Use a standardized transformer base; replace all client transformers to call that base

app/Http/Controllers/Api/Application/ApplicationApiController.php

@@ -51,13 +51,13 @@ abstract class ApplicationApiController extends Controller
      * @return \Pterodactyl\Transformers\Api\Application\BaseTransformer
      *
      * @throws \Illuminate\Contracts\Container\BindingResolutionException
+     *
+     * @deprecated
      */
     public function getTransformer(string $abstract)
     {
         /** @var \Pterodactyl\Transformers\Api\Application\BaseTransformer $transformer */
         $transformer = Container::getInstance()->make($abstract);
-        $transformer->setRootAdmin($this->request->user()->root_admin);
-        $transformer->setKey($this->request->attributes->get('api_key'));
 
         Assert::isInstanceOf($transformer, BaseTransformer::class);
 

app/Http/Controllers/Api/Client/AccountController.php

@@ -34,7 +34,7 @@ class AccountController extends ClientApiController
     public function index(Request $request): array
     {
         return $this->fractal->item($request->user())
-            ->transformWith($this->getTransformer(AccountTransformer::class))
+            ->transformWith(AccountTransformer::class)
             ->toArray();
     }
 

app/Http/Controllers/Api/Client/ClientApiController.php

@@ -3,9 +3,7 @@
 namespace Pterodactyl\Http\Controllers\Api\Client;
 
 use Webmozart\Assert\Assert;
-use Illuminate\Container\Container;
+use Pterodactyl\Transformers\Api\Transformer;
-use Pterodactyl\Transformers\Daemon\BaseDaemonTransformer;
-use Pterodactyl\Transformers\Api\Client\BaseClientTransformer;
 use Pterodactyl\Http\Controllers\Api\Application\ApplicationApiController;
 
 abstract class ClientApiController extends ApplicationApiController
@@ -15,7 +13,7 @@ abstract class ClientApiController extends ApplicationApiController
      *
      * @return string[]
      */
-    protected function getIncludesForTransformer(BaseClientTransformer $transformer, array $merge = []): array
+    protected function getIncludesForTransformer(Transformer $transformer, array $merge = []): array
     {
         $filtered = array_filter($this->parseIncludes(), function ($datum) use ($transformer) {
             return in_array($datum, $transformer->getAvailableIncludes());
@@ -45,23 +43,15 @@ abstract class ClientApiController extends ApplicationApiController
     /**
      * Return an instance of an application transformer.
      *
-     * @return \Pterodactyl\Transformers\Api\Client\BaseClientTransformer
+     * @return \Pterodactyl\Transformers\Api\Transformer
      *
-     * @throws \Illuminate\Contracts\Container\BindingResolutionException
+     * @deprecated
      */
-    public function getTransformer(string $abstract)
+    public function getTransformer(string $class)
     {
-        /** @var \Pterodactyl\Transformers\Api\Client\BaseClientTransformer $transformer */
+        $transformer = new $class;
-        $transformer = Container::getInstance()->make($abstract);
-        Assert::isInstanceOfAny($transformer, [
-            BaseClientTransformer::class,
-            BaseDaemonTransformer::class,
-        ]);
 
-        if ($transformer instanceof BaseClientTransformer) {
+        Assert::same(substr($class, 0, strlen(class_basename($class)) * -1), '\Pterodactyl\Transformers\Api\Client\\');
-            // $transformer->setKey($this->request->attributes->get('api_key'));
-            $transformer->setUser($this->request->user());
-        }
 
         return $transformer;
     }

app/Models/UserSSHKey.php

@@ -14,6 +14,12 @@ use Illuminate\Database\Eloquent\Relations\BelongsTo;
  */
 class UserSSHKey extends Model
 {
+    /**
+     * The resource name for this model when it is transformed into an
+     * API representation using fractal.
+     */
+    public const RESOURCE_NAME = 'user_ssh_key';
+
     const UPDATED_AT = null;
 
     protected $table = 'user_ssh_keys';

app/Models/WebauthnKey.php

@@ -9,6 +9,8 @@ class WebauthnKey extends \LaravelWebauthn\Models\WebauthnKey
 {
     use HasFactory;
 
+    public const RESOURCE_NAME = 'webauthn_key';
+
     public function user(): BelongsTo
     {
         return $this->belongsTo(User::class);

app/Transformers/Api/Application/BaseTransformer.php

@@ -2,96 +2,12 @@
 
 namespace Pterodactyl\Transformers\Api\Application;
 
