Implement changes to administrative user revocation, closes #733
This commit is contained in:
Dane Everitt
parent
20beb2f280
commit
975597b4d0
19 changed files with 458 additions and 125 deletions
|
|
@ -1,59 +1,79 @@
|
|||
<?php
|
||||
/**
|
||||
* Pterodactyl - Panel
|
||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
||||
*
|
||||
* This software is licensed under the terms of the MIT license.
|
||||
* https://opensource.org/licenses/MIT
|
||||
*/
|
||||
|
||||
namespace Pterodactyl\Services\Users;
|
||||
|
||||
use Pterodactyl\Models\User;
|
||||
use Illuminate\Support\Collection;
|
||||
use Illuminate\Contracts\Hashing\Hasher;
|
||||
use Pterodactyl\Traits\Services\HasUserLevels;
|
||||
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
|
||||
use Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService;
|
||||
|
||||
class UserUpdateService
|
||||
{
|
||||
use HasUserLevels;
|
||||
|
||||
/**
|
||||
* @var \Illuminate\Contracts\Hashing\Hasher
|
||||
*/
|
||||
protected $hasher;
|
||||
private $hasher;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\UserRepositoryInterface
|
||||
*/
|
||||
protected $repository;
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService
|
||||
*/
|
||||
private $revocationService;
|
||||
|
||||
/**
|
||||
* UpdateService constructor.
|
||||
*
|
||||
* @param \Illuminate\Contracts\Hashing\Hasher $hasher
|
||||
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
|
||||
* @param \Illuminate\Contracts\Hashing\Hasher $hasher
|
||||
* @param \Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService $revocationService
|
||||
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
|
||||
*/
|
||||
public function __construct(
|
||||
Hasher $hasher,
|
||||
RevokeMultipleDaemonKeysService $revocationService,
|
||||
UserRepositoryInterface $repository
|
||||
) {
|
||||
$this->hasher = $hasher;
|
||||
$this->repository = $repository;
|
||||
$this->revocationService = $revocationService;
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the user model instance.
|
||||
* Update the user model instance. If the user has been removed as an administrator
|
||||
* revoke all of the authentication tokens that have beenn assigned to their account.
|
||||
*
|
||||
* @param int $id
|
||||
* @param array $data
|
||||
* @return mixed
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param array $data
|
||||
* @return \Illuminate\Support\Collection
|
||||
*
|
||||
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
||||
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
||||
* @throws \Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException
|
||||
*/
|
||||
public function handle($id, array $data)
|
||||
public function handle(User $user, array $data): Collection
|
||||
{
|
||||
if (isset($data['password'])) {
|
||||
if (array_has($data, 'password')) {
|
||||
$data['password'] = $this->hasher->make($data['password']);
|
||||
}
|
||||
|
||||
return $this->repository->update($id, $data);
|
||||
if ($this->isUserLevel(User::USER_LEVEL_ADMIN)) {
|
||||
if (array_get($data, 'root_admin', 0) == 0 && $user->root_admin) {
|
||||
$this->revocationService->handle($user, array_get($data, 'ignore_connection_error', false));
|
||||
}
|
||||
} else {
|
||||
unset($data['root_admin']);
|
||||
}
|
||||
|
||||
return collect([
|
||||
'model' => $this->repository->update($user->id, $data),
|
||||
'exceptions' => $this->revocationService->getExceptions(),
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Reference in a new issue