin\Locations\GetLocationsRequest $request
* @return array
*/
public function index(Request $request): array
public function index(GetLocationsRequest $request): array
{
$locations = $this->repository->paginated(100);
return $this->fractal->collection($locations)
->transformWith(new LocationTransformer($request))
->transformWith((new LocationTransformer)->setKey($request->key()))
->withResourceName('location')
->paginateWith(new IlluminatePaginatorAdapter($locations))
->toArray();
@ -86,59 +87,67 @@ class LocationController extends Controller
/**
* Return a single location.
*
* @param \Illuminate\Http\Request $request
* @param \Pterodactyl\Http\Controllers\API\Admin\Locations\GetLocationRequest $request
* @param \Pterodactyl\Models\Location $location
* @return array
*/
public function view(Request $request, Location $location): array
public function view(GetLocationRequest $request, Location $location): array
{
return $this->fractal->item($location)
->transformWith(new LocationTransformer($request))
->transformWith((new LocationTransformer)->setKey($request->key()))
->withResourceName('location')
->toArray();
}
/**
* @param \Pterodactyl\Http\Requests\Admin\LocationFormRequest $request
* Store a new location on the Panel and return a HTTP/201 response code with the
* new location attached.
*
* @param \Pterodactyl\Http\Controllers\API\Admin\Locations\StoreLocationRequest $request
* @return \Illuminate\Http\JsonResponse
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
*/
public function store(LocationFormRequest $request): JsonResponse
public function store(StoreLocationRequest $request): JsonResponse
{
$location = $this->creationService->handle($request->normalize());
$location = $this->creationService->handle($request->validated());
return $this->fractal->item($location)
->transformWith(new LocationTransformer($request))
->transformWith((new LocationTransformer)->setKey($request->key()))
->withResourceName('location')
->respond(201);
}
/**
* @param \Pterodactyl\Http\Requests\Admin\LocationFormRequest $request
* Update a location on the Panel and return the updated record to the user.
*
* @param \Pterodactyl\Http\Requests\API\Admin\Locations\UpdateLocationRequest $request
* @param \Pterodactyl\Models\Location $location
* @return array
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
public function update(LocationFormRequest $request, Location $location): array
public function update(UpdateLocationRequest $request, Location $location): array
{
$location = $this->updateService->handle($location, $request->normalize());
$location = $this->updateService->handle($location, $request->validated());
return $this->fractal->item($location)
->transformWith(new LocationTransformer($request))
->transformWith((new LocationTransformer)->setKey($request->key()))
->withResourceName('location')
->toArray();
}
/**
* Delete a location from the Panel.
*
* @param \Pterodactyl\Http\Requests\API\Admin\Locations\DeleteLocationRequest $request
* @param \Pterodactyl\Models\Location $location
* @return \Illuminate\Http\Response
*
* @throws \Pterodactyl\Exceptions\Service\Location\HasActiveNodesException
*/
public function delete(Location $location): Response
public function delete(DeleteLocationRequest $request, Location $location): Response
{
$this->deletionService->handle($location);

