Merge pull request #1 from Pterodactyl/develop

Merging up to current
2017-05-29 11:41:05 -04:00 · 2017-05-29 11:41:05 -04:00 · 324a1db621
commit 324a1db621
parent 1b3d9eb683 8b762cbaf5
17 changed files with 91 additions and 32 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -3,6 +3,20 @@ This file is a running track of new features and fixes to each version of the pa

 This project follows [Semantic Versioning](http://semver.org) guidelines.

+## v0.6.1 (Courageous Carniadactylus)
+### Fixed
+* Fixes a bug preventing the use of services that have no variables attached to them.
+* Fixes 'Remember Me' checkbox being ignored when using 2FA on an account.
+* API now returns a useful error displaying what went wrong rather than an obscure 'An Error was Encountered' message when API issues arise.
+* Fixes bug preventing the creation of new files in the file manager due to a missing JS dependency on page load.
+* Prevent using a service option tag that contains special characters that are not valid. Now only allows alpha-numeric, no spaces or underscores.
+* Fix unhandled excpetion due to missing `Log` class when using the API and causing an error.
+
+### Changed
+* Renamed session cookies from `laravel_session` to `pterodactyl_session`.
+* Sessions are now encrypted before being stored as an additional layer of security.
+* It is now possible to clear out a server description and have it be blank, rather than throwing an error about the field being required.
+
 ## v0.6.0 (Courageous Carniadactylus)
 ### Fixed
 * Bug causing error logs to be spammed if someone timed out on an ajax based page.
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@ -48,16 +48,16 @@ class Handler extends ExceptionHandler
        if ($request->expectsJson() || $request->isJson() || $request->is(...config('pterodactyl.json_routes'))) {
            $exception = $this->prepareException($exception);

-            if (config('app.debug')) {
-                $report = [
-                    'code' => (! $this->isHttpException($exception)) ?: $exception->getStatusCode(),
-                    'message' => class_basename($exception) . ' in ' . $exception->getFile() . ' on line ' . $exception->getLine(),
-                ];
+            if (config('app.debug') || $this->isHttpException($exception)) {
+                $displayError = $exception->getMessage();
+            } else {
+                $displayError = 'An unhandled exception was encountered with this request.';
            }

            $response = response()->json([
-                'error' => (config('app.debug')) ? $exception->getMessage() : 'An unhandled exception was encountered with this request.',
-                'exception' => ! isset($report) ?: $report,
+                'error' => $displayError,
+                'http_code' => (! $this->isHttpException($exception)) ?: $exception->getStatusCode(),
+                'trace' => (! config('app.debug')) ? null : class_basename($exception) . ' in ' . $exception->getFile() . ' on line ' . $exception->getLine(),
            ], ($this->isHttpException($exception)) ? $exception->getStatusCode() : 500, [], JSON_UNESCAPED_SLASHES);

            parent::report($exception);
--- a/app/Http/Controllers/API/Admin/NodeController.php
+++ b/app/Http/Controllers/API/Admin/NodeController.php
@ -24,6 +24,7 @@

 namespace Pterodactyl\Http\Controllers\API\Admin;

+use Log;
 use Fractal;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\Node;
--- a/app/Http/Controllers/API/Admin/ServerController.php
+++ b/app/Http/Controllers/API/Admin/ServerController.php
@ -24,6 +24,7 @@

 namespace Pterodactyl\Http\Controllers\API\Admin;

+use Log;
 use Fractal;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\Server;
--- a/app/Http/Controllers/API/Admin/UserController.php
+++ b/app/Http/Controllers/API/Admin/UserController.php
@ -24,6 +24,7 @@

 namespace Pterodactyl\Http\Controllers\API\Admin;

+use Log;
 use Fractal;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\User;
--- a/app/Http/Controllers/Admin/ServersController.php
+++ b/app/Http/Controllers/Admin/ServersController.php
@ -273,9 +273,12 @@ class ServersController extends Controller
    {
        $repo = new ServerRepository;
        try {
-            $repo->updateDetails($id, $request->intersect([
-                'owner_id', 'name', 'description', 'reset_token',
-            ]));
+            $repo->updateDetails($id, array_merge(
+                $request->only('description'),
+                $request->intersect([
+                    'owner_id', 'name', 'reset_token',
+                ])
+            ));

            Alert::success('Server details were successfully updated.')->flash();
        } catch (DisplayValidationException $ex) {
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -134,7 +134,9 @@ class LoginController extends Controller
                ])),
            ], 5);

