Merge branch 'develop' into feature/cross-env

Author: DaneEveritt

app/Http/Controllers/Api/Client/ApiKeyController.php

@@ -0,0 +1,116 @@
+<?php
+
+namespace Pterodactyl\Http\Controllers\Api\Client;
+
+use Pterodactyl\Models\ApiKey;
+use Illuminate\Http\JsonResponse;
+use Pterodactyl\Exceptions\DisplayException;
+use Illuminate\Contracts\Encryption\Encrypter;
+use Pterodactyl\Services\Api\KeyCreationService;
+use Pterodactyl\Repositories\Eloquent\ApiKeyRepository;
+use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
+use Pterodactyl\Transformers\Api\Client\ApiKeyTransformer;
+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
+use Pterodactyl\Http\Requests\Api\Client\Account\StoreApiKeyRequest;
+
+class ApiKeyController extends ClientApiController
+{
+    /**
+     * @var \Pterodactyl\Services\Api\KeyCreationService
+     */
+    private $keyCreationService;
+
+    /**
+     * @var \Illuminate\Contracts\Encryption\Encrypter
+     */
+    private $encrypter;
+
+    /**
+     * @var \Pterodactyl\Repositories\Eloquent\ApiKeyRepository
+     */
+    private $repository;
+
+    /**
+     * ApiKeyController constructor.
+     *
+     * @param \Illuminate\Contracts\Encryption\Encrypter $encrypter
+     * @param \Pterodactyl\Services\Api\KeyCreationService $keyCreationService
+     * @param \Pterodactyl\Repositories\Eloquent\ApiKeyRepository $repository
+     */
+    public function __construct(
+        Encrypter $encrypter,
+        KeyCreationService $keyCreationService,
+        ApiKeyRepository $repository
+    ) {
+        parent::__construct();
+
+        $this->encrypter = $encrypter;
+        $this->keyCreationService = $keyCreationService;
+        $this->repository = $repository;
+    }
+
+    /**
+     * Returns all of the API keys that exist for the given client.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Client\ClientApiRequest $request
+     * @return array
+     */
+    public function index(ClientApiRequest $request)
+    {
+        return $this->fractal->collection($request->user()->apiKeys)
+            ->transformWith($this->getTransformer(ApiKeyTransformer::class))
+            ->toArray();
+    }
+
+    /**
+     * Store a new API key for a user's account.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Client\Account\StoreApiKeyRequest $request
+     * @return array
+     *
+     * @throws \Pterodactyl\Exceptions\DisplayException
+     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
+     */
+    public function store(StoreApiKeyRequest $request)
+    {
+        if ($request->user()->apiKeys->count() >= 5) {
+            throw new DisplayException(
+                'You have reached the account limit for number of API keys.'
+            );
+        }
+
+        $key = $this->keyCreationService->setKeyType(ApiKey::TYPE_ACCOUNT)->handle([
+            'user_id' => $request->user()->id,
+            'memo' => $request->input('description'),
+            'allowed_ips' => $request->input('allowed_ips') ?? [],
+        ]);
+
+        return $this->fractal->item($key)
+            ->transformWith($this->getTransformer(ApiKeyTransformer::class))
+            ->addMeta([
+                'secret_token' => $this->encrypter->decrypt($key->token),
+            ])
+            ->toArray();
+    }
+
+    /**
+     * Deletes a given API key.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Client\ClientApiRequest $request
+     * @param string $identifier
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function delete(ClientApiRequest $request, string $identifier)
+    {
+        $response = $this->repository->deleteWhere([
+            'user_id' => $request->user()->id,
+            'identifier' => $identifier,
+        ]);
+
+        if (! $response) {
+            throw new NotFoundHttpException;
+        }
+
+        return JsonResponse::create([], JsonResponse::HTTP_NO_CONTENT);
+    }
+}

app/Http/Controllers/Api/Client/Servers/ServerController.php

@@ -3,12 +3,31 @@
 namespace Pterodactyl\Http\Controllers\Api\Client\Servers;
 
 use Pterodactyl\Models\Server;
+use Pterodactyl\Repositories\Eloquent\SubuserRepository;
 use Pterodactyl\Transformers\Api\Client\ServerTransformer;
+use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
 use Pterodactyl\Http\Controllers\Api\Client\ClientApiController;
 use Pterodactyl\Http\Requests\Api\Client\Servers\GetServerRequest;
 
