StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

More service structure testing and configuration

Browse source 
Tests aren't working as well as I had hoped, so a lot are commented out while I wait to hear back on this bug causing them to fail.
This commit is contained in:
Dane Everitt 2017-06-24 19:49:09 -05:00
parent ce2b2447d0
commit 2235481765
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
18 changed files with 755 additions and 401 deletions
Download patch file Download diff file Expand all files Collapse all files

50
app/Exceptions/Model/DataValidationException.php Normal file
View file

@ -0,0 +1,50 @@
<?php
/*
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Exceptions\Model;
use Illuminate\Contracts\Validation\Validator;
use Illuminate\Validation\ValidationException;
use Illuminate\Contracts\Support\MessageProvider;
class DataValidationException extends ValidationException implements MessageProvider
{
/**
* DataValidationException constructor.
*
* @param \Illuminate\Contracts\Validation\Validator $validator
*/
public function __construct(Validator $validator)
{
parent::__construct($validator);
}
/**
* @return \Illuminate\Support\MessageBag
*/
public function getMessageBag()
{
return $this->validator->errors();
}
}

26
app/Http/Controllers/Admin/UserController.php
View file

@ -47,20 +47,20 @@ class UserController extends Controller
/**
* @var \Pterodactyl\Models\User
*/
protected $userModel;
protected $model;
/**
* UserController constructor.
*
* @param \Prologue\Alerts\AlertsMessageBag $alert
* @param \Pterodactyl\Services\UserService $service
* @param \Pterodactyl\Models\User $userModel
* @param \Pterodactyl\Models\User $model
*/
public function __construct(AlertsMessageBag $alert, UserService $service, User $userModel)
public function __construct(AlertsMessageBag $alert, UserService $service, User $model)
{
$this->alert = $alert;
$this->service = $service;
$this->userModel = $userModel;
$this->model = $model;
}
/**
@ -71,7 +71,7 @@ class UserController extends Controller
*/
public function index(Request $request)
{
$users = $this->userModel->withCount('servers', 'subuserOf');
$users = $this->model->newQuery()->withCount('servers', 'subuserOf');
if (! is_null($request->input('query'))) {
$users->search($request->input('query'));
@ -108,13 +108,19 @@ class UserController extends Controller
/**
* Delete a user from the system.
*
* @param \Illuminate\Http\Request $request
* @param \Pterodactyl\Models\User $user
* @return \Illuminate\Http\RedirectResponse
*
* @throws \Exception
* @throws \Pterodactyl\Exceptions\DisplayException
*/
public function delete(User $user)
public function delete(Request $request, User $user)
{
if ($request->user()->id === $user->id) {
throw new DisplayException('Cannot delete your own account.');
}
try {
$this->service->delete($user->id);
@ -146,9 +152,11 @@ class UserController extends Controller
/**
* Update a user on the system.
*
* @param \Pterodactyl\Http\Requests\Admin\UserFormRequest $request
* @param \Pterodactyl\Models\User $user
* @param \Pterodactyl\Http\Requests\Admin\UserFormRequest $request
* @param \Pterodactyl\Models\User $user
* @return \Illuminate\Http\RedirectResponse
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
*/
public function update(UserFormRequest $request, User $user)
{
@ -166,7 +174,7 @@ class UserController extends Controller
*/
public function json(Request $request)
{
return $this->userModel->search($request->input('q'))->all([
return $this->model->search($request->input('q'))->all([
'id', 'email', 'username', 'name_first', 'name_last',
])->transform(function ($item) {
$item->md5 = md5(strtolower($item->email));

6
app/Http/Requests/Admin/LocationRequest.php
View file

@ -35,6 +35,10 @@ class LocationRequest extends AdminFormRequest
*/
public function rules()
{
return app()->make(Location::class)->getRules();
if ($this->method() === 'PATCH') {
return Location::getUpdateRulesForId($this->location->id);
}
return Location::getCreateRules();
}
}

