Merge branch 'develop' into feature/file-uploads

Author: DaneEveritt

.github/FUNDING.yml

@@ -1,2 +1,2 @@
-#github: [DaneEveritt]
+github: [DaneEveritt]
 custom: ["https://paypal.me/PterodactylSoftware"]

.github/workflows/release.yml

@@ -36,7 +36,7 @@ jobs:
       - name: Create release archive
         run: |
           rm -rf node_modules/ test/ codecov.yml CODE_OF_CONDUCT.md CONTRIBUTING.md phpunit.dusk.xml phpunit.xml Vagrantfile
-          tar -czf panel.tar.gz *
+          tar -czf panel.tar.gz * .env.example
 
       - name: Extract changelog
         id: extract_changelog

Dockerfile

@@ -25,12 +25,12 @@ RUN cp docker/default.conf /etc/nginx/conf.d/default.conf \
  && cat docker/www.conf > /usr/local/etc/php-fpm.d/www.conf \
  && rm /usr/local/etc/php-fpm.d/www.conf.default \
  && cat docker/supervisord.conf > /etc/supervisord.conf \
- && echo "* * * * * /usr/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \
+ && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \
  && sed -i s/ssl_session_cache/#ssl_session_cache/g /etc/nginx/nginx.conf \
  && mkdir -p /var/run/php /var/run/nginx
 
 EXPOSE 80 443
 
 ENTRYPOINT ["/bin/ash", "docker/entrypoint.sh"]
 
-CMD [ "supervisord", "-n", "-c", "/etc/supervisord.conf" ]
+CMD [ "supervisord", "-n", "-c", "/etc/supervisord.conf" ]

README.md

@@ -12,6 +12,30 @@ What more are you waiting for? Make game servers a first class citizen on your p
 
 ![Image](https://cdn.pterodactyl.io/site-assets/mockup-macbook-grey.png)
 
+## Sponsors
+I would like to extend my sincere thanks to the following sponsors for funding Pterodactyl's developement. [Interested
+in becoming a sponsor?](https://github.com/sponsors/DaneEveritt)
+
+#### [BloomVPS](https://bloomvps.com)
+> BloomVPS offers dedicated core VPS and Minecraft hosting with Ryzen 9 processors. With owned-hardware, we offer truly
+> unbeatable prices on high-performance hosting.
+
+#### [VersatileNode](https://versatilenode.com/)
+> Looking to host a minecraft server, vps, or a website? VersatileNode is one of the most affordable hosting providers
+> to provide quality yet cheap services with incredible support.
+
+#### [MineStrator](https://minestrator.com/)
+> Looking for a French highend hosting company for you minecraft server? More than 14,000 members on our discord
+> trust us.
+
+#### [DedicatedMC](https://dedicatedmc.io/)
+> DedicatedMC provides Raw Power hosting at affordable pricing, making sure to never compromise on your performance
+> and giving you the best performance money can buy.
+
+#### [Skynode](https://www.skynode.pro/)
+> Skynode provides blazing fast game servers along with a top notch user experience. Whatever our clients are looking
+> for, we're able to provide it!
+
 ## Support & Documentation
 Support for using Pterodactyl can be found on our [Documentation Website](https://pterodactyl.io/project/introduction.html), [Guides Website](https://pterodactyl.io/community/about.html), or via our [Discord Chat](https://discord.gg/QRDZvVm).
 
@@ -43,7 +67,7 @@ In addition to our standard nest of supported games, our community is constantly
 ## Credits
 This software would not be possible without the work of other open-source authors who provide tools such as:
 
-[Ace Editor](https://ace.c9.io), [AdminLTE](https://almsaeedstudio.com), [Animate.css](http://daneden.github.io/animate.css/), [AnsiUp](https://github.com/drudru/ansi_up), [Async.js](https://github.com/caolan/async), 
+[Ace Editor](https://ace.c9.io), [AdminLTE](https://adminlte.io), [Animate.css](http://daneden.github.io/animate.css/), [AnsiUp](https://github.com/drudru/ansi_up), [Async.js](https://github.com/caolan/async), 
 [Bootstrap](http://getbootstrap.com), [Bootstrap Notify](http://bootstrap-notify.remabledesigns.com), [Chart.js](http://www.chartjs.org), [FontAwesome](http://fontawesome.io),
 [FontAwesome Animations](https://github.com/l-lin/font-awesome-animation), [jQuery](http://jquery.com), [Laravel](https://laravel.com), [Lodash](https://lodash.com),
 [Select2](https://select2.github.io), [Socket.io](http://socket.io), [Socket.io File Upload](https://github.com/vote539/socketio-file-upload), [SweetAlert](http://t4t5.github.io/sweetalert),