 class ServerController extends ClientApiController
 {
+    /**
+     * @var \Pterodactyl\Repositories\Eloquent\SubuserRepository
+     */
+    private $repository;
+
+    /**
+     * ServerController constructor.
+     *
+     * @param \Pterodactyl\Repositories\Eloquent\SubuserRepository $repository
+     */
+    public function __construct(SubuserRepository $repository)
+    {
+        parent::__construct();
+
+        $this->repository = $repository;
+    }
+
     /**
      * Transform an individual server into a response that can be consumed by a
      * client using the API.
@@ -19,8 +38,21 @@ class ServerController extends ClientApiController
      */
     public function index(GetServerRequest $request, Server $server): array
     {
+        try {
+            $permissions = $this->repository->findFirstWhere([
+                'server_id' => $server->id,
+                'user_id' => $request->user()->id,
+            ])->permissions;
+        } catch (RecordNotFoundException $exception) {
+            $permissions = [];
+        }
+
         return $this->fractal->item($server)
             ->transformWith($this->getTransformer(ServerTransformer::class))
+            ->addMeta([
+                'is_server_owner' => $request->user()->id === $server->owner_id,
+                'user_permissions' => $permissions,
+            ])
             ->toArray();
     }
 }

app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace Pterodactyl\Http\Requests\Api\Client\Account;
+
+use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
+
+class StoreApiKeyRequest extends ClientApiRequest
+{
+    /**
+     * @return array
+     */
+    public function rules(): array
+    {
+        return [
+            'description' => 'required|string|min:4',
+            'allowed_ips' => 'array',
+            'allowed_ips.*' => 'ip',
+        ];
+    }
+}

app/Models/ApiKey.php

@@ -4,8 +4,22 @@
 
 use Pterodactyl\Services\Acl\Api\AdminAcl;
 
+/**
+ * @property int $id
+ * @property int $user_id
+ * @property int $key_type
+ * @property string $identifier
+ * @property string $token
+ * @property array $allowed_ips
+ * @property string $memo
+ * @property \Carbon\Carbon|null $last_used_at
+ * @property \Carbon\Carbon $created_at
+ * @property \Carbon\Carbon $updated_at
+ */
 class ApiKey extends Validable
 {
+    const RESOURCE_NAME = 'api_key';
+
     /**
      * Different API keys that can exist on the system.
      */

app/Models/Permission.php

@@ -286,28 +286,4 @@ public static function getPermissions($array = false)
 
         return collect(self::$deprecatedPermissions);
     }
-
-    /**
-     * Find permission by permission node.
-     *
-     * @param \Illuminate\Database\Query\Builder $query
-     * @param string $permission
-     * @return \Illuminate\Database\Query\Builder
-     */
-    public function scopePermission($query, $permission)
-    {
-        return $query->where('permission', $permission);
-    }
-
-    /**
-     * Filter permission by server.
-     *
-     * @param \Illuminate\Database\Query\Builder $query
-     * @param \Pterodactyl\Models\Server $server
-     * @return \Illuminate\Database\Query\Builder
-     */
-    public function scopeServer($query, Server $server)
-    {
-        return $query->where('server_id', $server->id);
-    }
 }

app/Models/Subuser.php

@@ -8,12 +8,12 @@
  * @property int $id
  * @property int $user_id
  * @property int $server_id
+ * @property array $permissions
  * @property \Carbon\Carbon $created_at
  * @property \Carbon\Carbon $updated_at
  *
  * @property \Pterodactyl\Models\User $user
  * @property \Pterodactyl\Models\Server $server
- * @property \Pterodactyl\Models\Permission[]|\Illuminate\Database\Eloquent\Collection $permissions
  */
 class Subuser extends Validable
 {
@@ -45,8 +45,9 @@ class Subuser extends Validable
      * @var array
      */
     protected $casts = [
-        'user_id' => 'integer',
-        'server_id' => 'integer',
+        'user_id' => 'int',
+        'server_id' => 'int',
+        'permissions' => 'array',
     ];
 