23
app/Http/Controllers/API/Admin/Users/UserController.php
View file

@ -11,12 +11,14 @@ use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Services\Users\UserUpdateService;
use Pterodactyl\Services\Users\UserCreationService;
use Pterodactyl\Services\Users\UserDeletionService;
use Pterodactyl\Http\Requests\Admin\UserFormRequest;
use Pterodactyl\Transformers\Api\Admin\UserTransformer;
use League\Fractal\Pagination\IlluminatePaginatorAdapter;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
use Pterodactyl\Http\Requests\API\Admin\Users\GetUserRequest;
use Pterodactyl\Http\Requests\API\Admin\Users\GetUsersRequest;
use Pterodactyl\Http\Requests\API\Admin\Users\StoreUserRequest;
use Pterodactyl\Http\Requests\API\Admin\Users\DeleteUserRequest;
use Pterodactyl\Http\Requests\API\Admin\Users\UpdateUserRequest;
class UserController extends Controller
{
@ -111,17 +113,17 @@ class UserController extends Controller
* Revocation errors are returned under the 'revocation_errors' key in the response
* meta. If there are no errors this is an empty array.
*
* @param \Pterodactyl\Http\Requests\Admin\UserFormRequest $request
* @param \Pterodactyl\Http\Requests\API\Admin\Users\UpdateUserRequest $request
* @param \Pterodactyl\Models\User $user
* @return array
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
public function update(UserFormRequest $request, User $user): array
public function update(UpdateUserRequest $request, User $user): array
{
$this->updateService->setUserLevel(User::USER_LEVEL_ADMIN);
$collection = $this->updateService->handle($user, $request->normalize());
$collection = $this->updateService->handle($user, $request->validated());
$errors = [];
if (! empty($collection->get('exceptions'))) {
@ -138,7 +140,7 @@ class UserController extends Controller
}
$response = $this->fractal->item($collection->get('model'))
->transformWith(new UserTransformer($request))
->transformWith((new UserTransformer)->setKey($request->key()))
->withResourceName('user');
if (count($errors) > 0) {
@ -154,18 +156,18 @@ class UserController extends Controller
* Store a new user on the system. Returns the created user and a HTTP/201
* header on successful creation.
*
* @param \Pterodactyl\Http\Requests\Admin\UserFormRequest $request
* @param \Pterodactyl\Http\Requests\API\Admin\Users\StoreUserRequest $request
* @return \Illuminate\Http\JsonResponse
*
* @throws \Exception
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
*/
public function store(UserFormRequest $request): JsonResponse
public function store(StoreUserRequest $request): JsonResponse
{
$user = $this->creationService->handle($request->normalize());
$user = $this->creationService->handle($request->validated());
return $this->fractal->item($user)
->transformWith(new UserTransformer($request))
->transformWith((new UserTransformer)->setKey($request->key()))
->withResourceName('user')
->addMeta([
'link' => route('api.admin.user.view', ['user' => $user->id]),
@ -177,12 +179,13 @@ class UserController extends Controller
* Handle a request to delete a user from the Panel. Returns a HTTP/204 response
* on successful deletion.
*
* @param \Pterodactyl\Http\Requests\API\Admin\Users\DeleteUserRequest $request
* @param \Pterodactyl\Models\User $user
* @return \Illuminate\Http\Response
*
* @throws \Pterodactyl\Exceptions\DisplayException
*/
public function delete(User $user): Response
public function delete(DeleteUserRequest $request, User $user): Response
{
$this->deletionService->handle($user);

32
app/Http/Requests/API/Admin/Locations/DeleteLocationRequest.php Normal file
View file

@ -0,0 +1,32 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Locations;
use Pterodactyl\Models\Location;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class DeleteLocationRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_LOCATIONS;
/**
* @var int
*/
protected $permission = AdminAcl::WRITE;
/**
* Determine if the requested location exists on the Panel.
*
* @return bool
*/
public function resourceExists(): bool
{
$location = $this->route()->parameter('location');
return $location instanceof Location && $location->exists;
}
}

21
app/Http/Requests/API/Admin/Locations/GetLocationRequest.php Normal file
View file

@ -0,0 +1,21 @@
<?php
namespace Pterodactyl\Http\Controllers\API\Admin\Locations;
use Pterodactyl\Models\Location;
use Pterodactyl\Http\Requests\API\Admin\Locations\GetLocationsRequest;
class GetLocationRequest extends GetLocationsRequest
{
/**
* Determine if the requested location exists on the Panel.
*
* @return bool
*/
public function resourceExists(): bool
{
$location = $this->route()->parameter('location');
return $location instanceof Location && $location->exists;
}
}

19
app/Http/Requests/API/Admin/Locations/GetLocationsRequest.php Normal file
View file

@ -0,0 +1,19 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Locations;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class GetLocationsRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_LOCATIONS;
/**
* @var int
*/
protected $permission = AdminAcl::READ;
}

46
app/Http/Requests/API/Admin/Locations/StoreLocationRequest.php Normal file
View file

@ -0,0 +1,46 @@
<?php
namespace Pterodactyl\Http\Controllers\API\Admin\Locations;
use Pterodactyl\Models\Location;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class StoreLocationRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_LOCATIONS;
/**
* @var int
*/
protected $permission = AdminAcl::WRITE;
/**
* Rules to validate the request aganist.
*
* @return array
*/
public function rules(): array
{
return collect(Location::getCreateRules())->only([
'long',
'short',
])->toArray();
}
/**
* Rename fields to be more clear in error messages.
*
* @return array
*/
public function attributes()
{
return [
'long' => 'Location Description',
'short' => 'Location Identifier',
];
}
}