-use Carbon\CarbonImmutable;
-use Pterodactyl\Models\ApiKey;
 use Illuminate\Container\Container;
-use Illuminate\Database\Eloquent\Model;
+use Pterodactyl\Transformers\Api\Transformer;
-use League\Fractal\TransformerAbstract;
-use Pterodactyl\Services\Acl\Api\AdminAcl;
 use Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException;
 
-/**
+abstract class BaseTransformer extends Transformer
- * @method array transform(Model $model)
- */
-abstract class BaseTransformer extends TransformerAbstract
 {
-    public const RESPONSE_TIMEZONE = 'UTC';
-
-    private ApiKey $key;
-
-    private bool $rootAdmin;
-
-    /**
-     * Return the resource name for the JSONAPI output.
-     */
-    abstract public function getResourceName(): string;
-
-    /**
-     * BaseTransformer constructor.
-     */
-    public function __construct()
-    {
-        // Transformers allow for dependency injection on the handle method.
-        if (method_exists($this, 'handle')) {
-            Container::getInstance()->call([$this, 'handle']);
-        }
-    }
-
-    /**
-     * Set the HTTP request class being used for this request.
-     *
-     * @return $this
-     */
-    public function setKey(ApiKey $key)
-    {
-        $this->key = $key;
-
-        return $this;
-    }
-
-    /**
-     * Return the request instance being used for this transformer.
-     */
-    public function getKey(): ApiKey
-    {
-        return $this->key;
-    }
-
-    /**
-     * ?
-     *
-     * @return $this
-     */
-    public function setRootAdmin(bool $rootAdmin)
-    {
-        $this->rootAdmin = $rootAdmin;
-
-        return $this;
-    }
-
-    /**
-     * ?
-     */
-    public function isRootAdmin(): bool
-    {
-        return $this->rootAdmin;
-    }
-
-    /**
-     * Determine if the API key loaded onto the transformer has permission
-     * to access a different resource. This is used when including other
-     * models on a transformation request.
-     */
-    protected function authorize(string $resource): bool
-    {
-        return true;
-//        if ($this->getKey()->key_type === ApiKey::TYPE_ACCOUNT && $this->isRootAdmin()) {
-//            return true;
-//        }
-//
-//        return AdminAcl::check($this->getKey(), $resource, AdminAcl::READ);
-    }
-
     /**
      * Create a new instance of the transformer and pass along the currently
      * set API key.
@@ -105,7 +21,6 @@ abstract class BaseTransformer extends TransformerAbstract
     {
         /** @var \Pterodactyl\Transformers\Api\Application\BaseTransformer $transformer */
         $transformer = Container::getInstance()->makeWith($abstract, $parameters);
-        // $transformer->setKey($this->getKey());
 
         if (!$transformer instanceof self) {
             throw new InvalidTransformerLevelException('Calls to ' . __METHOD__ . ' must return a transformer that is an instance of ' . __CLASS__);
@@ -113,14 +28,4 @@ abstract class BaseTransformer extends TransformerAbstract
 
         return $transformer;
     }
-
-    /**
-     * Return an ISO-8601 formatted timestamp to use in the API response.
-     */
-    protected function formatTimestamp(string $timestamp): string
-    {
-        return CarbonImmutable::createFromFormat(CarbonImmutable::DEFAULT_TO_STRING_FORMAT, $timestamp)
-            ->setTimezone(self::RESPONSE_TIMEZONE)
-            ->toIso8601String();
-    }
 }

app/Transformers/Api/Client/AccountTransformer.php

@@ -3,23 +3,19 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\User;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class AccountTransformer extends BaseClientTransformer
+class AccountTransformer extends Transformer
 {
-    /**
-     * Return the resource name for the JSONAPI output.
-     */
     public function getResourceName(): string
     {
-        return 'user';
+        return User::RESOURCE_NAME;
     }
 
     /**
      * Return basic information about the currently logged in user.
-     *
-     * @return array
      */
-    public function transform(User $model)
+    public function transform(User $model): array
     {
         return [
             'id' => $model->id,

app/Transformers/Api/Client/AllocationTransformer.php

@@ -3,23 +3,16 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\Allocation;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class AllocationTransformer extends BaseClientTransformer
+class AllocationTransformer extends Transformer
 {
-    /**
-     * Return the resource name for the JSONAPI output.
-     */
     public function getResourceName(): string
     {
-        return 'allocation';
+        return Allocation::RESOURCE_NAME;
     }
 
-    /**
+    public function transform(Allocation $model): array
-     * Return basic information about the currently logged in user.
-     *
-     * @return array
-     */
-    public function transform(Allocation $model)
     {
         return [
             'id' => $model->id,

app/Transformers/Api/Client/BackupTransformer.php

@@ -3,18 +3,16 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\Backup;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class BackupTransformer extends BaseClientTransformer
+class BackupTransformer extends Transformer
 {
     public function getResourceName(): string
     {
         return Backup::RESOURCE_NAME;
     }
 
