Improved logic for handling permissions on API routes.
Still only partially implemented, however this method will allow the inclusion of data that is granted with servers (such as viewing more about the node, node location, allocations, etc) while still limiting someone from doing `?include=node.servers` and listing all servers when they don’t have list-servers as a permission.
This commit is contained in:
Dane Everitt
parent
db4df2bfa1
commit
4479d3bf19
16 changed files with 296 additions and 29 deletions
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\Allocation;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
|
|
@ -37,13 +38,26 @@ class AllocationTransformer extends TransformerAbstract
|
|||
protected $filter;
|
||||
|
||||
/**
|
||||
* Transformer constructor.
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @param bool|string $filter
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @param bool $filter
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($filter = false)
|
||||
public function __construct($request = false, $filter = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
$this->filter = $filter;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\Location;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
|
|
@ -39,6 +40,28 @@ class LocationTransformer extends TransformerAbstract
|
|||
'servers',
|
||||
];
|
||||
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed pack array.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\Node;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
|
|
@ -40,6 +41,28 @@ class NodeTransformer extends TransformerAbstract
|
|||
'servers',
|
||||
];
|
||||
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed pack array.
|
||||
*
|
||||
|
|
@ -77,6 +100,10 @@ class NodeTransformer extends TransformerAbstract
|
|||
*/
|
||||
public function includeServers(Node $node)
|
||||
{
|
||||
if ($this->request && ! $this->request->apiKeyHasPermission('list-servers')) {
|
||||
return;
|
||||
}
|
||||
|
||||
return $this->collection($node->servers, new ServerTransformer, 'server');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\ServiceOption;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
|
|
@ -41,6 +42,28 @@ class OptionTransformer extends TransformerAbstract
|
|||
'variables',
|
||||
];
|
||||
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed service option array.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\Pack;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
|
|
@ -39,6 +40,28 @@ class PackTransformer extends TransformerAbstract
|
|||
'servers',
|
||||
];
|
||||
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed pack array.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\Server;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
|
|
@ -46,6 +47,28 @@ class ServerTransformer extends TransformerAbstract
|
|||
'node',
|
||||
];
|
||||
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed server array.
|
||||
*
|
||||
|
|
@ -63,7 +86,7 @@ class ServerTransformer extends TransformerAbstract
|
|||
*/
|
||||
public function includeAllocations(Server $server)
|
||||
{
|
||||
return $this->collection($server->allocations, new AllocationTransformer('server'), 'allocation');
|
||||
return $this->collection($server->allocations, new AllocationTransformer($this->request, 'server'), 'allocation');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -73,7 +96,7 @@ class ServerTransformer extends TransformerAbstract
|
|||
*/
|
||||
public function includeSubusers(Server $server)
|
||||
{
|
||||
return $this->collection($server->subusers, new SubuserTransformer, 'subuser');
|
||||
return $this->collection($server->subusers, new SubuserTransformer($this->request), 'subuser');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -83,7 +106,7 @@ class ServerTransformer extends TransformerAbstract
|
|||
*/
|
||||
public function includeUser(Server $server)
|
||||
{
|
||||
return $this->item($server->user, new UserTransformer, 'user');
|
||||
return $this->item($server->user, new UserTransformer($this->request), 'user');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -93,7 +116,7 @@ class ServerTransformer extends TransformerAbstract
|
|||
*/
|
||||
public function includePack(Server $server)
|
||||
{
|
||||
return $this->item($server->pack, new PackTransformer, 'pack');
|
||||
return $this->item($server->pack, new PackTransformer($this->request), 'pack');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -103,7 +126,7 @@ class ServerTransformer extends TransformerAbstract
|
|||
*/
|
||||
public function includeService(Server $server)
|
||||
{
|
||||
return $this->item($server->service, new ServiceTransformer, 'service');
|
||||
return $this->item($server->service, new ServiceTransformer($this->request), 'service');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -113,7 +136,7 @@ class ServerTransformer extends TransformerAbstract
|
|||
*/
|
||||
public function includeOption(Server $server)
|
||||
{
|
||||
return $this->item($server->option, new OptionTransformer, 'option');
|
||||
return $this->item($server->option, new OptionTransformer($this->request), 'option');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -123,7 +146,7 @@ class ServerTransformer extends TransformerAbstract
|
|||
*/
|
||||
public function includeVariables(Server $server)
|
||||
{
|
||||
return $this->collection($server->variables, new ServerVariableTransformer, 'server_variable');
|
||||
return $this->collection($server->variables, new ServerVariableTransformer($this->request), 'server_variable');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -133,16 +156,16 @@ class ServerTransformer extends TransformerAbstract
|
|||
*/
|
||||
public function includeLocation(Server $server)
|
||||
{
|
||||
return $this->item($server->location, new LocationTransformer, 'location');
|
||||
return $this->item($server->location, new LocationTransformer($this->request), 'location');
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic array with pack information for this server.
|
||||
*
|
||||
* @return \Leauge\Fractal\Resource\Item
|
||||
* @return \Leauge\Fractal\Resource\Item|void
|
||||
*/
|
||||
public function includeNode(Server $server)
|
||||
{
|
||||
return $this->item($server->node, new NodeTransformer, 'node');
|
||||
return $this->item($server->node, new NodeTransformer($this->request), 'node');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\ServerVariable;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
|
|
@ -36,6 +37,28 @@ class ServerVariableTransformer extends TransformerAbstract
|
|||
*/
|
||||
protected $availableIncludes = ['parent'];
|
||||
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed server variable array.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\Service;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
|
|
@ -40,6 +41,28 @@ class ServiceTransformer extends TransformerAbstract
|
|||
'packs',
|
||||
];
|
||||
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed service array.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\ServiceVariable;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
|
|
@ -36,6 +37,28 @@ class ServiceVariableTransformer extends TransformerAbstract
|
|||
*/
|
||||
protected $availableIncludes = ['variables'];
|
||||
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed server variable array.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -24,12 +24,35 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\Subuser;
|
||||
use Pterodactyl\Models\Permission;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
class SubuserTransformer extends TransformerAbstract
|
||||
{
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed subuser array.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -24,11 +24,34 @@
|
|||
|
||||
namespace Pterodactyl\Transformers\Admin;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\User;
|
||||
use League\Fractal\TransformerAbstract;
|
||||
|
||||
class UserTransformer extends TransformerAbstract
|
||||
{
|
||||
/**
|
||||
* The Illuminate Request object if provided.
|
||||
*
|
||||
* @var \Illuminate\Http\Request|bool
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup request object for transformer.
|
||||
*
|
||||
* @param \Illuminate\Http\Request|bool $request
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($request = false)
|
||||
{
|
||||
if (! $request instanceof Request && $request !== false) {
|
||||
throw new DisplayException('Request passed to constructor must be of type Request or false.');
|
||||
}
|
||||
|
||||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a generic transformed subuser array.
|
||||
*
|
||||
|
|
|
|||
Reference in a new issue