Fix suspension/installed handling for servers

closes Pterodactyl/Panel#891

app/Http/Controllers/API/Remote/SftpController.php

@@ -3,12 +3,13 @@
 namespace Pterodactyl\Http\Controllers\Api\Remote;
 
 use Illuminate\Http\Request;
+use Illuminate\Http\Response;
 use Illuminate\Http\JsonResponse;
-use Illuminate\Auth\AuthenticationException;
 use Pterodactyl\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\ThrottlesLogins;
 use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
 use Pterodactyl\Services\Sftp\AuthenticateUsingPasswordService;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Pterodactyl\Http\Requests\Api\Remote\SftpAuthenticationFormRequest;
 
 class SftpController extends Controller
@@ -47,7 +48,7 @@ class SftpController extends Controller
         if ($this->hasTooManyLoginAttempts($request)) {
             return response()->json([
                 'error' => 'Logins throttled.',
-            ], 429);
+            ], Response::HTTP_TOO_MANY_REQUESTS);
         }
 
         try {
@@ -59,14 +60,14 @@ class SftpController extends Controller
             );
 
             $this->clearLoginAttempts($request);
-        } catch (AuthenticationException $exception) {
+        } catch (BadRequestHttpException $exception) {
             return response()->json([
-                'error' => 'Invalid credentials.',
-            ], 403);
+                'error' => 'The server you are trying to access is not installed or is suspended.',
+            ], Response::HTTP_BAD_REQUEST);
         } catch (RecordNotFoundException $exception) {
             return response()->json([
-                'error' => 'Invalid server.',
-            ], 404);
+                'error' => 'Unable to locate a resource using the username and password provided.',
+            ], Response::HTTP_NOT_FOUND);
         }
 
         return response()->json($data);

app/Http/Controllers/API/Remote/ValidateKeyController.php

@@ -25,6 +25,7 @@
 namespace Pterodactyl\Http\Controllers\Api\Remote;
 
 use Spatie\Fractal\Fractal;
+use Illuminate\Http\Response;
 use Pterodactyl\Http\Controllers\Controller;
 use Illuminate\Contracts\Foundation\Application;
 use Illuminate\Foundation\Testing\HttpException;
@@ -75,12 +76,11 @@ class ValidateKeyController extends Controller
      * @return array
      *
      * @throws \Illuminate\Foundation\Testing\HttpException
-     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
      */
     public function index($token)
     {
         if (! starts_with($token, DaemonKeyRepositoryInterface::INTERNAL_KEY_IDENTIFIER)) {
-            throw new HttpException(501);
+            throw new HttpException(Response::HTTP_NOT_IMPLEMENTED);
         }
 
         try {
@@ -89,6 +89,10 @@ class ValidateKeyController extends Controller
             throw new NotFoundHttpException;
         }
 
+        if ($key->getRelation('server')->suspended || $key->getRelation('server')->installed !== 1) {
+            throw new NotFoundHttpException;
+        }
+
         return $this->fractal->item($key, $this->app->make(ApiKeyTransformer::class), 'server')
             ->serializeWith(JsonApiSerializer::class)
             ->toArray();

app/Http/Controllers/Admin/ServersController.php

@@ -431,7 +431,7 @@ class ServersController extends Controller
 
         $this->repository->update($server->id, [
             'installed' => ! $server->installed,
-        ]);
+        ], true, true);
 
         $this->alert->success(trans('admin/server.alerts.install_toggled'))->flash();
 

app/Http/Controllers/Api/Application/Servers/ServerController.php

@@ -108,7 +108,6 @@ class ServerController extends ApplicationApiController
      * @return \Illuminate\Http\Response
      *
      * @throws \Pterodactyl\Exceptions\DisplayException
-     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
      */
     public function delete(ServerWriteRequest $request, Server $server, string $force = ''): Response
     {