-            return redirect()->route('auth.totp')->with('authentication_token', $token);
+            return redirect()->route('auth.totp')
+                ->with('authentication_token', $token)
+                ->with('remember', $request->has('remember'));
        }

        $attempt = Auth::attempt([
@ -167,7 +169,7 @@ class LoginController extends Controller

        return view('auth.totp', [
            'verify_key' => $token,
-            'remember' => $request->has('remember'),
+            'remember' => $request->session()->get('remember'),
        ]);
    }

--- a/app/Http/Controllers/Daemon/OptionController.php
+++ b/app/Http/Controllers/Daemon/OptionController.php
@ -38,6 +38,17 @@ class OptionController extends Controller
            return sprintf('%s=%s', $item->variable->env_variable, $item->variable_value);
        });

+        $mergeInto = [
+            'STARTUP=' . $server->startup,
+            'SERVER_MEMORY=' . $server->memory,
+            'SERVER_IP=' . $server->allocation->ip,
+            'SERVER_PORT=' . $server->allocation->port,
+        ];
+
+        if ($environment->count() === 0) {
+            $environment = collect($mergeInto);
+        }
+
        return response()->json([
            'scripts' => [
                'install' => (! $server->option->copy_script_install) ? null : str_replace(["\r\n", "\n", "\r"], "\n", $server->option->copy_script_install),
@ -47,12 +58,7 @@ class OptionController extends Controller
                'container' => $server->option->copy_script_container,
                'entry' => $server->option->copy_script_entry,
            ],
-            'env' => $environment->merge([
-                'STARTUP=' . $server->startup,
-                'SERVER_MEMORY=' . $server->memory,
-                'SERVER_IP=' . $server->allocation->ip,
-                'SERVER_PORT=' . $server->allocation->port,
-            ])->toArray(),
+            'env' => $environment->toArray(),
        ]);
    }
 }
--- a/app/Repositories/OptionRepository.php
+++ b/app/Repositories/OptionRepository.php
@ -47,7 +47,7 @@ class OptionRepository
            'service_id' => 'required|numeric|exists:services,id',
            'name' => 'required|string|max:255',
            'description' => 'required|string',
-            'tag' => 'required|string|max:255|unique:service_options,tag',
+            'tag' => 'required|alpha_num|max:60|unique:service_options,tag',
            'docker_image' => 'sometimes|string|max:255',
            'startup' => 'sometimes|nullable|string',
            'config_from' => 'sometimes|required|numeric|exists:service_options,id',
--- a/app/Repositories/ServerRepository.php
+++ b/app/Repositories/ServerRepository.php
@ -370,7 +370,7 @@ class ServerRepository
        $validator = Validator::make($data, [
            'owner_id' => 'sometimes|required|integer|exists:users,id',
            'name' => 'sometimes|required|regex:([\w .-]{1,200})',
-            'description' => 'sometimes|required|string',
+            'description' => 'sometimes|nullable|string',
            'reset_token' => 'sometimes|required|accepted',
        ]);

@ -733,6 +733,10 @@ class ServerRepository
            $i++;
        }

+        if ($parsed->count() === 0) {
+            return collect($merge);
+        }
+
        return $parsed->merge($merge);
    }

--- a/config/session.php
+++ b/config/session.php
@ -44,7 +44,7 @@ return [
    |
    */

-    'encrypt' => false,
+    'encrypt' => true,

    /*
    |--------------------------------------------------------------------------
@ -122,7 +122,7 @@ return [
    |
    */

-    'cookie' => 'laravel_session',
+    'cookie' => 'pterodactyl_session',

    /*
    |--------------------------------------------------------------------------
--- a/public/themes/pterodactyl/css/pterodactyl.css
+++ b/public/themes/pterodactyl/css/pterodactyl.css
@ -28,6 +28,7 @@

 .login-box, .register-box {
    width: 40%;
+    max-width: 500px;
    margin: 7% auto;
 }

