StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Finish putting permissions on the API

Browse source
This commit is contained in:
Dane Everitt 2018-01-13 14:08:19 -06:00
parent d644a53951
commit 11c4f3f6f2
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
14 changed files with 434 additions and 82 deletions
Download patch file Download diff file Expand all files Collapse all files

22
app/Http/Controllers/API/Admin/Nodes/AllocationController.php
View file

@ -3,7 +3,7 @@
namespace Pterodactyl\Http\Controllers\API\Admin\Nodes;
use Spatie\Fractal\Fractal;
use Illuminate\Http\Request;
use Pterodactyl\Models\Node;
use Illuminate\Http\Response;
use Pterodactyl\Models\Allocation;
use Pterodactyl\Http\Controllers\Controller;
@ -11,6 +11,8 @@ use League\Fractal\Pagination\IlluminatePaginatorAdapter;
use Pterodactyl\Transformers\Api\Admin\AllocationTransformer;
use Pterodactyl\Services\Allocations\AllocationDeletionService;
use Pterodactyl\Contracts\Repository\AllocationRepositoryInterface;
use Pterodactyl\Http\Requests\API\Admin\Allocations\GetAllocationsRequest;
use Pterodactyl\Http\Requests\API\Admin\Allocations\DeleteAllocationRequest;
class AllocationController extends Controller
{
@ -46,16 +48,16 @@ class AllocationController extends Controller
/**
* Return all of the allocations that exist for a given node.
*
* @param \Illuminate\Http\Request $request
* @param int $node
* @param \Pterodactyl\Http\Requests\API\Admin\Allocations\GetAllocationsRequest $request
* @param \Pterodactyl\Models\Node $node
* @return array
*/
public function index(Request $request, int $node): array
public function index(GetAllocationsRequest $request, Node $node): array
{
$allocations = $this->repository->getPaginatedAllocationsForNode($node, 100);
$allocations = $this->repository->getPaginatedAllocationsForNode($node->id, 100);
return $this->fractal->collection($allocations)
->transformWith(new AllocationTransformer($request))
->transformWith((new AllocationTransformer)->setKey($request->key()))
->withResourceName('allocation')
->paginateWith(new IlluminatePaginatorAdapter($allocations))
->toArray();
@ -64,14 +66,14 @@ class AllocationController extends Controller
/**
* Delete a specific allocation from the Panel.
*
* @param \Illuminate\Http\Request $request
* @param int $node
* @param \Pterodactyl\Models\Allocation $allocation
* @param \Pterodactyl\Http\Requests\API\Admin\Allocations\DeleteAllocationRequest $request
* @param \Pterodactyl\Models\Node $node
* @param \Pterodactyl\Models\Allocation $allocation
* @return \Illuminate\Http\Response
*
* @throws \Pterodactyl\Exceptions\Service\Allocation\ServerUsingAllocationException
*/
public function delete(Request $request, int $node, Allocation $allocation): Response
public function delete(DeleteAllocationRequest $request, Node $node, Allocation $allocation): Response
{
$this->deletionService->handle($allocation);

