User::access() - Code Metrics - Inspection of "Display total servers user can access in the Admin..." - Pterodactyl/Panel - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( 23e6e0...6fda3b )

by Dane

created 2017-04-14 03:52 UTC

User::access() B

↳ Parent: User

Complexity

Conditions	5
Paths	4

Size

Total Lines	14
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	14
rs	8.8571
c	0
b	0
f	0
cc	5
eloc	8
nc	4
nop	1

<?php
/**
 * Pterodactyl - Panel
 * Copyright (c) 2015 - 2017 Dane Everitt <[email protected]>.
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 */

namespace Pterodactyl\Models;

use Hash;
use Google2FA;
use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Notifications\Notifiable;
use Pterodactyl\Exceptions\DisplayException;
use Nicolaslopezj\Searchable\SearchableTrait;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Foundation\Auth\Access\Authorizable;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Pterodactyl\Notifications\SendPasswordReset as ResetPasswordNotification;

class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract
{
    use Authenticatable, Authorizable, CanResetPassword, Notifiable, SearchableTrait;

    /**
     * The rules for user passwords.
     *
     * @var string
     */
    const PASSWORD_RULES = 'regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})';

    /**
     * The regex rules for usernames.
     *
     * @var string
     */
    const USERNAME_RULES = 'regex:/^([\w\d\.\-]{1,255})$/';

    /**
     * The table associated with the model.
     *
     * @var string
     */
    protected $table = 'users';

    /**
     * A list of mass-assignable variables.
     *
     * @var array
     */
    protected $fillable = ['username', 'email', 'name_first', 'name_last', 'password', 'language', 'use_totp', 'totp_secret', 'gravatar', 'root_admin'];

    /**
     * Cast values to correct type.
     *
     * @var array
     */
    protected $casts = [
        'root_admin' => 'integer',
        'use_totp' => 'integer',
        'gravatar' => 'integer',
    ];

    /**
     * The attributes excluded from the model's JSON form.
     *
     * @var array
     */
    protected $hidden = ['password', 'remember_token', 'totp_secret'];

    /**
     * Parameters for search querying.
     *
     * @var array
     */
    protected $searchable = [
        'columns' => [
            'email' => 10,
            'username' => 9,
            'name_first' => 6,
            'name_last' => 6,
            'uuid' => 1,
        ],
    ];

    protected $query;

    /**
     * Enables or disables TOTP on an account if the token is valid.
     *
     * @param  int  $token
     * @return bool
     */
    public function toggleTotp($token)
    {
        if (! Google2FA::verifyKey($this->totp_secret, $token, 1)) {
            return false;
        }

        $this->use_totp = ! $this->use_totp;

        return $this->save();
    }

    /**
     * Set a user password to a new value assuming it meets the following requirements:
     *      - 8 or more characters in length
     *      - at least one uppercase character
     *      - at least one lowercase character
     *      - at least one number.
     *
     * @param  string  $password
     * @param  string  $regex
     * @return void
     */
    public function setPassword($password, $regex = '((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})')
    {
        if (! preg_match($regex, $password)) {
            throw new DisplayException('The password passed did not meet the minimum password requirements.');
        }

        $this->password = Hash::make($password);
        $this->save();
    }

    /**
     * Send the password reset notification.
     *
     * @param  string  $token
     * @return void
     */
    public function sendPasswordResetNotification($token)
    {
        $this->notify(new ResetPasswordNotification($token));
    }

    /**
     * Return true or false depending on wether the user is root admin or not.
     *
     * @return bool
     */
    public function isRootAdmin()
    {
        return $this->root_admin === 1;
    }

    /**
     * Returns the user's daemon secret for a given server.
     *
     * @param  \Pterodactyl\Models\Server  $server
     * @return null|string
     */
    public function daemonToken(Server $server)
    {
        if ($this->id === $server->owner_id || $this->isRootAdmin()) {
            return $server->daemonSecret;
        }

        $subuser = Subuser::where('server_id', $server->id)->where('user_id', $this->id)->first();

        if (is_null($subuser)) {
            return null;
        }

        return $subuser->daemonSecret;
    }

    /**
     * Returns an array of all servers a user is able to access.
     * Note: does not account for user admin status.
     *
     * @return array
     */
    public function serverAccessArray()
    {
        $union = Subuser::select('server_id')->where('user_id', $this->id);

        return Server::select('id')->where('owner_id', $this->id)->union($union)->pluck('id')->all();
    }

