misc_pterodactyl-panel/app/Policies/ServerPolicy.php

51 lines
1.3 KiB
PHP

<?php
namespace Pterodactyl\Policies;
use Pterodactyl\Models\User;
use Pterodactyl\Models\Server;
class ServerPolicy
{
/**
* Checks if the user has the given permission on/for the server.
*/
protected function checkPermission(User $user, Server $server, string $permission): bool
{
$subuser = $server->subusers->where('user_id', $user->id)->first();
if (!$subuser || empty($permission)) {
return false;
}
return in_array($permission, $subuser->permissions);
}
/**
* Runs before any of the functions are called. Used to determine if user is root admin, if so, ignore permissions.
*
* @param string $ability
*
* @return bool
*/
public function before(User $user, $ability, Server $server)
{
if ($user->root_admin || $server->owner_id === $user->id) {
return true;
}
return $this->checkPermission($user, $server, $ability);
}
/**
* This is a horrendous hack to avoid Laravel's "smart" behavior that does
* not call the before() function if there isn't a function matching the
* policy permission.
*
* @param string $name
* @param mixed $arguments
*/
public function __call($name, $arguments)
{
// do nothing
}
}