Pterodactyl-Panel/app/Models/User.php

<?php

namespace Pterodactyl\Models;

use Pterodactyl\Rules\Username;
use Illuminate\Support\Collection;
use Illuminate\Validation\Rules\In;
use Illuminate\Auth\Authenticatable;
use Illuminate\Notifications\Notifiable;
use Pterodactyl\Models\Traits\Searchable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Pterodactyl\Traits\Helpers\AvailableLanguages;
use Illuminate\Foundation\Auth\Access\Authorizable;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Pterodactyl\Notifications\SendPasswordReset as ResetPasswordNotification;

/**
 * @property int $id
 * @property string|null $external_id
 * @property string $uuid
 * @property string $username
 * @property string $email
 * @property string|null $name_first
 * @property string|null $name_last
 * @property string $password
 * @property string|null $remeber_token
 * @property string $language
 * @property bool $root_admin
 * @property bool $use_totp
 * @property string|null $totp_secret
 * @property \Carbon\Carbon|null $totp_authenticated_at
 * @property bool $gravatar
 * @property \Carbon\Carbon $created_at
 * @property \Carbon\Carbon $updated_at
 *
 * @property string $name
 * @property \Pterodactyl\Models\ApiKey[]|\Illuminate\Database\Eloquent\Collection $apiKeys
 * @property \Pterodactyl\Models\Server[]|\Illuminate\Database\Eloquent\Collection $servers
 * @property \Pterodactyl\Models\DaemonKey[]|\Illuminate\Database\Eloquent\Collection $keys
 */
class User extends Validable implements
    AuthenticatableContract,
    AuthorizableContract,
    CanResetPasswordContract
{
    use Authenticatable, Authorizable, AvailableLanguages, CanResetPassword, Notifiable, Searchable;

    const USER_LEVEL_USER = 0;
    const USER_LEVEL_ADMIN = 1;

    const FILTER_LEVEL_ALL = 0;
    const FILTER_LEVEL_OWNER = 1;
    const FILTER_LEVEL_ADMIN = 2;
    const FILTER_LEVEL_SUBUSER = 3;

    /**
     * The resource name for this model when it is transformed into an
     * API representation using fractal.
     */
    const RESOURCE_NAME = 'user';

    /**
     * Level of servers to display when using access() on a user.
     *
     * @var string
     */
    protected $accessLevel = 'all';

    /**
     * The table associated with the model.
     *
     * @var string
     */
    protected $table = 'users';

    /**
     * A list of mass-assignable variables.
     *
     * @var array
     */
    protected $fillable = [
        'external_id',
        'username',
        'email',
        'name_first',
        'name_last',
        'password',
        'language',
        'use_totp',
        'totp_secret',
        'totp_authenticated_at',
        'gravatar',
        'root_admin',
    ];

    /**
     * Cast values to correct type.
     *
     * @var array
     */
    protected $casts = [
        'root_admin' => 'boolean',
        'use_totp' => 'boolean',
        'gravatar' => 'boolean',
    ];

    /**
     * @var array
     */
    protected $dates = ['totp_authenticated_at'];

    /**
     * The attributes excluded from the model's JSON form.
     *
     * @var array
     */
    protected $hidden = ['password', 'remember_token', 'totp_secret', 'totp_authenticated_at'];

    /**
     * Parameters for search querying.
     *
     * @var array
     */
    protected $searchableColumns = [
        'username' => 100,
        'email' => 100,
        'external_id' => 80,
        'uuid' => 80,
        'name_first' => 40,
        'name_last' => 40,
    ];

    /**
     * Default values for specific fields in the database.
     *
     * @var array
     */
    protected $attributes = [
        'external_id' => null,
        'root_admin' => false,
        'language' => 'en',
        'use_totp' => false,
        'totp_secret' => null,
    ];

    /**
     * Rules verifying that the data being stored matches the expectations of the database.
     *
     * @var array
     */
    public static $validationRules = [
        'uuid' => 'required|string|size:36|unique:users,uuid',
        'email' => 'required|email|unique:users,email',
        'external_id' => 'sometimes|nullable|string|max:255|unique:users,external_id',
        'username' => 'required|between:1,255|unique:users,username',
        'name_first' => 'required|string|between:1,255',
        'name_last' => 'required|string|between:1,255',
        'password' => 'sometimes|nullable|string',
        'root_admin' => 'boolean',
        'language' => 'required|string',
        'use_totp' => 'boolean',
        'totp_secret' => 'nullable|string',
    ];

