Merge branch 'release/v0.7.15'

Author: DaneEveritt

CHANGELOG.md

@@ -3,6 +3,35 @@ This file is a running track of new features and fixes to each version of the pa
 
 This project follows [Semantic Versioning](http://semver.org) guidelines.
 
+## v0.7.15 (Derelict Dermodactylus)
+### Fixed
+* Fixes support for PHP 7.3 when running `composer install` commands due to a dependency that needed updating.
+* Automatic allocation field when creating a new node (or updating one) should now properly remeber its old
+value when showing an error state.
+* Mass deleting files now executes properly and doesn't result in a JS console error.
+* Scrolling on email settings page now works.
+* Database host management will now properly display an error message to the user when there is any type of MySQL related
+error encountered during creation or update.
+* Two-factor tokens generated when a company name has a space in it will now properly be parsed on iOS authenticator devices.
+* Fixed 500 error when trying to request subuser's from a server in the application API.
+* Creating a node allocation via the API no longer requires an alias field be passed through in the request.
+* Bulk power management for servers via the CLI no longer fails when servers span multiple nodes.
+
+### Added
+* Server listing view now displays the total used disk space for each server.
+* Client API endpoint to list all servers now supports an additional `?filter=subuser-of|all|admin|owner` parameter to
+return different groupings of servers. The default value is `subuser-of` which will include all of the user's servers
+that they are the owner of, as well as all servers they're a subuser of.
+* Added back ability to toggle OOM killer status on a per-server basis.
+* Added `LOCK TABLES` permission for generated database users.
+
+### Changed
+* Updated Paper egg to not download `server.properties` each time. [parkervcp/eggs#260](https://github.com/parkervcp/eggs/issues/260)
+* Insurgency egg now uses the proper dedicated server ID.
+* Teamspeak egg updated with improved installation process and grabbing latest versions.
+* OOM killer disabled by default on all new servers.
+* Passwords generated for MySQL now include special characters and are 24 characters in length.
+
 ## v0.7.14 (Derelict Dermodactylus)
 ### Fixed
 * **[SECURITY]** Fixes an XSS vulnerability when performing certain actions in the file manager.

app/Console/Commands/Server/BulkPowerActionCommand.php

@@ -102,7 +102,10 @@ public function handle()
             $bar->clear();
 
             try {
-                $this->powerRepository->setServer($server)->sendSignal($action);
+                $this->powerRepository
+                    ->setNode($server->node)
+                    ->setServer($server)
+                    ->sendSignal($action);
             } catch (RequestException $exception) {
                 $this->output->error(trans('command/messages.server.power.action_failed', [
                     'name' => $server->name,

app/Http/Controllers/Admin/DatabaseController.php

@@ -2,6 +2,7 @@
 
 namespace Pterodactyl\Http\Controllers\Admin;
 
+use Exception;
 use PDOException;
 use Illuminate\View\View;
 use Pterodactyl\Models\DatabaseHost;
@@ -118,17 +119,22 @@ public function view(int $host): View
      * @param \Pterodactyl\Http\Requests\Admin\DatabaseHostFormRequest $request
      * @return \Illuminate\Http\RedirectResponse
      *
-     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
-     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
+     * @throws \Throwable
      */
     public function create(DatabaseHostFormRequest $request): RedirectResponse
     {
         try {
             $host = $this->creationService->handle($request->normalize());
-        } catch (PDOException $ex) {
-            $this->alert->danger($ex->getMessage())->flash();
-
-            return redirect()->route('admin.databases');
+        } catch (Exception $exception) {
+            if ($exception instanceof PDOException || $exception->getPrevious() instanceof PDOException) {
+                $this->alert->danger(
+                    sprintf('There was an error while trying to connect to the host or while executing a query: "%s"', $exception->getMessage())
+                )->flash();
+
+                redirect()->route('admin.databases')->withInput($request->validated());
+            } else {
+                throw $exception;
+            }
         }
 
         $this->alert->success('Successfully created a new database host on the system.')->flash();
@@ -143,8 +149,7 @@ public function create(DatabaseHostFormRequest $request): RedirectResponse
      * @param \Pterodactyl\Models\DatabaseHost                         $host
      * @return \Illuminate\Http\RedirectResponse
      *
-     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
-     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
+     * @throws \Throwable
      */
     public function update(DatabaseHostFormRequest $request, DatabaseHost $host): RedirectResponse
     {
@@ -153,9 +158,17 @@ public function update(DatabaseHostFormRequest $request, DatabaseHost $host): Re
         try {
             $this->updateService->handle($host->id, $request->normalize());
             $this->alert->success('Database host was updated successfully.')->flash();
-        } catch (PDOException $ex) {
-            $this->alert->danger($ex->getMessage())->flash();
-            $redirect->withInput($request->normalize());
+        } catch (Exception $exception) {
+            // Catch any SQL related exceptions and display them back to the user, otherwise just
+            // throw the exception like normal and move on with it.
+            if ($exception instanceof PDOException || $exception->getPrevious() instanceof PDOException) {
+                $this->alert->danger(
+                    sprintf('There was an error while trying to connect to the host or while executing a query: "%s"', $exception->getMessage())
+                )->flash();
+                $redirect->withInput($request->normalize());
+            } else {
+                throw $exception;
+            }
         }
 
         return $redirect;

app/Http/Controllers/Admin/ServersController.php

@@ -516,7 +516,7 @@ public function updateBuild(Request $request, Server $server)
         $this->buildModificationService->handle($server, $request->only([
             'allocation_id', 'add_allocations', 'remove_allocations',
             'memory', 'swap', 'io', 'cpu', 'disk',
-            'database_limit', 'allocation_limit',
+            'database_limit', 'allocation_limit', 'oom_disabled',
         ]));
         $this->alert->success(trans('admin/server.alerts.build_updated'))->flash();
 
