Move everything around as needed to get things setup for the client API
This commit is contained in:
parent
8daf97021a
commit
e28973bcae
17 changed files with 199 additions and 46 deletions
|
@ -0,0 +1,9 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Exceptions\Transformer;
|
||||
|
||||
use Pterodactyl\Exceptions\PterodactylException;
|
||||
|
||||
class InvalidTransformerLevelException extends PterodactylException
|
||||
{
|
||||
}
|
|
@ -7,13 +7,15 @@ use Illuminate\Http\Response;
|
|||
use Illuminate\Container\Container;
|
||||
use Pterodactyl\Http\Controllers\Controller;
|
||||
use Pterodactyl\Extensions\Spatie\Fractalistic\Fractal;
|
||||
use Pterodactyl\Transformers\Api\Application\BaseTransformer;
|
||||
use Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException;
|
||||
|
||||
abstract class ApplicationApiController extends Controller
|
||||
{
|
||||
/**
|
||||
* @var \Illuminate\Http\Request
|
||||
*/
|
||||
private $request;
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Extensions\Spatie\Fractalistic\Fractal
|
||||
|
@ -54,6 +56,8 @@ abstract class ApplicationApiController extends Controller
|
|||
*
|
||||
* @param string $abstract
|
||||
* @return \Pterodactyl\Transformers\Api\Application\BaseTransformer
|
||||
*
|
||||
* @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
|
||||
*/
|
||||
public function getTransformer(string $abstract)
|
||||
{
|
||||
|
@ -61,6 +65,10 @@ abstract class ApplicationApiController extends Controller
|
|||
$transformer = Container::getInstance()->make($abstract);
|
||||
$transformer->setKey($this->request->attributes->get('api_key'));
|
||||
|
||||
if (! $transformer instanceof BaseTransformer) {
|
||||
throw new InvalidTransformerLevelException('Calls to ' . __METHOD__ . ' must return a transformer that is an instance of ' . __CLASS__);
|
||||
}
|
||||
|
||||
return $transformer;
|
||||
}
|
||||
|
||||
|
|
30
app/Http/Controllers/Api/Client/ClientApiController.php
Normal file
30
app/Http/Controllers/Api/Client/ClientApiController.php
Normal file
|
@ -0,0 +1,30 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Controllers\Api\Application;
|
||||
|
||||
use Illuminate\Container\Container;
|
||||
use Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException;
|
||||
|
||||
abstract class ClientApiController extends ApplicationApiController
|
||||
{
|
||||
/**
|
||||
* Return an instance of an application transformer.
|
||||
*
|
||||
* @param string $abstract
|
||||
* @return \Pterodactyl\Transformers\Api\Client\BaseClientTransformer
|
||||
*
|
||||
* @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
|
||||
*/
|
||||
public function getTransformer(string $abstract)
|
||||
{
|
||||
/** @var \Pterodactyl\Transformers\Api\Client\BaseClientTransformer $transformer */
|
||||
$transformer = Container::getInstance()->make($abstract);
|
||||
$transformer->setKey($this->request->attributes->get('api_key'));
|
||||
|
||||
if (! $transformer instanceof self) {
|
||||
throw new InvalidTransformerLevelException('Calls to ' . __METHOD__ . ' must return a transformer that is an instance of ' . __CLASS__);
|
||||
}
|
||||
|
||||
return $transformer;
|
||||
}
|
||||
}
|
9
app/Http/Controllers/Api/Client/ClientController.php
Normal file
9
app/Http/Controllers/Api/Client/ClientController.php
Normal file
|
@ -0,0 +1,9 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Controllers\Api\Client;
|
||||
|
||||
use Pterodactyl\Http\Controllers\Api\Application\ClientApiController;
|
||||
|
||||
class ClientController extends ClientApiController
|
||||
{
|
||||
}
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
namespace Pterodactyl\Http;
|
||||
|
||||
use Pterodactyl\Models\ApiKey;
|
||||
use Illuminate\Auth\Middleware\Authorize;
|
||||
use Illuminate\Auth\Middleware\Authenticate;
|
||||
use Pterodactyl\Http\Middleware\TrimStrings;
|
||||
|
@ -14,11 +15,14 @@ use Pterodactyl\Http\Middleware\AdminAuthenticate;
|
|||
use Illuminate\Routing\Middleware\ThrottleRequests;
|
||||
use Pterodactyl\Http\Middleware\LanguageMiddleware;
|
||||
