diff --git a/app/Http/Controllers/Admin/AccountsController.php b/app/Http/Controllers/Admin/AccountsController.php deleted file mode 100644 index 4bbf4c085..000000000 --- a/app/Http/Controllers/Admin/AccountsController.php +++ /dev/null @@ -1,145 +0,0 @@ - - * Some Modifications (c) 2015 Dylan Seidt - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in all - * copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. - */ -namespace Pterodactyl\Http\Controllers\Admin; - -use Alert; -use Settings; -use Mail; -use Log; -use Pterodactyl\Models\User; -use Pterodactyl\Repositories\UserRepository; -use Pterodactyl\Models\Server; - -use Pterodactyl\Http\Controllers\Controller; -use Illuminate\Http\Request; - -class AccountsController extends Controller -{ - - /** - * Controller Constructor - */ - public function __construct() - { - // - } - - public function getIndex(Request $request) - { - return view('admin.accounts.index', [ - 'users' => User::paginate(20) - ]); - } - - public function getNew(Request $request) - { - return view('admin.accounts.new'); - } - - public function getView(Request $request, $id) - { - return view('admin.accounts.view', [ - 'user' => User::findOrFail($id), - 'servers' => Server::select('servers.*', 'nodes.name as nodeName', 'locations.long as location') - ->join('nodes', 'servers.node', '=', 'nodes.id') - ->join('locations', 'nodes.location', '=', 'locations.id') - ->where('owner', $id) - ->where('active', 1) - ->get(), - ]); - } - - public function deleteView(Request $request, $id) - { - try { - User::findOrFail($id)->delete(); - return response(null, 204); - } catch(\Exception $ex) { - Log::error($ex); - return response()->json([ - 'error' => 'An error occured while attempting to delete this user.' - ], 500); - } - } - - public function postNew(Request $request) - { - try { - $user = new UserRepository; - $userid = $user->create($request->input('email'), $request->input('password')); - Alert::success('Account has been successfully created.')->flash(); - return redirect()->route('admin.accounts.view', ['id' => $userid]); - } catch (\Pterodactyl\Exceptions\DisplayValidationException $ex) { - return redirect()->route('admin.accounts.new')->withErrors(json_decode($ex->getMessage()))->withInput(); - } catch (\Exception $ex) { - Log::error($ex); - Alert::danger('An error occured while attempting to add a new user. ' . $ex->getMessage())->flash(); - return redirect()->route('admin.accounts.new'); - } - } - - public function postUpdate(Request $request) - { - $this->validate($request, [ - 'email' => 'required|email|unique:users,email,'.$request->input('user'), - 'root_admin' => 'required', - 'password' => 'required_with:password_confirmation|confirmed', - 'password_confirmation' => 'required_with:password' - ]); - - try { - - $users = new UserRepository; - $user = [ - 'email' => $request->input('email'), - 'root_admin' => $request->input('root_admin') - ]; - - if(!empty($request->input('password'))) { - $user['password'] = $request->input('password'); - } - - if(!$users->update($request->input('user'), $user)) { - throw new \Exception('Unable to update user, response was not valid.'); - } - - if($request->input('email_user')) { - Mail::queue('emails.new_password', ['user' => User::findOrFail($request->input('user')), 'password' => $request->input('password')], function($message) use ($request) { - $message->to($request->input('email'))->subject(Settings::get('company') . ' - Admin Reset Password'); - $message->from(Settings::get('email_from', env('MAIL_FROM')), Settings::get('email_sender_name', env('MAIL_FROM_NAME', 'Pterodactyl Panel'))); - }); - } - - Alert::success('User account was successfully updated.')->flash(); - return redirect()->route('admin.accounts.view', ['id' => $request->input('user')]); - - } catch (\Exception $e) { - Log::error($e); - Alert::danger('An error occured while attempting to update this user. ' . $e->getMessage())->flash(); - return redirect()->route('admin.accounts.view', ['id' => $request->input('user')]); - } - } - -} diff --git a/app/Http/Controllers/Admin/UserController.php b/app/Http/Controllers/Admin/UserController.php new file mode 100644 index 000000000..da0aeac9b --- /dev/null +++ b/app/Http/Controllers/Admin/UserController.php @@ -0,0 +1,134 @@ + + * Some Modifications (c) 2015 Dylan Seidt + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +namespace Pterodactyl\Http\Controllers\Admin; + +use Alert; +use Settings; +use Mail; +use Log; +use Pterodactyl\Models\User; +use Pterodactyl\Repositories\UserRepository; +use Pterodactyl\Models\Server; + +use Pterodactyl\Exceptions\DisplayException; +use Pterodactyl\Exceptions\DisplayValidationException; + +use Pterodactyl\Http\Controllers\Controller; +use Illuminate\Http\Request; + +class UserController extends Controller +{ + + /** + * Controller Constructor + */ + public function __construct() + { + // + } + + public function getIndex(Request $request) + { + return view('admin.users.index', [ + 'users' => User::paginate(20) + ]); + } + + public function getNew(Request $request) + { + return view('admin.users.new'); + } + + public function getView(Request $request, $id) + { + return view('admin.users.view', [ + 'user' => User::findOrFail($id), + 'servers' => Server::select('servers.*', 'nodes.name as nodeName', 'locations.long as location') + ->join('nodes', 'servers.node', '=', 'nodes.id') + ->join('locations', 'nodes.location', '=', 'locations.id') + ->where('owner', $id) + ->where('active', 1) + ->get(), + ]); + } + + public function deleteUser(Request $request, $id) + { + try { + $repo = new UserRepository; + $repo->delete($id); + Alert::success('Successfully deleted user from system.')->flash(); + return redirect()->route('admin.users'); + } catch(DisplayException $ex) { + Alert::danger($ex->getMessage())->flash(); + } catch (\Exception $ex) { + Log::error($ex); + Alert::danger('An exception was encountered while attempting to delete this user.')->flash(); + } + return redirect()->route('admin.users.view', $id); + } + + public function postNew(Request $request) + { + try { + $user = new UserRepository; + $userid = $user->create($request->input('email'), $request->input('password')); + Alert::success('Account has been successfully created.')->flash(); + return redirect()->route('admin.users.view', $userid); + } catch (DisplayValidationException $ex) { + return redirect()->route('admin.users.new')->withErrors(json_decode($ex->getMessage()))->withInput(); + } catch (\Exception $ex) { + Log::error($ex); + Alert::danger('An error occured while attempting to add a new user.')->flash(); + return redirect()->route('admin.users.new'); + } + } + + public function updateUser(Request $request, $user) + { + $data = [ + 'email' => $request->input('email'), + 'root_admin' => $request->input('root_admin'), + 'password_confirmation' => $request->input('password_confirmation'), + ]; + + if ($request->input('password')) { + $data['password'] = $request->input('password'); + } + + try { + $repo = new UserRepository; + $repo->update($user, $data); + Alert::success('User account was successfully updated.')->flash(); + } catch (DisplayValidationException $ex) { + return redirect()->route('admin.users.view', $user)->withErrors(json_decode($ex->getMessage())); + } catch (\Exception $e) { + Log::error($e); + Alert::danger('An error occured while attempting to update this user.')->flash(); + } + return redirect()->route('admin.users.view', $user); + } + +} diff --git a/app/Http/Routes/AdminRoutes.php b/app/Http/Routes/AdminRoutes.php index c4d8eb074..53f1a23a4 100644 --- a/app/Http/Routes/AdminRoutes.php +++ b/app/Http/Routes/AdminRoutes.php @@ -59,7 +59,7 @@ class AdminRoutes { }); $router->group([ - 'prefix' => 'admin/accounts', + 'prefix' => 'admin/users', 'middleware' => [ 'auth', 'admin', @@ -69,35 +69,35 @@ class AdminRoutes { // View All Accounts on System $router->get('/', [ - 'as' => 'admin.accounts', - 'uses' => 'Admin\AccountsController@getIndex' + 'as' => 'admin.users', + 'uses' => 'Admin\UserController@getIndex' ]); // View Specific Account $router->get('/view/{id}', [ - 'as' => 'admin.accounts.view', - 'uses' => 'Admin\AccountsController@getView' + 'as' => 'admin.users.view', + 'uses' => 'Admin\UserController@getView' ]); - // Show Create Account Page - $router->get('/new', [ - 'as' => 'admin.accounts.new', - 'uses' => 'Admin\AccountsController@getNew' - ]); - - // Handle Creating New Account - $router->post('/new', [ - 'uses' => 'Admin\AccountsController@postNew' - ]); - - // Update A Specific Account - $router->post('/update', [ - 'uses' => 'Admin\AccountsController@postUpdate' + // View Specific Account + $router->post('/view/{id}', [ + 'uses' => 'Admin\UserController@updateUser' ]); // Delete an Account Matching an ID $router->delete('/view/{id}', [ - 'uses' => 'Admin\AccountsController@deleteView' + 'uses' => 'Admin\UserController@deleteUser' + ]); + + // Show Create Account Page + $router->get('/new', [ + 'as' => 'admin.users.new', + 'uses' => 'Admin\UserController@getNew' + ]); + + // Handle Creating New Account + $router->post('/new', [ + 'uses' => 'Admin\UserController@postNew' ]); }); diff --git a/app/Repositories/UserRepository.php b/app/Repositories/UserRepository.php index d17732b5e..c2be3b6b0 100644 --- a/app/Repositories/UserRepository.php +++ b/app/Repositories/UserRepository.php @@ -108,13 +108,15 @@ class UserRepository */ public function update($id, array $data) { + $user = Models\User::findOrFail($id); + $validator = Validator::make($data, [ - 'email' => 'email|unique:users,email,' . $id, - 'password' => 'regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})', - 'root_admin' => 'boolean', - 'language' => 'string|min:1|max:5', - 'use_totp' => 'boolean', - 'totp_secret' => 'size:16' + 'email' => 'sometimes|required|email|unique:users,email,' . $id, + 'password' => 'sometimes|required|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})', + 'root_admin' => 'sometimes|required|boolean', + 'language' => 'sometimes|required|string|min:1|max:5', + 'use_totp' => 'sometimes|required|boolean', + 'totp_secret' => 'sometimes|required|size:16' ]); // Run validator, throw catchable and displayable exception if it fails. @@ -127,7 +129,12 @@ class UserRepository $data['password'] = Hash::make($data['password']); } - return Models\User::findOrFail($id)->update($data); + if (isset($data['password_confirmation'])) { + unset($data['password_confirmation']); + } + + $user->fill($data); + $user->save(); } /** @@ -144,14 +151,15 @@ class UserRepository DB::beginTransaction(); - Models\Permission::where('user_id', $id)->delete(); - Models\Subuser::where('user_id', $id)->delete(); - Models\User::destroy($id); - try { + Models\Permission::where('user_id', $id)->delete(); + Models\Subuser::where('user_id', $id)->delete(); + Models\User::destroy($id); + DB::commit(); return true; } catch (\Exception $ex) { + DB::rollBack(); throw $ex; } } diff --git a/resources/lang/en/base.php b/resources/lang/en/base.php index 50c0974fe..bb83b9611 100644 --- a/resources/lang/en/base.php +++ b/resources/lang/en/base.php @@ -44,7 +44,6 @@ return [ 'no_servers' => 'You do not currently have any servers listed on your account.', 'form_error' => 'The following errors were encountered while trying to process this request.', 'password_req' => 'Passwords must meet the following requirements: at least one uppercase character, one lowercase character, one digit, and be at least 8 characters in length.', - 'root_administrator' => 'Setting this to "Yes" gives a user full administrative access to PufferPanel.', 'account' => [ 'totp_header' => 'Two-Factor Authentication', diff --git a/resources/views/admin/accounts/view.blade.php b/resources/views/admin/accounts/view.blade.php deleted file mode 100644 index f82ebaf3a..000000000 --- a/resources/views/admin/accounts/view.blade.php +++ /dev/null @@ -1,173 +0,0 @@ -{{-- Copyright (c) 2015 - 2016 Dane Everitt --}} -{{-- Some Modifications (c) 2015 Dylan Seidt --}} - -{{-- Permission is hereby granted, free of charge, to any person obtaining a copy --}} -{{-- of this software and associated documentation files (the "Software"), to deal --}} -{{-- in the Software without restriction, including without limitation the rights --}} -{{-- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell --}} -{{-- copies of the Software, and to permit persons to whom the Software is --}} -{{-- furnished to do so, subject to the following conditions: --}} - -{{-- The above copyright notice and this permission notice shall be included in all --}} -{{-- copies or substantial portions of the Software. --}} - -{{-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR --}} -{{-- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, --}} -{{-- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE --}} -{{-- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER --}} -{{-- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, --}} -{{-- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE --}} -{{-- SOFTWARE. --}} -@extends('layouts.admin') - -@section('title') - Viewing User -@endsection - -@section('content') -
- -

Viewing User: {{ $user->email }}


-
-
-
-
-
-
- -
- -
-
-
- -
- -
-
-
- -
- -

{{ trans('base.root_administrator') }}

-
-
-
- - {!! csrf_field() !!} - - - - -
-
-
-
-
-

{{ trans('base.account.update_pass') }}


- -
- -
- -
-
-
- -
- -
- -
-
- -
-
-
-
-
-
-
-
-

Associated Servers


- @if($servers) - - - - - - - - - - - - @foreach($servers as $server) - - - - - - - - @endforeach - -
Server NameNodeConnection
{{ $server->name }}{{ $server->nodeName }}{{ $server->ip }}:{{ $server->port }}@if($server->active)Enabled@elseDisabled@endif
- @else -
There are no servers associated with this account.
- @endif - -
-
-
- - -@endsection diff --git a/resources/views/admin/servers/index.blade.php b/resources/views/admin/servers/index.blade.php index 59d558c60..927c23a5a 100644 --- a/resources/views/admin/servers/index.blade.php +++ b/resources/views/admin/servers/index.blade.php @@ -44,7 +44,7 @@ @foreach ($servers as $server) {{ $server->name }} - {{ $server->a_ownerEmail }} + {{ $server->a_ownerEmail }} {{ $server->a_nodeName }} {{ $server->ip }}:{{ $server->port }} {{ $server->username }} diff --git a/resources/views/admin/servers/view.blade.php b/resources/views/admin/servers/view.blade.php index 9aba9f005..878714ff2 100644 --- a/resources/views/admin/servers/view.blade.php +++ b/resources/views/admin/servers/view.blade.php @@ -65,7 +65,7 @@ Owner - {{ $server->a_ownerEmail }} + {{ $server->a_ownerEmail }} Location diff --git a/resources/views/admin/services/options/view.blade.php b/resources/views/admin/services/options/view.blade.php index b5bf2f548..b405d751d 100644 --- a/resources/views/admin/services/options/view.blade.php +++ b/resources/views/admin/services/options/view.blade.php @@ -179,7 +179,7 @@ @foreach ($servers as $server) {{ $server->name }} - {{ $server->a_ownerEmail }} + {{ $server->a_ownerEmail }} {{ $server->ip }}:{{ $server->port }} {{ $server->updated_at }} diff --git a/resources/views/admin/accounts/index.blade.php b/resources/views/admin/users/index.blade.php similarity index 89% rename from resources/views/admin/accounts/index.blade.php rename to resources/views/admin/users/index.blade.php index e00b9b53c..4092caa6c 100644 --- a/resources/views/admin/accounts/index.blade.php +++ b/resources/views/admin/users/index.blade.php @@ -42,7 +42,7 @@ @foreach ($users as $user) - {{ $user->email }} @if($user->root_admin === 1)Administrator@endif + {{ $user->email }} @if($user->root_admin === 1)Administrator@endif {{ $user->created_at }} {{ $user->updated_at }} @@ -55,7 +55,7 @@ @endsection diff --git a/resources/views/admin/accounts/new.blade.php b/resources/views/admin/users/new.blade.php similarity index 96% rename from resources/views/admin/accounts/new.blade.php rename to resources/views/admin/users/new.blade.php index 8979dc209..1429752c3 100644 --- a/resources/views/admin/accounts/new.blade.php +++ b/resources/views/admin/users/new.blade.php @@ -28,7 +28,7 @@

Create New Account


@@ -88,7 +88,7 @@ $(document).ready(function(){ }); }); $(document).ready(function () { - $('#sidebar_links').find("a[href='/admin/accounts/new']").addClass('active'); + $('#sidebar_links').find("a[href='/admin/users/new']").addClass('active'); }); @endsection diff --git a/resources/views/admin/users/view.blade.php b/resources/views/admin/users/view.blade.php new file mode 100644 index 000000000..64b02a831 --- /dev/null +++ b/resources/views/admin/users/view.blade.php @@ -0,0 +1,160 @@ +{{-- Copyright (c) 2015 - 2016 Dane Everitt --}} +{{-- Some Modifications (c) 2015 Dylan Seidt --}} + +{{-- Permission is hereby granted, free of charge, to any person obtaining a copy --}} +{{-- of this software and associated documentation files (the "Software"), to deal --}} +{{-- in the Software without restriction, including without limitation the rights --}} +{{-- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell --}} +{{-- copies of the Software, and to permit persons to whom the Software is --}} +{{-- furnished to do so, subject to the following conditions: --}} + +{{-- The above copyright notice and this permission notice shall be included in all --}} +{{-- copies or substantial portions of the Software. --}} + +{{-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR --}} +{{-- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, --}} +{{-- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE --}} +{{-- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER --}} +{{-- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, --}} +{{-- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE --}} +{{-- SOFTWARE. --}} +@extends('layouts.admin') + +@section('title') + Viewing User +@endsection + +@section('content') +
+ +

Viewing User: {{ $user->email }}


+
+
+
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +

Setting this to 'Yes' gives a user full administrative access.

+
+
+
+ {!! csrf_field() !!} + +
+
+
+
+
+

{{ trans('base.account.update_pass') }}


+ +
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+
+
+
+
+
+
+

Associated Servers


+ @if($servers) + + + + + + + + + + + + @foreach($servers as $server) + + + + + + + + @endforeach + +
Server NameNodeConnection
{{ $server->name }}{{ $server->nodeName }}{{ $server->ip }}:{{ $server->port }}@if($server->active)Enabled@elseDisabled@endif
+ @else +
There are no servers associated with this account.
+ @endif + +
+
+
+
+

Delete Account


+
Warning! There most be no servers associated with this account in order for it to be deleted.
+
+ {!! method_field('DELETE') !!} + {!! csrf_field() !!} + +
+
+
+
+ +@endsection diff --git a/resources/views/layouts/admin.blade.php b/resources/views/layouts/admin.blade.php index adf82e146..2550ac0e6 100644 --- a/resources/views/layouts/admin.blade.php +++ b/resources/views/layouts/admin.blade.php @@ -65,10 +65,10 @@