60
app/Http/Controllers/API/Admin/Nodes/NodeController.php
View file

@ -3,7 +3,6 @@
namespace Pterodactyl\Http\Controllers\API\Admin\Nodes;
use Spatie\Fractal\Fractal;
use Illuminate\Http\Request;
use Pterodactyl\Models\Node;
use Illuminate\Http\Response;
use Illuminate\Http\JsonResponse;
@ -13,8 +12,12 @@ use Pterodactyl\Services\Nodes\NodeCreationService;
use Pterodactyl\Services\Nodes\NodeDeletionService;
use Pterodactyl\Transformers\Api\Admin\NodeTransformer;
use League\Fractal\Pagination\IlluminatePaginatorAdapter;
use Pterodactyl\Http\Requests\Admin\Node\NodeFormRequest;
use Pterodactyl\Contracts\Repository\NodeRepositoryInterface;
use Pterodactyl\Http\Requests\API\Admin\Nodes\GetNodeRequest;
use Pterodactyl\Http\Requests\API\Admin\Nodes\GetNodesRequest;
use Pterodactyl\Http\Requests\API\Admin\Nodes\StoreNodeRequest;
use Pterodactyl\Http\Requests\API\Admin\Nodes\DeleteNodeRequest;
use Pterodactyl\Http\Requests\API\Admin\Nodes\UpdateNodeRequest;
class NodeController extends Controller
{
@ -69,52 +72,50 @@ class NodeController extends Controller
/**
* Return all of the nodes currently available on the Panel.
*
* @param \Illuminate\Http\Request $request
* @param \Pterodactyl\Http\Requests\API\Admin\Nodes\GetNodesRequest $request
* @return array
*/
public function index(Request $request): array
public function index(GetNodesRequest $request): array
{
$nodes = $this->repository->paginated(100);
$fractal = $this->fractal->collection($nodes)
->transformWith(new NodeTransformer($request))
return $this->fractal->collection($nodes)
->transformWith((new NodeTransformer)->setKey($request->key()))
->withResourceName('node')
->paginateWith(new IlluminatePaginatorAdapter($nodes));
return $fractal->toArray();
->paginateWith(new IlluminatePaginatorAdapter($nodes))
->toArray();
}
/**
* Return data for a single instance of a node.
*
* @param \Illuminate\Http\Request $request
* @param \Pterodactyl\Models\Node $node
* @param \Pterodactyl\Http\Requests\API\Admin\Nodes\GetNodeRequest $request
* @param \Pterodactyl\Models\Node $node
* @return array
*/
public function view(Request $request, Node $node): array
public function view(GetNodeRequest $request, Node $node): array
{
$fractal = $this->fractal->item($node)
->transformWith(new NodeTransformer($request))
->withResourceName('node');
return $fractal->toArray();
return $this->fractal->item($node)
->transformWith((new NodeTransformer)->setKey($request->key()))
->withResourceName('node')
->toArray();
}
/**
* Create a new node on the Panel. Returns the created node and a HTTP/201
* status response on success.
*
* @param \Pterodactyl\Http\Requests\Admin\Node\NodeFormRequest $request
* @param \Pterodactyl\Http\Requests\API\Admin\Nodes\StoreNodeRequest $request
* @return \Illuminate\Http\JsonResponse
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
*/
public function store(NodeFormRequest $request): JsonResponse
public function store(StoreNodeRequest $request): JsonResponse
{
$node = $this->creationService->handle($request->normalize());
$node = $this->creationService->handle($request->validated());
return $this->fractal->item($node)
->transformWith(new NodeTransformer($request))
->transformWith((new NodeTransformer)->setKey($request->key()))
->withResourceName('node')
->addMeta([
'link' => route('api.admin.node.view', ['node' => $node->id]),
@ -125,20 +126,20 @@ class NodeController extends Controller
/**
* Update an existing node on the Panel.
*
* @param \Pterodactyl\Http\Requests\Admin\Node\NodeFormRequest $request
* @param \Pterodactyl\Models\Node $node
* @param \Pterodactyl\Http\Requests\API\Admin\Nodes\UpdateNodeRequest $request
* @param \Pterodactyl\Models\Node $node
* @return array
*
* @throws \Pterodactyl\Exceptions\DisplayException
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
public function update(NodeFormRequest $request, Node $node): array
public function update(UpdateNodeRequest $request, Node $node): array
{
$node = $this->updateService->returnUpdatedModel()->handle($node, $request->normalize());
$node = $this->updateService->returnUpdatedModel()->handle($node, $request->validated());
return $this->fractal->item($node)
->transformWith(new NodeTransformer($request))
->transformWith((new NodeTransformer)->setKey($request->key()))
->withResourceName('node')
->toArray();
}
@ -147,15 +148,16 @@ class NodeController extends Controller
* Deletes a given node from the Panel as long as there are no servers
* currently attached to it.
*
* @param \Pterodactyl\Models\Node $node
* @param \Pterodactyl\Http\Requests\API\Admin\Nodes\DeleteNodeRequest $request
* @param \Pterodactyl\Models\Node $node
* @return \Illuminate\Http\Response
*
* @throws \Pterodactyl\Exceptions\Service\HasActiveServersException
*/
public function delete(Node $node): Response
public function delete(DeleteNodeRequest $request, Node $node): Response
{
$this->deletionService->handle($node);
return response('', 201);
return response('', 204);
}
}

41
app/Http/Requests/API/Admin/Allocations/DeleteAllocationRequest.php Normal file
View file

@ -0,0 +1,41 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Allocations;
use Pterodactyl\Models\Node;
use Pterodactyl\Models\Allocation;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class DeleteAllocationRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_ALLOCATIONS;
/**
* @var int
*/
protected $permission = AdminAcl::WRITE;
/**
* Determine if the requested allocation exists and belongs to the node that
* is being passed in the URL.
*
* @return bool
*/
public function resourceExists(): bool
{
$node = $this->route()->parameter('node');
$allocation = $this->route()->parameter('allocation');
if ($node instanceof Node && $node->exists) {
if ($allocation instanceof Allocation && $allocation->exists && $allocation->node_id === $node->id) {
return true;
}
}
return false;
}
}