31
app/Http/Requests/Admin/UserFormRequest.php
View file

@ -25,46 +25,19 @@
namespace Pterodactyl\Http\Requests\Admin;
use Pterodactyl\Models\User;
use Pterodactyl\Contracts\Repositories\UserInterface;
class UserFormRequest extends AdminFormRequest
{
/**
* {@inheritdoc}
*/
public function repository()
{
return UserInterface::class;
}
/**
* {@inheritdoc}
*/
public function rules()
{
if ($this->method() === 'PATCH') {
return [
'email' => 'required|email|unique:users,email,' . $this->user->id,
'username' => 'required|alpha_dash|between:1,255|unique:users,username, ' . $this->user->id . '|' . User::USERNAME_RULES,
'name_first' => 'required|string|between:1,255',
'name_last' => 'required|string|between:1,255',
'password' => 'sometimes|nullable|' . User::PASSWORD_RULES,
'root_admin' => 'required|boolean',
// 'language' => 'sometimes|required|string|min:1|max:5',
// 'use_totp' => 'sometimes|required|boolean',
// 'totp_secret' => 'sometimes|required|size:16',
];
return User::getUpdateRulesForId($this->user->id);
}
return [
'email' => 'required|email|unique:users,email',
'username' => 'required|alpha_dash|between:1,255|unique:users,username|' . User::USERNAME_RULES,
'name_first' => 'required|string|between:1,255',
'name_last' => 'required|string|between:1,255',
'password' => 'sometimes|nullable|' . User::PASSWORD_RULES,
'root_admin' => 'required|boolean',
'external_id' => 'sometimes|nullable|numeric|unique:users,external_id',
];
return User::getCreateRules();
}
public function normalize()

24
app/Models/Location.php
View file

@ -24,12 +24,14 @@
namespace Pterodactyl\Models;
use Watson\Validating\ValidatingTrait;
use Sofa\Eloquence\Eloquence;
use Sofa\Eloquence\Validable;
use Illuminate\Database\Eloquent\Model;
use Sofa\Eloquence\Contracts\Validable as ValidableContract;
class Location extends Model
class Location extends Model implements ValidableContract
{
use ValidatingTrait;
use Eloquence, Validable;
/**
* The table associated with the model.
@ -50,9 +52,19 @@ class Location extends Model
*
* @var array
*/
protected $rules = [
'short' => 'required|string|between:1,60|unique:locations,short',
'long' => 'required|string|between:1,255',
protected static $applicationRules = [
'short' => 'required',
'long' => 'required',
];
/**
* Rules ensuring that the raw data stored in the database meets expectations.
*
* @var array
*/
protected static $dataIntegrityRules = [
'short' => 'string|between:1,60|unique:locations,short',
'long' => 'string|between:1,255',
];
/**

66
app/Models/User.php
View file

@ -26,26 +26,29 @@ namespace Pterodactyl\Models;
use Hash;
use Google2FA;
use Sofa\Eloquence\Eloquence;
use Sofa\Eloquence\Validable;
use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Notifications\Notifiable;
use Pterodactyl\Exceptions\DisplayException;
use Nicolaslopezj\Searchable\SearchableTrait;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Foundation\Auth\Access\Authorizable;
use Sofa\Eloquence\Contracts\Validable as ValidableContract;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Pterodactyl\Notifications\SendPasswordReset as ResetPasswordNotification;
class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract
class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract, ValidableContract
{
use Authenticatable, Authorizable, CanResetPassword, Notifiable, SearchableTrait;
use Authenticatable, Authorizable, CanResetPassword, Eloquence, Notifiable, Validable;
/**
* The rules for user passwords.
*
* @var string
* @deprecated
*/
const PASSWORD_RULES = 'regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})';
@ -101,16 +104,53 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
* @var array
*/
protected $searchable = [
'columns' => [
'email' => 10,
'username' => 9,
'name_first' => 6,
'name_last' => 6,
'uuid' => 1,
],
'email' => 10,
'username' => 9,
'name_first' => 6,
'name_last' => 6,
'uuid' => 1,
];
protected $query;
/**
* Default values for specific fields in the database.
*
* @var array
*/
protected $attributes = [
'root_admin' => false,
'language' => 'en',
'use_totp' => false,
'totp_secret' => null,
];
/**
* Rules verifying that the data passed in forms is valid and meets application logic rules.
* @var array
*/
protected static $applicationRules = [
'email' => 'required|email',
'username' => 'required|alpha_dash',
'name_first' => 'required|string',
'name_last' => 'required|string',
'password' => 'sometimes|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})',
];
/**
* Rules verifying that the data being stored matches the expectations of the database.
*
* @var array
*/
protected static $dataIntegrityRules = [
'email' => 'unique:users,email',
'username' => 'between:1,255|unique:users,username',
'name_first' => 'between:1,255',
'name_last' => 'between:1,255',
'password' => 'nullable|string',
'root_admin' => 'boolean',
'language' => 'string|between:2,5',
'use_totp' => 'boolean',
'totp_secret' => 'nullable|string',
];
/**
* Enables or disables TOTP on an account if the token is valid.
@ -209,7 +249,7 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
* Change the access level for a given call to `access()` on the user.
*
* @param string $level can be all, admin, subuser, owner
* @return void
* @return $this
*/
public function setAccessLevel($level = 'all')
{
@ -226,7 +266,7 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
* Note: does not account for user admin status.
*
* @param array $load
* @return \Illuiminate\Database\Eloquent\Builder
* @return \Pterodactyl\Models\Server
*/
public function access(...$load)
{

