/**
* Creates a new subuser on the server.
* @param integer $id The ID of the server to add this subuser to.
* @param array $data
* @throws DisplayValidationException
* @throws DisplayException
* @return integer Returns the ID of the newly created subuser.
*/
public function create($sid, array $data)
{
$server = Models\Server::findOrFail($sid);
$validator = Validator::make($data, ['permissions' => 'required|array', 'email' => 'required|email']);
if ($validator->fails()) {
throw new DisplayValidationException(json_encode($validator->errors()));
}
DB::beginTransaction();
try {
// Determine if this user exists or if we need to make them an account.
$user = Models\User::where('email', $data['email'])->first();
if (!$user) {
$password = str_random(16);
try {
$repo = new UserRepository();
$uid = $repo->create($data['email'], $password);
$user = Models\User::findOrFail($uid);
} catch (\Exception $ex) {
throw $ex;
}
}
$uuid = new UuidService();
$subuser = new Models\Subuser();
$subuser->fill(['user_id' => $user->id, 'server_id' => $server->id, 'daemonSecret' => (string) $uuid->generate('servers', 'uuid')]);
$subuser->save();
$daemonPermissions = $this->coreDaemonPermissions;
foreach ($data['permissions'] as $permission) {
if (array_key_exists($permission, $this->permissions)) {
// Build the daemon permissions array for sending.
if (!is_null($this->permissions[$permission])) {
array_push($daemonPermissions, $this->permissions[$permission]);
}
$model = new Models\Permission();
$model->fill(['user_id' => $user->id, 'server_id' => $server->id, 'permission' => $permission]);
$model->save();
}
}
// Contact Daemon
// We contact even if they don't have any daemon permissions to overwrite
// if they did have them previously.
$node = Models\Node::getByID($server->node);
$client = Models\Node::guzzleRequest($server->node);
$res = $client->request('PATCH', '/server', ['headers' => ['X-Access-Server' => $server->uuid, 'X-Access-Token' => $node->daemonSecret], 'json' => ['keys' => [$subuser->daemonSecret => $daemonPermissions]]]);
$email = $data['email'];
Mail::queue('emails.added-subuser', ['serverName' => $server->name, 'url' => route('server.index', $server->uuidShort)], function ($message) use($email) {
$message->to($email);
$message->from(Settings::get('email_from', env('MAIL_FROM')), Settings::get('email_sender_name', env('MAIL_FROM_NAME', 'Pterodactyl Panel')));
$message->subject(Settings::get('company') . ' - Added to Server');
});
DB::commit();
return $subuser->id;
} catch (\GuzzleHttp\Exception\TransferException $ex) {
DB::rollBack();
throw new DisplayException('There was an error attempting to connect to the daemon to add this user.', $ex);
} catch (\Exception $ex) {
DB::rollBack();
throw $ex;
}
return false;
}
/**
* Execute the console command.
*
* @return mixed
*/
public function handle()
{
$email = $this->ask('Email');
$password = $this->secret('Password');
$password_confirmation = $this->secret('Confirm Password');
if ($password !== $password_confirmation) {
return $this->error('The passwords provided did not match!');
}
$admin = $this->confirm('Is this user a root administrator?');
try {
$user = new UserRepository();
$user->create($email, $password, $admin);
return $this->info('User successfully created.');
} catch (\Exception $ex) {
return $this->error($ex->getMessage());
}
}
public function updateUser(Request $request, $user)
{
$data = ['email' => $request->input('email'), 'root_admin' => $request->input('root_admin'), 'password_confirmation' => $request->input('password_confirmation')];
if ($request->input('password')) {
$data['password'] = $request->input('password');
}
try {
$repo = new UserRepository();
$repo->update($user, $data);
Alert::success('User account was successfully updated.')->flash();
} catch (DisplayValidationException $ex) {
return redirect()->route('admin.users.view', $user)->withErrors(json_decode($ex->getMessage()));
} catch (\Exception $e) {
Log::error($e);
Alert::danger('An error occured while attempting to update this user.')->flash();
}
return redirect()->route('admin.users.view', $user);
}
/**
* Delete a User
*
* @Delete("/users/{id}")
* @Versions({"v1"})
* @Transaction({
* @Request(headers={"Authorization": "Bearer <token>"}),
* @Response(204),
* @Response(422)
* })
* @Parameters({
* @Parameter("id", type="integer", required=true, description="The ID of the user to delete.")
* })
*/
public function delete(Request $request, $id)
{
try {
$user = new UserRepository();
$user->delete($id);
return $this->response->noContent();
} catch (DisplayException $ex) {
throw new ResourceException($ex->getMessage());
} catch (\Exception $ex) {
throw new ServiceUnavailableHttpException('Unable to delete this user due to an error.');
}
}
