Implement a better management interface for Settings (#809)

app/Http/Controllers/Admin/BaseController.php

@@ -1,51 +1,25 @@
 <?php
-/**
- * Pterodactyl - Panel
- * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
- *
- * This software is licensed under the terms of the MIT license.
- * https://opensource.org/licenses/MIT
- */
 
 namespace Pterodactyl\Http\Controllers\Admin;
 
-use Krucas\Settings\Settings;
-use Prologue\Alerts\AlertsMessageBag;
+use Illuminate\View\View;
 use Pterodactyl\Http\Controllers\Controller;
-use Pterodactyl\Http\Requests\Admin\BaseFormRequest;
 use Pterodactyl\Services\Helpers\SoftwareVersionService;
 
 class BaseController extends Controller
 {
-    /**
-     * @var \Prologue\Alerts\AlertsMessageBag
-     */
-    protected $alert;
-
-    /**
-     * @var \Krucas\Settings\Settings
-     */
-    protected $settings;
-
     /**
      * @var \Pterodactyl\Services\Helpers\SoftwareVersionService
      */
-    protected $version;
+    private $version;
 
     /**
      * BaseController constructor.
      *
-     * @param \Prologue\Alerts\AlertsMessageBag                    $alert
-     * @param \Krucas\Settings\Settings                            $settings
      * @param \Pterodactyl\Services\Helpers\SoftwareVersionService $version
      */
-    public function __construct(
-        AlertsMessageBag $alert,
-        Settings $settings,
-        SoftwareVersionService $version
-    ) {
-        $this->alert = $alert;
-        $this->settings = $settings;
+    public function __construct(SoftwareVersionService $version)
+    {
         $this->version = $version;
     }
 
@@ -54,34 +28,8 @@ class BaseController extends Controller
      *
      * @return \Illuminate\View\View
      */
-    public function getIndex()
+    public function index(): View
     {
         return view('admin.index', ['version' => $this->version]);
     }
-
-    /**
-     * Return the admin settings view.
-     *
-     * @return \Illuminate\View\View
-     */
-    public function getSettings()
-    {
-        return view('admin.settings');
-    }
-
-    /**
-     * Handle settings post request.
-     *
-     * @param \Pterodactyl\Http\Requests\Admin\BaseFormRequest $request
-     * @return \Illuminate\Http\RedirectResponse
-     */
-    public function postSettings(BaseFormRequest $request)
-    {
-        $this->settings->set('company', $request->input('company'));
-        $this->settings->set('2fa', $request->input('2fa'));
-
-        $this->alert->success('Settings have been successfully updated.')->flash();
-
-        return redirect()->route('admin.settings');
-    }
 }

app/Http/Controllers/Admin/Settings/AdvancedController.php

@@ -0,0 +1,91 @@
+<?php
+
+namespace Pterodactyl\Http\Controllers\Admin\Settings;
+
+use Illuminate\View\View;
+use Illuminate\Http\RedirectResponse;
+use Prologue\Alerts\AlertsMessageBag;
+use Illuminate\Contracts\Console\Kernel;
+use Pterodactyl\Http\Controllers\Controller;
+use Illuminate\Contracts\Config\Repository as ConfigRepository;
+use Pterodactyl\Contracts\Repository\SettingsRepositoryInterface;
+use Pterodactyl\Http\Requests\Admin\Settings\AdvancedSettingsFormRequest;
+
+class AdvancedController extends Controller
+{
+    /**
+     * @var \Prologue\Alerts\AlertsMessageBag
+     */
+    private $alert;
+
+    /**
+     * @var \Illuminate\Contracts\Config\Repository
+     */
+    private $config;
+
+    /**
+     * @var \Illuminate\Contracts\Console\Kernel
+     */
+    private $kernel;
+
+    /**
+     * @var \Pterodactyl\Contracts\Repository\SettingsRepositoryInterface
+     */
+    private $settings;
+
+    /**
+     * AdvancedController constructor.
+     *
+     * @param \Prologue\Alerts\AlertsMessageBag                             $alert
+     * @param \Illuminate\Contracts\Config\Repository                       $config
+     * @param \Illuminate\Contracts\Console\Kernel                          $kernel
+     * @param \Pterodactyl\Contracts\Repository\SettingsRepositoryInterface $settings
+     */
+    public function __construct(
+        AlertsMessageBag $alert,
+        ConfigRepository $config,
+        Kernel $kernel,
+        SettingsRepositoryInterface $settings
+    ) {
+        $this->alert = $alert;
+        $this->config = $config;
+        $this->kernel = $kernel;
+        $this->settings = $settings;
+    }
+
+    /**
+     * Render advanced Panel settings UI.
+     *
+     * @return \Illuminate\View\View
+     */
+    public function index(): View
+    {
+        $showRecaptchaWarning = false;
+        if (
+            $this->config->get('recaptcha._shipped_secret_key') === $this->config->get('recaptcha.secret_key')
+            || $this->config->get('recaptcha._shipped_website_key') === $this->config->get('recaptcha.website_key')
+        ) {
+            $showRecaptchaWarning = true;
+        }
+
+        return view('admin.settings.advanced', [
+            'showRecaptchaWarning' => $showRecaptchaWarning,
+        ]);
+    }
+
+    /**
+     * @param \Pterodactyl\Http\Requests\Admin\Settings\AdvancedSettingsFormRequest $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(AdvancedSettingsFormRequest $request): RedirectResponse
+    {
+        foreach ($request->normalize() as $key => $value) {
+            $this->settings->set('settings::' . $key, $value);
+        }
+
+        $this->kernel->call('queue:restart');
+        $this->alert->success('Advanced settings have been updated successfully and the queue worker was restarted to apply these changes.')->flash();
+
+        return redirect()->route('admin.settings.advanced');
+    }
+}

