Merge branch 'develop' into feature/service-changes

Author: DaneEveritt

.babelrc

@@ -0,0 +1,8 @@
+{
+  "presets": ["es2015"],
+  "compact": true,
+  "minified": true,
+  "only": "public/js/files/*.js",
+  "sourceMaps": "inline",
+  "comments": false
+}

.editorconfig

@@ -3,8 +3,10 @@ root = true
 [*]
 end_of_line = lf
 insert_final_newline = true
-
-[*.{php,js,html,css}]
-charset = utf-8
 indent_style = space
 indent_size = 4
+charset = utf-8
+trim_trailing_whitespace = true
+
+[*.md]
+trim_trailing_whitespace = false

.gitignore

@@ -9,5 +9,4 @@ Homestead.yaml
 Vagrantfile
 Vagrantfile
 
-node_modules
-.babelrc
+node_modules

CHANGELOG.md

@@ -3,6 +3,25 @@ This file is a running track of new features and fixes to each version of the pa
 
 This project follows [Semantic Versioning](http://semver.org) guidelines.
 
+## v0.5.6 (Bodacious Boreopterus)
+### Added
+* Added the following languages: Estonian `et`, Dutch `nl`, Norwegian `nb` (partial), Romanian `ro`, and Russian `ru`. Interested in helping us translate the panel into more languages, or improving existing translations? Contact us on Discord and let us know.
+* Added missing `strings.password` to language file for English.
+* Allow listing of users from the API by passing either the user ID or their email.
+
+### Fixed
+* Fixes bug where assigning a variable a default value (or valid value) of `0` would cause the panel to reject the value thinking it did not exist.
+* Addresses potential for crash by limiting total ports that can be assigned per-range to 2000.
+* Fixes server names requiring at minimum 4 characters. Name can now be 1 to 200 characters long. :pencil2:
+* Fixes bug that would allow adding the owner of a server as a subuser for that same server.
+* Fixes bug that would allow creating multiple subusers with the same email address.
+* Fixes bug where Sponge servers were improperly tagged as a spigot server in the daemon causing issues when booting or modifying configuration files.
+* Use transpiled ES6 -> ES5 filemanager code in browsers.
+* Fixes service option name displaying the name of a nwly added variable after the variable is added and until the page is refreshed. (see #208)
+
+### Changed
+* Filemanager and EULA checking javascript is now written in pure ES6 code rather than as a blade-syntax template. This allows the use of babel to transpile into ES5 as a minified version.
+
 ## v0.5.5 (Bodacious Boreopterus)
 ### Added
 * New API route to return allocations given a server ID. This adds support for a community-driven WHMCS module :rocket: available [here](https://github.com/hammerdawn/Pterodactyl-WHMCS).

app/Http/Controllers/API/UserController.php

@@ -75,7 +75,7 @@ public function lists(Request $request)
      */
     public function view(Request $request, $id)
     {
-        $query = Models\User::where('id', $id);
+        $query = Models\User::where((is_numeric($id) ? 'id' : 'email'), $id);
 
         if (! is_null($request->input('fields'))) {
             foreach (explode(',', $request->input('fields')) as $field) {

app/Http/Controllers/Admin/NodesController.php

@@ -27,6 +27,7 @@
 use DB;
 use Log;
 use Alert;
+use Carbon;
 use Validator;
 use Pterodactyl\Models;
 use Illuminate\Http\Request;
@@ -82,6 +83,7 @@ public function postNew(Request $request)
                 '_token',
             ]));
             Alert::success('Successfully created new node. <strong>Before you can add any servers you need to first assign some IP addresses and ports.</strong>')->flash();
+            Alert::info('<strong>To simplify the node setup you can generate a token on the configuration tab.</strong>')->flash();
 
             return redirect()->route('admin.nodes.view', [
                 'id' => $new,
@@ -276,4 +278,24 @@ public function deleteNode(Request $request, $id)
             'tab' => 'tab_delete',
         ]);
     }
+
+    public function getConfigurationToken(Request $request, $id)
+    {
+        // Check if Node exists. Will lead to 404 if not.
+        Models\Node::findOrFail($id);
+
+        // Create a token
+        $token = new Models\NodeConfigurationToken();
+        $token->node = $id;
+        $token->token = str_random(32);
+        $token->expires_at = Carbon::now()->addMinutes(5); // Expire in 5 Minutes
+        $token->save();
+
+        $token_response = [
+            'token' => $token->token,
+            'expires_at' => $token->expires_at->toDateTimeString(),
+        ];
+
+        return response()->json($token_response, 200);
+    }
 }

app/Http/Controllers/Admin/ServiceController.php

@@ -232,7 +232,7 @@ public function postNewVariable(Request $request, $service, $option)
             ]));
             Alert::success('Successfully added new variable to this option.')->flash();
 
-            return redirect()->route('admin.services.option', [$service, $option])->withInput();
+            return redirect()->route('admin.services.option', [$service, $option]);
         } catch (DisplayValidationException $ex) {
             return redirect()->route('admin.services.option.variable.new', [$service, $option])->withErrors(json_decode($ex->getMessage()))->withInput();
         } catch (DisplayException $ex) {

app/Http/Controllers/Base/LanguageController.php

@@ -33,16 +33,14 @@
 class LanguageController extends Controller
 {
     protected $languages = [
-        'de' => 'Danish',
+        'de' => 'German',
         'en' => 'English',
-        'es' => 'Spanish',
-        'fr' => 'French',
-        'it' => 'Italian',
-        'pl' => 'Polish',
+        'et' => 'Estonian',
+        'nb' => 'Norwegian',
+        'nl' => 'Dutch',
         'pt' => 'Portuguese',
+        'ro' => 'Romanian',
         'ru' => 'Russian',
-        'se' => 'Swedish',
-        'zh' => 'Chinese',
     ];
 