84
app/Services/Helpers/TemporaryPasswordService.php Normal file
View file

@ -0,0 +1,84 @@
<?php
/*
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Services\Helpers;
use Illuminate\Contracts\Hashing\Hasher;
use Illuminate\Database\DatabaseManager;
use Illuminate\Config\Repository as ConfigRepository;
class TemporaryPasswordService
{
const HMAC_ALGO = 'sha256';
/**
* @var \Illuminate\Config\Repository
*/
protected $config;
/**
* @var \Illuminate\Database\DatabaseManager
*/
protected $database;
/**
* @var \Illuminate\Contracts\Hashing\Hasher
*/
protected $hasher;
/**
* TemporaryPasswordService constructor.
*
* @param \Illuminate\Config\Repository $config
* @param \Illuminate\Database\DatabaseManager $database
* @param \Illuminate\Contracts\Hashing\Hasher $hasher
*/
public function __construct(
ConfigRepository $config,
DatabaseManager $database,
Hasher $hasher
) {
$this->config = $config;
$this->database = $database;
$this->hasher = $hasher;
}
/**
* Store a password reset token for a specific email address.
*
* @param string $email
* @return string
*/
public function generateReset($email)
{
$token = hash_hmac(self::HMAC_ALGO, str_random(40), $this->config->get('app.key'));
$this->database->table('password_resets')->insert([
'email' => $email,
'token' => $this->hasher->make($token),
]);
return $token;
}
}

26
app/Services/LocationService.php
View file

@ -24,6 +24,7 @@
namespace Pterodactyl\Services;
use Pterodactyl\Exceptions\Model\DataValidationException;
use Pterodactyl\Models\Location;
use Pterodactyl\Exceptions\DisplayException;
@ -50,13 +51,15 @@ class LocationService
* @param array $data
* @return \Pterodactyl\Models\Location
*
* @throws \Throwable
* @throws \Watson\Validating\ValidationException
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
*/
public function create(array $data)
{
$location = $this->model->fill($data);
$location->saveOrFail();
$location = $this->model->newInstance($data);
if (! $location->save()) {
throw new DataValidationException($location->getValidator());
}
return $location;
}
@ -64,17 +67,19 @@ class LocationService
/**
* Update location model in the DB.
*
* @param int $id
* @param array $data
* @param int $id
* @param array $data
* @return \Pterodactyl\Models\Location
*
* @throws \Throwable
* @throws \Watson\Validating\ValidationException
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
*/
public function update($id, array $data)
{
$location = $this->model->findOrFail($id);
$location->fill($data)->saveOrFail();
$location = $this->model->findOrFail($id)->fill($data);
if (! $location->save()) {
throw new DataValidationException($location->getValidator());
}
return $location;
}
@ -84,6 +89,7 @@ class LocationService
*
* @param int $id
* @return bool
*
* @throws \Pterodactyl\Exceptions\DisplayException
*/
public function delete($id)