    /**
     * Returns an array of all servers a user is able to access.
     * Note: does not account for user admin status.
     *
     * @param  array        $load
     * @return \Illuiminate\Database\Eloquent\Builder
     */
    public function access(...$load)
    {
        if (count($load) > 0 && is_null($load[0])) {
            $query = Server::query();
        } else {
            $query = Server::with(! empty($load) ? $load : ['service', 'node', 'allocation']);
        }

        if (! $this->isRootAdmin()) {
            $query->whereIn('id', $this->serverAccessArray());
        }

        return $query;
    }

    /**
     * Returns all permissions that a user has.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasManyThrough
     */
    public function permissions()
    {
        return $this->hasManyThrough(Permission::class, Subuser::class);
    }

    /**
     * Returns all servers that a user owns.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function servers()
    {
        return $this->hasMany(Server::class, 'owner_id');
    }

    /**
     * Return all servers that user is listed as a subuser of directly.
     *
     * @return \Illuminate\Database\Eloquent\Relations\HasMany
     */
    public function subuserOf()
    {
        return $this->hasMany(Subuser::class);
    }
}


1			<?php
2			/**
3			* Pterodactyl - Panel
4			* Copyright (c) 2015 - 2017 Dane Everitt <[email protected]>.
5			*
6			* Permission is hereby granted, free of charge, to any person obtaining a copy
7			* of this software and associated documentation files (the "Software"), to deal
8			* in the Software without restriction, including without limitation the rights
9			* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10			* copies of the Software, and to permit persons to whom the Software is
11			* furnished to do so, subject to the following conditions:
12			*
13			* The above copyright notice and this permission notice shall be included in all
14			* copies or substantial portions of the Software.
15			*
16			* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17			* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18			* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19			* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20			* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21			* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22			* SOFTWARE.
23			*/
24
25			namespace Pterodactyl\Models;
26
27			use Hash;
28			use Google2FA;
29			use Illuminate\Auth\Authenticatable;
30			use Illuminate\Database\Eloquent\Model;
31			use Illuminate\Notifications\Notifiable;
32			use Pterodactyl\Exceptions\DisplayException;
33			use Nicolaslopezj\Searchable\SearchableTrait;
34			use Illuminate\Auth\Passwords\CanResetPassword;
35			use Illuminate\Foundation\Auth\Access\Authorizable;
36			use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
37			use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
38			use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
39			use Pterodactyl\Notifications\SendPasswordReset as ResetPasswordNotification;
40
41			class User extends Model implements AuthenticatableContract, AuthorizableContract, CanResetPasswordContract
42			{
43			use Authenticatable, Authorizable, CanResetPassword, Notifiable, SearchableTrait;
44
45			/**
46			* The rules for user passwords.
47			*
48			* @var string
49			*/
50			const PASSWORD_RULES = 'regex:((?=.\d)(?=.[a-z])(?=.*[A-Z]).{8,})';
51
52			/**
53			* The regex rules for usernames.
54			*
55			* @var string
56			*/
57			const USERNAME_RULES = 'regex:/^([\w\d\.\-]{1,255})$/';
58
59			/**
60			* The table associated with the model.
61			*
62			* @var string
63			*/
64			protected $table = 'users';
65
66			/**
67			* A list of mass-assignable variables.
68			*
69			* @var array
70			*/
71			protected $fillable = ['username', 'email', 'name_first', 'name_last', 'password', 'language', 'use_totp', 'totp_secret', 'gravatar', 'root_admin'];
72
73			/**
74			* Cast values to correct type.
75			*
76			* @var array
77			*/
78			protected $casts = [
79			'root_admin' => 'integer',
80			'use_totp' => 'integer',
81			'gravatar' => 'integer',
82			];
83
84			/**
85			* The attributes excluded from the model's JSON form.
86			*
87			* @var array
88			*/
89			protected $hidden = ['password', 'remember_token', 'totp_secret'];
90
91			/**
