Simplify logic when a server is in an unsupported state

Author: DaneEveritt

app/Exceptions/Http/Server/ServerStateConflictException.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace Pterodactyl\Exceptions\Http\Server;
+
+use Throwable;
+use Pterodactyl\Models\Server;
+use Symfony\Component\HttpKernel\Exception\ConflictHttpException;
+
+class ServerStateConflictException extends ConflictHttpException
+{
+    /**
+     * Exception thrown when the server is in an unsupported state for API access or
+     * certain operations within the codebase.
+     */
+    public function __construct(Server $server, Throwable $previous = null)
+    {
+        $message = 'This server is currently in an unsupported state, please try again later.';
+        if ($server->isSuspended()) {
+            $message = 'This server is currently suspended and the functionality requested is unavailable.';
+        } elseif (!$server->isInstalled()) {
+            $message = 'This server has not yet completed its installation process, please try again later.';
+        } elseif ($server->status === Server::STATUS_RESTORING_BACKUP) {
+            $message = 'This server is currently restoring from a backup, please try again later.';
+        } elseif (!is_null($server->transfer)) {
+            $message = 'This server is currently being transferred to a new machine, please try again later.';
+        }
+
+        parent::__construct($message, $previous);
+    }
+}

app/Exceptions/Http/Server/ServerTransferringException.php

@@ -12,8 +12,6 @@
 use Pterodactyl\Repositories\Eloquent\ServerRepository;
 use Pterodactyl\Services\Servers\GetUserPermissionsService;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
-use Pterodactyl\Exceptions\Http\Server\ServerTransferringException;
-use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Pterodactyl\Http\Requests\Api\Remote\SftpAuthenticationFormRequest;
 use Symfony\Component\HttpKernel\Exception\TooManyRequestsHttpException;
 
@@ -98,16 +96,7 @@ public function __invoke(SftpAuthenticationFormRequest $request): JsonResponse
             }
         }
 
-        // Prevent SFTP access to servers that are being transferred.
-        if (!is_null($server->transfer)) {
-            throw new ServerTransferringException();
-        }
-
-        // Remember, for security purposes, only reveal the existence of the server to people that
-        // have provided valid credentials, and have permissions to know about it.
-        if ($server->isSuspended() || !$server->isInstalled()) {
-            throw new BadRequestHttpException('Server is not installed or is currently suspended.');
-        }
+        $server->validateCurrentState();
 
         return new JsonResponse([
             'server' => $server->uuid,

app/Http/Controllers/Api/Remote/SftpAuthenticationController.php

@@ -28,7 +28,6 @@
 use Pterodactyl\Http\Middleware\Api\ApiSubstituteBindings;
 use Illuminate\Foundation\Http\Middleware\ValidatePostSize;
 use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
-use Pterodactyl\Http\Middleware\Server\AccessingValidServer;
 use Pterodactyl\Http\Middleware\Api\Daemon\DaemonAuthenticate;
 use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
 use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
@@ -106,7 +105,6 @@ class Kernel extends HttpKernel
         'auth' => Authenticate::class,
         'auth.basic' => AuthenticateWithBasicAuth::class,
         'guest' => RedirectIfAuthenticated::class,
-        'server' => AccessingValidServer::class,
         'admin' => AdminAuthenticate::class,
         'csrf' => VerifyCsrfToken::class,
         'throttle' => ThrottleRequests::class,

app/Http/Kernel.php

@@ -6,10 +6,8 @@
 use Illuminate\Http\Request;
 use Pterodactyl\Models\Server;
 use Pterodactyl\Contracts\Repository\ServerRepositoryInterface;
-use Symfony\Component\HttpKernel\Exception\ConflictHttpException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
-use Pterodactyl\Exceptions\Http\Server\ServerTransferringException;
-use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
+use Pterodactyl\Exceptions\Http\Server\ServerStateConflictException;
 
 class AuthenticateServerAccess
 {
@@ -60,23 +58,17 @@ public function handle(Request $request, Closure $next)
             }
         }
 