@ -303,3 +304,10 @@ input.form-autocomplete-stop[readonly] {
    background: inherit;
    cursor: text;
 }
+
+/* fix Google Recaptcha badge */
+.grecaptcha-badge {
+    bottom: 54px !important;
+    background: white;
+    box-shadow: none !important;
+}
--- a/resources/themes/pterodactyl/admin/servers/view/manage.blade.php
+++ b/resources/themes/pterodactyl/admin/servers/view/manage.blade.php
@ -62,10 +62,14 @@
                <p>This will reinstall the server with the assigned pack and service scripts. <strong>Danger!</strong> This could overwrite server data.</p>
            </div>
            <div class="box-footer">
-                <form action="{{ route('admin.servers.view.manage.reinstall', $server->id) }}" method="POST">
-                    {!! csrf_field() !!}
-                    <button type="submit" class="btn btn-danger">Reinstall Server</button>
-                </form>
+                @if($server->installed)
+                    <form action="{{ route('admin.servers.view.manage.reinstall', $server->id) }}" method="POST">
+                        {!! csrf_field() !!}
+                        <button type="submit" class="btn btn-danger">Reinstall Server</button>
+                    </form>
+                @else
+                    <button class="btn btn-danger disabled">Reinstall Server</button>
+                @endif
            </div>
        </div>
    </div>
--- a/resources/themes/pterodactyl/admin/services/options/new.blade.php
+++ b/resources/themes/pterodactyl/admin/services/options/new.blade.php
@ -66,7 +66,7 @@
                            <div class="form-group">
                                <label for="pTag" class="form-label">Option Tag</label>
                                <input type="text" id="pTag" name="tag" value="{{ old('tag') }}" class="form-control" />
-                                <p class="text-muted small">This should be a unique identifer for this service option that is not used for any other service options.</p>
+                                <p class="text-muted small">This should be a unique identifer for this service option that is not used for any other service options. Must be alpha-numeric and no more than 60 characters in length.</p>
                            </div>
                            <div class="form-group">
                                <label for="pDockerImage" class="form-label">Docker Image</label>
--- a/resources/themes/pterodactyl/admin/services/options/view.blade.php
+++ b/resources/themes/pterodactyl/admin/services/options/view.blade.php
@ -47,6 +47,11 @@
 </div>
 <form action="{{ route('admin.services.option.view', $option->id) }}" method="POST">
    <div class="row">
+        <div class="col-xs-12">
+            <div class="callout callout-info">
+                <strong>Notice:</strong> Editing the Option Tag or any of the Process Management fields <em>requires</em> that each daemon be rebooted to apply the changes.
+            </div>
+        </div>
        <div class="col-xs-12">
            <div class="box">
                <div class="box-header with-border">
--- a/resources/themes/pterodactyl/auth/totp.blade.php
+++ b/resources/themes/pterodactyl/auth/totp.blade.php
@ -23,20 +23,29 @@
    2FA Checkpoint
@endsection

+@section('scripts')
+    @parent
+    <style>
+        input::-webkit-outer-spin-button, input::-webkit-inner-spin-button {
+            -webkit-appearance: none;
+            margin: 0;
+        }
+    </style>
+@endsection
+
@section('content')
 <div class="login-box-body">
-    <p class="login-box-msg">@lang('auth.2fa_required')</p>
    <form action="{{ route('auth.totp') }}" method="POST">
-        <div class="form-group">
-            <input type="text" name="2fa_token" class="form-control" placeholder="@lang('strings.2fa_token')">
-            <span class="fa fa-lock form-control-feedback"></span>
+        <div class="form-group has-feedback">
+            <input type="number" name="2fa_token" class="form-control input-lg text-center" placeholder="@lang('strings.2fa_token')" autofocus>
+            <span class="fa fa-shield form-control-feedback"></span>
        </div>
        <div class="row">
            <div class="col-xs-12">
                {!! csrf_field() !!}
                <input type="hidden" name="verify_token" value="{{ $verify_key }}" />
                @if($remember)
-                    <input type="hidden" name="remember" value="true" />
+                    <input type="checkbox" name="remember" checked style="display:none;"/>
                @endif
                <button type="submit" class="btn btn-primary btn-block btn-flat">@lang('strings.submit')</button>
            </div>
--- a/resources/themes/pterodactyl/server/files/add.blade.php
+++ b/resources/themes/pterodactyl/server/files/add.blade.php
@ -101,6 +101,7 @@
    {!! Theme::js('js/frontend/server.socket.js') !!}
    {!! Theme::js('vendor/ace/ace.js') !!}
    {!! Theme::js('vendor/ace/ext-modelist.js') !!}
+    {!! Theme::js('vendor/ace/ext-whitespace.js') !!}
    {!! Theme::js('vendor/lodash/lodash.js') !!}
    {!! Theme::js('js/frontend/files/editor.js') !!}
    <script>