-    /**
+    public function transform(Backup $backup): array
-     * @return array
-     */
-    public function transform(Backup $backup)
     {
         return [
             'uuid' => $backup->uuid,
@@ -24,8 +22,8 @@ class BackupTransformer extends BaseClientTransformer
             'ignored_files' => $backup->ignored_files,
             'checksum' => $backup->checksum,
             'bytes' => $backup->bytes,
-            'created_at' => $backup->created_at->toIso8601String(),
+            'created_at' => self::formatTimestamp($backup->created_at),
-            'completed_at' => $backup->completed_at ? $backup->completed_at->toIso8601String() : null,
+            'completed_at' => self::formatTimestamp($backup->completed_at),
         ];
     }
 }

app/Transformers/Api/Client/BaseClientTransformer.php

@@ -1,69 +0,0 @@
-<?php
-
-namespace Pterodactyl\Transformers\Api\Client;
-
-use Pterodactyl\Models\User;
-use Webmozart\Assert\Assert;
-use Pterodactyl\Models\Server;
-use Illuminate\Container\Container;
-use Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException;
-use Pterodactyl\Transformers\Api\Application\BaseTransformer as BaseApplicationTransformer;
-
-abstract class BaseClientTransformer extends BaseApplicationTransformer
-{
-    /**
-     * @var \Pterodactyl\Models\User
-     */
-    private $user;
-
-    /**
-     * Return the user model of the user requesting this transformation.
-     */
-    public function getUser(): User
-    {
-        return $this->user;
-    }
-
-    /**
-     * Set the user model of the user requesting this transformation.
-     */
-    public function setUser(User $user)
-    {
-        $this->user = $user;
-    }
-
-    /**
-     * Determine if the API key loaded onto the transformer has permission
-     * to access a different resource. This is used when including other
-     * models on a transformation request.
-     *
-     * @param \Pterodactyl\Models\Server $server
-     */
-    protected function authorize(string $ability, Server $server = null): bool
-    {
-        Assert::isInstanceOf($server, Server::class);
-
-        return $this->getUser()->can($ability, [$server]);
-    }
-
-    /**
-     * Create a new instance of the transformer and pass along the currently
-     * set API key.
-     *
-     * @return self
-     *
-     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
-     */
-    protected function makeTransformer(string $abstract, array $parameters = [])
-    {
-        /** @var \Pterodactyl\Transformers\Api\Application\BaseTransformer $transformer */
-        $transformer = Container::getInstance()->makeWith($abstract, $parameters);
-        // $transformer->setKey($this->getKey());
-
-        if (!$transformer instanceof self) {
-            throw new InvalidTransformerLevelException('Calls to ' . __METHOD__ . ' must return a transformer that is an instance of ' . __CLASS__);
-        }
-
-        return $transformer;
-    }
-}

app/Transformers/Api/Client/DatabaseTransformer.php

@@ -4,26 +4,18 @@ namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\Database;
 use Pterodactyl\Models\Permission;
+use Pterodactyl\Transformers\Api\Transformer;
 use Illuminate\Contracts\Encryption\Encrypter;
 use Pterodactyl\Contracts\Extensions\HashidsInterface;
 
-class DatabaseTransformer extends BaseClientTransformer
+class DatabaseTransformer extends Transformer
 {
     protected $availableIncludes = ['password'];
 
-    /**
+    protected Encrypter $encrypter;
-     * @var \Illuminate\Contracts\Encryption\Encrypter
-     */
-    private $encrypter;
 
-    /**
+    protected HashidsInterface $hashids;
-     * @var \Pterodactyl\Contracts\Extensions\HashidsInterface
-     */
-    private $hashids;
 
-    /**
-     * Handle dependency injection.
-     */
     public function handle(Encrypter $encrypter, HashidsInterface $hashids)
     {
         $this->encrypter = $encrypter;
@@ -37,13 +29,11 @@ class DatabaseTransformer extends BaseClientTransformer
 
     public function transform(Database $model): array
     {
-        $model->loadMissing('host');
-
         return [
             'id' => $this->hashids->encode($model->id),
             'host' => [
-                'address' => $model->getRelation('host')->host,
+                'address' => $model->host->host,
-                'port' => $model->getRelation('host')->port,
+                'port' => $model->host->port,
             ],
             'name' => $model->database,
             'username' => $model->username,
@@ -59,7 +49,7 @@ class DatabaseTransformer extends BaseClientTransformer
      */
     public function includePassword(Database $database)
     {
-        if (!$this->getUser()->can(Permission::ACTION_DATABASE_VIEW_PASSWORD, $database->server)) {
+        if ($this->user()->cannot(Permission::ACTION_DATABASE_VIEW_PASSWORD, $database->server)) {
             return $this->null();
         }
 

app/Transformers/Api/Client/EggTransformer.php

@@ -3,21 +3,16 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\Egg;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class EggTransformer extends BaseClientTransformer
+class EggTransformer extends Transformer
 {
-    /**
-     * Return the resource name for the JSONAPI output.
-     */
     public function getResourceName(): string
     {
         return Egg::RESOURCE_NAME;
     }
 