36
app/Http/Requests/API/Admin/Locations/UpdateLocationRequest.php Normal file
View file

@ -0,0 +1,36 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Locations;
use Pterodactyl\Models\Location;
use Pterodactyl\Http\Controllers\API\Admin\Locations\StoreLocationRequest;
class UpdateLocationRequest extends StoreLocationRequest
{
/**
* Determine if the requested location exists on the Panel.
*
* @return bool
*/
public function resourceExists(): bool
{
$location = $this->route()->parameter('location');
return $location instanceof Location && $location->exists;
}
/**
* Rules to validate this request aganist.
*
* @return array
*/
public function rules(): array
{
$locationId = $this->route()->parameter('location')->id;
return collect(Location::getUpdateRulesForId($locationId))->only([
'short',
'long',
]);
}
}

32
app/Http/Requests/API/Admin/Users/DeleteUserRequest.php Normal file
View file

@ -0,0 +1,32 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Users;
use Pterodactyl\Models\User;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class DeleteUserRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_USERS;
/**
* @var int
*/
protected $permission = AdminAcl::WRITE;
/**
* Determine if the requested user exists on the Panel.
*
* @return bool
*/
public function resourceExists(): bool
{
$user = $this->route()->parameter('user');
return $user instanceof User && $user->exists;
}
}

14
app/Http/Requests/API/Admin/Users/GetUserRequest.php
View file

@ -3,21 +3,9 @@
namespace Pterodactyl\Http\Requests\API\Admin\Users;
use Pterodactyl\Models\User;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class GetUserRequest extends ApiAdminRequest
class GetUserRequest extends GetUsersRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_USERS;
/**
* @var int
*/
protected $permission = AdminAcl::READ;
/**
* Determine if the requested user exists on the Panel.
*

54
app/Http/Requests/API/Admin/Users/StoreUserRequest.php Normal file
View file

@ -0,0 +1,54 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Users;
use Pterodactyl\Models\User;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class StoreUserRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_USERS;
/**
* @var int
*/
protected $permission = AdminAcl::WRITE;
/**
* Return the validation rules for this request.
*
* @return array
*/
public function rules(): array
{
return collect(User::getCreateRules())->only([
'external_id',
'email',
'username',
'name_first',
'name_last',
'password',
'language',
'root_admin',
])->toArray();
}
/**
* Rename some fields to be more user friendly.
*
* @return array
*/
public function attributes()
{
return [
'external_id' => 'Third Party Identifier',
'name_first' => 'First Name',
'name_last' => 'Last Name',
'root_admin' => 'Root Administrator Status',
];
}
}

41
app/Http/Requests/API/Admin/Users/UpdateUserRequest.php Normal file
View file

@ -0,0 +1,41 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Users;
use Pterodactyl\Models\User;
class UpdateUserRequest extends StoreUserRequest
{
/**
* Determine if the requested user exists on the Panel.
*
* @return bool
*/
public function resourceExists(): bool
{
$user = $this->route()->parameter('user');
return $user instanceof User && $user->exists;
}
/**
* Return the validation rules for this request.
*
* @return array
*/
public function rules(): array
{
$userId = $this->route()->parameter('user')->id;
return collect(User::getUpdateRulesForId($userId))->only([
'external_id',
'email',
'username',
'name_first',
'name_last',
'password',
'language',
'root_admin',
])->toArray();
}
}

7
app/Models/Location.php
View file

@ -1,11 +1,4 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* This software is licensed under the terms of the MIT license.
* https://opensource.org/licenses/MIT
*/
namespace Pterodactyl\Models;

2
app/Models/User.php
View file

@ -126,6 +126,7 @@ class User extends Model implements
protected static $applicationRules = [
'uuid' => 'required',
'email' => 'required',
'external_id' => 'sometimes',
'username' => 'required',
'name_first' => 'required',
'name_last' => 'required',
@ -142,6 +143,7 @@ class User extends Model implements
protected static $dataIntegrityRules = [
'uuid' => 'string|size:36|unique:users,uuid',
'email' => 'email|unique:users,email',
'external_id' => 'nullable|string|max:255|unique:users,external_id',
'username' => 'alpha_dash|between:1,255|unique:users,username',
'name_first' => 'string|between:1,255',
'name_last' => 'string|between:1,255',