    /**
     * Implement language verification by overriding Eloquence's gather
     * rules function.
     */
    public static function getRules()
    {
        $rules = parent::getRules();

        $rules['language'][] = new In(array_keys((new self)->getAvailableLanguages()));
        $rules['username'][] = new Username;

        return $rules;
    }

    /**
     * Return the user model in a format that can be passed over to Vue templates.
     *
     * @return array
     */
    public function toVueObject(): array
    {
        return (new Collection($this->toArray()))->except(['id', 'external_id'])->toArray();
    }

    /**
     * Send the password reset notification.
     *
     * @param string $token
     */
    public function sendPasswordResetNotification($token)
    {
        $this->notify(new ResetPasswordNotification($token));
    }

    /**
     * Store the username as a lowercase string.
     *
     * @param string $value
     */
    public function setUsernameAttribute(string $value)
    {
        $this->attributes['username'] = mb_strtolower($value);
    }

    /**
     * Return a concatenated result for the accounts full name.
     *
     * @return string
     */
    public function getNameAttribute()
    {
        return trim($this->name_first . ' ' . $this->name_last);
    }

    /**
     * Returns all servers that a user owns.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function servers()
    {
        return $this->hasMany(Server::class, 'owner_id');
    }

    /**
     * Return all of the daemon keys that a user belongs to.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function keys()
    {
        return $this->hasMany(DaemonKey::class);
    }

    /**
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function apiKeys()
    {
        return $this->hasMany(ApiKey::class)
            ->where('key_type', ApiKey::TYPE_ACCOUNT);
    }
}
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`<?php`
Apply fixes from StyleCI 2016-12-07 23:46:38 +01:00
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`namespace Pterodactyl\Models;`

Fix username validation and auto-generation, closes #927 2018-02-11 23:39:50 +01:00			`use Pterodactyl\Rules\Username;`
Strip out JWT usage and use cookies to track the currently logged in user 2018-07-15 07:42:58 +02:00			`use Illuminate\Support\Collection;`
Finish first round of User/Node API additions Will still need some tweaking and improvements to allow everything to be used. 2018-01-01 22:11:44 +01:00			`use Illuminate\Validation\Rules\In;`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`use Illuminate\Auth\Authenticatable;`
Apply fixes from StyleCI 2016-12-07 23:46:38 +01:00			`use Illuminate\Notifications\Notifiable;`
[L6] Break search functionality without breaking the entire app 2019-09-05 06:21:07 +02:00			`use Pterodactyl\Models\Traits\Searchable;`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`use Illuminate\Auth\Passwords\CanResetPassword;`
Finish first round of User/Node API additions Will still need some tweaking and improvements to allow everything to be used. 2018-01-01 22:11:44 +01:00			`use Pterodactyl\Traits\Helpers\AvailableLanguages;`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`use Illuminate\Foundation\Auth\Access\Authorizable;`
			`use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;`
			`use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;`
			`use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;`
Apply fixes from StyleCI 2016-12-07 23:46:38 +01:00			`use Pterodactyl\Notifications\SendPasswordReset as ResetPasswordNotification;`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00
Add property information to common models 2019-09-06 06:53:33 +02:00			`/**`
			`* @property int $id`
			`* @property string\|null $external_id`
			`* @property string $uuid`
			`* @property string $username`
			`* @property string $email`
			`* @property string\|null $name_first`
			`* @property string\|null $name_last`
			`* @property string $password`
			`* @property string\|null $remeber_token`
			`* @property string $language`
			`* @property bool $root_admin`
			`* @property bool $use_totp`
			`* @property string\|null $totp_secret`
			`* @property \Carbon\Carbon\|null $totp_authenticated_at`
			`* @property bool $gravatar`
			`* @property \Carbon\Carbon $created_at`
			`* @property \Carbon\Carbon $updated_at`
			`*`
			`* @property string $name`
Add base support for creating a new API key for an account 2020-03-23 02:15:38 +01:00			`* @property \Pterodactyl\Models\ApiKey[]\|\Illuminate\Database\Eloquent\Collection $apiKeys`
Fix up subuser API response for clients 2019-12-28 21:03:19 +01:00			`* @property \Pterodactyl\Models\Server[]\|\Illuminate\Database\Eloquent\Collection $servers`
			`* @property \Pterodactyl\Models\DaemonKey[]\|\Illuminate\Database\Eloquent\Collection $keys`
Add property information to common models 2019-09-06 06:53:33 +02:00			`*/`
[L6] Update composer dependencies to support L6 Drops all of the eloquence requirements, this is going to break a shit load of code, needs to happen tired of this package always holding us back. Quite confident in my ability to write custom code to do the basic validation we need. Searching should be a fun nightmare to deal with later... 2019-09-05 06:00:34 +02:00			`class User extends Validable implements`
More repository/service/refactor changes 2017-08-12 22:29:01 +02:00			`AuthenticatableContract,`
			`AuthorizableContract,`
[L6] Update composer dependencies to support L6 Drops all of the eloquence requirements, this is going to break a shit load of code, needs to happen tired of this package always holding us back. Quite confident in my ability to write custom code to do the basic validation we need. Searching should be a fun nightmare to deal with later... 2019-09-05 06:00:34 +02:00			`CanResetPasswordContract`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`{`
[L6] Break search functionality without breaking the entire app 2019-09-05 06:21:07 +02:00			`use Authenticatable, Authorizable, AvailableLanguages, CanResetPassword, Notifiable, Searchable;`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00
Refactor startup modification and environment variable services Better setup, more flexibility, more tests. 2017-10-27 06:49:54 +02:00			`const USER_LEVEL_USER = 0;`
			`const USER_LEVEL_ADMIN = 1;`