app/Http/Controllers/Admin/Settings/IndexController.php

@@ -0,0 +1,89 @@
+<?php
+
+namespace Pterodactyl\Http\Controllers\Admin\Settings;
+
+use Illuminate\View\View;
+use Illuminate\Http\RedirectResponse;
+use Prologue\Alerts\AlertsMessageBag;
+use Illuminate\Contracts\Console\Kernel;
+use Pterodactyl\Http\Controllers\Controller;
+use Pterodactyl\Traits\Helpers\AvailableLanguages;
+use Pterodactyl\Services\Helpers\SoftwareVersionService;
+use Pterodactyl\Contracts\Repository\SettingsRepositoryInterface;
+use Pterodactyl\Http\Requests\Admin\Settings\BaseSettingsFormRequest;
+
+class IndexController extends Controller
+{
+    use AvailableLanguages;
+
+    /**
+     * @var \Prologue\Alerts\AlertsMessageBag
+     */
+    private $alert;
+
+    /**
+     * @var \Illuminate\Contracts\Console\Kernel
+     */
+    private $kernel;
+
+    /**
+     * @var \Pterodactyl\Contracts\Repository\SettingsRepositoryInterface
+     */
+    private $settings;
+
+    /**
+     * @var \Pterodactyl\Services\Helpers\SoftwareVersionService
+     */
+    private $versionService;
+
+    /**
+     * IndexController constructor.
+     *
+     * @param \Prologue\Alerts\AlertsMessageBag                             $alert
+     * @param \Illuminate\Contracts\Console\Kernel                          $kernel
+     * @param \Pterodactyl\Contracts\Repository\SettingsRepositoryInterface $settings
+     * @param \Pterodactyl\Services\Helpers\SoftwareVersionService          $versionService
+     */
+    public function __construct(
+        AlertsMessageBag $alert,
+        Kernel $kernel,
+        SettingsRepositoryInterface $settings,
+        SoftwareVersionService $versionService)
+    {
+        $this->alert = $alert;
+        $this->kernel = $kernel;
+        $this->settings = $settings;
+        $this->versionService = $versionService;
+    }
+
+    /**
+     * Render the UI for basic Panel settings.
+     *
+     * @return \Illuminate\View\View
+     */
+    public function index(): View
+    {
+        return view('admin.settings.index', [
+            'version' => $this->versionService,
+            'languages' => $this->getAvailableLanguages(true),
+        ]);
+    }
+
+    /**
+     * Handle settings update.
+     *
+     * @param \Pterodactyl\Http\Requests\Admin\Settings\BaseSettingsFormRequest $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(BaseSettingsFormRequest $request): RedirectResponse
+    {
+        foreach ($request->normalize() as $key => $value) {
+            $this->settings->set('settings::' . $key, $value);
+        }
+
+        $this->kernel->call('queue:restart');
+        $this->alert->success('Panel settings have been updated successfully and the queue worker was restarted to apply these changes.')->flash();
+
+        return redirect()->route('admin.settings');
+    }
+}