-    /**
+    public function transform(Egg $egg): array
-     * @return array
-     */
-    public function transform(Egg $egg)
     {
         return [
             'uuid' => $egg->uuid,

app/Transformers/Api/Client/EggVariableTransformer.php

@@ -4,18 +4,16 @@ namespace Pterodactyl\Transformers\Api\Client;
 
 use BadMethodCallException;
 use Pterodactyl\Models\EggVariable;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class EggVariableTransformer extends BaseClientTransformer
+class EggVariableTransformer extends Transformer
 {
     public function getResourceName(): string
     {
         return EggVariable::RESOURCE_NAME;
     }
 
-    /**
+    public function transform(EggVariable $variable): array
-     * @return array
-     */
-    public function transform(EggVariable $variable)
     {
         // This guards against someone incorrectly retrieving variables (haha, me) and then passing
         // them into the transformer and along to the user. Just throw an exception and break the entire

app/Transformers/Api/Client/PersonalAccessTokenTransformer.php

@@ -3,30 +3,24 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\PersonalAccessToken;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class PersonalAccessTokenTransformer extends BaseClientTransformer
+class PersonalAccessTokenTransformer extends Transformer
 {
-    /**
-     * @return string
-     */
     public function getResourceName(): string
     {
         return PersonalAccessToken::RESOURCE_NAME;
     }
 
-    /**
-     * @param \Pterodactyl\Models\PersonalAccessToken $model
-     * @return array
-     */
     public function transform(PersonalAccessToken $model): array
     {
         return [
             'token_id' => $model->token_id,
             'description' => $model->description,
             'abilities' => $model->abilities ?? [],
-            'last_used_at' => $model->last_used_at ? $model->last_used_at->toIso8601String() : null,
+            'last_used_at' => self::formatTimestamp($model->last_used_at),
-            'created_at' => $model->created_at->toIso8601String(),
+            'created_at' => self::formatTimestamp($model->created_at),
-            'updated_at' => $model->updated_at->toIso8601String(),
+            'updated_at' => self::formatTimestamp($model->updated_at),
         ];
     }
 }

app/Transformers/Api/Client/ScheduleTransformer.php

@@ -2,11 +2,10 @@
 
 namespace Pterodactyl\Transformers\Api\Client;
 
-use Pterodactyl\Models\Task;
 use Pterodactyl\Models\Schedule;
-use Illuminate\Database\Eloquent\Model;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class ScheduleTransformer extends BaseClientTransformer
+class ScheduleTransformer extends Transformer
 {
     /**
      * @var array
@@ -18,20 +17,12 @@ class ScheduleTransformer extends BaseClientTransformer
      */
     protected $defaultIncludes = ['tasks'];
 
-    /**
-     * {@inheritdoc}
-     */
     public function getResourceName(): string
     {
         return Schedule::RESOURCE_NAME;
     }
 
-    /**
+    public function transform(Schedule $model): array
-     * Returns a transformed schedule model such that a client can view the information.
-     *
-     * @return array
-     */
-    public function transform(Schedule $model)
     {
         return [
             'id' => $model->id,
@@ -46,10 +37,10 @@ class ScheduleTransformer extends BaseClientTransformer
             'is_active' => $model->is_active,
             'is_processing' => $model->is_processing,
             'only_when_online' => $model->only_when_online,
-            'last_run_at' => $model->last_run_at ? $model->last_run_at->toIso8601String() : null,
+            'last_run_at' => self::formatTimestamp($model->last_run_at),
-            'next_run_at' => $model->next_run_at ? $model->next_run_at->toIso8601String() : null,
+            'next_run_at' => self::formatTimestamp($model->next_run_at),
-            'created_at' => $model->created_at->toIso8601String(),
+            'created_at' => self::formatTimestamp($model->created_at),
-            'updated_at' => $model->updated_at->toIso8601String(),
+            'updated_at' => self::formatTimestamp($model->updated_at),
         ];
     }
 