Update repository base code to be cleaner and make use of PHP 7 features 2018-01-05 05:49:50 +01:00			`const FILTER_LEVEL_ALL = 0;`
			`const FILTER_LEVEL_OWNER = 1;`
			`const FILTER_LEVEL_ADMIN = 2;`
			`const FILTER_LEVEL_SUBUSER = 3;`

Add database list endpoint, add more resource name magic 2018-01-26 04:26:06 +01:00			`/**`
			`* The resource name for this model when it is transformed into an`
			`* API representation using fractal.`
			`*/`
			`const RESOURCE_NAME = 'user';`

Fix display of associated servers when viewing an administrative user in the Admin CP. 2017-05-01 21:28:43 +02:00			`/**`
			`* Level of servers to display when using access() on a user.`
			`*`
			`* @var string`
			`*/`
			`protected $accessLevel = 'all';`

Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`/**`
			`* The table associated with the model.`
			`*`
			`* @var string`
			`*/`
			`protected $table = 'users';`

			`/**`
Update user controller 2017-01-12 21:40:24 +01:00			`* A list of mass-assignable variables.`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`*`
Fix broken descriptors 2017-03-11 21:02:04 +01:00			`* @var array`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`*/`
Final adjustments to Daemon <-> Panel communication change 2017-09-25 04:12:30 +02:00			`protected $fillable = [`
Make external_id fillable 2018-02-24 21:47:53 +01:00			`'external_id',`
Final adjustments to Daemon <-> Panel communication change 2017-09-25 04:12:30 +02:00			`'username',`
			`'email',`
			`'name_first',`
			`'name_last',`
			`'password',`
			`'language',`
			`'use_totp',`
			`'totp_secret',`
Implement changes to 2FA system (#761) 2017-11-18 19:35:33 +01:00			`'totp_authenticated_at',`
Final adjustments to Daemon <-> Panel communication change 2017-09-25 04:12:30 +02:00			`'gravatar',`
			`'root_admin',`
			`];`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00
Update doc blocks for all app/ 2017-03-20 00:36:50 +01:00			`/**`
			`* Cast values to correct type.`
			`*`
			`* @var array`
			`*/`
			`protected $casts = [`
Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-31 04:11:14 +02:00			`'root_admin' => 'boolean',`
			`'use_totp' => 'boolean',`
			`'gravatar' => 'boolean',`
Update doc blocks for all app/ 2017-03-20 00:36:50 +01:00			`];`
Fix casts on models; closes #49 2016-01-27 04:17:51 +01:00
Implement changes to 2FA system (#761) 2017-11-18 19:35:33 +01:00			`/**`
			`* @var array`
			`*/`
Add property information to common models 2019-09-06 06:53:33 +02:00			`protected $dates = ['totp_authenticated_at'];`
Implement changes to 2FA system (#761) 2017-11-18 19:35:33 +01:00
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`/**`
			`* The attributes excluded from the model's JSON form.`
			`*`
			`* @var array`
			`*/`
First round of API additions 2017-11-19 23:30:00 +01:00			`protected $hidden = ['password', 'remember_token', 'totp_secret', 'totp_authenticated_at'];`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00
Add initial pack creation and overview pages 2017-03-15 02:18:36 +01:00			`/**`
			`* Parameters for search querying.`
			`*`
			`* @var array`
			`*/`
Addition of repository to ease testing and maintainability 2017-07-01 22:29:49 +02:00			`protected $searchableColumns = [`
Add support for finding a user by external ID. 2018-02-08 04:56:11 +01:00			`'username' => 100,`
			`'email' => 100,`
			`'external_id' => 80,`
			`'uuid' => 80,`
			`'name_first' => 40,`
			`'name_last' => 40,`
More service structure testing and configuration Tests aren't working as well as I had hoped, so a lot are commented out while I wait to hear back on this bug causing them to fail. 2017-06-25 02:49:09 +02:00			`];`

