repository = $repository; $this->creationService = $creationService; $this->serverRepository = $serverRepository; } /** * Return the users associated with this server instance. * * @param \Pterodactyl\Http\Requests\Api\Client\Servers\Subusers\GetSubuserRequest $request * @param \Pterodactyl\Models\Server $server * @return array */ public function index(GetSubuserRequest $request, Server $server) { return $this->fractal->collection($server->subusers) ->transformWith($this->getTransformer(SubuserTransformer::class)) ->toArray(); } /** * Returns a single subuser associated with this server instance. * * @param \Pterodactyl\Http\Requests\Api\Client\Servers\Subusers\GetSubuserRequest $request * @return array */ public function view(GetSubuserRequest $request) { $subuser = $request->attributes->get('subuser'); return $this->fractal->item($subuser) ->transformWith($this->getTransformer(SubuserTransformer::class)) ->toArray(); } /** * Create a new subuser for the given server. * * @param \Pterodactyl\Http\Requests\Api\Client\Servers\Subusers\StoreSubuserRequest $request * @param \Pterodactyl\Models\Server $server * @return array * * @throws \Pterodactyl\Exceptions\Model\DataValidationException * @throws \Pterodactyl\Exceptions\Service\Subuser\ServerSubuserExistsException * @throws \Pterodactyl\Exceptions\Service\Subuser\UserIsServerOwnerException * @throws \Throwable */ public function store(StoreSubuserRequest $request, Server $server) { $response = $this->creationService->handle( $server, $request->input('email'), $this->getDefaultPermissions($request) ); return $this->fractal->item($response) ->transformWith($this->getTransformer(SubuserTransformer::class)) ->toArray(); } /** * Update a given subuser in the system for the server. * * @param \Pterodactyl\Http\Requests\Api\Client\Servers\Subusers\UpdateSubuserRequest $request * @param \Pterodactyl\Models\Server $server * @return array * * @throws \Pterodactyl\Exceptions\Model\DataValidationException * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException */ public function update(UpdateSubuserRequest $request, Server $server): array { /** @var \Pterodactyl\Models\Subuser $subuser */ $subuser = $request->attributes->get('subuser'); $permissions = $this->getDefaultPermissions($request); $current = $subuser->permissions; sort($permissions); sort($current); // Only update the database and hit up the Wings instance to invalidate JTI's if the permissions // have actually changed for the user. if ($permissions !== $current) { $this->repository->update($subuser->id, [ 'permissions' => $this->getDefaultPermissions($request), ]); try { $this->serverRepository->setServer($server)->revokeJTIs([md5($subuser->user_id . $server->uuid)]); } catch (DaemonConnectionException $exception) { // Don't block this request if we can't connect to the Wings instance. Chances are it is // offline in this event and the token will be invalid anyways once Wings boots back. Log::warning($exception, ['user_id' => $subuser->user_id, 'server_id' => $server->id]); } } return $this->fractal->item($subuser->refresh()) ->transformWith($this->getTransformer(SubuserTransformer::class)) ->toArray(); } /** * Removes a subusers from a server's assignment. * * @param \Pterodactyl\Http\Requests\Api\Client\Servers\Subusers\DeleteSubuserRequest $request * @param \Pterodactyl\Models\Server $server * @return \Illuminate\Http\JsonResponse */ public function delete(DeleteSubuserRequest $request, Server $server) { /** @var \Pterodactyl\Models\Subuser $subuser */ $subuser = $request->attributes->get('subuser'); $this->repository->delete($subuser->id); try { $this->serverRepository->revokeJTIs([md5($subuser->user_id . $server->uuid)]); } catch (DaemonConnectionException $exception) { // Don't block this request if we can't connect to the Wings instance. Log::warning($exception, ['user_id' => $subuser->user_id, 'server_id' => $server->id]); } return new JsonResponse([], JsonResponse::HTTP_NO_CONTENT); } /** * Returns the default permissions for all subusers to ensure none are ever removed wrongly. * * @param \Illuminate\Http\Request $request * @return array */ protected function getDefaultPermissions(Request $request): array { return array_unique(array_merge($request->input('permissions') ?? [], [Permission::ACTION_WEBSOCKET_CONNECT])); } }