Refactor (again)

2017-07-09 12:29:18 -05:00 · 2017-07-09 12:29:18 -05:00 · 1f4f6024cc
commit 1f4f6024cc
parent 8953f83f87
10 changed files with 29 additions and 29 deletions
--- a/app/Services/Api/KeyService.php
+++ b/app/Services/Api/KeyService.php
@ -0,0 +1,146 @@
+<?php
+/*
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+namespace Pterodactyl\Services\Api;
+
+use Illuminate\Database\ConnectionInterface;
+use Illuminate\Contracts\Encryption\Encrypter;
+use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;
+
+class KeyService
+{
+    const PUB_CRYPTO_BYTES = 8;
+    const PRIV_CRYPTO_BYTES = 32;
+
+    /**
+     * @var \Illuminate\Database\ConnectionInterface
+     */
+    protected $database;
+
+    /**
+     * @var \Illuminate\Contracts\Encryption\Encrypter
+     */
+    protected $encrypter;
+
+    /**
+     * @var \Pterodactyl\Services\Api\PermissionService
+     */
+    protected $permissionService;
+
+    /**
+     * @var \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface
+     */
+    protected $repository;
+
+    /**
+     * ApiKeyService constructor.
+     *
+     * @param \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface $repository
+     * @param \Illuminate\Database\ConnectionInterface                    $database
+     * @param \Illuminate\Contracts\Encryption\Encrypter                  $encrypter
+     * @param \Pterodactyl\Services\Api\PermissionService                 $permissionService
+     */
+    public function __construct(
+        ApiKeyRepositoryInterface $repository,
+        ConnectionInterface $database,
+        Encrypter $encrypter,
+        PermissionService $permissionService
+    ) {
+        $this->repository = $repository;
+        $this->database = $database;
+        $this->encrypter = $encrypter;
+        $this->permissionService = $permissionService;
+    }
+
+    /**
+     * Create a new API Key on the system with the given permissions.
+     *
+     * @param  array  $data
+     * @param  array  $permissions
+     * @param  array  $administrative
+     * @return string
+     *
+     * @throws \Exception
+     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
+     */
+    public function create(array $data, array $permissions, array $administrative = [])
+    {
+        $publicKey = bin2hex(random_bytes(self::PUB_CRYPTO_BYTES));
+        $secretKey = bin2hex(random_bytes(self::PRIV_CRYPTO_BYTES));
+
+        // Start a Transaction
+        $this->database->beginTransaction();
+
+        $data = array_merge($data, [
+            'public' => $publicKey,
+            'secret' => $this->encrypter->encrypt($secretKey),
+        ]);
+
+        $instance = $this->repository->create($data, true, true);
+        $nodes = $this->permissionService->getPermissions();
+
+        foreach ($permissions as $permission) {
+            @list($block, $search) = explode('-', $permission);
+
+            if (
+                (empty($block) || empty($search)) ||
+                ! array_key_exists($block, $nodes['_user']) ||
+                ! in_array($search, $nodes['_user'][$block])
+            ) {
+                continue;
+            }
+
+            $this->permissionService->create($instance->id, sprintf('user.%s', $permission));
+        }
+
+        foreach ($administrative as $permission) {
+            @list($block, $search) = explode('-', $permission);
+
+            if (
+                (empty($block) || empty($search)) ||
+                ! array_key_exists($block, $nodes) ||
+                ! in_array($search, $nodes[$block])
+            ) {
+                continue;
+            }
+
+            $this->permissionService->create($instance->id, $permission);
+        }
+
+        $this->database->commit();
+
+        return $secretKey;
+    }
+
+    /**
+     * Delete the API key and associated permissions from the database.
+     *
+     * @param  int $id
+     * @return bool|null
+     */
+    public function revoke($id)
+    {
+        return $this->repository->delete($id);
+    }
+}
--- a/app/Services/Api/PermissionService.php
+++ b/app/Services/Api/PermissionService.php
@ -0,0 +1,73 @@
+<?php
+/*
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+namespace Pterodactyl\Services\Api;
+
+use Pterodactyl\Contracts\Repository\ApiPermissionRepositoryInterface;
+
+class PermissionService
+{
+    /**
+     * @var \Pterodactyl\Contracts\Repository\ApiPermissionRepositoryInterface
+     */
+    protected $repository;
+
+    /**
+     * ApiPermissionService constructor.
+     *
+     * @param \Pterodactyl\Contracts\Repository\ApiPermissionRepositoryInterface $repository
+     */
+    public function __construct(ApiPermissionRepositoryInterface $repository)
+    {
+        $this->repository = $repository;
+    }
+
+    /**
+     * Store a permission key in the database.
+     *
+     * @param  string  $key
+     * @param  string  $permission
+     * @return bool
+     *
+     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
+     */
+    public function create($key, $permission)
+    {
+        // @todo handle an array of permissions to do a mass assignment?
+        return $this->repository->withoutFresh()->create([
+            'key_id' => $key,
+            'permission' => $permission,
+        ]);
+    }
+
+    /**
+     * Return all of the permissions available for an API Key.
+     *
+     * @return array
+     */
+    public function getPermissions()
+    {
+        return $this->repository->getModel()::CONST_PERMISSIONS;
+    }
+}