wip

app/Server/Connections/ConnectionManager.php

@@ -173,9 +173,29 @@ class ConnectionManager implements ConnectionManagerContract
             ->filter(function ($connection) use ($authToken) {
                 return $connection->authToken === $authToken;
             })
+            ->filter(function ($connection) use ($authToken) {
+                return get_class($connection) === ControlConnection::class;
+            })
             ->map(function ($connection) {
                 return $connection->toArray();
             })
+            ->values()
+            ->toArray();
+    }
+
+    public function getTcpConnectionsForAuthToken(string $authToken): array
+    {
+        return collect($this->connections)
+            ->filter(function ($connection) use ($authToken) {
+                return $connection->authToken === $authToken;
+            })
+            ->filter(function ($connection) use ($authToken) {
+                return get_class($connection) === TcpControlConnection::class;
+            })
+            ->map(function ($connection) {
+                return $connection->toArray();
+            })
+            ->values()
             ->toArray();
     }
 }

app/Server/Http/Controllers/Admin/StoreUsersController.php

@@ -40,6 +40,7 @@ class StoreUsersController extends AdminController
             'name' => $request->get('name'),
             'auth_token' => (string) Str::uuid(),
             'can_specify_subdomains' => (int) $request->get('can_specify_subdomains'),
+            'can_share_tcp_ports' => (int) $request->get('can_share_tcp_ports'),
         ];
 
         $this->userRepository

app/Server/Http/Controllers/ControlMessageController.php

@@ -120,6 +120,10 @@ class ControlMessageController implements MessageComponentInterface
 
     protected function handleTcpConnection(ConnectionInterface $connection, $data, $user = null)
     {
+        if (! $this->canShareTcpPorts($connection, $data, $user)) {
+            return;
+        }
+
         try {
             $connectionInfo = $this->connectionManager->storeTcpConnection($data->port, $connection);
         } catch (NoFreePortAvailable $exception) {
@@ -233,4 +237,21 @@ class ControlMessageController implements MessageComponentInterface
 
         return true;
     }
+
+    protected function canShareTcpPorts(ConnectionInterface $connection, $data, $user)
+    {
+        if (! is_null($user) && $user['can_share_tcp_ports'] === 0) {
+            $connection->send(json_encode([
+                'event' => 'authenticationFailed',
+                'data' => [
+                    'message' => config('expose.admin.messages.custom_subdomain_unauthorized'),
+                ],
+            ]));
+            $connection->close();
+
+            return false;
+        }
+
+        return true;
+    }
 }

app/Server/UserRepository/DatabaseUserRepository.php

@@ -72,6 +72,7 @@ class DatabaseUserRepository implements UserRepository
     protected function getUserDetails(array $user)
     {
         $user['sites'] = $user['auth_token'] !== '' ? $this->connectionManager->getConnectionsForAuthToken($user['auth_token']) : [];
+        $user['tcp_connections'] = $user['auth_token'] !== '' ? $this->connectionManager->getTcpConnectionsForAuthToken($user['auth_token']) : [];
 
         return $user;
     }
@@ -113,8 +114,8 @@ class DatabaseUserRepository implements UserRepository
         $deferred = new Deferred();
 
         $this->database->query("
-            INSERT INTO users (name, auth_token, can_specify_subdomains, created_at)
-            VALUES (:name, :auth_token, :can_specify_subdomains, DATETIME('now'))
+            INSERT INTO users (name, auth_token, can_specify_subdomains, can_share_tcp_ports, created_at)
+            VALUES (:name, :auth_token, :can_specify_subdomains, :can_share_tcp_ports, DATETIME('now'))
         ", $data)
             ->then(function (Result $result) use ($deferred) {
                 $this->database->query('SELECT * FROM users WHERE id = :id', ['id' => $result->insertId])