mirror of
https://github.com/pelican-dev/panel.git
synced 2025-08-03 02:42:25 +02:00
96 lines
3.4 KiB
PHP
96 lines
3.4 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\Client;
|
|
|
|
use App\Models\Server;
|
|
use App\Models\Permission;
|
|
use Illuminate\Support\Collection;
|
|
use Spatie\QueryBuilder\QueryBuilder;
|
|
use Spatie\QueryBuilder\AllowedFilter;
|
|
use App\Models\Filters\MultiFieldServerFilter;
|
|
use App\Transformers\Api\Client\ServerTransformer;
|
|
use App\Http\Requests\Api\Client\GetServersRequest;
|
|
use Dedoc\Scramble\Attributes\Group;
|
|
use Illuminate\Database\Eloquent\Builder;
|
|
use Illuminate\Database\Eloquent\Model;
|
|
|
|
#[Group('Base')]
|
|
class ClientController extends ClientApiController
|
|
{
|
|
/**
|
|
* ClientController constructor.
|
|
*/
|
|
public function __construct()
|
|
{
|
|
parent::__construct();
|
|
}
|
|
|
|
/**
|
|
* List servers
|
|
*
|
|
* Return all the servers available to the client making the API
|
|
* request, including servers the user has access to as a subuser.
|
|
*
|
|
* @return array<array-key, mixed>
|
|
*/
|
|
public function index(GetServersRequest $request): array
|
|
{
|
|
$user = $request->user();
|
|
$transformer = $this->getTransformer(ServerTransformer::class);
|
|
|
|
/** @var Builder<Model> $query */
|
|
$query = Server::query()->with($this->getIncludesForTransformer($transformer, ['node']));
|
|
|
|
// Start the query builder and ensure we eager load any requested relationships from the request.
|
|
$builder = QueryBuilder::for($query)->allowedFilters([
|
|
'uuid',
|
|
'name',
|
|
'description',
|
|
'external_id',
|
|
AllowedFilter::custom('*', new MultiFieldServerFilter()),
|
|
]);
|
|
|
|
$type = $request->input('type');
|
|
// Either return all the servers the user has access to because they are an admin `?type=admin` or
|
|
// just return all the servers the user has access to because they are the owner or a subuser of the
|
|
// server. If ?type=admin-all is passed all servers on the system will be returned to the user, rather
|
|
// than only servers they can see because they are an admin.
|
|
if (in_array($type, ['admin', 'admin-all'])) {
|
|
// If they aren't an admin but want all the admin servers don't fail the request, just
|
|
// make it a query that will never return any results back.
|
|
if (!$user->isRootAdmin()) {
|
|
$builder->whereRaw('1 = 2');
|
|
} else {
|
|
$builder = $type === 'admin-all'
|
|
? $builder
|
|
: $builder->whereNotIn('servers.id', $user->directAccessibleServers()->pluck('id')->all());
|
|
}
|
|
} elseif ($type === 'owner') {
|
|
$builder = $builder->where('servers.owner_id', $user->id);
|
|
} else {
|
|
$builder = $builder->whereIn('servers.id', $user->directAccessibleServers()->pluck('id')->all());
|
|
}
|
|
|
|
$servers = $builder->paginate(min($request->query('per_page', '50'), 100))->appends($request->query());
|
|
|
|
return $this->fractal->transformWith($transformer)->collection($servers)->toArray();
|
|
}
|
|
|
|
/**
|
|
* List subuser permissions
|
|
*
|
|
* Returns all the subuser permissions available on the system.
|
|
*
|
|
* @return array{object: string, attributes: array{permissions: Collection}}
|
|
*/
|
|
public function permissions(): array
|
|
{
|
|
return [
|
|
'object' => 'system_permissions',
|
|
'attributes' => [
|
|
'permissions' => Permission::permissions(),
|
|
],
|
|
];
|
|
}
|
|
}
|