Add database password change support and fix column name

DaneEveritt · DaneEveritt · commit 5233d6e87b70 · 2016-08-16T00:07:10.000-04:00
diff --git a/app/Http/Controllers/Admin/DatabaseController.php b/app/Http/Controllers/Admin/DatabaseController.php
@@ -56,7 +56,7 @@ public function getIndex(Request $request)
                     'servers.id as a_serverId',
                     'servers.name as a_serverName'
                 )->join('database_servers', 'database_servers.id', '=', 'databases.db_server')
-                ->join('servers', 'databases.server', '=', 'servers.id')
+                ->join('servers', 'databases.server_id', '=', 'servers.id')
                 ->paginate(20),
             'dbh' => Models\DatabaseServer::select(
                     'database_servers.*',
diff --git a/app/Http/Controllers/Admin/ServersController.php b/app/Http/Controllers/Admin/ServersController.php
@@ -99,7 +99,7 @@ public function getView(Request $request, $id)
                 ->where('server_variables.server_id', $server->id)
                 ->get(),
             'databases' => Models\Database::select('databases.*', 'database_servers.host as a_host', 'database_servers.port as a_port')
-                ->where('server', $server->id)
+                ->where('server_id', $server->id)
                 ->join('database_servers', 'database_servers.id', '=', 'databases.db_server')
                 ->get(),
             'db_servers' => Models\DatabaseServer::all()
diff --git a/app/Http/Controllers/Server/AjaxController.php b/app/Http/Controllers/Server/AjaxController.php
@@ -25,6 +25,7 @@
 
 use Log;
 use Debugbar;
+use Pterodactyl\Models;
 use Pterodactyl\Models\Server;
 use Pterodactyl\Models\Node;
 
@@ -223,4 +224,28 @@ public function postSetConnection(Request $request, $uuid)
         }
     }
 
+    public function postResetDatabasePassword(Request $request, $uuid)
+    {
+        $server = Models\Server::getByUUID($uuid);
+        $database = Models\Database::where('id', $request->input('database'))->where('server_id', $server->id)->firstOrFail();
+
+        $this->authorize('reset-db-password', $server);
+        try {
+
+            $repo = new Repositories\DatabaseRepository;
+            $password = str_random(16);
+            $repo->modifyPassword($request->input('database'), $password);
+            return response($password);
+        } catch (\Pterodactyl\Exceptions\DisplayException $ex) {
+            return response()->json([
+                'error' => $ex->getMessage(),
+            ], 503);
+        } catch(\Exception $ex) {
+            Log::error($ex);
+            return response()->json([
+                'error' => 'An unhandled error occured while attempting to modify this database\'s password.'
+            ], 503);
+        }
+    }
+
 }
diff --git a/app/Http/Controllers/Server/ServerController.php b/app/Http/Controllers/Server/ServerController.php
@@ -229,7 +229,7 @@ public function getSettings(Request $request, $uuid)
         return view('server.settings', [
             'server' => $server,
             'databases' => Models\Database::select('databases.*', 'database_servers.host as a_host', 'database_servers.port as a_port')
-                ->where('server', $server->id)
+                ->where('server_id', $server->id)
                 ->join('database_servers', 'database_servers.id', '=', 'databases.db_server')
                 ->get(),
             'node' => Models\Node::find($server->node),
diff --git a/app/Http/Routes/ServerRoutes.php b/app/Http/Routes/ServerRoutes.php
@@ -152,6 +152,11 @@ public function map(Router $router) {
                 $router->post('set-connection', [
                     'uses' => 'Server\AjaxController@postSetConnection'
                 ]);
+
+                $router->post('settings/reset-database-password', [
+                    'as' => 'server.ajax.reset-database-password',
+                    'uses' => 'Server\AjaxController@postResetDatabasePassword'
+                ]);
             });
 
             // Assorted AJAX Routes
diff --git a/app/Models/DatabaseServer.php b/app/Models/DatabaseServer.php
@@ -56,6 +56,8 @@ class DatabaseServer extends Model
      */
      protected $casts = [
          'id' => 'integer',
+         'server_id' => 'integer',
+         'db_server' => 'integer'
      ];
 
 }
diff --git a/app/Policies/ServerPolicy.php b/app/Policies/ServerPolicy.php
@@ -546,4 +546,13 @@ public function createTask(User $user, Server $server)
         return $user->permissions()->server($server)->permission('create-task')->exists();
     }
 
