Add a new flag to users to allow the specification of custom subdomains

app/Server/Http/Controllers/Admin/StoreUsersController.php

@@ -39,6 +39,7 @@ class StoreUsersController extends AdminController
         $insertData = [
             'name' => $request->get('name'),
             'auth_token' => (string) Str::uuid(),
+            'can_specify_subdomains' => (int) $request->get('can_specify_subdomains')
         ];
 
         $this->userRepository

app/Server/Http/Controllers/ControlMessageController.php

@@ -5,6 +5,7 @@ namespace App\Server\Http\Controllers;
 use App\Contracts\ConnectionManager;
 use App\Contracts\UserRepository;
 use App\Http\QueryParameters;
+use Illuminate\Support\Arr;
 use Ratchet\ConnectionInterface;
 use Ratchet\WebSocket\MessageComponentInterface;
 use React\Promise\Deferred;
@@ -77,8 +78,8 @@ class ControlMessageController implements MessageComponentInterface
     protected function authenticate(ConnectionInterface $connection, $data)
     {
         $this->verifyAuthToken($connection)
-            ->then(function () use ($connection, $data) {
-                if (! $this->hasValidSubdomain($connection, $data->subdomain)) {
+            ->then(function ($user) use ($connection, $data) {
+                if (! $this->hasValidSubdomain($connection, $data->subdomain, $user)) {
                     return;
                 }
 
@@ -147,8 +148,20 @@ class ControlMessageController implements MessageComponentInterface
         return $deferred->promise();
     }
 
-    protected function hasValidSubdomain(ConnectionInterface $connection, ?string $subdomain): bool
+    protected function hasValidSubdomain(ConnectionInterface $connection, ?string $subdomain, ?array $user): bool
     {
+        if (! is_null($user) && $user['can_specify_subdomains'] === 0 && ! is_null($subdomain)) {
+            $connection->send(json_encode([
+                'event' => 'subdomainTaken',
+                'data' => [
+                    'message' => config('expose.admin.messages.custom_subdomain_unauthorized'),
+                ],
+            ]));
+            $connection->close();
+
+            return false;
+        }
+
         if (! is_null($subdomain)) {
             $controlConnection = $this->connectionManager->findControlConnectionForSubdomain($subdomain);
             if (! is_null($controlConnection) || $subdomain === config('expose.admin.subdomain')) {

app/Server/UserRepository/DatabaseUserRepository.php

@@ -113,8 +113,8 @@ class DatabaseUserRepository implements UserRepository
         $deferred = new Deferred();
 
         $this->database->query("
-            INSERT INTO users (name, auth_token, created_at)
-            VALUES (:name, :auth_token, DATETIME('now'))
+            INSERT INTO users (name, auth_token, can_specify_subdomains, created_at)
+            VALUES (:name, :auth_token, :can_specify_subdomains, DATETIME('now'))
         ", $data)
             ->then(function (Result $result) use ($deferred) {
                 $this->database->query('SELECT * FROM users WHERE id = :id', ['id' => $result->insertId])