From f467c3f0ebc7341d1d37bc3592c075291c07d279 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Sat, 2 Jan 2016 15:08:33 -0500
Subject: [PATCH] Improved user management in Admin CP

Fixes a few bugs from PR#17
---
 .../Controllers/Admin/AccountsController.php  | 59 +++++++++++--------
 app/Repositories/UserRepository.php           | 40 +++++--------
 .../2016_01_02_193904_remove_username.php     | 31 ++++++++++
 resources/views/admin/accounts/new.blade.php  |  6 --
 resources/views/admin/accounts/view.blade.php | 10 ++--
 5 files changed, 85 insertions(+), 61 deletions(-)
 create mode 100644 database/migrations/2016_01_02_193904_remove_username.php

diff --git a/app/Http/Controllers/Admin/AccountsController.php b/app/Http/Controllers/Admin/AccountsController.php
index 024d0822b..2df7f4519 100644
--- a/app/Http/Controllers/Admin/AccountsController.php
+++ b/app/Http/Controllers/Admin/AccountsController.php
@@ -4,6 +4,7 @@ namespace Pterodactyl\Http\Controllers\Admin;
 
 use Alert;
 use Mail;
+use Log;
 use Pterodactyl\Models\User;
 use Pterodactyl\Repositories\UserRepository;
 use Pterodactyl\Models\Server;
@@ -40,7 +41,14 @@ class AccountsController extends Controller
 
     public function getView(Request $request, $id)
     {
-        return view('admin.accounts.view', ['user' => User::findOrFail($id), 'servers' => Server::where('owner', $id)->first()]);
+        return view('admin.accounts.view', [
+            'user' => User::findOrFail($id),
+            'servers' => Server::select('servers.*', 'nodes.name as nodeName', 'locations.long as location')
+                            ->join('nodes', 'servers.node', '=', 'nodes.id')
+                            ->join('locations', 'nodes.location', '=', 'locations.id')
+                            ->where('active', 1)
+                            ->get(),
+        ]);
     }
 
     public function getDelete(Request $request, $id)
@@ -55,22 +63,23 @@ class AccountsController extends Controller
     public function postNew(Request $request)
     {
         $this->validate($request, [
-            'username' => 'required|min:4|unique:users,username',
             'email' => 'required|email|unique:users,email',
-            'password' => 'required|confirmed|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})',
-            'password_confirmation' => 'required'
+            'password' => 'required|confirmed|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})'
         ]);
 
         try {
-
             $user = new UserRepository;
             $userid = $user->create($request->input('username'), $request->input('email'), $request->input('password'));
 
+            if (!$userid) {
+                throw new \Exception('Unable to create user, response was not an integer.');
+            }
+
             Alert::success('Account has been successfully created.')->flash();
             return redirect()->route('admin.accounts.view', ['id' => $userid]);
-
         } catch (\Exception $e) {
-            Alert::danger('An error occured while attempting to add a new user. Please check the logs or try again.')->flash();
+            Log::error($e);
+            Alert::danger('An error occured while attempting to add a new user. ' . $e->getMessage())->flash();
             return redirect()->route('admin.accounts.new');
         }
 
@@ -81,38 +90,40 @@ class AccountsController extends Controller
         $this->validate($request, [
             'email' => 'required|email|unique:users,email,'.$request->input('user'),
             'root_admin' => 'required',
-            'password' => 'required_with:password_confirmation',
+            'password' => 'required_with:password_confirmation|confirmed',
             'password_confirmation' => 'required_with:password'
         ]);
 
         try {
 
             $users = new UserRepository;
-            $user = [];
-
-            $user['email'] = $request->input('email');
-            $user['root_admin'] = $request->input('root_admin');
+            $user = [
+                'email' => $request->input('email'),
+                'root_admin' => $request->input('root_admin')
+            ];
 
             if(!empty($request->input('password'))) {
                 $user['password'] = $request->input('password');
             }
 
-            $users->update($request->input('user'), $user);
+            if(!$users->update($request->input('user'), $user)) {
+                throw new \Exception('Unable to update user, response was not valid.');
+            }
+
+            if($request->input('email_user')) {
+                Mail::send('emails.new_password', ['user' => User::findOrFail($request->input('user')), 'password' => $request->input('password')], function($message) use ($request) {
+                    $message->to($request->input('email'))->subject('Pterodactyl - Admin Reset Password');
+                });
+            }
+
+            Alert::success('User account was successfully updated.')->flash();
+            return redirect()->route('admin.accounts.view', ['id' => $request->input('user')]);
 
         } catch (\Exception $e) {
-            Alert::danger('An error occured while attempting to update a user. Please check the logs or try again.')->flash();
+            Log::error($e);
+            Alert::danger('An error occured while attempting to update this user. ' . $e->getMessage())->flash();
             return redirect()->route('admin.accounts.view', ['id' => $request->input('user')]);
         }
-
-        if($request->input('email_user')) {
-            Mail::send('emails.new_password', ['user' => User::findOrFail($request->input('user')), 'password' => $request->input('password')], function($message) use ($request) {
-                $message->to($request->input('email'))->subject('Pterodactyl - Admin Reset Password');
-            });
-        }
-
-        Alert::success('A user was successfully updated.')->flash();
-        return redirect()->route('admin.accounts.view', ['id' => $request->input('user')]);
-
     }
 
