fix user controller; closes pterodactyl#58, closes pterodactyl#59

Author: DaneEveritt

app/Http/Controllers/Admin/AccountsController.php

@@ -0,0 +1,134 @@
+<?php
+/**
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
+ * Some Modifications (c) 2015 Dylan Seidt <dylan.seidt@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+namespace Pterodactyl\Http\Controllers\Admin;
+
+use Alert;
+use Settings;
+use Mail;
+use Log;
+use Pterodactyl\Models\User;
+use Pterodactyl\Repositories\UserRepository;
+use Pterodactyl\Models\Server;
+
+use Pterodactyl\Exceptions\DisplayException;
+use Pterodactyl\Exceptions\DisplayValidationException;
+
+use Pterodactyl\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+
+class UserController extends Controller
+{
+
+    /**
+     * Controller Constructor
+     */
+    public function __construct()
+    {
+        //
+    }
+
+    public function getIndex(Request $request)
+    {
+        return view('admin.users.index', [
+            'users' => User::paginate(20)
+        ]);
+    }
+
+    public function getNew(Request $request)
+    {
+        return view('admin.users.new');
+    }
+
+    public function getView(Request $request, $id)
+    {
+        return view('admin.users.view', [
+            'user' => User::findOrFail($id),
+            'servers' => Server::select('servers.*', 'nodes.name as nodeName', 'locations.long as location')
+                ->join('nodes', 'servers.node', '=', 'nodes.id')
+                ->join('locations', 'nodes.location', '=', 'locations.id')
+                ->where('owner', $id)
+                ->where('active', 1)
+                ->get(),
+        ]);
+    }
+
+    public function deleteUser(Request $request, $id)
+    {
+        try {
+            $repo = new UserRepository;
+            $repo->delete($id);
+            Alert::success('Successfully deleted user from system.')->flash();
+            return redirect()->route('admin.users');
+        } catch(DisplayException $ex) {
+            Alert::danger($ex->getMessage())->flash();
+        } catch (\Exception $ex) {
+            Log::error($ex);
+            Alert::danger('An exception was encountered while attempting to delete this user.')->flash();
+        }
+        return redirect()->route('admin.users.view', $id);
+    }
+
+    public function postNew(Request $request)
+    {
+        try {
+            $user = new UserRepository;
+            $userid = $user->create($request->input('email'), $request->input('password'));
+            Alert::success('Account has been successfully created.')->flash();
+            return redirect()->route('admin.users.view', $userid);
+        } catch (DisplayValidationException $ex) {
+            return redirect()->route('admin.users.new')->withErrors(json_decode($ex->getMessage()))->withInput();
+        } catch (\Exception $ex) {
+            Log::error($ex);
+            Alert::danger('An error occured while attempting to add a new user.')->flash();
+            return redirect()->route('admin.users.new');
+        }
+    }
+
+    public function updateUser(Request $request, $user)
+    {
+        $data = [
+            'email' => $request->input('email'),
+            'root_admin' => $request->input('root_admin'),
+            'password_confirmation' => $request->input('password_confirmation'),
+        ];
+
+        if ($request->input('password')) {
+            $data['password'] = $request->input('password');
+        }
+
+        try {
+            $repo = new UserRepository;
+            $repo->update($user, $data);
+            Alert::success('User account was successfully updated.')->flash();
+        } catch (DisplayValidationException $ex) {
+            return redirect()->route('admin.users.view', $user)->withErrors(json_decode($ex->getMessage()));
+        } catch (\Exception $e) {
+            Log::error($e);
+            Alert::danger('An error occured while attempting to update this user.')->flash();
+        }
+        return redirect()->route('admin.users.view', $user);
+    }
+
+}

app/Http/Controllers/Admin/UserController.php

@@ -59,7 +59,7 @@ public function map(Router $router) {
         });
 
         $router->group([
-            'prefix' => 'admin/accounts',
+            'prefix' => 'admin/users',
             'middleware' => [
                 'auth',
                 'admin',
@@ -69,35 +69,35 @@ public function map(Router $router) {
 
             // View All Accounts on System
             $router->get('/', [
-                'as' => 'admin.accounts',
-                'uses' => 'Admin\AccountsController@getIndex'
+                'as' => 'admin.users',
+                'uses' => 'Admin\UserController@getIndex'
             ]);
 
             // View Specific Account
             $router->get('/view/{id}', [
-                'as' => 'admin.accounts.view',
-                'uses' => 'Admin\AccountsController@getView'
+                'as' => 'admin.users.view',
+                'uses' => 'Admin\UserController@getView'
             ]);
 
-            // Show Create Account Page
-            $router->get('/new', [
-                'as' => 'admin.accounts.new',
-                'uses' => 'Admin\AccountsController@getNew'
+            // View Specific Account
+            $router->post('/view/{id}', [
+                'uses' => 'Admin\UserController@updateUser'
             ]);
 
-            // Handle Creating New Account
-            $router->post('/new', [
-                'uses' => 'Admin\AccountsController@postNew'
+            // Delete an Account Matching an ID
+            $router->delete('/view/{id}', [
+                'uses' => 'Admin\UserController@deleteUser'
             ]);
 
-            // Update A Specific Account
-            $router->post('/update', [
-                'uses' => 'Admin\AccountsController@postUpdate'
+            // Show Create Account Page
+            $router->get('/new', [
+                'as' => 'admin.users.new',
+                'uses' => 'Admin\UserController@getNew'
             ]);
 
-            // Delete an Account Matching an ID
-            $router->delete('/view/{id}', [
-                'uses' => 'Admin\AccountsController@deleteView'
+            // Handle Creating New Account
+            $router->post('/new', [
+                'uses' => 'Admin\UserController@postNew'
             ]);
 
         });

app/Http/Routes/AdminRoutes.php

@@ -108,13 +108,15 @@ public function create($email, $password, $admin = false)
      */
     public function update($id, array $data)
     {
+        $user = Models\User::findOrFail($id);
+
         $validator = Validator::make($data, [
-            'email' => 'email|unique:users,email,' . $id,
-            'password' => 'regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})',
-            'root_admin' => 'boolean',
-            'language' => 'string|min:1|max:5',
-            'use_totp' => 'boolean',
-            'totp_secret' => 'size:16'
+            'email' => 'sometimes|required|email|unique:users,email,' . $id,
+            'password' => 'sometimes|required|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})',
+            'root_admin' => 'sometimes|required|boolean',
+            'language' => 'sometimes|required|string|min:1|max:5',
+            'use_totp' => 'sometimes|required|boolean',
+            'totp_secret' => 'sometimes|required|size:16'
         ]);
 
         // Run validator, throw catchable and displayable exception if it fails.
@@ -127,7 +129,12 @@ public function update($id, array $data)
             $data['password'] = Hash::make($data['password']);
         }
 
-        return Models\User::findOrFail($id)->update($data);
+        if (isset($data['password_confirmation'])) {
+            unset($data['password_confirmation']);
+        }
+        
+        $user->fill($data);
+        $user->save();
     }
 
     /**
@@ -144,14 +151,15 @@ public function delete($id)
 
         DB::beginTransaction();
 
-        Models\Permission::where('user_id', $id)->delete();
-        Models\Subuser::where('user_id', $id)->delete();
-        Models\User::destroy($id);
-
         try {
+            Models\Permission::where('user_id', $id)->delete();
+            Models\Subuser::where('user_id', $id)->delete();
+            Models\User::destroy($id);
+
             DB::commit();
             return true;
         } catch (\Exception $ex) {
+            DB::rollBack();
             throw $ex;
         }
     }