use Illuminate\Foundation\Http\Kernel as HttpKernel;
|
||||
use Pterodactyl\Http\Middleware\Api\AuthenticateKey;
|
||||
use Illuminate\Routing\Middleware\SubstituteBindings;
|
||||
use Pterodactyl\Http\Middleware\AccessingValidServer;
|
||||
use Pterodactyl\Http\Middleware\Api\SetSessionDriver;
|
||||
use Illuminate\View\Middleware\ShareErrorsFromSession;
|
||||
use Pterodactyl\Http\Middleware\RedirectIfAuthenticated;
|
||||
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
|
||||
use Pterodactyl\Http\Middleware\Api\AuthenticateIPAccess;
|
||||
use Pterodactyl\Http\Middleware\Api\ApiSubstituteBindings;
|
||||
use Illuminate\Foundation\Http\Middleware\ValidatePostSize;
|
||||
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
|
||||
|
@ -28,12 +32,9 @@ use Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer;
|
|||
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
|
||||
use Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer;
|
||||
use Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer;
|
||||
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateKey;
|
||||
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateUser;
|
||||
use Pterodactyl\Http\Middleware\Api\Application\SetSessionDriver;
|
||||
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
|
||||
use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;
|
||||
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateIPAccess;
|
||||
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser;
|
||||
use Pterodactyl\Http\Middleware\DaemonAuthenticate as OldDaemonAuthenticate;
|
||||
|
||||
class Kernel extends HttpKernel
|
||||
|
@ -71,8 +72,15 @@ class Kernel extends HttpKernel
|
|||
'throttle:120,1',
|
||||
ApiSubstituteBindings::class,
|
||||
SetSessionDriver::class,
|
||||
AuthenticateKey::class,
|
||||
AuthenticateUser::class,
|
||||
'api..key:' . ApiKey::TYPE_APPLICATION,
|
||||
AuthenticateApplicationUser::class,
|
||||
AuthenticateIPAccess::class,
|
||||
],
|
||||
'client-api' => [
|
||||
'throttle:60,1',
|
||||
ApiSubstituteBindings::class,
|
||||
SetSessionDriver::class,
|
||||
'api..key:' . ApiKey::TYPE_ACCOUNT,
|
||||
AuthenticateIPAccess::class,
|
||||
],
|
||||
'daemon' => [
|
||||
|
@ -107,5 +115,8 @@ class Kernel extends HttpKernel
|
|||
'server..database' => DatabaseBelongsToServer::class,
|
||||
'server..subuser' => SubuserBelongsToServer::class,
|
||||
'server..schedule' => ScheduleBelongsToServer::class,
|
||||
|
||||
// API Specific Middleware
|
||||
'api..key' => AuthenticateKey::class,
|
||||
];
|
||||
}
|
||||
|
|
|
@ -6,7 +6,7 @@ use Closure;
|
|||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
|
||||
class AuthenticateUser
|
||||
class AuthenticateApplicationUser
|
||||
{
|
||||
/**
|
||||
* Authenticate that the currently authenticated user is an administrator
|
|
@ -1,6 +1,6 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Middleware\Api\Application;
|
||||
namespace Pterodactyl\Http\Middleware\Api;
|
||||
|
||||
use Closure;
|
||||
use IPTools\IP;
|
|
@ -1,6 +1,6 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Middleware\Api\Application;
|
||||
namespace Pterodactyl\Http\Middleware\Api;
|
||||
|
||||
use Closure;
|
||||
use Cake\Chronos\Chronos;
|
||||
|
@ -50,12 +50,13 @@ class AuthenticateKey
|
|||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @param int $keyType
|
||||
* @return mixed
|
||||
*
|
||||
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
||||
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
||||
*/
|
||||
public function handle(Request $request, Closure $next)
|
||||
public function handle(Request $request, Closure $next, int $keyType)
|
||||
{
|
||||
if (is_null($request->bearerToken())) {
|
||||
throw new HttpException(401, null, null, ['WWW-Authenticate' => 'Bearer']);
|
||||
|
@ -68,7 +69,7 @@ class AuthenticateKey
|
|||
try {
|
||||
$model = $this->repository->findFirstWhere([
|
||||
['identifier', '=', $identifier],
|
||||
['key_type', '=', ApiKey::TYPE_APPLICATION],
|
||||
['key_type', '=', $keyType],
|
||||
]);
|
||||