+    public function resetDbPassword(User $user, Server $server)
+    {
+        if ($this->isOwner($user, $server)) {
+            return true;
+        }
+
+        return $user->permissions()->server($server)->permission('create-task')->exists();
+    }
+
 }
diff --git a/app/Repositories/DatabaseRepository.php b/app/Repositories/DatabaseRepository.php
@@ -60,7 +60,7 @@ public function create($server, $options)
         try {
             $db = new Models\Database;
             $db->fill([
-                'server' => $server->id,
+                'server_id' => $server->id,
                 'db_server' => $options['db_server'],
                 'database' => $server->uuidShort . '_' . $options['database'],
                 'username' => $server->uuidShort . '_' . str_random(7),
@@ -103,6 +103,54 @@ public function create($server, $options)
         }
     }
 
+    /**
+     * Updates the password for a given database.
+     * @param  int $database The ID of the database to modify.
+     * @param  string $password The new password to use for the database.
+     * @return bool
+     */
+    public function modifyPassword($database, $password)
+    {
+        $db = Models\Database::findOrFail($database);
+        $dbr = Models\DatabaseServer::findOrFail($db->db_server);
+
+        DB::beginTransaction();
+        try {
+
+            $db->password = Crypt::encrypt($password);
+            $db->save();
+
+            $capsule = new Capsule;
+            $capsule->addConnection([
+                'driver' => 'mysql',
+                'host' => $dbr->host,
+                'port' => $dbr->port,
+                'database' => 'mysql',
+                'username' => $dbr->username,
+                'password' => Crypt::decrypt($dbr->password),
+                'charset' => 'utf8',
+                'collation' => 'utf8_unicode_ci',
+                'prefix' => '',
+                'options' => [
+                    \PDO::ATTR_TIMEOUT => 3,
+                ]
+            ]);
+
+            $capsule->setAsGlobal();
+            Capsule::statement(sprintf(
+                'ALTER USER \'%s\'@\'%s\' IDENTIFIED BY \'%s\'',
+                $db->username,
+                $db->remote,
+                $password
+            ));
+
+            DB::commit();
+        } catch(\Exception $ex) {
+            DB::rollback();
+            throw $ex;
+        }
+    }
+
     /**
      * Drops a database from the associated MySQL Server
      * @param  int $database The ID of the database to drop.
diff --git a/database/migrations/2016_08_15_234600_fix_column_name_for_databases.php b/database/migrations/2016_08_15_234600_fix_column_name_for_databases.php
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class FixColumnNameForDatabases extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('databases', function (Blueprint $table) {
+            $table->renameColumn('server', 'server_id');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('databases', function (Blueprint $table) {
+            $table->renameColumn('server_id', 'server');
+        });
+    }
+}
diff --git a/resources/views/admin/servers/view.blade.php b/resources/views/admin/servers/view.blade.php
@@ -363,7 +363,7 @@
                                         <tr>
                                             <td>{{ $database->database }}</td>
                                             <td>{{ $database->username }} ({{ $database->remote }})</td>
-                                            <td><code>{{ Crypt::decrypt($database->password) }}</code></td>
+                                            <td><code>{{ Crypt::decrypt($database->password) }}</code> <a href="#" data-action="reset-database-password" data-id="{{ $database->id }}"><i class="fa fa-refresh pull-right"></i></a></td>
                                             <td><code>{{ $database->a_host }}:{{ $database->a_port }}</code></td>
                                             <td class="text-center"><a href="#delete" data-action="delete_database" data-database="{{ $database->id }}" class="text-danger"><i class="fa fa-trash-o"></i></a></td>
                                         </tr>
@@ -530,6 +530,36 @@
             });
         });
     });
+    $('[data-action="reset-database-password"]').click(function (e) {
+        e.preventDefault();
+        var block = $(this);
+        $(this).find('i').addClass('fa-spin');
+        $.ajax({
+            type: 'POST',
+            url: '{{ route('server.ajax.reset-database-password', $server->uuidShort) }}',
+            headers: {
+                'X-CSRF-TOKEN': '{{ csrf_token() }}'
+            },
+            data: {
