Improved middleware, console page now using new setup

Author: DaneEveritt

app/Exceptions/Service/Server/RequiredVariableMissingException.php

@@ -24,8 +24,8 @@
 
 namespace Pterodactyl\Exceptions\Service\Server;
 
-use Exception;
+use Pterodactyl\Exceptions\PterodactylException;
 
-class RequiredVariableMissingException extends Exception
+class RequiredVariableMissingException extends PterodactylException
 {
 }

app/Exceptions/Service/Server/UserNotLinkedToServerException.php

@@ -0,0 +1,31 @@
+<?php
+/*
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+namespace Pterodactyl\Exceptions\Service\Server;
+
+use Pterodactyl\Exceptions\PterodactylException;
+
+class UserNotLinkedToServerException extends PterodactylException
+{
+}

app/Http/Controllers/Server/ConsoleController.php

@@ -0,0 +1,99 @@
+<?php
+/*
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+namespace Pterodactyl\Http\Controllers\Server;
+
+use Illuminate\Contracts\Session\Session;
+use Pterodactyl\Http\Controllers\Controller;
+use Pterodactyl\Traits\Controllers\ServerToJavascript;
+use Illuminate\Contracts\Config\Repository as ConfigRepository;
+
+class ConsoleController extends Controller
+{
+    use ServerToJavascript;
+
+    /**
+     * @var \Illuminate\Contracts\Config\Repository
+     */
+    protected $config;
+
+    /**
+     * @var \Illuminate\Contracts\Session\Session
+     */
+    protected $session;
+
+    /**
+     * ConsoleController constructor.
+     *
+     * @param \Illuminate\Contracts\Config\Repository $config
+     * @param \Illuminate\Contracts\Session\Session   $session
+     */
+    public function __construct(
+        ConfigRepository $config,
+        Session $session
+    ) {
+        $this->config = $config;
+        $this->session = $session;
+    }
+
+    /**
+     * Render server index page with the console and power options.
+     *
+     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
+     */
+    public function index()
+    {
+        $server = $this->session->get('server_data.model');
+
+        $this->injectJavascript([
+            'meta' => [
+                'saveFile' => route('server.files.save', $server->uuidShort),
+                'csrfToken' => csrf_token(),
+            ],
+            'config' => [
+                'console_count' => $this->config->get('pterodactyl.console.count'),
+                'console_freq' => $this->config->get('pterodactyl.console.frequency'),
+            ],
+        ]);
+
+        return view('server.index', ['server' => $server, 'node' => $server->node]);
+    }
+
+    /**
+     * Render a stand-alone console in the browser.
+     *
+     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
+     */
+    public function console()
+    {
+        $server = $this->session->get('server_data.model');
+
+        $this->injectJavascript(['config' => [
+            'console_count' => $this->config->get('pterodactyl.console.count'),
+            'console_freq' => $this->config->get('pterodactyl.console.frequency'),
+        ]]);
+
+        return view('server.console', ['server' => $server, 'node' => $server->node]);
+    }
+}

app/Http/Controllers/Server/ServerController.php

@@ -31,65 +31,10 @@
 use Illuminate\Http\Request;
 use Pterodactyl\Exceptions\DisplayException;
 use Pterodactyl\Http\Controllers\Controller;
-use Pterodactyl\Repositories\ServerRepository;
 use Pterodactyl\Exceptions\DisplayValidationException;
-use Pterodactyl\Repositories\old_Daemon\FileRepository;
 
 class ServerController extends Controller
 {
-    /**
-     * Renders server index page for specified server.
-     *
-     * @param \Illuminate\Http\Request $request
-     * @param string                   $uuid
-     * @return \Illuminate\View\View
-     */
-    public function getIndex(Request $request, $uuid)
-    {
-        $server = Models\Server::byUuid($uuid);
-
-        $server->js([
-            'meta' => [
-                'saveFile' => route('server.files.save', $server->uuidShort),
-                'csrfToken' => csrf_token(),
-            ],
-            'config' => [
-                'console_count' => config('pterodactyl.console.count'),
-                'console_freq' => config('pterodactyl.console.frequency'),
-            ],
-        ]);
-
-        return view('server.index', [
-            'server' => $server,
-            'node' => $server->node,
-        ]);
-    }
-
-    /**
-     * Renders server console as an individual item.
-     *
-     * @param \Illuminate\Http\Request $request
-     * @param string                   $uuid
-     * @return \Illuminate\View\View
-     */
-    public function getConsole(Request $request, $uuid)
-    {
-        \Debugbar::disable();
-        $server = Models\Server::byUuid($uuid);
-
-        $server->js([
-            'config' => [
-                'console_count' => config('pterodactyl.console.count'),
-                'console_freq' => config('pterodactyl.console.frequency'),
-            ],
-        ]);
-
-        return view('server.console', [
-            'server' => $server,
-            'node' => $server->node,
-        ]);
-    }
-
     /**
      * Renders file overview page.
      *

app/Http/Kernel.php

@@ -54,7 +54,8 @@ class Kernel extends HttpKernel
         'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
         'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
         'guest' => \Pterodactyl\Http\Middleware\RedirectIfAuthenticated::class,
-        'server' => \Pterodactyl\Http\Middleware\CheckServer::class,
+        'server' => \Pterodactyl\Http\Middleware\ServerAuthenticate::class,
+        'subuser' => \Pterodactyl\Http\Middleware\SubuserAccessAuthenticate::class,
         'admin' => \Pterodactyl\Http\Middleware\AdminAuthenticate::class,
         'daemon' => \Pterodactyl\Http\Middleware\DaemonAuthenticate::class,
         'csrf' => \Pterodactyl\Http\Middleware\VerifyCsrfToken::class,

app/Http/Middleware/CheckServer.php …p/Http/Middleware/ServerAuthenticate.phpapp/Http/Middleware/CheckServer.php renamed to app/Http/Middleware/ServerAuthenticate.php app/Http/Middleware/CheckServer.php renamed to app/Http/Middleware/ServerAuthenticate.php