app/Http/Controllers/Admin/Settings/MailController.php

@@ -0,0 +1,112 @@
+<?php
+
+namespace Pterodactyl\Http\Controllers\Admin\Settings;
+
+use Illuminate\View\View;
+use Illuminate\Http\RedirectResponse;
+use Prologue\Alerts\AlertsMessageBag;
+use Illuminate\Contracts\Console\Kernel;
+use Pterodactyl\Exceptions\DisplayException;
+use Pterodactyl\Http\Controllers\Controller;
+use Illuminate\Contracts\Encryption\Encrypter;
+use Pterodactyl\Providers\SettingsServiceProvider;
+use Illuminate\Contracts\Config\Repository as ConfigRepository;
+use Pterodactyl\Contracts\Repository\SettingsRepositoryInterface;
+use Pterodactyl\Http\Requests\Admin\Settings\MailSettingsFormRequest;
+
+class MailController extends Controller
+{
+    /**
+     * @var \Prologue\Alerts\AlertsMessageBag
+     */
+    private $alert;
+
+    /**
+     * @var \Illuminate\Contracts\Config\Repository
+     */
+    private $config;
+
+    /**
+     * @var \Illuminate\Contracts\Encryption\Encrypter
+     */
+    private $encrypter;
+
+    /**
+     * @var \Illuminate\Contracts\Console\Kernel
+     */
+    private $kernel;
+
+    /**
+     * @var \Pterodactyl\Contracts\Repository\SettingsRepositoryInterface
+     */
+    private $settings;
+
+    /**
+     * MailController constructor.
+     *
+     * @param \Prologue\Alerts\AlertsMessageBag                             $alert
+     * @param \Illuminate\Contracts\Config\Repository                       $config
+     * @param \Illuminate\Contracts\Encryption\Encrypter                    $encrypter
+     * @param \Illuminate\Contracts\Console\Kernel                          $kernel
+     * @param \Pterodactyl\Contracts\Repository\SettingsRepositoryInterface $settings
+     */
+    public function __construct(
+        AlertsMessageBag $alert,
+        ConfigRepository $config,
+        Encrypter $encrypter,
+        Kernel $kernel,
+        SettingsRepositoryInterface $settings
+    ) {
+        $this->alert = $alert;
+        $this->config = $config;
+        $this->encrypter = $encrypter;
+        $this->kernel = $kernel;
+        $this->settings = $settings;
+    }
+
+    /**
+     * Render UI for editing mail settings. This UI should only display if
+     * the server is configured to send mail using SMTP.
+     *
+     * @return \Illuminate\View\View
+     */
+    public function index(): View
+    {
+        return view('admin.settings.mail', [
+            'disabled' => $this->config->get('mail.driver') !== 'smtp',
+        ]);
+    }
+
+    /**
+     * Handle request to update SMTP mail settings.
+     *
+     * @param \Pterodactyl\Http\Requests\Admin\Settings\MailSettingsFormRequest $request
+     * @return \Illuminate\Http\RedirectResponse
+     *
+     * @throws \Pterodactyl\Exceptions\DisplayException
+     */
+    public function update(MailSettingsFormRequest $request): RedirectResponse
+    {
+        if ($this->config->get('mail.driver') !== 'smtp') {
+            throw new DisplayException('This feature is only available if SMTP is the selected email driver for the Panel.');
+        }
+
+        $values = $request->normalize();
+        if (array_get($values, 'mail:password') === '!e') {
+            $values['mail:password'] = '';
+        }
+
+        foreach ($values as $key => $value) {
+            if (in_array($key, SettingsServiceProvider::getEncryptedKeys()) && ! empty($value)) {
+                $value = $this->encrypter->encrypt($value);
+            }
+
+            $this->settings->set('settings::' . $key, $value);
+        }
+
+        $this->kernel->call('queue:restart');
+        $this->alert->success('Mail settings have been updated successfully and the queue worker was restarted to apply these changes.')->flash();
+
+        return redirect()->route('admin.settings.mail');
+    }
+}

app/Http/Middleware/RequireTwoFactorAuthentication.php

@@ -11,7 +11,6 @@ namespace Pterodactyl\Http\Middleware;
 
 use Closure;
 use Illuminate\Http\Request;
-use Krucas\Settings\Settings;
 use Prologue\Alerts\AlertsMessageBag;
 
 class RequireTwoFactorAuthentication
@@ -25,11 +24,6 @@ class RequireTwoFactorAuthentication
      */
     private $alert;
 
-    /**
-     * @var \Krucas\Settings\Settings
-     */
-    private $settings;
-
     /**
      * The names of routes that should be accessable without 2FA enabled.
      *
@@ -56,12 +50,10 @@ class RequireTwoFactorAuthentication
      * RequireTwoFactorAuthentication constructor.
      *
      * @param \Prologue\Alerts\AlertsMessageBag $alert
-     * @param \Krucas\Settings\Settings         $settings
      */
-    public function __construct(AlertsMessageBag $alert, Settings $settings)
+    public function __construct(AlertsMessageBag $alert)
     {
         $this->alert = $alert;
-        $this->settings = $settings;
     }
 