-        if ($server->suspended && !$request->routeIs('api:client:server.resources')) {
-            throw new BadRequestHttpException('This server is currently suspended and the functionality requested is unavailable.');
-        }
-
-        // Still allow users to get information about their server if it is installing or being transferred.
-        if (!$request->routeIs('api:client:server.view')) {
-            if (!$server->isInstalled()) {
-                // Throw an exception for all server routes; however if the user is an admin and requesting the
-                // server details, don't throw the exception for them.
-                if (!$user->root_admin || ($user->root_admin && !$request->routeIs($this->except))) {
-                    throw new ConflictHttpException('Server has not completed the installation process.');
+        try {
+            $server->validateCurrentState();
+        } catch (ServerStateConflictException $exception) {
+            // Still allow users to get information about their server if it is installing or
+            // being transferred.
+            if (!$request->routeIs('api:client:server.view')) {
+                if ($server->isSuspended() && !$request->routeIs('api:client:server.resources')) {
+                    throw $exception;
                 }
-            }
-
-            if (!is_null($server->transfer)) {
-                if (!$user->root_admin || ($user->root_admin && !$request->routeIs($this->except))) {
-                    throw new ServerTransferringException();
+                if (!$user->root_admin || !$request->routeIs($this->except)) {
+                    throw $exception;
                 }
             }
         }

app/Http/Middleware/Api/Client/Server/AuthenticateServerAccess.php

@@ -6,6 +6,7 @@
 use Illuminate\Notifications\Notifiable;
 use Illuminate\Database\Query\JoinClause;
 use Znck\Eloquent\Traits\BelongsToThrough;
+use Pterodactyl\Exceptions\Http\Server\ServerStateConflictException;
 
 /**
  * @property int $id
@@ -371,4 +372,23 @@ public function audits()
     {
         return $this->hasMany(AuditLog::class);
     }
+
+    /**
+     * Checks if the server is currently in a user-accessible state. If not, an
+     * exception is raised. This should be called whenever something needs to make
+     * sure the server is not in a weird state that should block user access.
+     *
+     * @throws \Pterodactyl\Exceptions\Http\Server\ServerStateConflictException
+     */
+    public function validateCurrentState()
+    {
+        if (
+            $this->isSuspended() ||
+            !$this->isInstalled() ||
+            $this->status === self::STATUS_RESTORING_BACKUP ||
+            !is_null($this->transfer)
+        ) {
+            throw new ServerStateConflictException($this);
+        }
+    }
 }

app/Http/Middleware/Server/AccessingValidServer.php

@@ -6,7 +6,7 @@
 use Pterodactyl\Models\Server;
 use Illuminate\Database\ConnectionInterface;
 use Pterodactyl\Repositories\Wings\DaemonServerRepository;
-use Pterodactyl\Exceptions\Http\Server\ServerTransferringException;
+use Symfony\Component\HttpKernel\Exception\ConflictHttpException;
 
 class SuspensionService
 {
@@ -55,7 +55,7 @@ public function toggle(Server $server, $action = self::ACTION_SUSPEND)
 
         // Check if the server is currently being transferred.
         if (!is_null($server->transfer)) {
-            throw new ServerTransferringException();
+            throw new ConflictHttpException('Cannot toggle suspension status on a server that is currently being transferred.');
         }
 
         $this->connection->transaction(function () use ($action, $server, $isSuspending) {

app/Models/Server.php

@@ -111,21 +111,23 @@ export default ({ server, className }: { server: Server; className?: string }) =
                             </span>
                         </div>
                         :
-                        server.isInstalling ?
+                        (server.isTransferring || server.status) ?
                             <div css={tw`flex-1 text-center`}>
                                 <span css={tw`bg-neutral-500 rounded px-2 py-1 text-neutral-100 text-xs`}>
-                                    Installing
+                                    {server.isTransferring ?
+                                        'Transferring'
+                                        :
+                                        server.status === 'installing' ? 'Installing' : (
+                                            server.status === 'restoring_backup' ?
+                                                'Restoring Backup'
+                                                :
+                                                'Unavailable'
+                                        )
+                                    }
                                 </span>
                             </div>
                             :
-                            server.isTransferring ?
-                                <div css={tw`flex-1 text-center`}>
-                                    <span css={tw`bg-neutral-500 rounded px-2 py-1 text-neutral-100 text-xs`}>
-                                        Transferring
-                                    </span>
-                                </div>
-                                :
-                                <Spinner size={'small'}/>
+                            <Spinner size={'small'}/>
                     :
                     <React.Fragment>
                         <div css={tw`flex-1 flex md:ml-4 sm:flex hidden justify-center`}>