app/Console/Commands/Maintenance/PruneOrphanedBackupsCommand.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace Pterodactyl\Console\Commands\Maintenance;
+
+use Carbon\CarbonImmutable;
+use InvalidArgumentException;
+use Illuminate\Console\Command;
+use Pterodactyl\Repositories\Eloquent\BackupRepository;
+
+class PruneOrphanedBackupsCommand extends Command
+{
+    /**
+     * @var string
+     */
+    protected $signature = 'p:maintenance:prune-backups {--since-minutes=30}';
+
+    /**
+     * @var string
+     */
+    protected $description = 'Marks all backups that have not completed in the last "n" minutes as being failed.';
+
+    /**
+     * @param \Pterodactyl\Repositories\Eloquent\BackupRepository $repository
+     */
+    public function handle(BackupRepository $repository)
+    {
+        $since = $this->option('since-minutes');
+        if (! is_digit($since)) {
+            throw new InvalidArgumentException('The --since-minutes option must be a valid numeric digit.');
+        }
+
+        $query = $repository->getBuilder()
+            ->whereNull('completed_at')
+            ->whereDate('created_at', '<=', CarbonImmutable::now()->subMinutes($since));
+
+        $count = $query->count();
+        if (! $count) {
+            $this->info('There are no orphaned backups to be marked as failed.');
+
+            return;
+        }
+
+        $this->warn("Marking {$count} backups that have not been marked as completed in the last {$since} minutes as failed.");
+
+        $query->update([
+            'is_successful' => false,
+            'completed_at' => CarbonImmutable::now(),
+            'updated_at' => CarbonImmutable::now(),
+        ]);
+    }
+}

app/Console/Kernel.php

@@ -22,7 +22,16 @@ protected function commands()
      */
     protected function schedule(Schedule $schedule)
     {
+        // Execute scheduled commands for servers every minute, as if there was a normal cron running.
         $schedule->command('p:schedule:process')->everyMinute()->withoutOverlapping();
+
+        // Every 30 minutes, run the backup pruning command so that any abandoned backups can be removed
+        // from the UI view for the server.
+        $schedule->command('p:maintenance:prune-backups', [
+            '--since-minutes' => '30',
+        ])->everyThirtyMinutes();
+
+        // Every day cleanup any internal backups of service files.
         $schedule->command('p:maintenance:clean-service-backups')->daily();
     }
 }

app/Exceptions/Handler.php

@@ -213,6 +213,13 @@ public static function convertToArray(Throwable $exception, array $override = []
             'detail' => 'An error was encountered while processing this request.',
         ];
 
+        if ($exception instanceof ModelNotFoundException || $exception->getPrevious() instanceof ModelNotFoundException) {
+            // Show a nicer error message compared to the standard "No query results for model"
+            // response that is normally returned. If we are in debug mode this will get overwritten
+            // with a more specific error message to help narrow down things.
+            $error['detail'] = 'The requested resource could not be found on the server.';
+        }
+
         if (config('app.debug')) {
             $error = array_merge($error, [
                 'detail' => $exception->getMessage(),

app/Exceptions/Http/Connection/DaemonConnectionException.php

@@ -2,6 +2,7 @@
 
 namespace Pterodactyl\Exceptions\Http\Connection;
 
+use Illuminate\Support\Arr;
 use Illuminate\Http\Response;
 use GuzzleHttp\Exception\GuzzleException;
 use Pterodactyl\Exceptions\DisplayException;
@@ -22,18 +23,34 @@ class DaemonConnectionException extends DisplayException
      * @param \GuzzleHttp\Exception\GuzzleException $previous
      * @param bool $useStatusCode
      */
-    public function __construct(GuzzleException $previous, bool $useStatusCode = false)
+    public function __construct(GuzzleException $previous, bool $useStatusCode = true)
     {
         /** @var \GuzzleHttp\Psr7\Response|null $response */
         $response = method_exists($previous, 'getResponse') ? $previous->getResponse() : null;
 
         if ($useStatusCode) {
-            $this->statusCode = is_null($response) ? 500 : $response->getStatusCode();
+            $this->statusCode = is_null($response) ? $this->statusCode : $response->getStatusCode();
         }
 
-        parent::__construct(trans('admin/server.exceptions.daemon_exception', [
+        $message = trans('admin/server.exceptions.daemon_exception', [
             'code' => is_null($response) ? 'E_CONN_REFUSED' : $response->getStatusCode(),
-        ]), $previous, DisplayException::LEVEL_WARNING);
+        ]);
+
+        // Attempt to pull the actual error message off the response and return that if it is not
+        // a 500 level error.
+        if ($this->statusCode < 500 && ! is_null($response)) {
+            $body = $response->getBody();
+            if (is_string($body) || (is_object($body) && method_exists($body, '__toString'))) {
+                $body = json_decode(is_string($body) ? $body : $body->__toString(), true);
+                $message = "[Wings Error]: " . Arr::get($body, 'error', $message);
+            }
+        }
+
+        $level = $this->statusCode >= 500 && $this->statusCode !== 504
+            ? DisplayException::LEVEL_ERROR
+            : DisplayException::LEVEL_WARNING;
+
+        parent::__construct($message, $previous, $level);
     }
 
