ghzhost
diff --git a/‎app/Http/Controllers/Api/Client/Servers/BackupController.php‎
Lines changed: 112 additions & 14 deletions b/‎app/Http/Controllers/Api/Client/Servers/BackupController.php‎
Lines changed: 112 additions & 14 deletions
diff --git a/‎app/Http/Controllers/Api/Client/Servers/DownloadBackupController.php‎
Lines changed: 0 additions & 144 deletions b/‎app/Http/Controllers/Api/Client/Servers/DownloadBackupController.php‎
Lines changed: 0 additions & 144 deletions
diff --git a/‎app/Http/Requests/Api/Client/Servers/Backups/DeleteBackupRequest.php‎
Lines changed: 0 additions & 17 deletions b/‎app/Http/Requests/Api/Client/Servers/Backups/DeleteBackupRequest.php‎
Lines changed: 0 additions & 17 deletions
@@ -2,18 +2,21 @@
 
 namespace Pterodactyl\Http\Controllers\Api\Client\Servers;
 
+use Illuminate\Http\Request;
 use Pterodactyl\Models\Backup;
 use Pterodactyl\Models\Server;
 use Pterodactyl\Models\AuditLog;
 use Illuminate\Http\JsonResponse;
+use Pterodactyl\Models\Permission;
+use Illuminate\Validation\UnauthorizedException;
 use Pterodactyl\Services\Backups\DeleteBackupService;
-use Pterodactyl\Repositories\Eloquent\BackupRepository;
+use Pterodactyl\Services\Backups\DownloadLinkService;
 use Pterodactyl\Services\Backups\InitiateBackupService;
 use Pterodactyl\Transformers\Api\Client\BackupTransformer;
+use Pterodactyl\Repositories\Wings\DaemonBackupRepository;
 use Pterodactyl\Http\Controllers\Api\Client\ClientApiController;
-use Pterodactyl\Http\Requests\Api\Client\Servers\Backups\GetBackupsRequest;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Pterodactyl\Http\Requests\Api\Client\Servers\Backups\StoreBackupRequest;
-use Pterodactyl\Http\Requests\Api\Client\Servers\Backups\DeleteBackupRequest;
 
 class BackupController extends ClientApiController
 {
@@ -28,39 +31,51 @@ class BackupController extends ClientApiController
     private $deleteBackupService;
 
     /**
-     * @var \Pterodactyl\Repositories\Eloquent\BackupRepository
+     * @var \Pterodactyl\Services\Backups\DownloadLinkService
+     */
+    private $downloadLinkService;
+
+    /**
+     * @var \Pterodactyl\Repositories\Wings\DaemonBackupRepository
      */
     private $repository;
 
     /**
      * BackupController constructor.
      *
-     * @param \Pterodactyl\Repositories\Eloquent\BackupRepository $repository
+     * @param \Pterodactyl\Repositories\Wings\DaemonBackupRepository $repository
      * @param \Pterodactyl\Services\Backups\DeleteBackupService $deleteBackupService
      * @param \Pterodactyl\Services\Backups\InitiateBackupService $initiateBackupService
+     * @param \Pterodactyl\Services\Backups\DownloadLinkService $downloadLinkService
      */
     public function __construct(
-        BackupRepository $repository,
+        DaemonBackupRepository $repository,
         DeleteBackupService $deleteBackupService,
-        InitiateBackupService $initiateBackupService
+        InitiateBackupService $initiateBackupService,
+        DownloadLinkService $downloadLinkService
     ) {
         parent::__construct();
 
+        $this->repository = $repository;
         $this->initiateBackupService = $initiateBackupService;
         $this->deleteBackupService = $deleteBackupService;
-        $this->repository = $repository;
+        $this->downloadLinkService = $downloadLinkService;
     }
 
     /**
      * Returns all of the backups for a given server instance in a paginated
      * result set.
      *
-     * @param \Pterodactyl\Http\Requests\Api\Client\Servers\Backups\GetBackupsRequest $request
+     * @param \Illuminate\Http\Request $request
      * @param \Pterodactyl\Models\Server $server
      * @return array
      */
-    public function index(GetBackupsRequest $request, Server $server)
+    public function index(Request $request, Server $server)
     {
+        if (! $request->user()->can(Permission::ACTION_BACKUP_READ, $server)) {
+            throw new UnauthorizedException;
+        }
+
         $limit = min($request->query('per_page') ?? 20, 50);
 