} catch (RecordNotFoundException $exception) {
|
||||
throw new AccessDeniedHttpException;
|
27
app/Http/Middleware/Api/Client/AuthenticateClientAccess.php
Normal file
27
app/Http/Middleware/Api/Client/AuthenticateClientAccess.php
Normal file
|
@ -0,0 +1,27 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Middleware\Api\Client;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
|
||||
class AuthenticateClientAccess
|
||||
{
|
||||
/**
|
||||
* Authenticate that the currently authenticated user has permission
|
||||
* to access the specified server.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle(Request $request, Closure $next)
|
||||
{
|
||||
if (is_null($request->user())) {
|
||||
throw new AccessDeniedHttpException('This account does not have permission to access this resource.');
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
|
@ -1,6 +1,6 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Middleware\Api\Application;
|
||||
namespace Pterodactyl\Http\Middleware\Api;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
|
@ -41,6 +41,10 @@ class RouteServiceProvider extends ServiceProvider
|
|||
->namespace($this->namespace . '\Api\Application')
|
||||
->group(base_path('routes/api-application.php'));
|
||||
|
||||
Route::middleware(['client-api'])->prefix('/api/client')
|
||||
->namespace($this->namespace . '\Api\Client')
|
||||
->group(base_path('routes/api-client.php'));
|
||||
|
||||
Route::middleware(['daemon'])->prefix('/api/remote')
|
||||
->namespace($this->namespace . '\Api\Remote')
|
||||
->group(base_path('routes/api-remote.php'));
|
||||
|
|
|
@ -7,6 +7,7 @@ use Pterodactyl\Models\ApiKey;
|
|||
use Illuminate\Container\Container;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
use Pterodactyl\Services\Acl\Api\AdminAcl;
|
||||
use Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException;
|
||||
|
||||
abstract class BaseTransformer extends TransformerAbstract
|
||||
{
|
||||
|
@ -78,13 +79,19 @@ abstract class BaseTransformer extends TransformerAbstract
|
|||
* @param string $abstract
|
||||
* @param array $parameters
|
||||
* @return \Pterodactyl\Transformers\Api\Application\BaseTransformer
|
||||
*
|
||||
* @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
|
||||
*/
|
||||
protected function makeTransformer(string $abstract, array $parameters = []): self
|
||||
protected function makeTransformer(string $abstract, array $parameters = [])
|
||||
{
|
||||
/** @var \Pterodactyl\Transformers\Api\Application\BaseTransformer $transformer */
|
||||
$transformer = Container::getInstance()->makeWith($abstract, $parameters);
|
||||
$transformer->setKey($this->getKey());
|
||||
|
||||
if (! $transformer instanceof self) {
|
||||
throw new InvalidTransformerLevelException('Calls to ' . __METHOD__ . ' must return a transformer that is an instance of ' . __CLASS__);
|
||||
}
|
||||
|
||||
return $transformer;
|
||||
}
|
||||
|
||||
|
|
|
@ -97,6 +97,8 @@ class ServerTransformer extends BaseTransformer
|
|||
*
|
||||
* @param \Pterodactyl\Models\Server $server
|
||||
* @return \League\Fractal\Resource\Collection|\League\Fractal\Resource\NullResource
|
||||
*
|
||||
* @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
|
||||
*/
|
||||
public function includeAllocations(Server $server)
|
||||
{
|
||||
|
|
44
app/Transformers/Api/Client/BaseClientTransformer.php
Normal file
44
app/Transformers/Api/Client/BaseClientTransformer.php
Normal file
|
@ -0,0 +1,44 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Transformers\Api\Client;
|
||||
|
||||
use Pterodactyl\Services\Acl\Api\AdminAcl;
|
||||
use Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException;
|
||||
use Pterodactyl\Transformers\Api\Application\BaseTransformer as BaseApplicationTransformer;
|
||||
|
||||
abstract class BaseClientTransformer extends BaseApplicationTransformer
|
||||
{
|
||||
/**
|
||||
* Determine if the API key loaded onto the transformer has permission
|
||||
* to access a different resource. This is used when including other
|
||||
* models on a transformation request.
