Commit graph

405 commits

Author SHA1 Message Date
Dane Everitt
0d61417814
Addresses security flaw allowing unauthenticated access to server overview. 2017-02-05 19:59:16 -05:00
Dane Everitt
02458c909d
Improves server model and cleans up model code calls. 2017-02-05 19:19:46 -05:00
Dane Everitt
b1389262e2
Use belongsTo versus hasOne when more logical. 2017-02-05 18:00:39 -05:00
Dane Everitt
323f1d943f
Completed model updates for Services 2017-02-05 17:58:17 -05:00
Dane Everitt
09d23deed6
New models for node and location admin pages. 2017-02-03 16:50:28 -05:00
Dane Everitt
96d3aa767f
Model updates for Database Management in ACP 2017-02-03 15:19:14 -05:00
Dane Everitt
9c2d34d6e6
Mo' StyleCI fixes... 🦀 2017-02-02 19:48:15 -05:00
Dane Everitt
242294598f Merge branch 'develop' into feature/updated-models 2017-02-02 19:47:10 -05:00
Dane Everitt
533e2bcafb
Fix database column references in ACP 2017-02-02 19:46:46 -05:00
Dane Everitt
3baa21a6eb
StyleCI fixes. 2017-02-02 19:43:55 -05:00
Dane Everitt
3114b7e52a
Complete implementation of new Server model. 2017-02-02 19:41:38 -05:00
Jakob
19567ee311 Merge branch 'develop' into fix/trusted-proxies 2017-02-03 00:38:58 +01:00
Jakob
8cac2a3669 Merge pull request #285 from Pterodactyl/feature/phrase-in-context
add phraseapp in context editor
2017-02-03 00:36:50 +01:00
Dane Everitt
644ee85f59
Fix for StyleCI 2017-02-02 18:25:46 -05:00
Dane Everitt
d4bcf0be59
Initial implementation of improved sever model and logic 2017-02-02 18:21:36 -05:00
Jakob Schrettenbrunner
7f1000dd8a make dane and styleci happy 2017-02-03 00:08:10 +01:00
Jakob Schrettenbrunner
7f0608d412 better naming of PhraseApp related stuff 2017-02-02 23:14:53 +01:00
Dane Everitt
7f51e5df62
API tweaks to return more relevant information on server listing 2017-02-02 16:24:08 -05:00
Dane Everitt
32c21baab0
Return packs associated with a service when viewing it on the API. 2017-02-02 16:01:18 -05:00
Dane Everitt
6220f710df
Cache configuration file when editing environment or mail settings. 2017-02-02 15:06:35 -05:00
Jakob Schrettenbrunner
8fc30fbe3a add phraseapp in context editor 2017-02-02 15:05:33 +01:00
Dane Everitt
4be9e30eee
Include that 30 second limit on other 2FA checks 2017-02-01 23:05:19 -05:00
Dane Everitt
a93adce303
Only allow up to 30 seconds of overlap on comparing the 2FA tokens. 2017-02-01 23:02:54 -05:00
Dane Everitt
4abdee0efb
Better 2FA implementation on logins 2017-02-01 22:58:48 -05:00
Jakob Schrettenbrunner
24650b67be Merge branch 'develop' into fix/trusted-proxies
sorry
2017-02-01 20:35:10 +01:00
Jakob Schrettenbrunner
8ab4faad8a remove TRUSTED_PROXIES from .env.example
make style ci happy
2017-02-01 20:31:24 +01:00
Jakob Schrettenbrunner
ee26a7e8dd add fideloper/proxy to support reverse proxies and load balancers 2017-02-01 20:10:28 +01:00
Dane Everitt
e5ed1c7f6a One day eslint will have a PHP counterpart that works in Atom... 🤔 2017-01-31 20:04:34 -05:00
Dane Everitt
1679d866a5
Improved gzip detection 2017-01-27 16:47:50 -05:00
Dane Everitt
4b0197f2be
Implement basic security policy on daemon remote routes 2017-01-27 16:34:46 -05:00
Dane Everitt
9087feec4f
Remove build settings from packs. 2017-01-27 16:21:25 -05:00
Dane Everitt
4a6d62fded
Fix fatal error when trying to send server creation notification 2017-01-27 16:21:15 -05:00
Dane Everitt
e6d3e75024
Add new daemon routes for pack handling 2017-01-25 18:25:34 -05:00
Dane Everitt
95d0c646f9
Require packs to be a tarball 2017-01-25 18:25:34 -05:00
Dane Everitt
96e50506a1
Move notification email of server created into the event listener 2017-01-25 18:25:34 -05:00
Emmet Young
58de6125c2 Location should be validated on creation of a server, 2017-01-25 22:01:57 +11:00
Dane Everitt
a137e6ed72
Add base implementation of extendable events classes
Modified server deletion to use internal event handlers from the
Eloquent models themselves. Also added a few preliminary event handlers
in the `Pterodactyl\Events\<USer|Server> namespace that users can hook
into in EventServiceProvider to perform their own actions as they
please (such as push notifications and such).
2017-01-24 19:15:03 -05:00
Dane Everitt
bf7b58470a
Update copyright headers 2017-01-24 17:57:08 -05:00
Dane Everitt
b9512dccb8 Apply fixes from StyleCI (#269) 2017-01-23 17:11:25 -05:00
Dane Everitt
06232b84c2 Merge pull request #268 from hammerdawn/ThemeFixes
Repair the admin side add user functionality.
2017-01-23 17:10:32 -05:00
Emmet Young
9c87e03c0c Repair the admin side add user functionality. 2017-01-23 13:24:14 +11:00
Dane Everitt
d21e6b8c90 Merge pull request #267 from hammerdawn/ThemeFixes
Theme Changes
2017-01-22 19:59:37 -05:00
Emmet Young
921c7b1725 Configuration JSON should be including the FQDN instead of localhost for the certificate path. 2017-01-23 11:14:55 +11:00
Dane Everitt
5f1bfcf980
Much cleaner code for updating user details front-end 2017-01-22 16:16:43 -05:00
