Fix daemon key provider service

DaneEveritt · DaneEveritt · commit b1f6058e3191 · 2017-11-05T16:07:50.000-06:00
Handles missing keys if user is an admin or the server owner. Step in the right direction for pterodactyl#733 where all users have their own keys now. Still need to address admin status revocation in order to fully address that issue.
diff --git a/app/Contracts/Repository/DaemonKeyRepositoryInterface.php b/app/Contracts/Repository/DaemonKeyRepositoryInterface.php
@@ -24,13 +24,24 @@
 
 namespace Pterodactyl\Contracts\Repository;
 
+use Pterodactyl\Models\DaemonKey;
+
 interface DaemonKeyRepositoryInterface extends RepositoryInterface
 {
     /**
      * String prepended to keys to identify that they are managed internally and not part of the user API.
      */
     const INTERNAL_KEY_IDENTIFIER = 'i_';
 
+    /**
+     * Load the server and user relations onto a key model.
+     *
+     * @param \Pterodactyl\Models\DaemonKey $key
+     * @param bool                          $refresh
+     * @return \Pterodactyl\Models\DaemonKey
+     */
+    public function loadServerAndUserRelations(DaemonKey $key, bool $refresh = false): DaemonKey;
+
     /**
      * Gets the daemon keys associated with a specific server.
      *
diff --git a/app/Contracts/Repository/SubuserRepositoryInterface.php b/app/Contracts/Repository/SubuserRepositoryInterface.php
@@ -33,7 +33,7 @@ public function getWithPermissions(Subuser $subuser, bool $refresh = false): Sub
      *
      * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
      */
-    public function getWithPermissionsUsingUserAndServer($user, $server);
+    public function getWithPermissionsUsingUserAndServer(int $user, int $server): Subuser;
 
     /**
      * Find a subuser and return with server and permissions relationships.
diff --git a/app/Repositories/Eloquent/DaemonKeyRepository.php b/app/Repositories/Eloquent/DaemonKeyRepository.php
@@ -39,6 +39,26 @@ public function model()
         return DaemonKey::class;
     }
 
+    /**
+     * Load the server and user relations onto a key model.
+     *
+     * @param \Pterodactyl\Models\DaemonKey $key
+     * @param bool                          $refresh
+     * @return \Pterodactyl\Models\DaemonKey
+     */
+    public function loadServerAndUserRelations(DaemonKey $key, bool $refresh = false): DaemonKey
+    {
+        if (! $key->relationLoaded('server') || $refresh) {
+            $key->load('server');
+        }
+
+        if (! $key->relationLoaded('user') || $refresh) {
+            $key->load('user');
+        }
+
+        return $key;
+    }
+
     /**
      * {@inheritdoc}
      */
diff --git a/app/Repositories/Eloquent/SubuserRepository.php b/app/Repositories/Eloquent/SubuserRepository.php
@@ -65,13 +65,16 @@ public function getWithPermissions(Subuser $subuser, bool $refresh = false): Sub
     }
 
     /**
-     * {@inheritdoc}
+     * Return a subuser and associated permissions given a user_id and server_id.
+     *
+     * @param int $user
+     * @param int $server
+     * @return \Pterodactyl\Models\Subuser
+     *
+     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
      */
-    public function getWithPermissionsUsingUserAndServer($user, $server)
+    public function getWithPermissionsUsingUserAndServer(int $user, int $server): Subuser
     {
-        Assert::integerish($user, 'First argument passed to getWithPermissionsUsingUserAndServer must be integer, received %s.');
-        Assert::integerish($server, 'Second argument passed to getWithPermissionsUsingUserAndServer must be integer, received %s.');
-
         $instance = $this->getBuilder()->with('permissions')->where([
             ['user_id', '=', $user],
             ['server_id', '=', $server],
diff --git a/app/Services/DaemonKeys/DaemonKeyCreationService.php b/app/Services/DaemonKeys/DaemonKeyCreationService.php
@@ -25,7 +25,6 @@
 namespace Pterodactyl\Services\DaemonKeys;
 
 use Carbon\Carbon;
-use Webmozart\Assert\Assert;
 use Illuminate\Contracts\Config\Repository as ConfigRepository;
 use Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface;
 
@@ -72,11 +71,8 @@ public function __construct(
      *
      * @throws \Pterodactyl\Exceptions\Model\DataValidationException
      */
-    public function handle($server, $user)
+    public function handle(int $server, int $user)
     {
-        Assert::integerish($server, 'First argument passed to handle must be an integer, received %s.');
-        Assert::integerish($user, 'Second argument passed to handle must be an integer, received %s.');
-
         $secret = DaemonKeyRepositoryInterface::INTERNAL_KEY_IDENTIFIER . str_random(40);
 
         $this->repository->withoutFresh()->create([
diff --git a/app/Services/DaemonKeys/DaemonKeyProviderService.php b/app/Services/DaemonKeys/DaemonKeyProviderService.php
@@ -27,10 +27,16 @@
 use Carbon\Carbon;
 use Pterodactyl\Models\User;
 use Pterodactyl\Models\Server;
+use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
 use Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface;
 