|
||||
*
|
||||
* @param string $resource
|
||||
* @return bool
|
||||
*/
|
||||
protected function authorize(string $resource): bool
|
||||
{
|
||||
return AdminAcl::check($this->getKey(), $resource, AdminAcl::READ);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance of the transformer and pass along the currently
|
||||
* set API key.
|
||||
*
|
||||
* @param string $abstract
|
||||
* @param array $parameters
|
||||
* @return self
|
||||
*
|
||||
* @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
|
||||
*/
|
||||
protected function makeTransformer(string $abstract, array $parameters = [])
|
||||
{
|
||||
$transformer = parent::makeTransformer($abstract, $parameters);
|
||||
|
||||
if (! $transformer instanceof self) {
|
||||
throw new InvalidTransformerLevelException('Calls to ' . __METHOD__ . ' must return a transformer that is an instance of ' . __CLASS__);
|
||||
}
|
||||
|
||||
return $transformer;
|
||||
}
|
||||
}
|
28
routes/api-client.php
Normal file
28
routes/api-client.php
Normal file
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
|
||||
use Pterodactyl\Http\Middleware\Api\Client\AuthenticateClientAccess;
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Client Control API
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Endpoint: /api/client
|
||||
|
|
||||
*/
|
||||
Route::get('/', 'ClientController@index')->name('api.client.index');
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Client Control API
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Endpoint: /api/client/servers/{server}
|
||||
|
|
||||
*/
|
||||
Route::group(['prefix' => '/servers/{server}', 'middleware' => [AuthenticateClientAccess::class]], function () {
|
||||
Route::get('/', 'Server\ServerController@index')->name('api.client.servers.view');
|
||||
|
||||
Route::post('/command', 'Server\CommandController@index')->name('api.client.servers.command');
|
||||
Route::post('/power', 'Server\PowerController@index')->name('api.client.servers.power');
|
||||
});
|
|
@ -1,27 +0,0 @@
|
|||
<?php
|
||||
/*
|
||||
* Pterodactyl - Panel
|
||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
||||
*
|
||||
* This software is licensed under the terms of the MIT license.
|
||||
* https://opensource.org/licenses/MIT
|
||||
*/
|
||||
//Route::get('/', 'CoreController@index')->name('api.user');
|
||||
//
|
||||
///*
|
||||
//|--------------------------------------------------------------------------
|
||||
//| Server Controller Routes
|
||||
//|--------------------------------------------------------------------------
|
||||
//|
|
||||
//| Endpoint: /api/user/server/{server}
|
||||
//|
|
||||
//*/
|
||||
//Route::group([
|
||||
// 'prefix' => '/server/{server}',
|
||||
// 'middleware' => 'server',
|
||||
//], function () {
|
||||
// Route::get('/', 'ServerController@index')->name('api.user.server');
|
||||
//
|
||||
// Route::post('/power', 'ServerController@power')->name('api.user.server.power');
|
||||
// Route::post('/command', 'ServerController@command')->name('api.user.server.command');
|
||||
//});
|
|
@ -1,9 +1,9 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\Api\Application;
|
||||
namespace Tests\Unit\Http\Middleware\API\Application;
|
||||
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateUser;
|
||||
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser;
|
||||
|
||||
class AuthenticateUserTest extends MiddlewareTestCase
|
||||
{
|
||||
|
@ -44,10 +44,10 @@ class AuthenticateUserTest extends MiddlewareTestCase
|
|||
/**
|
||||
* Return an instance of the middleware for testing.
|
||||
*
|
||||
* @return \Pterodactyl\Http\Middleware\Api\Application\AuthenticateUser
|
||||
* @return \Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser
|
||||
*/
|
||||
private function getMiddleware(): AuthenticateUser
|
||||
private function getMiddleware(): AuthenticateApplicationUser
|
||||
{
|
||||
return new AuthenticateUser;
|
||||
return new AuthenticateApplicationUser;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue