Merge 0e17f6d324 into 90ae588721

Update CHANGELOG.md
Signed-off-by: Matthew Penner <me@matthewp.io>
2024-11-23 09:32:29 +01:00 · 2024-11-20 21:23:58 -05:00 · 2024-11-14 19:26:24 -07:00 · 2024-11-14 19:03:51 -07:00 · 2024-08-07 19:58:32 +01:00 · 2024-08-07 00:43:20 +01:00
7 changed files with 308 additions and 276 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -3,6 +3,16 @@ This file is a running track of new features and fixes to each version of the pa
 This project follows [Semantic Versioning](http://semver.org) guidelines.
 ## v1.11.10
 ### BREAKING
 * Minimum PHP verion is now 8.2 due to Laravel upgrade!
 ### Fixed
 * Update Laravel to address [CVE-2024-52301](https://github.com/advisories/GHSA-gv7v-rgg6-548h)
 ## v1.11.9
 ### Fixed
--- a/app/Http/Requests/Api/Client/Servers/Subusers/SubuserRequest.php
+++ b/app/Http/Requests/Api/Client/Servers/Subusers/SubuserRequest.php
@ -67,7 +67,21 @@ abstract class SubuserRequest extends ClientApiRequest
        /** @var GetUserPermissionsService $service */
        $service = $this->container->make(GetUserPermissionsService::class);
-        if (count(array_diff($permissions, $service->handle($server, $user))) > 0) {
+        $subuser = $this->route()->parameter('user');
        $modifiedPermissions = $permissions;
        if (!is_null($subuser)) {
            $currentPermissions = $service->handle($server, $subuser);
            $addedPermissions = array_diff($permissions, $currentPermissions);
            $removedPermissions = array_diff($currentPermissions, $permissions);
            $modifiedPermissions = array_merge($addedPermissions, $removedPermissions);
        }
        // Checks if user has all the permissions they are modifying on the Subuser
        if (count(array_intersect($service->handle($server, $user), $modifiedPermissions)) !== count($modifiedPermissions)) {
            throw new HttpForbiddenException('Cannot assign permissions to a subuser that your account does not actively possess.');
        }
    }
--- a/composer.json
+++ b/composer.json
@ -28,7 +28,7 @@
        "guzzlehttp/guzzle": "~7.9.2",
        "hashids/hashids": "~5.0.2",
        "laracasts/utilities": "~3.2.3",
-        "laravel/framework": "~11.28.1",
+        "laravel/framework": "~11.31.0",
        "laravel/helpers": "~1.7.0",
        "laravel/sanctum": "~4.0.3",
        "laravel/tinker": "~2.10.0",
--- a/composer.lock
+++ b/composer.lock
--- a/resources/scripts/components/elements/Input.tsx
+++ b/resources/scripts/components/elements/Input.tsx
@ -34,6 +34,10 @@ const checkboxStyle = css<Props>`
        ${tw`outline-none border-primary-300`};
        box-shadow: 0 0 0 1px rgba(9, 103, 210, 0.25);
    }
    &:disabled {
        ${tw`opacity-50 cursor-default border-transparent`};
    }
 `;
 const inputStyle = css<Props>`
--- a/resources/scripts/components/server/users/EditSubuserModal.tsx
+++ b/resources/scripts/components/server/users/EditSubuserModal.tsx
@ -144,6 +144,7 @@ const EditSubuserModal = ({ subuser }: Props) => {
                                title={key}
                                isEditable={canEditUser}
                                permissions={Object.keys(permissions[key].keys).map((pkey) => `${key}.${pkey}`)}
                                editablePermissions={editablePermissions.filter((p) => p.startsWith(key))}
                                css={index > 0 ? tw`mt-4` : undefined}
                            >
                                <p css={tw`text-sm text-neutral-400 mb-4`}>{permissions[key].description}</p>
--- a/resources/scripts/components/server/users/PermissionTitleBox.tsx
+++ b/resources/scripts/components/server/users/PermissionTitleBox.tsx
@ -9,18 +9,19 @@ interface Props {
    isEditable: boolean;
    title: string;
    permissions: string[];
    editablePermissions: string[];
    className?: string;
 }
-const PermissionTitleBox: React.FC<Props> = memo(({ isEditable, title, permissions, className, children }) => {
+const PermissionTitleBox: React.FC<Props> = memo(({ isEditable, title, permissions, editablePermissions, className, children }) => {
    const [{ value }, , { setValue }] = useField<string[]>('permissions');
    const onCheckboxClicked = useCallback(
        (e: React.ChangeEvent<HTMLInputElement>) => {
            if (e.currentTarget.checked) {
-                setValue([...value, ...permissions.filter((p) => !value.includes(p))]);
+                setValue([...value, ...permissions.filter((p) => !value.includes(p) && editablePermissions.includes(p))]);
            } else {
-                setValue(value.filter((p) => !permissions.includes(p)));
+                setValue(value.filter((p) => !editablePermissions.includes(p)));
            }
        },
        [permissions, value]
@ -34,8 +35,9 @@ const PermissionTitleBox: React.FC<Props> = memo(({ isEditable, title, permissio
                    {isEditable && (
                        <Input
                            type={'checkbox'}
-                            checked={permissions.every((p) => value.includes(p))}
+                            checked={editablePermissions.every((p) => value.includes(p)) && value.find((p) => p.startsWith(title)) != null}
                            onChange={onCheckboxClicked}
                            disabled={editablePermissions.filter((p) => p.startsWith(title)).length === 0}
                        />
                    )}
                </div>
Author	SHA1	Message	Date
Mackenzie Molloy	b92b97557b	Merge `0e17f6d324` into `90ae588721`	2024-11-20 21:23:58 -05:00
Matthew Penner	90ae588721	Update CHANGELOG.md Signed-off-by: Matthew Penner <me@matthewp.io>	2024-11-14 19:26:24 -07:00
Matthew Penner	955dd2796d	chore: update laravel 11.28.1 -> 11.31.0 Signed-off-by: Matthew Penner <me@matthewp.io>	2024-11-14 19:03:51 -07:00
Mackenzie Molloy	0e17f6d324	Fixed error when adding new subusers (and test failures)	2024-08-07 19:58:32 +01:00
Mackenzie Molloy	2ef03baab8	Removed spill over from another branch	2024-08-07 00:43:20 +01:00
Mackenzie Molloy	5a22513f4c	Added disabled styling to Checkbox Input	2024-08-07 00:35:57 +01:00
Mackenzie Molloy	f0430fa7e8	Finally fixed checked for all permissions disabled in group	2024-08-07 00:31:34 +01:00
Mackenzie Molloy	db99ac5bd1	Removed duplicate closing bracket	2024-08-07 00:21:49 +01:00
Mackenzie Molloy	9f2b676005	Fixed logic on Select All of PermissionTitleBox	2024-08-06 23:49:54 +01:00
Mackenzie Molloy	bf15622d9c	Corrected permission add/remove logic	2024-08-06 23:10:08 +01:00
Mackenzie Molloy	d8b48702ec	Fixed Select All of a Permission Group ignoring disabled/dis-allowed permissions	2024-08-06 21:54:05 +01:00
Mackenzie Molloy	95dd9e7f2d	Support for subuser editing other subuser permissions when they don't have all permissions	2024-08-06 21:52:59 +01:00
Mackenzie Molloy	31871be7d3	Merge branch 'pterodactyl:1.0-develop' into 1.0-develop	2024-06-10 20:41:06 +01:00
Mackenzie Molloy	0dd3f3b0a3	Sorted Users by Administrators first	2024-05-11 01:44:50 +01:00