+                'database': $(this).data('id')
+            }
+        }).done(function (data) {
+            block.parent().find('code').html(data);
+        }).fail(function(jqXHR, textStatus, errorThrown) {
+            console.error(jqXHR);
+            var error = 'An error occured while trying to process this request.';
+            if (typeof jqXHR.responseJSON !== 'undefined' && typeof jqXHR.responseJSON.error !== 'undefined') {
+                error = jqXHR.responseJSON.error;
+            }
+            swal({
+                type: 'error',
+                title: 'Whoops!',
+                text: error
+            });
+        }).always(function () {
+            block.find('i').removeClass('fa-spin');
+        });
+    });
 });
 </script>
 @endsection
diff --git a/resources/views/server/settings.blade.php b/resources/views/server/settings.blade.php
@@ -142,7 +142,7 @@ class="form-control" value="{{ old($item->env_variable, $item->a_serverValue) }}
                                 <thead>
                                     <tr>
                                         <th>Database</th>
-                                        <th>User (Connections From)</th>
+                                        <th>Username</th>
                                         <th>Password</th>
                                         <th>DB Server</th>
                                     </th>
@@ -151,8 +151,8 @@ class="form-control" value="{{ old($item->env_variable, $item->a_serverValue) }}
                                     @foreach($databases as $database)
                                         <tr>
                                             <td>{{ $database->database }}</td>
-                                            <td>{{ $database->username }} ({{ $database->remote }})</td>
-                                            <td><code>{{ Crypt::decrypt($database->password) }}</code></td>
+                                            <td>{{ $database->username }}</td>
+                                            <td><code>{{ Crypt::decrypt($database->password) }}</code> <a href="#" data-action="reset-database-password" data-id="{{ $database->id }}"><i class="fa fa-refresh pull-right"></i></a></td>
                                             <td><code>{{ $database->a_host }}:{{ $database->a_port }}</code></td>
                                         </tr>
                                     @endforeach
@@ -206,7 +206,36 @@ class="form-control" value="{{ old($item->env_variable, $item->a_serverValue) }}
         });
         return false;
     });
-
+    $('[data-action="reset-database-password"]').click(function (e) {
+        e.preventDefault();
+        var block = $(this);
+        $(this).find('i').addClass('fa-spin');
+        $.ajax({
+            type: 'POST',
+            url: '{{ route('server.ajax.reset-database-password', $server->uuidShort) }}',
+            headers: {
+                'X-CSRF-TOKEN': '{{ csrf_token() }}'
+            },
+            data: {
+                'database': $(this).data('id')
+            }
+        }).done(function (data) {
+            block.parent().find('code').html(data);
+        }).fail(function(jqXHR, textStatus, errorThrown) {
+            console.error(jqXHR);
+            var error = 'An error occured while trying to process this request.';
+            if (typeof jqXHR.responseJSON !== 'undefined' && typeof jqXHR.responseJSON.error !== 'undefined') {
+                error = jqXHR.responseJSON.error;
+            }
+            swal({
+                type: 'error',
+                title: 'Whoops!',
+                text: error
+            });
+        }).always(function () {
+            block.find('i').removeClass('fa-spin');
+        });
+    });
 });
 </script>
 @endsection

Original file line number	Diff line number	Diff line change
`@@ -56,6 +56,8 @@ class DatabaseServer extends Model`
`56`	`56`	`*/`
`57`	`57`	`protected $casts = [`
`58`	`58`	`'id' => 'integer',`
	`59`	`+ 'server_id' => 'integer',`
	`60`	`+ 'db_server' => 'integer'`
`59`	`61`	`];`
`60`	`62`
`61`	`63`	`}`
Original file line number	Diff line number	Diff line change
`@@ -546,4 +546,13 @@ public function createTask(User $user, Server $server)`
`546`	`546`	`return $user->permissions()->server($server)->permission('create-task')->exists();`
`547`	`547`	`}`
`548`	`548`
	`549`	`+ public function resetDbPassword(User $user, Server $server)`
	`550`	`+ {`
	`551`	`+ if ($this->isOwner($user, $server)) {`
	`552`	`+ return true;`
	`553`	`+ }`
	`554`	`+`
	`555`	`+ return $user->permissions()->server($server)->permission('create-task')->exists();`
	`556`	`+ }`
	`557`	`+`
`549`	`558`	`}`