     /**

app/Http/Controllers/Remote/RemoteController.php

@@ -24,6 +24,7 @@
 
 namespace Pterodactyl\Http\Controllers\Remote;
 
+use Carbon\Carbon;
 use Pterodactyl\Models;
 use Illuminate\Http\Request;
 use Pterodactyl\Http\Controllers\Controller;
@@ -107,4 +108,29 @@ public function event(Request $request)
 
         return response('', 201);
     }
+
+    public function getConfiguration(Request $request, $tokenString)
+    {
+        // Try to query the token and the node from the database
+        try {
+            $token = Models\NodeConfigurationToken::where('token', $tokenString)->firstOrFail();
+            $node = Models\Node::findOrFail($token->node);
+        } catch (\Illuminate\Database\Eloquent\ModelNotFoundException $e) {
+            return response()->json(['error' => 'token_invalid'], 403);
+        }
+
+        // Check if token is expired
+        if ($token->expires_at->lt(Carbon::now())) {
+            $token->delete();
+
+            return response()->json(['error' => 'token_expired'], 403);
+        }
+
+        // Delete the token, it's one-time use
+        $token->delete();
+
+        // Manually as getConfigurationAsJson() returns it in correct format already
+        return response($node->getConfigurationAsJson(), 200)
+            ->header('Content-Type', 'application/json');
+    }
 }

app/Http/Controllers/Server/ServerController.php

@@ -28,9 +28,9 @@
 use Log;
 use Uuid;
 use Alert;
+use Javascript;
 use Pterodactyl\Models;
 use Illuminate\Http\Request;
-use InvalidArgumentException;
 use Pterodactyl\Exceptions\DisplayException;
 use Pterodactyl\Http\Controllers\Controller;
 use Pterodactyl\Repositories\ServerRepository;
@@ -49,24 +49,6 @@ public function __construct()
         //
     }
 
-    public function getJavascript(Request $request, $uuid, $folder, $file)
-    {
-        $server = Models\Server::getByUUID($uuid);
-
-        $info = pathinfo($file);
-        $routeFile = str_replace('/', '.', $info['dirname']) . '.' . $info['filename'];
-        try {
-            return response()->view('server.js.' . $folder . '.' . $routeFile, [
-                'server' => $server,
-                'node' => Models\Node::find($server->node),
-            ])->header('Content-Type', 'application/javascript');
-        } catch (InvalidArgumentException $ex) {
-            return abort(404);
-        } catch (\Exception $ex) {
-            throw $ex;
-        }
-    }
-
     /**
      * Renders server index page for specified server.
      *
@@ -77,6 +59,13 @@ public function getIndex(Request $request)
     {
         $server = Models\Server::getByUUID($request->route()->server);
 
+        Javascript::put([
+            'meta' => [
+                'saveFile' => route('server.files.save', $server->uuidShort),
+                'csrfToken' => csrf_token(),
+            ],
+        ]);
+
         return view('server.index', [
             'server' => $server,
             'allocations' => Models\Allocation::where('assigned_to', $server->id)->orderBy('ip', 'asc')->orderBy('port', 'asc')->get(),
@@ -90,14 +79,34 @@ public function getIndex(Request $request)
      * @param  Request $request
      * @return \Illuminate\Contracts\View\View
      */
-    public function getFiles(Request $request)
+    public function getFiles(Request $request, $uuid)
     {
-        $server = Models\Server::getByUUID($request->route()->server);
+        $server = Models\Server::getByUUID($uuid);
         $this->authorize('list-files', $server);
 
+        $node = Models\Node::find($server->node);
+
+        Javascript::put([
+            'server' => collect($server->makeVisible('daemonSecret'))->only('uuid', 'uuidShort', 'daemonSecret'),
+            'node' => collect($node)->only('fqdn', 'scheme', 'daemonListen'),
+            'meta' => [
+                'directoryList' => route('server.files.directory-list', $server->uuidShort),
+                'csrftoken' => csrf_token(),
+            ],
+            'permissions' => [
+                'moveFiles' => $request->user()->can('move-files', $server),
+                'copyFiles' => $request->user()->can('copy-files', $server),
+                'compressFiles' => $request->user()->can('compress-files', $server),
+                'decompressFiles' => $request->user()->can('decompress-files', $server),
+                'createFiles' => $request->user()->can('create-files', $server),
+                'downloadFiles' => $request->user()->can('download-files', $server),
+                'deleteFiles' => $request->user()->can('delete-files', $server),
+            ],
+        ]);
+
         return view('server.files.index', [
             'server' => $server,
-            'node' => Models\Node::find($server->node),
+            'node' => $node,
         ]);
     }
 
@@ -107,9 +116,9 @@ public function getFiles(Request $request)
      * @param  Request $request
      * @return \Illuminate\Contracts\View\View
      */
-    public function getAddFile(Request $request)
+    public function getAddFile(Request $request, $uuid)
     {
-        $server = Models\Server::getByUUID($request->route()->server);
+        $server = Models\Server::getByUUID($uuid);
         $this->authorize('add-files', $server);
 
         return view('server.files.add', [