 class DaemonKeyProviderService
 {
+    /**
+     * @var \Pterodactyl\Services\DaemonKeys\DaemonKeyCreationService
+     */
+    private $keyCreationService;
+
     /**
      * @var \Pterodactyl\Services\DaemonKeys\DaemonKeyUpdateService
      */
@@ -44,11 +50,16 @@ class DaemonKeyProviderService
     /**
      * GetDaemonKeyService constructor.
      *
-     * @param \Pterodactyl\Services\DaemonKeys\DaemonKeyUpdateService        $keyUpdateService
+     * @param \Pterodactyl\Services\DaemonKeys\DaemonKeyCreationService      $keyCreationService
      * @param \Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface $repository
+     * @param \Pterodactyl\Services\DaemonKeys\DaemonKeyUpdateService        $keyUpdateService
      */
-    public function __construct(DaemonKeyUpdateService $keyUpdateService, DaemonKeyRepositoryInterface $repository)
-    {
+    public function __construct(
+        DaemonKeyCreationService $keyCreationService,
+        DaemonKeyRepositoryInterface $repository,
+        DaemonKeyUpdateService $keyUpdateService
+    ) {
+        $this->keyCreationService = $keyCreationService;
         $this->keyUpdateService = $keyUpdateService;
         $this->repository = $repository;
     }
@@ -66,12 +77,23 @@ public function __construct(DaemonKeyUpdateService $keyUpdateService, DaemonKeyR
      */
     public function handle(Server $server, User $user, $updateIfExpired = true): string
     {
-        $userId = $user->root_admin ? $server->owner_id : $user->id;
+        try {
+            $key = $this->repository->findFirstWhere([
+                ['user_id', '=', $user->id],
+                ['server_id', '=', $server->id],
+            ]);
+        } catch (RecordNotFoundException $exception) {
+            // If key doesn't exist but we are an admin or the server owner,
+            // create it.
+            if ($user->root_admin || $user->id === $server->owner_id) {
+                return $this->keyCreationService->handle($server->id, $user->id);
+            }
 
-        $key = $this->repository->findFirstWhere([
-            ['user_id', '=', $userId],
-            ['server_id', '=', $server->id],
-        ]);
+            // If they aren't the admin or owner of the server, they shouldn't get access.
+            // Subusers should always have an entry created when they are, so if there is
+            // no record, it should fail.
+            throw $exception;
+        }
 
         if (! $updateIfExpired || Carbon::now()->diffInSeconds($key->expires_at, false) > 0) {
             return $key->secret;
diff --git a/app/Transformers/Daemon/ApiKeyTransformer.php b/app/Transformers/Daemon/ApiKeyTransformer.php
@@ -29,29 +29,30 @@
 use Pterodactyl\Models\Permission;
 use League\Fractal\TransformerAbstract;
 use Pterodactyl\Contracts\Repository\SubuserRepositoryInterface;
+use Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface;
 
 class ApiKeyTransformer extends TransformerAbstract
 {
     /**
-     * @var \Carbon\Carbon
+     * @var \Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface
      */
-    protected $carbon;
+    private $keyRepository;
 
     /**
      * @var \Pterodactyl\Contracts\Repository\SubuserRepositoryInterface
      */
-    protected $repository;
+    private $repository;
 
     /**
      * ApiKeyTransformer constructor.
      *
-     * @param \Carbon\Carbon                                               $carbon
-     * @param \Pterodactyl\Contracts\Repository\SubuserRepositoryInterface $repository
+     * @param \Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface $keyRepository
+     * @param \Pterodactyl\Contracts\Repository\SubuserRepositoryInterface   $repository
      */
-    public function __construct(Carbon $carbon, SubuserRepositoryInterface $repository)
+    public function __construct(DaemonKeyRepositoryInterface $keyRepository, SubuserRepositoryInterface $repository)
     {
-        $this->carbon = $carbon;
         $this->repository = $repository;
+        $this->keyRepository = $keyRepository;
     }
 
     /**
@@ -64,18 +65,20 @@ public function __construct(Carbon $carbon, SubuserRepositoryInterface $reposito
      */
     public function transform(DaemonKey $key)
     {
-        if ($key->user_id === $key->server->owner_id) {
+        $this->keyRepository->loadServerAndUserRelations($key);
+
+        if ($key->user_id === $key->getRelation('server')->owner_id || $key->getRelation('user')->root_admin) {
             return [
-                'id' => $key->server->uuid,
+                'id' => $key->getRelation('server')->uuid,
                 'is_temporary' => true,
-                'expires_in' => max($this->carbon->now()->diffInSeconds($key->expires_at, false), 0),
+                'expires_in' => max(Carbon::now()->diffInSeconds($key->expires_at, false), 0),
                 'permissions' => ['s:*'],
             ];
         }
 
         $subuser = $this->repository->getWithPermissionsUsingUserAndServer($key->user_id, $key->server_id);
 
-        $permissions = $subuser->permissions->pluck('permission')->toArray();
+        $permissions = $subuser->getRelation('permissions')->pluck('permission')->toArray();
         $mappings = Permission::getPermissions(true);
         $daemonPermissions = [];
 
@@ -86,9 +89,9 @@ public function transform(DaemonKey $key)
         }
 
         return [
-            'id' => $key->server->uuid,
+            'id' => $key->getRelation('server')->uuid,
             'is_temporary' => true,
-            'expires_in' => max($this->carbon->now()->diffInSeconds($key->expires_at, false), 0),
+            'expires_in' => max(Carbon::now()->diffInSeconds($key->expires_at, false), 0),
             'permissions' => $daemonPermissions,
         ];
     }
diff --git a/tests/Unit/Services/DaemonKeys/DaemonKeyProviderServiceTest.php b/tests/Unit/Services/DaemonKeys/DaemonKeyProviderServiceTest.php

Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ public function getWithPermissions(Subuser $subuser, bool $refresh = false): Sub`
`33`	`33`	`*`
`34`	`34`	`* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException`
`35`	`35`	`*/`
`36`		`- public function getWithPermissionsUsingUserAndServer($user, $server);`
	`36`	`+ public function getWithPermissionsUsingUserAndServer(int $user, int $server): Subuser;`
`37`	`37`
`38`	`38`	`/**`
`39`	`39`	`* Find a subuser and return with server and permissions relationships.`