@@ -57,15 +48,9 @@ class ScheduleTransformer extends BaseClientTransformer
      * Allows attaching the tasks specific to the schedule in the response.
      *
      * @return \League\Fractal\Resource\Collection
-     *
-     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
      */
     public function includeTasks(Schedule $model)
     {
-        return $this->collection(
+        return $this->collection($model->tasks, new TaskTransformer());
-            $model->tasks,
-            $this->makeTransformer(TaskTransformer::class),
-            Task::RESOURCE_NAME
-        );
     }
 }

app/Transformers/Api/Client/ServerTransformer.php

@@ -2,16 +2,12 @@
 
 namespace Pterodactyl\Transformers\Api\Client;
 
-use Pterodactyl\Models\Egg;
 use Pterodactyl\Models\Server;
-use Pterodactyl\Models\Subuser;
-use Pterodactyl\Models\Allocation;
 use Pterodactyl\Models\Permission;
-use Illuminate\Container\Container;
+use Pterodactyl\Transformers\Api\Transformer;
-use Pterodactyl\Models\EggVariable;
 use Pterodactyl\Services\Servers\StartupCommandService;
 
-class ServerTransformer extends BaseClientTransformer
+class ServerTransformer extends Transformer
 {
     /**
      * @var string[]
@@ -23,23 +19,22 @@ class ServerTransformer extends BaseClientTransformer
      */
     protected $availableIncludes = ['egg', 'subusers'];
 
+    protected StartupCommandService $service;
+
     public function getResourceName(): string
     {
         return Server::RESOURCE_NAME;
     }
 
-    /**
+    public function handle(StartupCommandService $service)
-     * Transform a server model into a representation that can be returned
+    {
-     * to a client.
+        $this->service = $service;
-     */
+    }
+
     public function transform(Server $server): array
     {
-        /** @var \Pterodactyl\Services\Servers\StartupCommandService $service */
-        $service = Container::getInstance()->make(StartupCommandService::class);
-
         return [
-            'server_owner' => true,
+            'server_owner' => $this->user()->id === $server->owner_id,
-//            'server_owner' => $this->getKey()->user_id === $server->owner_id,
             'identifier' => $server->uuidShort,
             'internal_id' => $server->id,
             'uuid' => $server->uuid,
@@ -57,7 +52,7 @@ class ServerTransformer extends BaseClientTransformer
                 'io' => $server->io,
                 'cpu' => $server->cpu,
             ],
-            'invocation' => $service->handle($server, !$this->getUser()->can(Permission::ACTION_STARTUP_READ, $server)),
+            'invocation' => $this->service->handle($server, $this->user()->cannot(Permission::ACTION_STARTUP_READ, $server)),
             'docker_image' => $server->image,
             'egg_features' => $server->egg->inherit_features,
             'feature_limits' => [
@@ -66,10 +61,6 @@ class ServerTransformer extends BaseClientTransformer
                 'backups' => $server->backup_limit,
             ],
             'status' => $server->status,
-            // This field is deprecated, please use "status".
-            'is_suspended' => $server->isSuspended(),
-            // This field is deprecated, please use "status".
-            'is_installing' => !$server->isInstalled(),
             'is_transferring' => !is_null($server->transfer),
         ];
     }
@@ -77,14 +68,10 @@ class ServerTransformer extends BaseClientTransformer
     /**
      * Returns the allocations associated with this server.
      *
-     * @return \League\Fractal\Resource\Collection|\League\Fractal\Resource\NullResource
+     * @return \League\Fractal\Resource\Collection
-     *
-     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
      */
     public function includeAllocations(Server $server)
     {
-        $transformer = $this->makeTransformer(AllocationTransformer::class);
-
         // While we include this permission, we do need to actually handle it slightly different here
         // for the purpose of keeping things functionally working. If the user doesn't have read permissions
         // for the allocations we'll only return the primary server allocation, and any notes associated
@@ -92,59 +79,49 @@ class ServerTransformer extends BaseClientTransformer
         //
         // This allows us to avoid too much permission regression, without also hiding information that
         // is generally needed for the frontend to make sense when browsing or searching results.
-        if (!$this->getUser()->can(Permission::ACTION_ALLOCATION_READ, $server)) {
+        if ($this->user()->cannot(Permission::ACTION_ALLOCATION_READ, $server)) {
             $primary = clone $server->allocation;
             $primary->notes = null;
 
-            return $this->collection([$primary], $transformer, Allocation::RESOURCE_NAME);
+            return $this->collection([$primary], new AllocationTransformer());
         }
 
-        return $this->collection($server->allocations, $transformer, Allocation::RESOURCE_NAME);
+        return $this->collection($server->allocations, new AllocationTransformer());
     }
 