			`/**`
			`* Default values for specific fields in the database.`
			`*`
			`* @var array`
			`*/`
			`protected $attributes = [`
Fix broken users table in database causing validation errors. 2018-02-25 23:08:01 +01:00			`'external_id' => null,`
More service structure testing and configuration Tests aren't working as well as I had hoped, so a lot are commented out while I wait to hear back on this bug causing them to fail. 2017-06-25 02:49:09 +02:00			`'root_admin' => false,`
			`'language' => 'en',`
			`'use_totp' => false,`
			`'totp_secret' => null,`
			`];`

			`/**`
			`* Rules verifying that the data being stored matches the expectations of the database.`
			`*`
			`* @var array`
			`*/`
[L6] Add support for custom model validation logic 2019-09-05 07:19:57 +02:00			`public static $validationRules = [`
			`'uuid' => 'required\|string\|size:36\|unique:users,uuid',`
			`'email' => 'required\|email\|unique:users,email',`
			`'external_id' => 'sometimes\|nullable\|string\|max:255\|unique:users,external_id',`
			`'username' => 'required\|between:1,255\|unique:users,username',`
			`'name_first' => 'required\|string\|between:1,255',`
			`'name_last' => 'required\|string\|between:1,255',`
Temporary patch to get user management pages displaying correctly 2019-12-08 20:02:59 +01:00			`'password' => 'sometimes\|nullable\|string',`
More service structure testing and configuration Tests aren't working as well as I had hoped, so a lot are commented out while I wait to hear back on this bug causing them to fail. 2017-06-25 02:49:09 +02:00			`'root_admin' => 'boolean',`
[L6] Add support for custom model validation logic 2019-09-05 07:19:57 +02:00			`'language' => 'required\|string',`
More service structure testing and configuration Tests aren't working as well as I had hoped, so a lot are commented out while I wait to hear back on this bug causing them to fail. 2017-06-25 02:49:09 +02:00			`'use_totp' => 'boolean',`
			`'totp_secret' => 'nullable\|string',`
			`];`
Implement front-end server searching :candy: 2017-04-01 19:14:49 +02:00
Finish first round of User/Node API additions Will still need some tweaking and improvements to allow everything to be used. 2018-01-01 22:11:44 +01:00			`/**`
			`* Implement language verification by overriding Eloquence's gather`
			`* rules function.`
			`*/`
[L6] Update even more areas of codebase using custom model validation logic 2019-09-05 07:26:28 +02:00			`public static function getRules()`
Finish first round of User/Node API additions Will still need some tweaking and improvements to allow everything to be used. 2018-01-01 22:11:44 +01:00			`{`
Don't cause an endless loop 2019-12-08 19:44:58 +01:00			`$rules = parent::getRules();`
[L6] Update even more areas of codebase using custom model validation logic 2019-09-05 07:26:28 +02:00
Finish first round of User/Node API additions Will still need some tweaking and improvements to allow everything to be used. 2018-01-01 22:11:44 +01:00			`$rules['language'][] = new In(array_keys((new self)->getAvailableLanguages()));`
Fix username validation and auto-generation, closes #927 2018-02-11 23:39:50 +01:00			`$rules['username'][] = new Username;`
Finish first round of User/Node API additions Will still need some tweaking and improvements to allow everything to be used. 2018-01-01 22:11:44 +01:00
			`return $rules;`
			`}`

Strip out JWT usage and use cookies to track the currently logged in user 2018-07-15 07:42:58 +02:00			`/**`
			`* Return the user model in a format that can be passed over to Vue templates.`
			`*`
			`* @return array`
			`*/`
			`public function toVueObject(): array`
			`{`
			`return (new Collection($this->toArray()))->except(['id', 'external_id'])->toArray();`
			`}`

