Ensure that a Node's daemon secret can be properly reset

2018-12-02 13:38:59 -08:00 · 2018-12-02 13:38:59 -08:00 · 6e4cfe8f98
commit 6e4cfe8f98
parent 4d8760f335
4 changed files with 44 additions and 14 deletions
--- a/app/Http/Controllers/Admin/NodesController.php
+++ b/app/Http/Controllers/Admin/NodesController.php
@ -263,7 +263,7 @@ class NodesController extends Controller
     */
    public function updateSettings(NodeFormRequest $request, Node $node)
    {
-        $this->updateService->handle($node, $request->normalize());
+        $this->updateService->handle($node, $request->normalize(), $request->input('reset_secret') === 'on');
        $this->alert->success(trans('admin/node.notices.node_updated'))->flash();

        return redirect()->route('admin.nodes.view.settings', $node->id)->withInput();
@ -289,7 +289,7 @@ class NodesController extends Controller
     * Removes multiple individual allocations from a node.
     *
     * @param \Illuminate\Http\Request $request
-     * @param int $node
+     * @param int                      $node
     * @return \Illuminate\Http\Response
     *
     * @throws \Pterodactyl\Exceptions\Service\Allocation\ServerUsingAllocationException
--- a/app/Http/Controllers/Api/Application/Nodes/NodeController.php
+++ b/app/Http/Controllers/Api/Application/Nodes/NodeController.php
@ -125,7 +125,7 @@ class NodeController extends ApplicationApiController
    public function update(UpdateNodeRequest $request): array
    {
        $node = $this->updateService->handle(
-            $request->getModel(Node::class), $request->validated()
+            $request->getModel(Node::class), $request->validated(), $request->input('reset_secret') === true
        );

        return $this->fractal->item($node)
--- a/app/Services/Nodes/NodeUpdateService.php
+++ b/app/Services/Nodes/NodeUpdateService.php
@ -50,24 +50,41 @@ class NodeUpdateService
     *
     * @param \Pterodactyl\Models\Node $node
     * @param array                    $data
+     * @param bool                     $resetToken
+     *
     * @return \Pterodactyl\Models\Node
     *
-     * @throws \Pterodactyl\Exceptions\DisplayException
     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
+     * @throws \Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException
+     * @throws \Pterodactyl\Exceptions\Service\Node\ConfigurationNotPersistedException
     */
-    public function handle(Node $node, array $data)
+    public function handle(Node $node, array $data, bool $resetToken = false)
    {
-        if (! is_null(array_get($data, 'reset_secret'))) {
+        if ($resetToken) {
            $data['daemonSecret'] = str_random(Node::DAEMON_SECRET_LENGTH);
-            unset($data['reset_secret']);
        }

        $this->connection->beginTransaction();
+
+        /** @var \Pterodactyl\Models\Node $updatedModel */
        $updatedModel = $this->repository->update($node->id, $data);

        try {
-            $this->configRepository->setNode($updatedModel)->update();
+            if ($resetToken) {
+                // We need to clone the new model and set it's authentication token to be the
+                // old one so we can connect. Then we will pass the new token through as an
+                // override on the call.
+                $cloned = $updatedModel->replicate(['daemonSecret']);
+                $cloned->setAttribute('daemonSecret', $node->getAttribute('daemonSecret'));
+
+                $this->configRepository->setNode($cloned)->update([
+                    'keys' => [$data['daemonSecret']],
+                ]);
+            } else {
+                $this->configRepository->setNode($updatedModel)->update();
+            }
+
            $this->connection->commit();
        } catch (RequestException $exception) {
            // Failed to connect to the Daemon. Let's go ahead and save the configuration