     /**
@@ -81,10 +73,7 @@ class RequireTwoFactorAuthentication
             return $next($request);
         }
 
-        switch ((int) $this->settings->get('2fa', 0)) {
-            case self::LEVEL_NONE:
-                return $next($request);
-                break;
+        switch ((int) config('pterodactyl.auth.2fa_required')) {
             case self::LEVEL_ADMIN:
                 if (! $request->user()->root_admin || $request->user()->use_totp) {
                     return $next($request);
@@ -95,6 +84,9 @@ class RequireTwoFactorAuthentication
                     return $next($request);
                 }
                 break;
+            case self::LEVEL_NONE:
+            default:
+                return $next($request);
         }
 
         $this->alert->danger(trans('auth.2fa_must_be_enabled'))->flash();

app/Http/Requests/Admin/Settings/AdvancedSettingsFormRequest.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace Pterodactyl\Http\Requests\Admin\Settings;
+
+use Pterodactyl\Http\Requests\Admin\AdminFormRequest;
+
+class AdvancedSettingsFormRequest extends AdminFormRequest
+{
+    /**
+     * Return all of the rules to apply to this request's data.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'recaptcha:enabled' => 'required|in:true,false',
+            'recaptcha:secret_key' => 'required|string|max:255',
+            'recaptcha:website_key' => 'required|string|max:255',
+            'pterodactyl:guzzle:timeout' => 'required|integer|between:1,60',
+            'pterodactyl:guzzle:connect_timeout' => 'required|integer|between:1,60',
+            'pterodactyl:console:count' => 'required|integer|min:1',
+            'pterodactyl:console:frequency' => 'required|integer|min:10',
+        ];
+    }
+
+    /**
+     * @return array
+     */
+    public function attributes()
+    {
+        return [
+            'recaptcha:enabled' => 'reCAPTCHA Enabled',
+            'recaptcha:secret_key' => 'reCAPTCHA Secret Key',
+            'recaptcha:website_key' => 'reCAPTCHA Website Key',
+            'pterodactyl:guzzle:timeout' => 'HTTP Request Timeout',
+            'pterodactyl:guzzle:connect_timeout' => 'HTTP Connection Timeout',
+            'pterodactyl:console:count' => 'Console Message Count',
+            'pterodactyl:console:frequency' => 'Console Frequency Tick',
+        ];
+    }
+}

app/Http/Requests/Admin/Settings/BaseSettingsFormRequest.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace Pterodactyl\Http\Requests\Admin\Settings;
+
+use Illuminate\Validation\Rule;
+use Pterodactyl\Traits\Helpers\AvailableLanguages;
+use Pterodactyl\Http\Requests\Admin\AdminFormRequest;
+
+class BaseSettingsFormRequest extends AdminFormRequest
+{
+    use AvailableLanguages;
+
+    /**
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'app:name' => 'required|string|max:255',
+            'pterodactyl:auth:2fa_required' => 'required|integer|in:0,1,2',
+            'app:locale' => ['required', 'string', Rule::in(array_keys($this->getAvailableLanguages()))],
+        ];
+    }
+
+    /**
+     * @return array
+     */
+    public function attributes()
+    {
+        return [
+            'app:name' => 'Company Name',
+            'pterodactyl:auth:2fa_required' => 'Require 2-Factor Authentication',
+            'app:locale' => 'Default Language',
+        ];
+    }
+}

app/Http/Requests/Admin/Settings/MailSettingsFormRequest.php

@@ -0,0 +1,44 @@
+<?php
+
+namespace Pterodactyl\Http\Requests\Admin\Settings;
+
+use Pterodactyl\Http\Requests\Admin\AdminFormRequest;
+
+class MailSettingsFormRequest extends AdminFormRequest
+{
+    /**
+     * Return rules to validate mail settings POST data aganist.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'mail:host' => 'required|string',
+            'mail:port' => 'required|integer|between:1,65535',
+            'mail:encryption' => 'present|string|in:"",tls,ssl',
+            'mail:username' => 'string|max:255',
+            'mail:password' => 'string|max:255',
+            'mail:from:address' => 'required|string|email',
+            'mail:from:name' => 'string|max:255',
+        ];
+    }
+
+    /**
+     * Override the default normalization function for this type of request
+     * as we need to accept empty values on the keys.
+     *
+     * @param array $only
+     * @return array
+     */
+    public function normalize($only = [])
+    {
+        $keys = array_flip(array_keys($this->rules()));
+
+        if (empty($this->input('mail:password'))) {
+            unset($keys['mail:password']);
+        }
+
+        return $this->only(array_flip($keys));
+    }
+}