diff --git a/app/Models/Permission.php b/app/Models/Permission.php index 008473f3..391f5e8d 100644 --- a/app/Models/Permission.php +++ b/app/Models/Permission.php @@ -42,22 +42,35 @@ class Permission extends Model */ protected $guarded = ['id', 'created_at', 'updated_at']; - /** - * Cast values to correct type. - * - * @var array - */ - protected $casts = [ - 'user_id' => 'integer', - 'server_id' => 'integer', - ]; + /** + * Cast values to correct type. + * + * @var array + */ + protected $casts = [ + 'subuser_id' => 'integer', + ]; + /** + * Find permission by permission node. + * + * @param \Illuminate\Database\Query\Builder $query + * @param string $permission + * @return \Illuminate\Database\Query\Builder + */ public function scopePermission($query, $permission) { return $query->where('permission', $permission); } - public function scopeServer($query, $server) + /** + * Filter permission by server. + * + * @param \Illuminate\Database\Query\Builder $query + * @param \Pterodactyl\Models\Server $server + * @return \Illuminate\Database\Query\Builder + */ + public function scopeServer($query, Server $server) { return $query->where('server_id', $server->id); } diff --git a/app/Models/Subuser.php b/app/Models/Subuser.php index 826995d0..6d390df9 100644 --- a/app/Models/Subuser.php +++ b/app/Models/Subuser.php @@ -79,4 +79,14 @@ class Subuser extends Model { return $this->belongsTo(User::class); } + + /** + * Gets the permissions associated with a subuser. + * + * @return \Illuminate\Database\Eloquent\Relations\HasMany + */ + public function permissions() + { + return $this->hasMany(Pemission::class); + } } diff --git a/app/Models/User.php b/app/Models/User.php index 6d1bfa19..abcddf22 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -199,11 +199,11 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac /** * Returns all permissions that a user has. * - * @return \Illuminate\Database\Eloquent\Relations\HasMany + * @return \Illuminate\Database\Eloquent\Relations\HasManyThrough */ public function permissions() { - return $this->hasMany(Permission::class); + return $this->hasManyThrough(Permission::class, Subuser::class); } /** diff --git a/app/Policies/ServerPolicy.php b/app/Policies/ServerPolicy.php index 3ef54f43..d67f3ace 100644 --- a/app/Policies/ServerPolicy.php +++ b/app/Policies/ServerPolicy.php @@ -39,6 +39,23 @@ class ServerPolicy // } + /** + * Checks if the user has the given permission on/for the server. + * + * @param \Pterodactyl\Models\User $user + * @param \Pterodactyl\Models\Server $server + * @param $permission + * @return bool + */ + private function checkPermission(User $user, Server $server, $permission) + { + if ($this->isOwner($user, $server)) { + return true; + } + + return $user->permissions()->server($server)->permission($permission)->exists(); + } + /** * Determine if current user is the owner of a server. * @@ -521,21 +538,4 @@ class ServerPolicy { return $this->checkPermission($user, $server, 'set-allocation'); } - - /** - * Checks if the user has the given permission on/for the server. - * - * @param \Pterodactyl\Models\User $user - * @param \Pterodactyl\Models\Server $server - * @param $permission - * @return bool - */ - private function checkPermission(User $user, Server $server, $permission) - { - if ($this->isOwner($user, $server)) { - return true; - } - - return $user->permissions()->server($server)->permission($permission)->exists(); - } } diff --git a/database/migrations/2017_02_09_174834_SetupPermissionsPivotTable.php b/database/migrations/2017_02_09_174834_SetupPermissionsPivotTable.php new file mode 100644 index 00000000..fe87c4f7 --- /dev/null +++ b/database/migrations/2017_02_09_174834_SetupPermissionsPivotTable.php @@ -0,0 +1,72 @@ +unsignedInteger('subuser_id')->after('id'); + }); + + DB::transaction(function () { + foreach(Subuser::all() as &$subuser) { + Permission::where('user_id', $subuser->user_id)->where('server_id', $subuser->server_id)->update([ + 'subuser_id' => $subuser->id, + ]); + } + }); + + Schema::table('permissions', function (Blueprint $table) { + $table->dropForeign('permissions_server_id_foreign'); + $table->dropIndex('permissions_server_id_foreign'); + $table->dropForeign('permissions_user_id_foreign'); + $table->dropIndex('permissions_user_id_foreign'); + + $table->dropColumn('server_id'); + $table->dropColumn('user_id'); + $table->foreign('subuser_id')->references('id')->on('subusers'); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('permissions', function (Blueprint $table) { + $table->unsignedInteger('server_id')->after('subuser_id'); + $table->unsignedInteger('user_id')->after('server_id'); + }); + + DB::transaction(function () { + foreach(Subuser::all() as &$subuser) { + Permission::where('subuser_id', $subuser->id)->update([ + 'user_id' => $subuser->user_id, + 'server_id' => $subuser->server_id, + ]); + } + }); + + Schema::table('permissions', function (Blueprint $table) { + $table->dropForeign('permissions_subuser_id_foreign'); + $table->dropIndex('permissions_subuser_id_foreign'); + $table->dropColumn('subuser_id'); + + $table->foreign('server_id')->references('id')->on('servers'); + $table->foreign('user_id')->references('id')->on('users'); + }); + } +}