@@ -24,106 +24,102 @@
 
 namespace Pterodactyl\Http\Middleware;
 
-use Auth;
 use Closure;
+use Illuminate\Contracts\Session\Session;
 use Illuminate\Http\Request;
+use Pterodactyl\Contracts\Repository\ServerRepositoryInterface;
 use Pterodactyl\Models\Server;
+use Illuminate\Contracts\Config\Repository as ConfigRepository;
 use Illuminate\Auth\AuthenticationException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 
-class CheckServer
+class ServerAuthenticate
 {
     /**
-     * The elquent model for the server.
-     *
+     * @var \Illuminate\Contracts\Config\Repository
+     */
+    protected $config;
+
+    /**
+     * @var \Pterodactyl\Contracts\Repository\ServerRepositoryInterface
+     */
+    protected $repository;
+
+    /**
      * @var \Pterodactyl\Models\Server
      */
     protected $server;
 
     /**
-     * The request object.
+     * @var \Illuminate\Contracts\Session\Session
+     */
+    protected $session;
+
+    /**
+     * ServerAuthenticate constructor.
      *
-     * @var \Illuminate\Http\Request
+     * @param \Illuminate\Contracts\Config\Repository                     $config
+     * @param \Pterodactyl\Contracts\Repository\ServerRepositoryInterface $repository
+     * @param \Illuminate\Contracts\Session\Session                       $session
      */
-    protected $request;
+    public function __construct(
+        ConfigRepository $config,
+        ServerRepositoryInterface $repository,
+        Session $session
+    ) {
+        $this->config = $config;
+        $this->repository = $repository;
+        $this->session = $session;
+    }
 
     /**
-     * Handle an incoming request.
+     * Determine if a given user has permission to access a server.
      *
      * @param \Illuminate\Http\Request $request
      * @param \Closure                 $next
      * @return mixed
+     *
+     * @throws \Illuminate\Auth\AuthenticationException
+     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
      */
     public function handle(Request $request, Closure $next)
     {
-        if (! Auth::user()) {
-            throw new AuthenticationException();
+        if (! $request->user()) {
+            throw new AuthenticationException;
         }
 
-        $this->request = $request;
-        $this->server = Server::byUuid($request->route()->server);
-
-        if (! $this->exists()) {
-            return response()->view('errors.404', [], 404);
-        }
-
-        if ($this->suspended()) {
-            return response()->view('errors.suspended', [], 403);
-        }
-
-        if (! $this->installed()) {
-            return response()->view('errors.installing', [], 403);
-        }
-
-        return $next($request);
-    }
+        $attributes = $request->route()->parameter('server');
+        $isApiRequest = $request->expectsJson() || $request->is(...$this->config->get('pterodactyl.json_routes', []));
+        $server = $this->repository->getByUuid($attributes instanceof Server ? $attributes->uuid : $attributes);
 
-    /**
-     * Determine if the server was found on the system.
-     *
-     * @return bool
-     */
-    protected function exists()
-    {
-        if (! $this->server) {
-            if ($this->request->expectsJson() || $this->request->is(...config('pterodactyl.json_routes'))) {
+        if (! $server) {
+            if ($isApiRequest) {
                 throw new NotFoundHttpException('The requested server was not found on the system.');
             }
-        }
 
-        return (! $this->server) ? false : true;
-    }
+            return response()->view('errors.404', [], 404);
+        }
 
-    /**
-     * Determine if the server is suspended.
-     *
-     * @return bool
-     */
-    protected function suspended()
-    {
-        if ($this->server->suspended) {
-            if ($this->request->expectsJson() || $this->request->is(...config('pterodactyl.json_routes'))) {
+        if ($server->suspended) {
+            if ($isApiRequest) {
                 throw new AccessDeniedHttpException('Server is suspended.');
             }
-        }
 
-        return $this->server->suspended;
-    }
+            return response()->view('errors.suspended', [], 403);
+        }
 
-    /**
-     * Determine if the server is installed.
-     *
-     * @return bool
-     */
-    protected function installed()
-    {
-        if ($this->server->installed !== 1) {
-            if ($this->request->expectsJson() || $this->request->is(...config('pterodactyl.json_routes'))) {
+        if ($server->installed !== 1) {
+            if ($isApiRequest) {
                 throw new AccessDeniedHttpException('Server is completing install process.');
             }
+
+            return response()->view('errors.installing', [], 403);
         }
 
-        return $this->server->installed === 1;
+        // Store the server in the session.
+        $this->session->now('server_data.model', $server);
+
+        return $next($request);
     }
 }