     /**
      * @return \League\Fractal\Resource\Collection|\League\Fractal\Resource\NullResource
-     *
-     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
      */
     public function includeVariables(Server $server)
     {
-        if (!$this->getUser()->can(Permission::ACTION_STARTUP_READ, $server)) {
+        if ($this->user()->cannot(Permission::ACTION_STARTUP_READ, $server)) {
             return $this->null();
         }
 
-        return $this->collection(
+        return $this->collection($server->variables->where('user_viewable', true), new EggVariableTransformer());
-            $server->variables->where('user_viewable', true),
-            $this->makeTransformer(EggVariableTransformer::class),
-            EggVariable::RESOURCE_NAME
-        );
     }
 
     /**
      * Returns the egg associated with this server.
      *
      * @return \League\Fractal\Resource\Item
-     *
-     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
      */
     public function includeEgg(Server $server)
     {
-        return $this->item($server->egg, $this->makeTransformer(EggTransformer::class), Egg::RESOURCE_NAME);
+        return $this->item($server->egg, new EggTransformer());
     }
 
     /**
      * Returns the subusers associated with this server.
      *
      * @return \League\Fractal\Resource\Collection|\League\Fractal\Resource\NullResource
-     *
-     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
      */
     public function includeSubusers(Server $server)
     {
-        if (!$this->getUser()->can(Permission::ACTION_USER_READ, $server)) {
+        if ($this->user()->cannot(Permission::ACTION_USER_READ, $server)) {
             return $this->null();
         }
 
-        return $this->collection($server->subusers, $this->makeTransformer(SubuserTransformer::class), Subuser::RESOURCE_NAME);
+        return $this->collection($server->subusers, new SubuserTransformer());
     }
 }

app/Transformers/Api/Client/StatsTransformer.php

@@ -3,21 +3,16 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Illuminate\Support\Arr;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class StatsTransformer extends BaseClientTransformer
+class StatsTransformer extends Transformer
 {
     public function getResourceName(): string
     {
         return 'stats';
     }
 
-    /**
+    public function transform(array $data): array
-     * Transform stats from the daemon into a result set that can be used in
-     * the client API.
-     *
-     * @return array
-     */
-    public function transform(array $data)
     {
         return [
             'current_state' => Arr::get($data, 'state', 'stopped'),

app/Transformers/Api/Client/SubuserTransformer.php

@@ -3,28 +3,19 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\Subuser;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class SubuserTransformer extends BaseClientTransformer
+class SubuserTransformer extends Transformer
 {
-    /**
-     * Return the resource name for the JSONAPI output.
-     */
     public function getResourceName(): string
     {
         return Subuser::RESOURCE_NAME;
     }
 
-    /**
+    public function transform(Subuser $model): array
-     * Transforms a subuser into a model that can be shown to a front-end user.
-     *
-     * @return array|void
-     *
-     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
-     */
-    public function transform(Subuser $model)
     {
         return array_merge(
-            $this->makeTransformer(UserTransformer::class)->transform($model->user),
+            (new UserTransformer())->transform($model->user),
             ['permissions' => $model->permissions]
         );
     }

app/Transformers/Api/Client/TaskTransformer.php

@@ -3,23 +3,16 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\Task;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class TaskTransformer extends BaseClientTransformer
+class TaskTransformer extends Transformer
 {
-    /**
-     * {@inheritdoc}
-     */
     public function getResourceName(): string
     {
         return Task::RESOURCE_NAME;
     }
 
-    /**
+    public function transform(Task $model): array
-     * Transforms a schedule's task into a client viewable format.
-     *
-     * @return array
-     */
-    public function transform(Task $model)
     {
         return [
             'id' => $model->id,
@@ -29,8 +22,8 @@ class TaskTransformer extends BaseClientTransformer
             'time_offset' => $model->time_offset,
             'is_queued' => $model->is_queued,
             'continue_on_failure' => $model->continue_on_failure,
-            'created_at' => $model->created_at->toIso8601String(),
+            'created_at' => self::formatTimestamp($model->created_at),
-            'updated_at' => $model->updated_at->toIso8601String(),
+            'updated_at' => self::formatTimestamp($model->updated_at),
         ];
     }
 }

app/Transformers/Api/Client/UserSSHKeyTransformer.php

@@ -3,27 +3,25 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\UserSSHKey;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class UserSSHKeyTransformer extends BaseClientTransformer
+class UserSSHKeyTransformer extends Transformer
 {
     /**
      * Return the resource name for the JSONAPI output.
      */
     public function getResourceName(): string
     {
-        return 'user_ssh_key';
+        return UserSSHKey::RESOURCE_NAME;
     }
 