Dane Everitt
9e54dabe5b
Display if subusers are using 2FA 2017-01-22 16:16:26 -05:00
Dane Everitt
edd26893a5
Adjust default theme in .env and note that http:// is required on URLs 2017-01-22 13:51:56 -05:00
Emmet Young
9025f1f583 Repair user creation functionality
Repair functionality of the make user console command (pterodactyl:user)
Fix up the user repository, was using the old $password instead of the changed format $data['password']
Change User model to allow root_admin to be a fillable item.
2017-01-23 00:47:09 +11:00
Dane Everitt
355697dbb5 Apply fixes from StyleCI (#260) 2017-01-21 15:56:32 -05:00
Dane Everitt
0e23f87724
Add task management views 2017-01-21 15:40:46 -05:00
Dane Everitt
db7b741b28
Show server status in sidebar properly on subuser views 2017-01-21 13:49:14 -05:00
Dane Everitt
8e9069cced
Subuser updates 2017-01-21 00:04:09 -05:00
Dane Everitt
3d2278ba3e
Add subuser list and new subuser views
Holy 🐄 translations are annoying to implement for these views.
2017-01-20 23:39:37 -05:00
Dane Everitt
994588c82d
Set the old theme on admin center until new theme is done 2017-01-20 17:19:42 -05:00
Dane Everitt
91178d78a4
Add support for creating files via file manager 2017-01-20 17:10:14 -05:00
Dane Everitt
83c776fc82
Fix up most of the file manager 2017-01-19 16:58:57 -05:00
Dane Everitt
88378ce983
Add allocations tab
Strips some core allocation features for now, will be added back with
more features once the theme is done.
2017-01-18 20:45:10 -05:00
Jakob Schrettenbrunner
c0df57c087 add isRootAdmin() method to User model to get rid of User->root_admin === 1 2017-01-18 21:13:05 +01:00
Dane Everitt
f6600f447f
Add Startup Params view
Translations might be the end of us.
2017-01-17 19:30:27 -05:00
Dane Everitt
e2eff27a56 Apply fixes from StyleCI 2017-01-17 23:21:33 +00:00
Dane Everitt
515e543c7f
Add SFTP and Database management pages to new theme. 2017-01-15 20:28:54 -05:00
Dane Everitt
c7f3bb5112
New theme assigned to server console page. 2017-01-15 18:52:22 -05:00
Dane Everitt
2fc852c6a4
Push 'Account' and 'Security' pages as well as 'My Servers' 2017-01-15 14:09:57 -05:00
Dane Everitt
1c85b1fbc4
Fix exception handler misnamed variable 2017-01-15 13:53:08 -05:00
Dane Everitt
457ed28b0b
Initial change of theme.
Only themed pages currently are login and reset password pages.
2017-01-14 21:32:33 -05:00
Dane Everitt
0d792f05c5
Properly handle no passed packs. 2017-01-13 23:21:37 -05:00
Dane Everitt
fee3f3df6f Apply fixes from StyleCI (#251) 2017-01-13 23:17:32 -05:00
Dane Everitt
4979811885
Add ability to add a location via the CLI.
closes #242
2017-01-13 23:16:57 -05:00
Dane Everitt
d1e5253ca1
Add support for creating node through CLI. 2017-01-13 23:10:42 -05:00
Dane Everitt
b71604566e
Improved code to generate SFTP usernames
Fixes edge case where specific server names could cause daemon errors
due to an invalid SFTP username being created by the panel.
2017-01-13 22:22:25 -05:00
Dane Everitt
a5aa089d66 Apply fixes from StyleCI 2017-01-12 20:48:12 +00:00
Dane Everitt
e91362eee6
Update user controller 2017-01-12 15:40:24 -05:00
Dane Everitt
f292080483
Should close #244
What a peculiar bug. Also modifies code to try and return the correct
status code, as well as return JSON based errors on any request that
Laravel thinks should have a JSON based response.
2017-01-12 13:44:23 -05:00
Dane Everitt
6bd9663f59
Merge branch 'develop' into feature/service-changes 2017-01-12 13:15:37 -05:00
Jakob Schrettenbrunner
9f2ca17ea4 replace manual json headers with laravel response()->json()
better Carbon dependency
rename admin.nodes.configuration-token route
style fixes
2017-01-08 15:21:02 +01:00
Jakob Schrettenbrunner
f70b33d69c one more styleci fix. don’t be that picky! 🙈 2017-01-07 18:40:55 +01:00
Jakob Schrettenbrunner
a661f71974 fix styleci issues 2017-01-07 18:39:41 +01:00
Jakob Schrettenbrunner
a1568e5acb add button to generate token to node configuration tab
add info message after node creation about token generation
2017-01-07 18:27:19 +01:00
Jakob Schrettenbrunner
52a395ac9a fix forgotten rename of NodeConfigurationToken 2017-01-07 18:26:45 +01:00
Jakob Schrettenbrunner
e1e159b7de add ability to generate a token to retrieve the config for a specific node 2017-01-07 18:10:11 +01:00
Jakob Schrettenbrunner
ef1fa4c4e6 add method to get config as json to node model 2017-01-07 18:06:09 +01:00
Dane Everitt
d9de884de3 Apply fixes from StyleCI 2017-01-03 22:46:30 +00:00
Dane Everitt
c1bf757623
Fix service option name being set wrongly after adding a new variable. closes #208 2017-01-03 17:44:48 -05:00
Dane Everitt
aa6e733ba5
Switch filemanager and EULA check to use pure Javascript methods
Removes the need for the javascript to be parsed by Blade template
engine by using a defined javascript variable with the values that are
necessary for checking everything and passing the correct values.