Update to Laravel 5.3 [BREAKING] — REMOVES REMOTE API A new API will need to be implemented properly using the new Laravel Passport OAuth2 system. DingoAPI was becoming too unstable and development wasn’t really moving along enough to continue to rely on it. 2016-09-03 23:09:00 +02:00			`/**`
			`* Send the password reset notification.`
			`*`
Massive PHPCS linting 2017-08-22 05:10:48 +02:00			`* @param string $token`
Update to Laravel 5.3 [BREAKING] — REMOVES REMOTE API A new API will need to be implemented properly using the new Laravel Passport OAuth2 system. DingoAPI was becoming too unstable and development wasn’t really moving along enough to continue to rely on it. 2016-09-03 23:09:00 +02:00			`*/`
			`public function sendPasswordResetNotification($token)`
			`{`
			`$this->notify(new ResetPasswordNotification($token));`
			`}`
add isRootAdmin() method to User model to get rid of User->root_admin === 1 2017-01-18 21:13:05 +01:00
Push initial implementations of new repository structure This breaks almost the entire panel, do not pull this branch in this state. Mostly just moved old repository files to a new folder without updating anything else in order to start doing new things. Structure is not finalized. 2017-06-11 05:28:44 +02:00			`/**`
Fix app/ spelling errors 2018-05-13 16:50:56 +02:00			`* Store the username as a lowercase string.`
Push initial implementations of new repository structure This breaks almost the entire panel, do not pull this branch in this state. Mostly just moved old repository files to a new folder without updating anything else in order to start doing new things. Structure is not finalized. 2017-06-11 05:28:44 +02:00			`*`
Massive PHPCS linting 2017-08-22 05:10:48 +02:00			`* @param string $value`
Push initial implementations of new repository structure This breaks almost the entire panel, do not pull this branch in this state. Mostly just moved old repository files to a new folder without updating anything else in order to start doing new things. Structure is not finalized. 2017-06-11 05:28:44 +02:00			`*/`
Fix username validation and auto-generation, closes #927 2018-02-11 23:39:50 +01:00			`public function setUsernameAttribute(string $value)`
Push initial implementations of new repository structure This breaks almost the entire panel, do not pull this branch in this state. Mostly just moved old repository files to a new folder without updating anything else in order to start doing new things. Structure is not finalized. 2017-06-11 05:28:44 +02:00			`{`
Fix username validation and auto-generation, closes #927 2018-02-11 23:39:50 +01:00			`$this->attributes['username'] = mb_strtolower($value);`
Push initial implementations of new repository structure This breaks almost the entire panel, do not pull this branch in this state. Mostly just moved old repository files to a new folder without updating anything else in order to start doing new things. Structure is not finalized. 2017-06-11 05:28:44 +02:00			`}`

Add new location and user management via CLI 2017-09-16 05:13:33 +02:00			`/**`
Fix app/ spelling errors 2018-05-13 16:50:56 +02:00			`* Return a concatenated result for the accounts full name.`
Add new location and user management via CLI 2017-09-16 05:13:33 +02:00			`*`
			`* @return string`
			`*/`
			`public function getNameAttribute()`
			`{`
Add basic subuser listing for servers 2019-11-03 21:20:11 +01:00			`return trim($this->name_first . ' ' . $this->name_last);`
Add new location and user management via CLI 2017-09-16 05:13:33 +02:00			`}`

More model updates to more places than I anticipated. This probably broke a lot of things. 2017-02-09 23:43:54 +01:00			`/**`
			`* Returns all servers that a user owns.`
			`*`
			`* @return \Illuminate\Database\Eloquent\Relations\HasMany`
			`*/`
			`public function servers()`
			`{`
			`return $this->hasMany(Server::class, 'owner_id');`
			`}`
Display total servers user can access in the Admin CP closes #356 2017-04-14 05:49:47 +02:00
Final adjustments to Daemon <-> Panel communication change 2017-09-25 04:12:30 +02:00			`/**`
			`* Return all of the daemon keys that a user belongs to.`
			`*`
			`* @return \Illuminate\Database\Eloquent\Relations\HasMany`
			`*/`
			`public function keys()`
			`{`
			`return $this->hasMany(DaemonKey::class);`
			`}`
Add base support for creating a new API key for an account 2020-03-23 02:15:38 +01:00
			`/**`
			`* @return \Illuminate\Database\Eloquent\Relations\HasMany`
			`*/`
			`public function apiKeys()`
			`{`
			`return $this->hasMany(ApiKey::class)`
			`->where('key_type', ApiKey::TYPE_ACCOUNT);`
			`}`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 19:58:49 +01:00			`}`