33
app/Http/Requests/API/Admin/Allocations/GetAllocationsRequest.php Normal file
View file

@ -0,0 +1,33 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Allocations;
use Pterodactyl\Models\Node;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class GetAllocationsRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_ALLOCATIONS;
/**
* @var int
*/
protected $permission = AdminAcl::READ;
/**
* Determine if the node that we are requesting the allocations
* for exists on the Panel.
*
* @return bool
*/
public function resourceExists(): bool
{
$node = $this->route()->parameter('node');
return $node instanceof Node && $node->exists;
}
}

33
app/Http/Requests/API/Admin/Nodes/DeleteNodeRequest.php Normal file
View file

@ -0,0 +1,33 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Nodes;
use Pterodactyl\Models\Node;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class DeleteNodeRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_NODES;
/**
* @var int
*/
protected $permission = AdminAcl::WRITE;
/**
* Determine if the node being requested for editing exists
* on the Panel before validating the data.
*
* @return bool
*/
public function resourceExists(): bool
{
$node = $this->route()->parameter('node');
return $node instanceof Node && $node->exists;
}
}

21
app/Http/Requests/API/Admin/Nodes/GetNodeRequest.php Normal file
View file

@ -0,0 +1,21 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Nodes;
use Pterodactyl\Models\Node;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class GetNodeRequest extends ApiAdminRequest
{
/**
* Determine if the requested node exists on the Panel.
*
* @return bool
*/
public function resourceExists(): bool
{
$node = $this->route()->parameter('node');
return $node instanceof Node && $node->exists;
}
}

19
app/Http/Requests/API/Admin/Nodes/GetNodesRequest.php Normal file
View file

@ -0,0 +1,19 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Nodes;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class GetNodesRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_NODES;
/**
* @var int
*/
protected $permission = AdminAcl::READ;
}

83
app/Http/Requests/API/Admin/Nodes/StoreNodeRequest.php Normal file
View file

@ -0,0 +1,83 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Nodes;
use Pterodactyl\Models\Node;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
class StoreNodeRequest extends ApiAdminRequest
{
/**
* @var string
*/
protected $resource = AdminAcl::RESOURCE_NODES;
/**
* @var int
*/
protected $permission = AdminAcl::WRITE;
/**
* Validation rules to apply to this request.
*
* @param null|array $rules
* @return array
*/
public function rules(array $rules = null): array
{
return collect($rules ?? Node::getCreateRules())->only([
'public',
'name',
'location_id',
'fqdn',
'scheme',
'behind_proxy',
'memory',
'memory_overallocate',
'disk',
'disk_overallocation',
'upload_size',
'daemonListen',
'daemonSFTP',
'daemonBase',
])->mapWithKeys(function ($value, $key) {
$key = ($key === 'daemonSFTP') ? 'daemonSftp' : $key;
return [snake_case($key) => $value];
})->toArray();
}
/**
* Fields to rename for clarity in the API response.
*
* @return array
*/
public function attributes()
{
return [
'daemon_base' => 'Daemon Base Path',
'upload_size' => 'File Upload Size Limit',
'location_id' => 'Location',
'public' => 'Node Visibility',
];
}
/**
* Change the formatting of some data keys in the validated response data
* to match what the application expects in the services.
*
* @return array
*/
public function validated()
{
$response = parent::validated();
$response['daemonListen'] = $response['daemon_listen'];
$response['daemonSFTP'] = $response['daemon_sftp'];
$response['daemonBase'] = $response['daemon_base'];
unset($response['daemon_base'], $response['daemon_listen'], $response['daemon_sftp']);
return $response;
}
}

35
app/Http/Requests/API/Admin/Nodes/UpdateNodeRequest.php Normal file
View file

@ -0,0 +1,35 @@
<?php
namespace Pterodactyl\Http\Requests\API\Admin\Nodes;
use Pterodactyl\Models\Node;
class UpdateNodeRequest extends StoreNodeRequest
{
/**
* Determine if the node being requested for editing exists
* on the Panel before validating the data.
*
* @return bool
*/
public function resourceExists(): bool
{
$node = $this->route()->parameter('node');
return $node instanceof Node && $node->exists;
}
/**
* Apply validation rules to this request. Uses the parent class rules()
* function but passes in the rules for updating rather than creating.
*
* @param array|null $rules
* @return array
*/
public function rules(array $rules = null): array
{
$nodeId = $this->route()->parameter('node')->id;
return parent::rules(Node::getUpdateRulesForId($nodeId));
}
}