This does make it so that if a user does not have permission to do
something they could theoretically make the option show up in the
context menu, however when they click it, it will simply return an
error by the daemon.
2017-01-03 16:47:33 -05:00
Dane Everitt
39731f99da Merge pull request #226 from hammerdawn/APICHANGE
Allow listing a user by both ID and email. Useful for checking if a u…
2017-01-02 22:00:45 -05:00
Emmet Young
3f5bf099ae Use DaneEveritt's shortened query call. 2017-01-03 13:40:35 +11:00
Dane Everitt
6331a29962 Merge pull request #228 from Pterodactyl/analysis-XWDo3P
Apply fixes from StyleCI
2016-12-30 17:18:54 -05:00
Dane Everitt
a1dff5cda0
Push updated languages 2016-12-30 17:17:36 -05:00
Dane Everitt
fb182ffb4a Apply fixes from StyleCI 2016-12-30 22:00:06 +00:00
Dane Everitt
0afa568095
Address two bugs in subuser system.
1.) Prevents adding the owner of a server as a subuser which could
potentially break things.
2.) Prevents adding duplicate subusers for a server.
2016-12-30 16:28:43 -05:00
Dane Everitt
7848f63e05
Fix error thrown on 0 values for variables, closes #223 2016-12-30 16:00:51 -05:00
Dane Everitt
43786b1d2a
Block addition of more than 2000 ports at once, closes #219 2016-12-30 15:50:37 -05:00
Dane Everitt
9a494d8245
Adjust server name requirements, closes #205 2016-12-30 15:46:10 -05:00
Emmet Young
b5d3417167 Allow listing a user by both ID and email. Useful for checking if a user exists by its email. 2016-12-29 22:56:45 +11:00
Dane Everitt
a49dee2416
Add base implementation of service retrieval. 🏇
There is currently no authentication middleware on this route.
2016-12-14 18:54:43 -05:00
Dane Everitt
fd360f6475
Fix data pack assignment 2016-12-14 17:17:16 -05:00
Dane Everitt
efda0dd009 Apply fixes from StyleCI 2016-12-14 21:56:25 +00:00
Dane Everitt
fc38b09e1f
Merge branch 'develop' into feature/service-changes 2016-12-14 16:53:53 -05:00
spaceemotion
a85ac87ae8 Refactor to use more laravel logic and improve compatibility with older PHP versions (#206)
* Fix @param namespaces for PHPDocs in ServerPolicy