         return $this->fractal->collection($server->backups()->paginate($limit))
@@ -100,13 +115,17 @@ public function store(StoreBackupRequest $request, Server $server)
     /**
      * Returns information about a single backup.
      *
-     * @param \Pterodactyl\Http\Requests\Api\Client\Servers\Backups\GetBackupsRequest $request
+     * @param \Illuminate\Http\Request $request
      * @param \Pterodactyl\Models\Server $server
      * @param \Pterodactyl\Models\Backup $backup
      * @return array
      */
-    public function view(GetBackupsRequest $request, Server $server, Backup $backup)
+    public function view(Request $request, Server $server, Backup $backup)
     {
+        if (! $request->user()->can(Permission::ACTION_BACKUP_READ, $server)) {
+            throw new UnauthorizedException;
+        }
+
         return $this->fractal->item($backup)
             ->transformWith($this->getTransformer(BackupTransformer::class))
             ->toArray();
@@ -116,15 +135,19 @@ public function view(GetBackupsRequest $request, Server $server, Backup $backup)
      * Deletes a backup from the panel as well as the remote source where it is currently
      * being stored.
      *
-     * @param \Pterodactyl\Http\Requests\Api\Client\Servers\Backups\DeleteBackupRequest $request
+     * @param \Illuminate\Http\Request $request
      * @param \Pterodactyl\Models\Server $server
      * @param \Pterodactyl\Models\Backup $backup
      * @return \Illuminate\Http\JsonResponse
      *
      * @throws \Throwable
      */
-    public function delete(DeleteBackupRequest $request, Server $server, Backup $backup)
+    public function delete(Request $request, Server $server, Backup $backup)
     {
+        if (! $request->user()->can(Permission::ACTION_BACKUP_DELETE, $server)) {
+            throw new UnauthorizedException;
+        }
+
         $server->audit(AuditLog::SERVER__BACKUP_DELETED, function (AuditLog $audit) use ($backup) {
             $audit->metadata = ['backup_uuid' => $backup->uuid];
 
@@ -133,4 +156,79 @@ public function delete(DeleteBackupRequest $request, Server $server, Backup $bac
 
         return new JsonResponse([], JsonResponse::HTTP_NO_CONTENT);
     }
+
+    /**
+     * Download the backup for a given server instance. For daemon local files, the file
+     * will be streamed back through the Panel. For AWS S3 files, a signed URL will be generated
+     * which the user is redirected to.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Pterodactyl\Models\Server $server
+     * @param \Pterodactyl\Models\Backup $backup
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function download(Request $request, Server $server, Backup $backup)
+    {
+        if (! $request->user()->can(Permission::ACTION_BACKUP_DOWNLOAD, $server)) {
+            throw new UnauthorizedException;
+        }
+
+        switch ($backup->disk) {
+            case Backup::ADAPTER_WINGS:
+            case Backup::ADAPTER_AWS_S3:
+                return new JsonResponse([
+                    'object' => 'signed_url',
+                    'attributes' => ['url' => ''],
+                ]);
+            default:
+                throw new BadRequestHttpException;
+        }
+    }
+
+    /**
+     * Handles restoring a backup by making a request to the Wings instance telling it
+     * to begin the process of finding (or downloading) the backup and unpacking it
+     * over the server files.
+     *
+     * If the "truncate" flag is passed through in this request then all of the
+     * files that currently exist on the server will be deleted before restoring.
+     * Otherwise the archive will simply be unpacked over the existing files.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Pterodactyl\Models\Server $server
+     * @param \Pterodactyl\Models\Backup $backup
+     * @return \Illuminate\Http\JsonResponse
+     *
+     * @throws \Throwable
+     */
+    public function restore(Request $request, Server $server, Backup $backup)
+    {
+        if (! $request->user()->can(Permission::ACTION_BACKUP_RESTORE, $server)) {
+            throw new UnauthorizedException;
+        }
+
+        // Cannot restore a backup unless a server is fully installed and not currently
+        // processing a different backup restoration request.
+        if (! is_null($server->status)) {
+            throw new BadRequestHttpException('This server is not currently in a state that allows for a backup to be restored.');
+        }
+
+        $server->audit(AuditLog::SERVER__BACKUP_RESTORE_STARTED, function (AuditLog $audit, Server $server) use ($backup, $request) {
+            $audit->metadata = ['backup_uuid' => $backup->uuid];
+
+            // If the backup is for an S3 file we need to generate a unique Download link for
+            // it that will allow Wings to actually access the file.
+            if ($backup->disk === Backup::ADAPTER_AWS_S3) {
+                $url = $this->downloadLinkService->handle($backup, $request->user());
+            }
+
+            // Update the status right away for the server so that we know not to allow certain
+            // actions against it via the Panel API.
+            $server->update(['status' => Server::STATUS_RESTORING_BACKUP]);
+
+            $this->repository->restore($backup, $url ?? null, $request->input('truncate') === 'true');
+        });
+
+        return new JsonResponse([], JsonResponse::HTTP_NO_CONTENT);
+    }
 }