misc_pterodactyl-panel

Author	SHA1	Message	Date
Dane Everitt	e30a765071	Simplify logic when a server is in an unsupported state	2021-01-30 13:28:31 -08:00
Dane Everitt	c449ca5155	Use more standardized phpcs	2021-01-23 12:33:34 -08:00
Dane Everitt	a043071e3c	Update to Laravel 8 Co-authored-by: Matthew Penner <me@matthewp.io>	2021-01-23 12:12:54 -08:00
Dane Everitt	e8dcd30e0c	[security] fix resources not properly returning an error when they don't match the server in the URL Prior to this fix certain resources were accessible even when their assigned server was not the same as the server in the URL. This causes the resource server relationship to not match the server variable present on the request. Due to this failed logic it was possible for users to access resources they should not have been able to access otherwise for some areas of the panel.	2021-01-19 21:19:17 -08:00
Dane Everitt	6c39288def	Clarify error messaging for transfers	2020-12-24 10:14:10 -08:00
Matthew Penner	37cfa151b6	Use ServerTransferringException	2020-12-17 10:37:14 -07:00
Matthew Penner	e69d9b2c26	Update comment in AuthenticateServerAccess.php	2020-12-17 10:35:54 -07:00
Matthew Penner	fd848985ee	Add ServerTransferringException, use is_null	2020-12-17 10:35:54 -07:00
Matthew Penner	e6c4a68e4a	Update logic for tracking a server's transfer state	2020-12-17 10:35:54 -07:00
Matt Malec	df64026449	Update AuthenticateIPAccess.php Fix a 500 error when processing a request with an IP filter	2020-11-08 21:57:22 -05:00
Dane Everitt	c00e5b36a5	Return all servers for a node as a paginated response Avoids crashing the PHP process and avoids a bad runaway N+1 query issue that previously existed.	2020-10-31 11:14:28 -07:00
Dane Everitt	f31a6d3967	Fix parameter bindings for client API routes; closes pterodactyl/panel#2359	2020-09-27 10:39:18 -07:00
Dane Everitt	906cfce81c	Don't return a 403 when returning resources for a suspended server; closes #2279	2020-08-30 09:54:59 -07:00
Dane Everitt	540cc82e3d	Don't resolve database hosts; closes #2237	2020-08-19 20:38:51 -07:00
Dane Everitt	61e9771333	Code cleanup for subuser API endpoints; closes #2247	2020-08-19 20:21:12 -07:00
Dane Everitt	2278927fb6	Update allocations to support ids; protect endpoints; support notes	2020-07-09 20:36:08 -07:00
DarthShmev	06ece0e624	Fix AuthenticateServerAccess middleware spelling issue.	2020-07-05 15:48:02 -04:00
Dane Everitt	fde8465f35	Show a better error when JSON data cannot be parsed in the request	2020-06-30 20:05:11 -07:00
Dane Everitt	536180ed0c	Return Http test cases to a passing state	2020-06-23 21:59:37 -07:00
Dane Everitt	16e14621c8	Better error messaging when server is suspended	2020-06-22 20:22:52 -07:00
Dane Everitt	6056b6f45d	Show console when an admin is viewing an installing server	2020-04-26 13:21:39 -07:00
Matthew Penner	658a959e5d	Fix trailing comma in DaemonAuthenticate.php, change ServerDetailsController.php to use node authentication	2020-04-10 17:54:50 -06:00
Dane Everitt	2532a73425	Don't throw errors if bad data is sent in the header	2020-04-10 15:53:19 -07:00
Dane Everitt	7557dddf49	Store node daemon tokens in an encrypted manner	2020-04-10 15:15:38 -07:00
Dane Everitt	be05d2df81	Add support for generating a signed URL for downloading a file from the daemon	2020-04-04 19:54:59 -07:00
Dane Everitt	1f92a7de33	Authenticate that the request is coming from someone that should even know about the server	2020-03-28 16:23:18 -07:00
Dane Everitt	7543ef085d	Format files	2019-09-05 21:32:57 -07:00
Dane Everitt	95d19bf09e	Update logic that handles creation of folders for a server	2019-05-01 21:45:39 -07:00
Dane Everitt	0999ec93c3	More logic for deleting databases	2018-08-25 15:07:42 -07:00
Dane Everitt	9be2aa4ca9	Push beginning of DB deletion stuff	2018-08-25 14:43:21 -07:00
Dane Everitt	8bbe6bc279	Add test, fix behavior of model creation	2018-07-14 22:58:33 -07:00
Dane Everitt	550c622d3b	Obliterate JWT from codebase	2018-07-14 22:48:09 -07:00
Dane Everitt	6336e5191f	Strip out JWT usage and use cookies to track the currently logged in user	2018-07-14 22:42:58 -07:00
Dane Everitt	c82f273d85	Fix remaining broken tests	2018-07-04 19:38:23 -07:00
Dane Everitt	e7faf979a1	Change login handling to automatically redirect a user if their session will need renewal.	2018-06-16 14:05:39 -07:00
Dane Everitt	03c83c084a	Revert use of cookies, go back to using a JWT	2018-06-06 22:49:44 -07:00
Dane Everitt	5bcabbde35	Get dashboard in a more working state	2018-06-05 23:42:34 -07:00
Dane Everitt	a1444b047e	Fix JWT handling for API access when logging in	2018-05-28 14:59:48 -07:00
Dane Everitt	6e5c365018	Use the client API to load servers on the listing page	2018-05-28 13:23:40 -07:00
Dane Everitt	ad69193ac0	Add JWT to login forms	2018-05-28 12:48:42 -07:00
Lance Pioch	e2dc0638d9	Fix app/ spelling errors	2018-05-13 11:12:41 -04:00
Dane Everitt	ef371a508d	Change check on debugbar to use debug not environment	2018-03-10 12:03:23 -06:00
Dane Everitt	8f72571895	Fix IP access middleware	2018-02-28 23:39:59 -06:00
Dane Everitt	cef3e4ced4	Add base routes for managing servers as a client	2018-02-27 21:28:43 -06:00
Dane Everitt	9a32b9fd03	Merge branch 'develop' into feature/client-api	2018-02-27 21:04:18 -06:00
Dane Everitt	23e07689a7	Handle 404 errors in API bindings correctly to avoid explosing that a resource exists before validating a key	2018-02-27 21:04:04 -06:00
Dane Everitt	e28973bcae	Move everything around as needed to get things setup for the client API	2018-02-25 15:30:56 -06:00
Dane Everitt	5b6d3b8325	Slightly more clear errors	2018-02-24 12:27:41 -06:00
Dane Everitt	2ec76d283b	Fix bad API behavior	2018-02-04 15:38:38 -06:00
Dane Everitt	8afced3410	Add nests & eggs Cleanup middleware handling and parameters on controllers...	2018-01-27 12:38:56 -06:00

1 2

57 commits