@@ -589,8 +589,7 @@ public function newDatabase(StoreServerDatabaseRequest $request, $server)
      * @param int                      $server
      * @return \Illuminate\Http\RedirectResponse
      *
-     * @throws \Exception
-     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
+     * @throws \Throwable
      */
     public function resetDatabasePassword(Request $request, $server)
     {
@@ -599,7 +598,7 @@ public function resetDatabasePassword(Request $request, $server)
             ['id', '=', $request->input('database')],
         ]);
 
-        $this->databasePasswordService->handle($database, str_random(24));
+        $this->databasePasswordService->handle($database);
 
         return response('', 204);
     }

app/Http/Controllers/Api/Application/Servers/DatabaseController.php

@@ -87,12 +87,11 @@ public function view(GetServerDatabaseRequest $request): array
      * @param \Pterodactyl\Http\Requests\Api\Application\Servers\Databases\ServerDatabaseWriteRequest $request
      * @return \Illuminate\Http\Response
      *
-     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
-     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
+     * @throws \Throwable
      */
     public function resetPassword(ServerDatabaseWriteRequest $request): Response
     {
-        $this->databasePasswordService->handle($request->getModel(Database::class), str_random(24));
+        $this->databasePasswordService->handle($request->getModel(Database::class));
 
         return response('', 204);
     }

app/Http/Controllers/Api/Client/ClientController.php

@@ -35,7 +35,26 @@ public function __construct(ServerRepositoryInterface $repository)
      */
     public function index(GetServersRequest $request): array
     {
-        $servers = $this->repository->filterUserAccessServers($request->user(), User::FILTER_LEVEL_SUBUSER, config('pterodactyl.paginate.frontend.servers'));
+        // Check for the filter parameter on the request.
+        switch ($request->input('filter')) {
+            case 'all':
+                $filter = User::FILTER_LEVEL_ALL;
+                break;
+            case 'admin':
+                $filter = User::FILTER_LEVEL_ADMIN;
+                break;
+            case 'owner':
+                $filter = User::FILTER_LEVEL_OWNER;
+                break;
+            case 'subuser-of':
+            default:
+                $filter = User::FILTER_LEVEL_SUBUSER;
+                break;
+        }
+
+        $servers = $this->repository->filterUserAccessServers(
+            $request->user(), $filter, config('pterodactyl.paginate.frontend.servers')
+        );
 
         return $this->fractal->collection($servers)
             ->transformWith($this->getTransformer(ServerTransformer::class))

app/Http/Controllers/Server/DatabaseController.php

@@ -135,15 +135,13 @@ public function store(StoreServerDatabaseRequest $request): RedirectResponse
      * @return \Illuminate\Http\JsonResponse
      *
      * @throws \Illuminate\Auth\Access\AuthorizationException
-     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
-     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
+     * @throws \Throwable
      */
     public function update(Request $request): JsonResponse
     {
         $this->authorize('reset-db-password', $request->attributes->get('server'));
 
-        $password = str_random(24);
-        $this->passwordService->handle($request->attributes->get('database'), $password);
+        $password = $this->passwordService->handle($request->attributes->get('database'));
 
         return response()->json(['password' => $password]);
     }

app/Http/Requests/Api/Application/Allocations/StoreAllocationRequest.php

@@ -40,7 +40,7 @@ public function validated()
         return [
             'allocation_ip' => $data['ip'],
             'allocation_ports' => $data['ports'],
-            'allocation_alias' => $data['alias'],
+            'allocation_alias' => $data['alias'] ?? null,
         ];
     }
 }

app/Http/Requests/Api/Application/Servers/StoreServerRequest.php

@@ -41,6 +41,7 @@ public function rules(): array
             'startup' => $rules['startup'],
             'environment' => 'present|array',
             'skip_scripts' => 'sometimes|boolean',
+            'oom_disabled' => 'sometimes|boolean',
 
             // Resource limitations
             'limits' => 'required|array',

app/Http/Requests/Api/Application/Servers/UpdateServerBuildConfigurationRequest.php

@@ -18,6 +18,7 @@ public function rules(): array
 
         return [
             'allocation' => $rules['allocation_id'],
+            'oom_disabled' => $rules['oom_disabled'],
 
             'limits' => 'sometimes|array',
             'limits.memory' => $this->requiredToOptional('memory', $rules['memory'], true),