Finish putting permissions on the API

app/Http/Requests/API/Admin/Allocations/DeleteAllocationRequest.php

@@ -0,0 +1,41 @@
+<?php
+
+namespace Pterodactyl\Http\Requests\API\Admin\Allocations;
+
+use Pterodactyl\Models\Node;
+use Pterodactyl\Models\Allocation;
+use Pterodactyl\Services\Acl\Api\AdminAcl;
+use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
+
+class DeleteAllocationRequest extends ApiAdminRequest
+{
+    /**
+     * @var string
+     */
+    protected $resource = AdminAcl::RESOURCE_ALLOCATIONS;
+
+    /**
+     * @var int
+     */
+    protected $permission = AdminAcl::WRITE;
+
+    /**
+     * Determine if the requested allocation exists and belongs to the node that
+     * is being passed in the URL.
+     *
+     * @return bool
+     */
+    public function resourceExists(): bool
+    {
+        $node = $this->route()->parameter('node');
+        $allocation = $this->route()->parameter('allocation');
+
+        if ($node instanceof Node && $node->exists) {
+            if ($allocation instanceof Allocation && $allocation->exists && $allocation->node_id === $node->id) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+}

app/Http/Requests/API/Admin/Allocations/GetAllocationsRequest.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace Pterodactyl\Http\Requests\API\Admin\Allocations;
+
+use Pterodactyl\Models\Node;
+use Pterodactyl\Services\Acl\Api\AdminAcl;
+use Pterodactyl\Http\Requests\API\Admin\ApiAdminRequest;
+
+class GetAllocationsRequest extends ApiAdminRequest
+{
+    /**
+     * @var string
+     */
+    protected $resource = AdminAcl::RESOURCE_ALLOCATIONS;
+
+    /**
+     * @var int
+     */
+    protected $permission = AdminAcl::READ;
+
+    /**
+     * Determine if the node that we are requesting the allocations
+     * for exists on the Panel.
+     *
+     * @return bool
+     */
+    public function resourceExists(): bool
+    {
+        $node = $this->route()->parameter('node');
+
+        return $node instanceof Node && $node->exists;
+    }
+}