StarMC/Astral-nook
StarMC/Astral-nook
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Implement changes to administrative user revocation, closes #733

Browse source
This commit is contained in:
Dane Everitt 2017-12-03 14:00:47 -06:00
parent 20beb2f280
commit 975597b4d0
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
19 changed files with 458 additions and 125 deletions
Download patch file Download diff file Expand all files Collapse all files

91
app/Services/DaemonKeys/RevokeMultipleDaemonKeysService.php Normal file
View file

@ -0,0 +1,91 @@
<?php
namespace Pterodactyl\Services\DaemonKeys;
use Pterodactyl\Models\User;
use GuzzleHttp\Exception\RequestException;
use Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface;
use Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException;
use Pterodactyl\Contracts\Repository\Daemon\ServerRepositoryInterface as DaemonServerRepository;
class RevokeMultipleDaemonKeysService
{
/**
* @var array
*/
protected $exceptions = [];
/**
* @var \Pterodactyl\Contracts\Repository\Daemon\ServerRepositoryInterface
*/
private $daemonRepository;
/**
* @var \Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface
*/
private $repository;
/**
* RevokeMultipleDaemonKeysService constructor.
*
* @param \Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface $repository
* @param \Pterodactyl\Contracts\Repository\Daemon\ServerRepositoryInterface $daemonRepository
*/
public function __construct(
DaemonKeyRepositoryInterface $repository,
DaemonServerRepository $daemonRepository
) {
$this->daemonRepository = $daemonRepository;
$this->repository = $repository;
}
/**
* Grab all of the keys that exist for a single user and delete them from all
* daemon's that they are assigned to. If connection fails, this function will
* return an error.
*
* @param \Pterodactyl\Models\User $user
* @param bool $ignoreConnectionErrors
*
* @throws \Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException
*/
public function handle(User $user, bool $ignoreConnectionErrors = false)
{
$keys = $this->repository->getKeysForRevocation($user);
$keys->groupBy('server.node_id')->each(function ($group, $node) use ($ignoreConnectionErrors) {
try {
$this->daemonRepository->setNode($node)->revokeAccessKey(collect($group)->pluck('secret')->toArray());
} catch (RequestException $exception) {
if (! $ignoreConnectionErrors) {
throw new DaemonConnectionException($exception);
}
$this->setConnectionException($node, $exception);
}
$this->repository->deleteKeys(collect($group)->pluck('id')->toArray());
});
}
/**
* Returns an array of exceptions that were returned by the handle function.
*
* @return RequestException[]
*/
public function getExceptions()
{
return $this->exceptions;
}
/**
* Add an exception for a node to the array.
*
* @param int $node
* @param \GuzzleHttp\Exception\RequestException $exception
*/
protected function setConnectionException(int $node, RequestException $exception)
{
$this->exceptions[$node] = $exception;
}
}

56
app/Services/Users/UserUpdateService.php
View file

@ -1,59 +1,79 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* This software is licensed under the terms of the MIT license.
* https://opensource.org/licenses/MIT
*/
namespace Pterodactyl\Services\Users;
use Pterodactyl\Models\User;
use Illuminate\Support\Collection;
use Illuminate\Contracts\Hashing\Hasher;
use Pterodactyl\Traits\Services\HasUserLevels;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
use Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService;
class UserUpdateService
{
use HasUserLevels;
/**
* @var \Illuminate\Contracts\Hashing\Hasher
*/
protected $hasher;
private $hasher;
/**
* @var \Pterodactyl\Contracts\Repository\UserRepositoryInterface
*/
protected $repository;
private $repository;
/**
* @var \Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService
*/
private $revocationService;
/**
* UpdateService constructor.
*
* @param \Illuminate\Contracts\Hashing\Hasher $hasher
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
* @param \Illuminate\Contracts\Hashing\Hasher $hasher
* @param \Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService $revocationService
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
*/
public function __construct(
Hasher $hasher,
RevokeMultipleDaemonKeysService $revocationService,
UserRepositoryInterface $repository
) {
$this->hasher = $hasher;
$this->repository = $repository;
$this->revocationService = $revocationService;
}
/**
* Update the user model instance.
* Update the user model instance. If the user has been removed as an administrator
* revoke all of the authentication tokens that have beenn assigned to their account.
*
* @param int $id
* @param array $data
* @return mixed
* @param \Pterodactyl\Models\User $user
* @param array $data
* @return \Illuminate\Support\Collection
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
* @throws \Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException
*/
public function handle($id, array $data)
public function handle(User $user, array $data): Collection
{
if (isset($data['password'])) {
if (array_has($data, 'password')) {
$data['password'] = $this->hasher->make($data['password']);
}
return $this->repository->update($id, $data);
if ($this->isUserLevel(User::USER_LEVEL_ADMIN)) {
if (array_get($data, 'root_admin', 0) == 0 && $user->root_admin) {
$this->revocationService->handle($user, array_get($data, 'ignore_connection_error', false));
}
} else {
unset($data['root_admin']);
}
return collect([
'model' => $this->repository->update($user->id, $data),
'exceptions' => $this->revocationService->getExceptions(),
]);
}
}