-    /**
-     * Return basic information about the currently logged in user.
-     */
     public function transform(UserSSHKey $model): array
     {
         return [
             'id' => $model->id,
             'name' => $model->name,
             'public_key' => $model->public_key,
-            'created_at' => $model->created_at->toIso8601String(),
+            'created_at' => self::formatTimestamp($model->created_at),
         ];
     }
 }

app/Transformers/Api/Client/UserTransformer.php

@@ -4,24 +4,16 @@ namespace Pterodactyl\Transformers\Api\Client;
 
 use Illuminate\Support\Str;
 use Pterodactyl\Models\User;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class UserTransformer extends BaseClientTransformer
+class UserTransformer extends Transformer
 {
-    /**
-     * Return the resource name for the JSONAPI output.
-     */
     public function getResourceName(): string
     {
         return User::RESOURCE_NAME;
     }
 
-    /**
+    public function transform(User $model): array
-     * Transforms a User model into a representation that can be shown to regular
-     * users of the API.
-     *
-     * @return array
-     */
-    public function transform(User $model)
     {
         return [
             'uuid' => $model->uuid,
@@ -29,7 +21,7 @@ class UserTransformer extends BaseClientTransformer
             'email' => $model->email,
             'image' => 'https://gravatar.com/avatar/' . md5(Str::lower($model->email)),
             '2fa_enabled' => $model->use_totp,
-            'created_at' => $model->created_at->toIso8601String(),
+            'created_at' => self::formatTimestamp($model->created_at),
         ];
     }
 }

app/Transformers/Api/Client/WebauthnKeyTransformer.php

@@ -3,15 +3,16 @@
 namespace Pterodactyl\Transformers\Api\Client;
 
 use Pterodactyl\Models\WebauthnKey;
+use Pterodactyl\Transformers\Api\Transformer;
 
-class WebauthnKeyTransformer extends BaseClientTransformer
+class WebauthnKeyTransformer extends Transformer
 {
     /**
      * Return the resource name for the JSONAPI output.
      */
     public function getResourceName(): string
     {
-        return 'webauthn_key';
+        return WebauthnKey::RESOURCE_NAME;
     }
 
     /**
@@ -22,8 +23,7 @@ class WebauthnKeyTransformer extends BaseClientTransformer
         return [
             'id' => $model->id,
             'name' => $model->name,
-            'created_at' => $model->created_at->toIso8601String(),
+            'created_at' => self::formatTimestamp($model->created_at),
-            'last_used_at' => now()->toIso8601String(),
         ];
     }
 }

