public function postView(Request $request, $uuid, $id) { $server = Models\Server::getByUUID($uuid); $this->authorize('edit-subuser', $server); $subuser = Models\Subuser::where(DB::raw('md5(id)'), $id)->where('server_id', $server->id)->first(); try { if (!$subuser) { throw new DisplayException('Unable to locate a subuser by that ID.'); } else { if ($subuser->user_id === Auth::user()->id) { throw new DisplayException('You are not authorized to edit you own account.'); } } $repo = new SubuserRepository(); $repo->update($subuser->id, ['permissions' => $request->input('permissions'), 'server' => $server->id, 'user' => $subuser->user_id]); Alert::success('Subuser permissions have successfully been updated.')->flash(); } catch (DisplayValidationException $ex) { return redirect()->route('server.subusers.view', ['uuid' => $uuid, 'id' => $id])->withErrors(json_decode($ex->getMessage())); } catch (DisplayException $ex) { Alert::danger($ex->getMessage())->flash(); } catch (\Exception $ex) { Log::error($ex); Alert::danger('An unknown error occured while attempting to update this subuser.')->flash(); } return redirect()->route('server.subusers.view', ['uuid' => $uuid, 'id' => $id]); }
/** * Determine if we need to change the server's daemonSecret value to * match that of the user if they are a subuser. * * @param Illuminate\Database\Eloquent\Model\Server $server * @return string */ protected static function getUserDaemonSecret(Server $server) { if (self::$user->id === $server->owner || self::$user->root_admin === 1) { return $server->daemonSecret; } $subuser = Subuser::where('server_id', $server->id)->where('user_id', self::$user->id)->first(); if (is_null($subuser)) { return null; } return $subuser->daemonSecret; }
/** * Deletes a user on the panel, returns the number of records deleted. * * @param integer $id * @return integer */ public function delete($id) { if (Models\Server::where('owner', $id)->count() > 0) { throw new DisplayException('Cannot delete a user with active servers attached to thier account.'); } DB::beginTransaction(); try { Models\Permission::where('user_id', $id)->delete(); Models\Subuser::where('user_id', $id)->delete(); Models\User::destroy($id); DB::commit(); return true; } catch (\Exception $ex) { DB::rollBack(); throw $ex; } }
public function deleteServer($id, $force) { $server = Models\Server::findOrFail($id); $node = Models\Node::findOrFail($server->node); DB::beginTransaction(); try { // Delete Allocations Models\Allocation::where('assigned_to', $server->id)->update(['assigned_to' => null]); // Remove Variables Models\ServerVariables::where('server_id', $server->id)->delete(); // Remove SubUsers Models\Subuser::where('server_id', $server->id)->delete(); // Remove Permissions Models\Permission::where('server_id', $server->id)->delete(); // Remove Downloads Models\Download::where('server', $server->uuid)->delete(); $client = Models\Node::guzzleRequest($server->node); $client->request('DELETE', '/servers', ['headers' => ['X-Access-Token' => $node->daemonSecret, 'X-Access-Server' => $server->uuid]]); $server->delete(); DB::commit(); return true; } catch (\GuzzleHttp\Exception\TransferException $ex) { if ($force === 'force') { $server->delete(); DB::commit(); return true; } else { DB::rollBack(); throw new DisplayException('An error occured while attempting to delete the server on the daemon.', $ex); } } catch (\Exception $ex) { DB::rollBack(); throw $ex; } }