30
app/Transformers/Api/Admin/LocationTransformer.php
View file

@ -3,7 +3,7 @@
namespace Pterodactyl\Transformers\Api\Admin;
use Pterodactyl\Models\Location;
use Pterodactyl\Transformers\Api\BaseTransformer;
use Pterodactyl\Services\Acl\Api\AdminAcl;
class LocationTransformer extends BaseTransformer
{
@ -29,41 +29,33 @@ class LocationTransformer extends BaseTransformer
* Return the nodes associated with this location.
*
* @param \Pterodactyl\Models\Location $location
* @return bool|\League\Fractal\Resource\Collection
*
* @throws \Pterodactyl\Exceptions\PterodactylException
* @return \League\Fractal\Resource\Collection|\League\Fractal\Resource\NullResource
*/
public function includeServers(Location $location)
{
if (! $this->authorize('server-list')) {
return false;
if (! $this->authorize(AdminAcl::RESOURCE_SERVERS)) {
return $this->null();
}
if (! $location->relationLoaded('servers')) {
$location->load('servers');
}
$location->loadMissing('servers');
return $this->collection($location->getRelation('servers'), new ServerTransformer($this->getRequest()), 'server');
return $this->collection($location->getRelation('servers'), $this->makeTransformer(ServerTransformer::class), 'server');
}
/**
* Return the nodes associated with this location.
*
* @param \Pterodactyl\Models\Location $location
* @return bool|\League\Fractal\Resource\Collection
*
* @throws \Pterodactyl\Exceptions\PterodactylException
* @return \League\Fractal\Resource\Collection|\League\Fractal\Resource\NullResource
*/
public function includeNodes(Location $location)
{
if (! $this->authorize('node-list')) {
return false;
if (! $this->authorize(AdminAcl::RESOURCE_NODES)) {
return $this->null();
}
if (! $location->relationLoaded('nodes')) {
$location->load('nodes');
}
$location->loadMissing('nodes');
return $this->collection($location->getRelation('nodes'), new NodeTransformer($this->getRequest()), 'node');
return $this->collection($location->getRelation('nodes'), $this->makeTransformer(NodeTransformer::class), 'node');
}
}

15
routes/api-admin.php
View file

@ -1,6 +1,9 @@
<?php
use Pterodactyl\Models\Node;
use Pterodactyl\Models\User;
use Pterodactyl\Models\Location;
use Pterodactyl\Models\Allocation;
/*
|--------------------------------------------------------------------------
@ -33,6 +36,10 @@ Route::group(['prefix' => '/users'], function () {
|
*/
Route::group(['prefix' => '/nodes'], function () {
Route::bind('node', function ($value) {
return Node::find($value) ?? new Node;
});
Route::get('/', 'Nodes\NodeController@index')->name('api.admin.node.list');
Route::get('/{node}', 'Nodes\NodeController@view')->name('api.admin.node.view');
@ -42,6 +49,10 @@ Route::group(['prefix' => '/nodes'], function () {
Route::delete('/{node}', 'Nodes\NodeController@delete')->name('api.admin.node.delete');
Route::group(['prefix' => '/{node}/allocations'], function () {
Route::bind('allocation', function ($value) {
return Allocation::find($value) ?? new Allocation;
});
Route::get('/', 'Nodes\AllocationController@index')->name('api.admin.node.allocations.list');
Route::delete('/{allocation}', 'Nodes\AllocationController@delete')->name('api.admin.node.allocations.delete');
@ -57,6 +68,10 @@ Route::group(['prefix' => '/nodes'], function () {
|
*/
Route::group(['prefix' => '/locations'], function () {
Route::bind('location', function ($value) {
return Location::find($value) ?? new Location;
});
Route::get('/', 'Locations\LocationController@index')->name('api.admin.location.list');
Route::get('/{location}', 'Locations\LocationController@view')->name('api.admin.location.view');