111
app/Services/UserService.php
View file

@ -26,94 +26,62 @@ namespace Pterodactyl\Services;
use Pterodactyl\Models\User;
use Illuminate\Database\Connection;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Hashing\Hasher;
use Pterodactyl\Exceptions\DisplayException;
use Pterodactyl\Notifications\AccountCreated;
use Pterodactyl\Services\Components\UuidService;
use Illuminate\Config\Repository as ConfigRepository;
use Pterodactyl\Exceptions\Model\DataValidationException;
use Pterodactyl\Services\Helpers\TemporaryPasswordService;
class UserService
{
const HMAC_ALGO = 'sha256';
/**
* @var \Illuminate\Config\Repository
*/
protected $config;
/**
* @var \Illuminate\Database\Connection
*/
protected $database;
/**
* @var \Illuminate\Contracts\Auth\Guard
*/
protected $guard;
/**
* @var \Illuminate\Contracts\Hashing\Hasher
*/
protected $hasher;
/**
* @var \Pterodactyl\Services\Components\UuidService
* @var \Pterodactyl\Services\Helpers\TemporaryPasswordService
*/
protected $uuid;
protected $passwordService;
/**
* @var \Pterodactyl\Models\User
*/
protected $model;
/**
* UserService constructor.
*
* @param \Illuminate\Config\Repository $config
* @param \Illuminate\Database\Connection $database
* @param \Illuminate\Contracts\Auth\Guard $guard
* @param \Illuminate\Contracts\Hashing\Hasher $hasher
* @param \Pterodactyl\Services\Components\UuidService $uuid
* @param \Illuminate\Database\Connection $database
* @param \Illuminate\Contracts\Hashing\Hasher $hasher
* @param \Pterodactyl\Services\Helpers\TemporaryPasswordService $passwordService
* @param \Pterodactyl\Models\User $model
*/
public function __construct(
ConfigRepository $config,
Connection $database,
Guard $guard,
Hasher $hasher,
UuidService $uuid
TemporaryPasswordService $passwordService,
User $model
) {
$this->config = $config;
$this->database = $database;
$this->guard = $guard;
$this->hasher = $hasher;
$this->uuid = $uuid;
}
/**
* Assign a temporary password to an account and return an authentication token to
* email to the user for resetting their password.
*
* @param \Pterodactyl\Models\User $user
* @return string
*/
protected function assignTemporaryPassword(User $user)
{
$user->password = $this->hasher->make(str_random(30));
$token = hash_hmac(self::HMAC_ALGO, str_random(40), $this->config->get('app.key'));
$this->database->table('password_resets')->insert([
'email' => $user->email,
'token' => $this->hasher->make($token),
]);
return $token;
$this->passwordService = $passwordService;
$this->model = $model;
}
/**
* Create a new user on the system.
*
* @param array $data
* @param array $data
* @return \Pterodactyl\Models\User
*
* @throws \Exception
* @throws \Throwable
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
*/
public function create(array $data)
{
@ -121,16 +89,18 @@ class UserService
$data['password'] = $this->hasher->make($data['password']);
}
$user = new User;
$user->fill($data);
$user = $this->model->newInstance($data);
// Persist the data
$token = $this->database->transaction(function () use ($user) {
if (empty($user->password)) {
$token = $this->assignTemporaryPassword($user);
$user->password = $this->hasher->make(str_random(30));
$token = $this->passwordService->generateReset($user->email);
}
$user->save();
if (! $user->save()) {
throw new DataValidationException($user->getValidator());
}
return $token ?? null;
});
@ -147,35 +117,44 @@ class UserService
/**
* Update the user model.
*
* @param \Pterodactyl\Models\User $user
* @param int|\Pterodactyl\Models\User $user
* @param array $data
* @return \Pterodactyl\Models\User
*
* @throws \Illuminate\Database\Eloquent\ModelNotFoundException
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
*/
public function update(User $user, array $data)
public function update($user, array $data)
{
if (! $user instanceof User) {
$user = $this->model->findOrFail($user);
}
if (isset($data['password'])) {
$data['password'] = $this->hasher->make($data['password']);
}
$user->fill($data)->save();
$user->fill($data);
if (! $user->save()) {
throw new DataValidationException($user->getValidator());
}
return $user;
}
/**
* @param \Pterodactyl\Models\User $user
* @param int|\Pterodactyl\Models\User $user
* @return bool|null
*
* @throws \Exception
* @throws \Pterodactyl\Exceptions\DisplayException
* @throws \Illuminate\Database\Eloquent\ModelNotFoundException
*/
public function delete(User $user)
public function delete($user)
{
if ($user->servers()->count() > 0) {
throw new DisplayException('Cannot delete an account that has active servers attached to it.');
}
if ($this->guard->check() && $this->guard->id() === $user->id) {
throw new DisplayException('You cannot delete your own account.');
if (! $user instanceof User) {
$user = $this->model->findOrFail($user);
}
if ($user->servers()->count() > 0) {