92			* Parameters for search querying.
93			*
94			* @var array
95			*/
96			protected $searchable = [
97			'columns' => [
98			'email' => 10,
99			'username' => 9,
100			'name_first' => 6,
101			'name_last' => 6,
102			'uuid' => 1,
103			],
104			];
105
106			protected $query;
107
108			/**
109			* Enables or disables TOTP on an account if the token is valid.
110			*
111			* @param int $token
112			* @return bool
113			*/
114			public function toggleTotp($token)
115			{
116			if (! Google2FA::verifyKey($this->totp_secret, $token, 1)) {
117			return false;
118			}
119
120			$this->use_totp = ! $this->use_totp;
121
122			return $this->save();
123			}
124
125			/**
126			* Set a user password to a new value assuming it meets the following requirements:
127			* - 8 or more characters in length
128			* - at least one uppercase character
129			* - at least one lowercase character
130			* - at least one number.
131			*
132			* @param string $password
133			* @param string $regex
134			* @return void
135			*/
136			public function setPassword($password, $regex = '((?=.\d)(?=.[a-z])(?=.*[A-Z]).{8,})')
137			{
138			if (! preg_match($regex, $password)) {
139			throw new DisplayException('The password passed did not meet the minimum password requirements.');
140			}
141
142			$this->password = Hash::make($password);
143			$this->save();
144			}
145
146			/**
147			* Send the password reset notification.
148			*
149			* @param string $token
150			* @return void
151			*/
152			public function sendPasswordResetNotification($token)
153			{
154			$this->notify(new ResetPasswordNotification($token));
155			}
156
157			/**
158			* Return true or false depending on wether the user is root admin or not.
159			*
160			* @return bool
161			*/
162			public function isRootAdmin()
163			{
164			return $this->root_admin === 1;
165			}
166
167			/**
168			* Returns the user's daemon secret for a given server.
169			*
170			* @param \Pterodactyl\Models\Server $server
171			* @return null\|string
172			*/
173			public function daemonToken(Server $server)
174			{
175			if ($this->id === $server->owner_id \|\| $this->isRootAdmin()) {
176			return $server->daemonSecret;
177			}
178
179			$subuser = Subuser::where('server_id', $server->id)->where('user_id', $this->id)->first();
180
181			if (is_null($subuser)) {
182			return null;
183			}
184
185			return $subuser->daemonSecret;
186			}
187
188			/**
189			* Returns an array of all servers a user is able to access.
190			* Note: does not account for user admin status.
191			*
192			* @return array
193			*/
194			public function serverAccessArray()
195			{
196			$union = Subuser::select('server_id')->where('user_id', $this->id);
197
198			return Server::select('id')->where('owner_id', $this->id)->union($union)->pluck('id')->all();
199			}
200
201			/**
202			* Returns an array of all servers a user is able to access.
203			* Note: does not account for user admin status.
204			*
205			* @param array $load
206			* @return \Illuiminate\Database\Eloquent\Builder
207			*/
208			public function access(...$load)
209			{
210			if (count($load) > 0 && is_null($load[0])) {
211			$query = Server::query();
212			} else {
213			$query = Server::with(! empty($load) ? $load : ['service', 'node', 'allocation']);
214			}
215
216			if (! $this->isRootAdmin()) {
217			$query->whereIn('id', $this->serverAccessArray());
218			}
219
220			return $query;
221			}
222
223			/**
224			* Returns all permissions that a user has.
225			*
226			* @return \Illuminate\Database\Eloquent\Relations\HasManyThrough
227			*/
228			public function permissions()
229			{
230			return $this->hasManyThrough(Permission::class, Subuser::class);
231			}
232
233			/**
234			* Returns all servers that a user owns.
235			*
236			* @return \Illuminate\Database\Eloquent\Relations\HasMany
237			*/
238			public function servers()
239			{
240			return $this->hasMany(Server::class, 'owner_id');
241			}
242
243			/**
244			* Return all servers that user is listed as a subuser of directly.
245			*
246			* @return \Illuminate\Database\Eloquent\Relations\HasMany
247			*/
248			public function subuserOf()
249			{
250			return $this->hasMany(Subuser::class);
251			}
252			}
253

Pterodactyl / Panel

GitHub Access Token became invalid

Push — develop ( 23e6e0...6fda3b )

User::access() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like