 }
diff --git a/app/Repositories/UserRepository.php b/app/Repositories/UserRepository.php
index a76fcb95b..adffbf305 100644
--- a/app/Repositories/UserRepository.php
+++ b/app/Repositories/UserRepository.php
@@ -18,59 +18,47 @@ class UserRepository
     /**
      * Creates a user on the panel. Returns the created user's ID.
      *
-     * @param  string $username
      * @param  string $email
      * @param  string $password An unhashed version of the user's password.
-     * @return integer
+     * @return bool|integer
      */
-    public function create($username, $email, $password)
+    public function create($email, $password)
     {
-
         $user = new User;
         $uuid = new UuidService;
 
         $user->uuid = $uuid->generate('users', 'uuid');
-
-        $user->username = $username;
         $user->email = $email;
         $user->password = Hash::make($password);
 
-        $user->save();
-
-        return $user->id;
-
+        return ($user->save()) ? $user->id : false;
     }
 
     /**
-     * Updates a user on the panel. Returns true if the update was successful.
+     * Updates a user on the panel.
      *
-     * @param  string $username
-     * @param  string $email
-     * @param  string $password An unhashed version of the user's password.
+     * @param  integer $id
+     * @param  array $user An array of columns and their associated values to update for the user.
      * @return boolean
      */
-    public function update($id, $user)
+    public function update($id, array $user)
     {
         if(array_key_exists('password', $user)) {
-           $user['password'] = Hash::make($user['password']);
-       }
+            $user['password'] = Hash::make($user['password']);
+        }
 
-        User::where('id', $id)->update($user);
-        return true;
+        return User::find($id)->update($user);
     }
 
     /**
-     * Deletes a user on the panel. Returns true if the deletion was successful.
+     * Deletes a user on the panel, returns the number of records deleted.
      *
-     * @param  string $username
-     * @param  string $email
-     * @param  string $password An unhashed version of the user's password.
-     * @return boolean
+     * @param  integer $id
+     * @return integer
      */
     public function delete($id)
     {
-        User::destroy($id);
-        return true;
+        return User::destroy($id);
     }
 
 }
diff --git a/database/migrations/2016_01_02_193904_remove_username.php b/database/migrations/2016_01_02_193904_remove_username.php
new file mode 100644
index 000000000..b0ec551aa
--- /dev/null
+++ b/database/migrations/2016_01_02_193904_remove_username.php
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class RemoveUsername extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->dropColumn('username');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->string('username')->after('uuid');
+        });
+    }
+}
diff --git a/resources/views/admin/accounts/new.blade.php b/resources/views/admin/accounts/new.blade.php
index fb54ad8f6..743ddd66d 100644
--- a/resources/views/admin/accounts/new.blade.php
+++ b/resources/views/admin/accounts/new.blade.php
@@ -24,12 +24,6 @@
     <h3>Create New Account</h3><hr />
     <form action="new" method="post">
 		<fieldset>
-			<div class="form-group">
-				<label for="username" class="control-label">Username</label>
-				<div>
-					<input type="text" autocomplete="off" name="username" class="form-control" />
-				</div>
-			</div>
 			<div class="form-group">
 				<label for="email" class="control-label">Email</label>
 				<div>
diff --git a/resources/views/admin/accounts/view.blade.php b/resources/views/admin/accounts/view.blade.php
index 8cd481ba8..65e390f1f 100644
--- a/resources/views/admin/accounts/view.blade.php
+++ b/resources/views/admin/accounts/view.blade.php
@@ -9,7 +9,7 @@
     <ul class="breadcrumb">
         <li><a href="/admin">Admin Controls</a></li>
         <li><a href="/admin/accounts">Accounts</a></li>
-        <li class="active">{{ $user->id }}</li>
+        <li class="active">{{ $user->email }}</li>
     </ul>
     @if (count($errors) > 0)
         <div class="alert alert-danger">
@@ -109,10 +109,10 @@
                         <tbody>
                                 @foreach($servers as $server)
                                     <tr>
-                                        <td><a href="/server/{{ $server->uuidShort }}"><i class="fa fa-tachometer"></i></a></td>
-                                        <td><a href="/admin/server/view/{{ $server->id }}">{{ $server->name }}</a></td>
-                                        <td>{{ $server->node_name }}</td>
-                                        <td>{{ $server->server_ip }}:{{ $server->server_port }}</td>
+                                        <td><a href="/server/{{ $server->uuidShort }}/"><i class="fa fa-tachometer"></i></a></td>
+                                        <td><a href="/admin/servers/view/{{ $server->id }}">{{ $server->name }}</a></td>
+                                        <td>{{ $server->nodeName }}</td>
+                                        <td><code>{{ $server->ip }}:{{ $server->port }}</code></td>
                                         <td>@if($server->active)<span class="label label-success">Enabled</span>@else<span class="label label-danger">Disabled</span>@endif</td>
                                     </td>
                                 @endforeach