* Reduce permission check duplication in ServerPolicy

This introduces a new checkPermission method to reduce code duplication when checking for permissions.

* Simplify logic to list accessible servers for the user

We can directly use the pluck function that laravel collections provide to simplify the logic.

* Fix pagination issue when databases/servers exceed 20

Laravels strips out the currently selected tab (or any GET query for that matter) by default when using pagination. the appends() methods helps with keeping that information.

* Refactor unnecessary array_merge calls

We can just append to the array instead of constantly merging a new copy.

* Fix accessing “API Access” on some versions of PHP

The “new” word is reserved and should not be used as a method name.

http://stackoverflow.com/questions/9575590/why-am-i-getting-an-unexpected-t-new-error-in-php

* Fix revoking API keys on older versions of php (5.6)

“string” was not a valid function argument type yet, so revoking keys results in an error on older installations.

* Fix issues with API due to methods named “list”

“list” is yet another reserved keyword in PHP and messes up older installations of PHP (5.6).
This renames all methods named “list” to “lists”. The API route names are left untouched (e.g. still called “api.admin.users.list”).

* Refactor and shorten some API logic

Used laravel collection methods where applicable to directly transform the values instead of converting back and forth.
This also removes some dead variables that were never used as well as getting rid of a n+1 problem in the Service API (loading service variables afterwards, not during the model creation).

* Return model save status in repositories where applicable

* Fix typo in ServicePolicy#powerStart

* Apply StyleCI corrections
2016-12-12 14:30:57 -05:00
Dane Everitt
c1fb0a665f Apply fixes from StyleCI 2016-12-07 22:46:38 +00:00
Emmet Young
f687fab9a2 API: ability to search for an allocation based on the assigned server id (#194) 2016-12-04 22:17:35 -05:00