     /**

app/Http/Controllers/Api/Client/ClientController.php

@@ -2,7 +2,6 @@
 
 namespace Pterodactyl\Http\Controllers\Api\Client;
 
-use Pterodactyl\Models\User;
 use Pterodactyl\Models\Server;
 use Pterodactyl\Models\Permission;
 use Spatie\QueryBuilder\QueryBuilder;
@@ -39,31 +38,27 @@ public function __construct(ServerRepository $repository)
     public function index(GetServersRequest $request): array
     {
         $user = $request->user();
-        $level = $request->getFilterLevel();
         $transformer = $this->getTransformer(ServerTransformer::class);
 
         // Start the query builder and ensure we eager load any requested relationships from the request.
-        $builder = Server::query()->with($this->getIncludesForTransformer($transformer, ['node']));
+        $builder = QueryBuilder::for(
+            Server::query()->with($this->getIncludesForTransformer($transformer, ['node']))
+        )->allowedFilters('uuid', 'name', 'external_id');
 
-        if ($level === User::FILTER_LEVEL_OWNER) {
-            $builder = $builder->where('owner_id', $request->user()->id);
-        }
-        // If set to all, display all servers they can access, including those they access as an
-        // admin. If set to subuser, only return the servers they can access because they are owner,
-        // or marked as a subuser of the server.
-        elseif (($level === User::FILTER_LEVEL_ALL && ! $user->root_admin) || $level === User::FILTER_LEVEL_SUBUSER) {
+        // Either return all of the servers the user has access to because they are an admin `?type=admin` or
+        // just return all of the servers the user has access to because they are the owner or a subuser of the
+        // server.
+        if ($request->input('type') === 'admin') {
+            $builder = $user->root_admin
+                ? $builder->whereNotIn('id', $user->accessibleServers()->pluck('id')->all())
+                // If they aren't an admin but want all the admin servers don't fail the request, just
+                // make it a query that will never return any results back.
+                : $builder->whereRaw('1 = 2');
+        } elseif ($request->input('type') === 'owner') {
+            $builder = $builder->where('owner_id', $user->id);
+        } else {
             $builder = $builder->whereIn('id', $user->accessibleServers()->pluck('id')->all());
         }
-        // If set to admin, only display the servers a user can access because they are an administrator.
-        // This means only servers the user would not have access to if they were not an admin (because they
-        // are not an owner or subuser) are returned.
-        elseif ($level === User::FILTER_LEVEL_ADMIN && $user->root_admin) {
-            $builder = $builder->whereNotIn('id', $user->accessibleServers()->pluck('id')->all());
-        }
-
-        $builder = QueryBuilder::for($builder)->allowedFilters(
-            'uuid', 'name', 'external_id'
-        );
 
         $servers = $builder->paginate(min($request->query('per_page', 50), 100))->appends($request->query());
 

app/Http/Controllers/Api/Client/Servers/CommandController.php

@@ -5,7 +5,6 @@
 use Illuminate\Http\Response;
 use Pterodactyl\Models\Server;
 use Psr\Http\Message\ResponseInterface;
-use GuzzleHttp\Exception\RequestException;
 use GuzzleHttp\Exception\BadResponseException;
 use Symfony\Component\HttpKernel\Exception\HttpException;
 use Pterodactyl\Repositories\Wings\DaemonCommandRepository;
@@ -45,19 +44,21 @@ public function index(SendCommandRequest $request, Server $server): Response
     {
         try {
             $this->repository->setServer($server)->send($request->input('command'));
-        } catch (RequestException $exception) {
-            if ($exception instanceof BadResponseException) {
+        } catch (DaemonConnectionException $exception) {
+            $previous = $exception->getPrevious();
+
+            if ($previous instanceof BadResponseException) {
                 if (
-                    $exception->getResponse() instanceof ResponseInterface
-                    && $exception->getResponse()->getStatusCode() === Response::HTTP_BAD_GATEWAY
+                    $previous->getResponse() instanceof ResponseInterface
+                    && $previous->getResponse()->getStatusCode() === Response::HTTP_BAD_GATEWAY
                 ) {
                     throw new HttpException(
                         Response::HTTP_BAD_GATEWAY, 'Server must be online in order to send commands.', $exception
                     );
                 }
             }
 
-            throw new DaemonConnectionException($exception);
+            throw $exception;
         }
 
         return $this->returnNoContent();