Switch filemanager and EULA check to use pure Javascript methods

Removes the need for the javascript to be parsed by Blade template
engine by using a defined javascript variable with the values that are
necessary for checking everything and passing the correct values.

This does make it so that if a user does not have permission to do
something they could theoretically make the option show up in the
context menu, however when they click it, it will simply return an
error by the daemon.

Author: DaneEveritt

app/Http/Controllers/Server/ServerController.php

@@ -28,6 +28,7 @@
 use Log;
 use Uuid;
 use Alert;
+use Javascript;
 use Pterodactyl\Models;
 use Illuminate\Http\Request;
 use InvalidArgumentException;
@@ -49,24 +50,6 @@ public function __construct()
         //
     }
 
-    public function getJavascript(Request $request, $uuid, $folder, $file)
-    {
-        $server = Models\Server::getByUUID($uuid);
-
-        $info = pathinfo($file);
-        $routeFile = str_replace('/', '.', $info['dirname']) . '.' . $info['filename'];
-        try {
-            return response()->view('server.js.' . $folder . '.' . $routeFile, [
-                'server' => $server,
-                'node' => Models\Node::find($server->node),
-            ])->header('Content-Type', 'application/javascript');
-        } catch (InvalidArgumentException $ex) {
-            return abort(404);
-        } catch (\Exception $ex) {
-            throw $ex;
-        }
-    }
-
     /**
      * Renders server index page for specified server.
      *
@@ -77,6 +60,13 @@ public function getIndex(Request $request)
     {
         $server = Models\Server::getByUUID($request->route()->server);
 
+        Javascript::put([
+            'meta' => [
+                'saveFile' => route('server.files.save', $server->uuidShort),
+                'csrfToken' => csrf_token(),
+            ],
+        ]);
+
         return view('server.index', [
             'server' => $server,
             'allocations' => Models\Allocation::where('assigned_to', $server->id)->orderBy('ip', 'asc')->orderBy('port', 'asc')->get(),
@@ -90,14 +80,34 @@ public function getIndex(Request $request)
      * @param  Request $request
      * @return \Illuminate\Contracts\View\View
      */
-    public function getFiles(Request $request)
+    public function getFiles(Request $request, $uuid)
     {
-        $server = Models\Server::getByUUID($request->route()->server);
+        $server = Models\Server::getByUUID($uuid);
         $this->authorize('list-files', $server);
 
+        $node = Models\Node::find($server->node);
+
+        Javascript::put([
+            'server' => collect($server->makeVisible('daemonSecret'))->only('uuid', 'uuidShort', 'daemonSecret'),
+            'node' => collect($node)->only('fqdn', 'scheme', 'daemonListen'),
+            'meta' => [
+                'directoryList' => route('server.files.directory-list', $server->uuidShort),
+                'csrftoken' => csrf_token(),
+            ],
+            'permissions' => [
+                'moveFiles' => $request->user()->can('move-files', $server),
+                'copyFiles' => $request->user()->can('copy-files', $server),
+                'compressFiles' => $request->user()->can('compress-files', $server),
+                'decompressFiles' => $request->user()->can('decompress-files', $server),
+                'createFiles' => $request->user()->can('create-files', $server),
+                'downloadFiles' => $request->user()->can('download-files', $server),
+                'deleteFiles' => $request->user()->can('delete-files', $server),
+            ],
+        ]);
+
         return view('server.files.index', [
             'server' => $server,
-            'node' => Models\Node::find($server->node),
+            'node' => $node,
         ]);
     }
 
@@ -107,9 +117,9 @@ public function getFiles(Request $request)
      * @param  Request $request
      * @return \Illuminate\Contracts\View\View
      */
-    public function getAddFile(Request $request)
+    public function getAddFile(Request $request, $uuid)
     {
-        $server = Models\Server::getByUUID($request->route()->server);
+        $server = Models\Server::getByUUID($uuid);
         $this->authorize('add-files', $server);
 
         return view('server.files.add', [

app/Http/Routes/ServerRoutes.php

@@ -166,15 +166,6 @@ public function map(Router $router)
                     'uses' => 'Server\AjaxController@postResetDatabasePassword',
                 ]);
             });
-
-            // Assorted AJAX Routes
-            $router->group(['prefix' => 'js'], function ($server) use ($router) {
-                // Returns Server Status
-                $router->get('{folder}/{file}', [
-                    'as' => 'server.js',
-                    'uses' => 'Server\ServerController@getJavascript',
-                ])->where('file', '.*');
-            });
         });
     }
 }

composer.json

@@ -26,7 +26,8 @@
         "mtdowling/cron-expression": "1.1.0",
         "dingo/api": "1.0.0-beta6",
         "aws/aws-sdk-php": "3.19.20",
-        "predis/predis": "1.1.1"
+        "predis/predis": "1.1.1",
+        "laracasts/utilities": "^2.1"
     },
     "require-dev": {
         "fzaninotto/faker": "~1.4",

config/app.php

@@ -158,6 +158,7 @@
         igaster\laravelTheme\themeServiceProvider::class,
         Prologue\Alerts\AlertsServiceProvider::class,
         Krucas\Settings\Providers\SettingsServiceProvider::class,
+        Laracasts\Utilities\JavaScript\JavaScriptServiceProvider::class,
 
     ],
 
@@ -198,6 +199,7 @@
         'Hash'      => Illuminate\Support\Facades\Hash::class,
         'Input'     => Illuminate\Support\Facades\Input::class,
         'Inspiring' => Illuminate\Foundation\Inspiring::class,
+        'Javascript' => Laracasts\Utilities\JavaScript\JavaScriptFacade::class,
         'Lang'      => Illuminate\Support\Facades\Lang::class,
         'Log'       => Illuminate\Support\Facades\Log::class,
         'Mail'      => Illuminate\Support\Facades\Mail::class,

config/javascript.php

@@ -0,0 +1,32 @@
+<?php
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | View to Bind JavaScript Vars To
+    |--------------------------------------------------------------------------
+    |
+    | Set this value to the name of the view (or partial) that
+    | you want to prepend all JavaScript variables to.
+    | This can be a single view, or an array of views.
+    | Example: 'footer' or ['footer', 'bottom']
+    |
+    */
+    'bind_js_vars_to_this_view' => [
+        'layouts.master'
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | JavaScript Namespace
+    |--------------------------------------------------------------------------
+    |
+    | By default, we'll add variables to the global window object. However,
+    | it's recommended that you change this to some namespace - anything.
+    | That way, you can access vars, like "SomeNamespace.someVariable."
+    |
+    */
+    'js_namespace' => 'Pterodactyl'
+
+];