     /**
@@ -55,6 +56,8 @@ class Subuser extends Validable
     public static $validationRules = [
         'user_id' => 'required|numeric|exists:users,id',
         'server_id' => 'required|numeric|exists:servers,id',
+        'permissions' => 'nullable|array',
+        'permissions.*' => 'string',
     ];
 
     /**

app/Models/User.php

@@ -36,6 +36,7 @@
  * @property \Carbon\Carbon $updated_at
  *
  * @property string $name
+ * @property \Pterodactyl\Models\ApiKey[]|\Illuminate\Database\Eloquent\Collection $apiKeys
  * @property \Pterodactyl\Models\Permission[]|\Illuminate\Database\Eloquent\Collection $permissions
  * @property \Pterodactyl\Models\Server[]|\Illuminate\Database\Eloquent\Collection $servers
  * @property \Pterodactyl\Models\Subuser[]|\Illuminate\Database\Eloquent\Collection $subuserOf
@@ -258,4 +259,13 @@ public function keys()
     {
         return $this->hasMany(DaemonKey::class);
     }
+
+    /**
+     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     */
+    public function apiKeys()
+    {
+        return $this->hasMany(ApiKey::class)
+            ->where('key_type', ApiKey::TYPE_ACCOUNT);
+    }
 }

app/Providers/RepositoryServiceProvider.php

@@ -21,7 +21,6 @@
 use Pterodactyl\Repositories\Wings\DaemonPowerRepository;
 use Pterodactyl\Repositories\Eloquent\DaemonKeyRepository;
 use Pterodactyl\Repositories\Eloquent\AllocationRepository;
-use Pterodactyl\Repositories\Eloquent\PermissionRepository;
 use Pterodactyl\Repositories\Wings\DaemonCommandRepository;
 use Pterodactyl\Contracts\Repository\EggRepositoryInterface;
 use Pterodactyl\Repositories\Eloquent\EggVariableRepository;
@@ -43,7 +42,6 @@
 use Pterodactyl\Repositories\Wings\DaemonConfigurationRepository;
 use Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface;
 use Pterodactyl\Contracts\Repository\AllocationRepositoryInterface;
-use Pterodactyl\Contracts\Repository\PermissionRepositoryInterface;
 use Pterodactyl\Contracts\Repository\Daemon\FileRepositoryInterface;
 use Pterodactyl\Contracts\Repository\EggVariableRepositoryInterface;
 use Pterodactyl\Contracts\Repository\Daemon\PowerRepositoryInterface;
@@ -73,7 +71,6 @@ public function register()
         $this->app->bind(NestRepositoryInterface::class, NestRepository::class);
         $this->app->bind(NodeRepositoryInterface::class, NodeRepository::class);
         $this->app->bind(PackRepositoryInterface::class, PackRepository::class);
-        $this->app->bind(PermissionRepositoryInterface::class, PermissionRepository::class);
         $this->app->bind(ScheduleRepositoryInterface::class, ScheduleRepository::class);
         $this->app->bind(ServerRepositoryInterface::class, ServerRepository::class);
         $this->app->bind(ServerVariableRepositoryInterface::class, ServerVariableRepository::class);

app/Repositories/Eloquent/PermissionRepository.php

@@ -2,7 +2,7 @@
 
 namespace Pterodactyl\Repositories\Eloquent;
 
-use Pterodactyl\Models\Permission;
+use Exception;
 use Pterodactyl\Contracts\Repository\PermissionRepositoryInterface;
 
 class PermissionRepository extends EloquentRepository implements PermissionRepositoryInterface
@@ -11,9 +11,10 @@ class PermissionRepository extends EloquentRepository implements PermissionRepos
      * Return the model backing this repository.
      *
      * @return string
+     * @throws \Exception
      */
     public function model()
     {
-        return Permission::class;
+        throw new Exception('This functionality is not implemented.');
     }
 }

app/Services/Api/KeyCreationService.php

@@ -72,8 +72,6 @@ public function handle(array $data, array $permissions = []): ApiKey
             $data = array_merge($data, $permissions);
         }
 
-        $instance = $this->repository->create($data, true, true);
-
-        return $instance;
+        return $this->repository->create($data, true, true);
     }
 }