app/Transformers/Api/Transformer.php

@@ -0,0 +1,152 @@
+<?php
+
+namespace Pterodactyl\Transformers\Api;
+
+use DateTimeInterface;
+use Carbon\CarbonImmutable;
+use Illuminate\Http\Request;
+use Pterodactyl\Models\User;
+use Webmozart\Assert\Assert;
+use Illuminate\Container\Container;
+use League\Fractal\TransformerAbstract;
+
+/**
+ * @method array transform(\Pterodactyl\Models\Model $model)
+ */
+abstract class Transformer extends TransformerAbstract
+{
+    protected static string $timezone = 'UTC';
+
+    protected Request $request;
+
+    /**
+     * Sets the request instance onto the transformer abstract from the container. This
+     * will also automatically handle dependency injection for the class implementing
+     * this abstract.
+     */
+    public function __construct()
+    {
+        $this->request = Container::getInstance()->make('request');
+
+        if (method_exists($this, 'handle')) {
+            Container::getInstance()->call([$this, 'handle']);
+        }
+    }
+
+    /**
+     * Returns the resource name for the transformed item.
+     */
+    abstract public function getResourceName(): string;
+
+    /**
+     * Returns the authorized user for the request.
+     *
+     * @return \Pterodactyl\Models\User
+     */
+    protected function user(): User
+    {
+        return $this->request->user();
+    }
+
+    /**
+     * Determines if the user making this request is authorized to access the given
+     * resource on the API. This is used when requested included items to ensure that
+     * the user and key are authorized to see the result.
+     *
+     * TODO: implement this with the new API key formats.
+     */
+    protected function authorize(string $resource): bool
+    {
+        return $this->request->user() instanceof User;
+    }
+
+    /**
+     * @inheritDoc
+     * @param mixed $data
+     * @param callable|\League\Fractal\TransformerAbstract $transformer
+     * @param null $resourceKey
+     * @return \League\Fractal\Resource\Item
+     */
+    protected function item($data, $transformer, $resourceKey = null)
+    {
+        self::assertSameNamespace($transformer);
+
+        $item = parent::item($data, $transformer, $resourceKey);
+
+        if (!$item->getResourceKey()) {
+            $item->setResourceKey($transformer->getResourceName());
+        }
+
+        return $item;
+    }
+
+    /**
+     * @inheritDoc
+     * @param mixed $data
+     * @param callable|\League\Fractal\TransformerAbstract $transformer
+     * @param null $resourceKey
+     * @return \League\Fractal\Resource\Collection
+     */
+    protected function collection($data, $transformer, $resourceKey = null)
+    {
+        self::assertSameNamespace($transformer);
+
+        $collection = parent::collection($data, $transformer, $resourceKey);
+
+        if (!$collection->getResourceKey()) {
+            $collection->setResourceKey($transformer->getResourceName());
+        }
+
+        return $collection;
+    }
+
+    /**
+     * Sets the default timezone to use for transformed responses. Pass a null value
+     * to return back to the default timezone (UTC).
+     */
+    public static function setTimezone(string $tz = null)
+    {
+        static::$timezone = $tz ?? 'UTC';
+    }
+
+    /**
+     * Asserts that the given transformer is the same base namespace as the class that
+     * implements this abstract transformer class. This prevents a client or application
+     * transformer from unintentionally transforming a resource using an unexpected type.
+     *
+     * @param callable|\League\Fractal\TransformerAbstract $transformer
+     */
+    protected static function assertSameNamespace($transformer)
+    {
+        Assert::subclassOf($transformer, TransformerAbstract::class);
+
+        $namespace = substr(get_class($transformer), 0, strlen(class_basename($transformer)) * -1);
+        $expected = substr(static::class, 0, strlen(class_basename(static::class)) * -1);
+
+        Assert::same($namespace, $expected, 'Cannot invoke a new transformer (%s) that is not in the same namespace (%s).');
+    }
+
+    /**
+     * Returns an ISO-8601 formatted timestamp to use in API responses. This
+     * time is returned in the default transformer timezone if no timezone value
+     * is provided.
+     *
+     * If no time is provided a null value is returned.
+     *
+     * @param null|string|\DateTimeInterface $timestamp
+     */
+    protected static function formatTimestamp($timestamp, string $tz = null): ?string
+    {
+        if (empty($timestamp)) {
+            return null;
+        }
+
+        if ($timestamp instanceof DateTimeInterface) {
+            $value = CarbonImmutable::instance($timestamp);
+        } else {
+            $value = CarbonImmutable::createFromFormat(CarbonImmutable::DEFAULT_TO_STRING_FORMAT, $timestamp);
+        }
+
+        return $value->setTimezone($tz ?? self::$timezone)->toIso8601String();
+    }
+}

tests/Integration/Api/Application/ApplicationApiIntegrationTestCase.php

@@ -10,7 +10,6 @@ use Pterodactyl\Tests\Integration\IntegrationTestCase;
 use Illuminate\Foundation\Testing\DatabaseTransactions;
 use Pterodactyl\Tests\Traits\Integration\CreatesTestModels;
 use Pterodactyl\Transformers\Api\Application\BaseTransformer;
-use Pterodactyl\Transformers\Api\Client\BaseClientTransformer;
 use Pterodactyl\Tests\Traits\Http\IntegrationJsonRequestAssertions;
 
 abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
@@ -137,10 +136,8 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
     {
         /** @var \Pterodactyl\Transformers\Api\Application\BaseTransformer $transformer */
         $transformer = $this->app->make($abstract);
-        $transformer->setKey($this->getApiKey());
 
         Assert::assertInstanceOf(BaseTransformer::class, $transformer);
-        Assert::assertNotInstanceOf(BaseClientTransformer::class, $transformer);
 
         return $transformer;
     }

tests/Integration/Api/Client/ClientApiIntegrationTestCase.php

@@ -19,7 +19,6 @@ use Pterodactyl\Models\Allocation;
 use Pterodactyl\Models\DatabaseHost;
 use Pterodactyl\Tests\Integration\TestResponse;
 use Pterodactyl\Tests\Integration\IntegrationTestCase;
-use Pterodactyl\Transformers\Api\Client\BaseClientTransformer;
 
 abstract class ClientApiIntegrationTestCase extends IntegrationTestCase
 {
@@ -124,7 +123,6 @@ abstract class ClientApiIntegrationTestCase extends IntegrationTestCase
         $transformer = sprintf('\\Pterodactyl\\Transformers\\Api\\Client\\%sTransformer', $reflect->getShortName());
 
         $transformer = new $transformer();
-        $this->assertInstanceOf(BaseClientTransformer::class, $transformer);
 
         $this->assertSame(
             $transformer->transform($model),