Finish API routes for users.

DaneEveritt · DaneEveritt · commit c071efd008fb · 2017-04-02T15:52:53.000-04:00
diff --git a/app/Http/Controllers/API/User/CoreController.php b/app/Http/Controllers/API/User/CoreController.php
@@ -31,6 +31,12 @@
 
 class CoreController extends Controller
 {
+    /**
+     * Controller to handle base user request for all of their servers.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return array
+     */
     public function index(Request $request)
     {
         $servers = $request->user()->access('service', 'node', 'allocation', 'option')->get();
diff --git a/app/Http/Controllers/API/User/ServerController.php b/app/Http/Controllers/API/User/ServerController.php
@@ -27,11 +27,20 @@
 use Fractal;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\Server;
+use GuzzleHttp\Exception\ConnectException;
 use Pterodactyl\Http\Controllers\Controller;
 use Pterodactyl\Transformers\User\ServerTransformer;
+use Pterodactyl\Repositories\Daemon\PowerRepository;
 
 class ServerController extends Controller
 {
+    /**
+     * Controller to handle base request for individual server information.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  string                    $uuid
+     * @return array
+     */
     public function index(Request $request, $uuid)
     {
         $server = Server::byUuid($uuid);
@@ -46,13 +55,39 @@ public function index(Request $request, $uuid)
         return $fractal->transformWith(new ServerTransformer)->toArray();
     }
 
+    /**
+     * Controller to handle request for server power toggle.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  string                    $uuid
+     * @return \Illuminate\Http\Response
+     */
     public function power(Request $request, $uuid)
     {
+        $server = Server::byUuid($uuid);
+        $request->user()->can('power-' . $request->input('action'), $server);
+
+        $repo = new PowerRepository($server);
+        $repo->do($request->input('action'));
 
+        return response('', 204)->header('Content-Type', 'application/json');
     }
 
+    /**
+     * Controller to handle base request for individual server information.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  string                    $uuid
+     * @return \Illuminate\Http\Response
+     */
     public function command(Request $request, $uuid)
     {
+        $server = Server::byUuid($uuid);
+        $request->user()->can('send-command', $server);
+
+        $repo = new CommandRepository($server);
+        $repo->send($request->input('command'));
 
+        return response('', 204)->header('Content-Type', 'application/json');
     }
 }
diff --git a/app/Http/Middleware/HMACAuthorization.php b/app/Http/Middleware/HMACAuthorization.php
@@ -29,6 +29,7 @@
 use Config;
 use Closure;
 use Response;
+use Debugbar;
 use IPTools\IP;
 use IPTools\Range;
 use Illuminate\Http\Request;
@@ -74,6 +75,7 @@ class HMACAuthorization
      */
     public function __construct()
     {
+        Debugbar::disable();
         Config::set('session.driver', 'array');
     }
 
diff --git a/app/Repositories/Daemon/CommandRepository.php b/app/Repositories/Daemon/CommandRepository.php
@@ -25,6 +25,7 @@
 namespace Pterodactyl\Repositories\Daemon;
 
 use Pterodactyl\Models;
+use GuzzleHttp\Exception\ConnectException;
 use Pterodactyl\Exceptions\DisplayException;
 
 class CommandRepository
@@ -60,20 +61,20 @@ public function send($command)
     {
         // We don't use the user's specific daemon secret here since we
         // are assuming that a call to this function has been validated.
-        // Additionally not all calls to this will be from a logged in user.
-        // (e.g. task queue or API)
         try {
-            $response = $this->server->node->guzzleClient([
-                'X-Access-Token' => $this->server->daemonSecret,
-                'X-Access-Server' => $this->server->uuid,
-            ])->request('POST', '/server/command', ['json' => ['command' => $command]]);
+            $response = $this->server->guzzleClient()->request('PUT', '/server/command', [
+                'http_errors' => false,
+                'json' => [
+                    'command' => $command,
+                ],
+            ]);
 
             if ($response->getStatusCode() < 200 || $response->getStatusCode() >= 300) {
-                throw new DisplayException('Command sending responded with a non-200 error code.');
+                throw new DisplayException('Command sending responded with a non-200 error code (HTTP/' . $response->getStatusCode() . ').');
             }
 
             return $response->getBody();
-        } catch (\Exception $ex) {
+        } catch (ConnectException $ex) {
             throw $ex;
         }
     }
diff --git a/app/Repositories/Daemon/PowerRepository.php b/app/Repositories/Daemon/PowerRepository.php
@@ -25,6 +25,7 @@
 namespace Pterodactyl\Repositories\Daemon;
 
 use Pterodactyl\Models;
+use GuzzleHttp\Exception\ConnectException;
 use Pterodactyl\Exceptions\DisplayException;
 
 class PowerRepository
@@ -60,20 +61,20 @@ public function do($action)
     {
         // We don't use the user's specific daemon secret here since we
         // are assuming that a call to this function has been validated.
-        // Additionally not all calls to this will be from a logged in user.
-        // (e.g. task queue or API)
         try {
-            $response = $this->server->node->guzzleClient([
-                'X-Access-Token' => $this->server->daemonSecret,
-                'X-Access-Server' => $this->server->uuid,
-            ])->request('PUT', '/server/power', ['json' => ['action' => $action]]);
+            $response = $this->server->guzzleClient()->request('PUT', '/server/power', [
+                'http_errors' => false,
+                'json' => [
+                    'action' => $action,
+                ],
+            ]);
 
             if ($response->getStatusCode() < 200 || $response->getStatusCode() >= 300) {
-                throw new DisplayException('Power status responded with a non-200 error code.');
+                throw new DisplayException('Power toggle endpoint responded with a non-200 error code (HTTP/' . $response->getStatusCode() . ').');
             }
 
             return $response->getBody();
-        } catch (\Exception $ex) {
+        } catch (ConnectException $ex) {
             throw $ex;
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -31,6 +31,12 @@`
`31`	`31`
`32`	`32`	`class CoreController extends Controller`
`33`	`33`	`{`
	`34`	`+ /**`
	`35`	`+ * Controller to handle base user request for all of their servers.`
	`36`	`+ *`
	`37`	`+ * @param \Illuminate\Http\Request $request`
	`38`	`+ * @return array`
	`39`	`+ */`
`34`	`40`	`public function index(Request $request)`
`35`	`41`	`{`
`36`	`42`	`$servers = $request->user()->access('service', 'node', 'allocation', 'option')->get();`
Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,7 @@`
`29`	`29`	`use Config;`
`30`	`30`	`use Closure;`
`31`	`31`	`use Response;`
	`32`	`+use Debugbar;`
`32`	`33`	`use IPTools\IP;`
`33`	`34`	`use IPTools\Range;`
`34`	`35`	`use Illuminate\Http\Request;`
`@@ -74,6 +75,7 @@ class HMACAuthorization`
`74`	`75`	`*/`
`75`	`76`	`public function __construct()`
`76`	`77`	`{`
	`78`	`+ Debugbar::disable();`
`77`	`79`	`Config::set('session.driver', 'array');`
`78`	`80`	`}`
`79`	`81`