Merge branch 'master' into tcp

2026-03-13 21:45:55 +00:00 · 2020-09-07 20:52:19 +02:00
parent 12f08db391 c8cfe7b8b4
commit e857de8498
19 changed files with 763 additions and 282 deletions
--- a/app/Server/Http/Controllers/Admin/GetUserDetailsController.php
+++ b/app/Server/Http/Controllers/Admin/GetUserDetailsController.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Server\Http\Controllers\Admin;
+
+use App\Contracts\UserRepository;
+use Illuminate\Http\Request;
+use Ratchet\ConnectionInterface;
+
+class GetUserDetailsController extends AdminController
+{
+    protected $keepConnectionOpen = true;
+
+    /** @var UserRepository */
+    protected $userRepository;
+
+    public function __construct(UserRepository $userRepository)
+    {
+        $this->userRepository = $userRepository;
+    }
+
+    public function handle(Request $request, ConnectionInterface $httpConnection)
+    {
+        $this->userRepository
+            ->getUserById($request->get('id'))
+            ->then(function ($user) use ($httpConnection) {
+                $httpConnection->send(
+                    respond_json(['user' => $user])
+                );
+
+                $httpConnection->close();
+            });
+    }
+}
--- a/app/Server/Http/Controllers/Admin/StoreUsersController.php
+++ b/app/Server/Http/Controllers/Admin/StoreUsersController.php
@@ -39,6 +39,7 @@ class StoreUsersController extends AdminController
        $insertData = [
            'name' => $request->get('name'),
            'auth_token' => (string) Str::uuid(),
+            'can_specify_subdomains' => (int) $request->get('can_specify_subdomains'),
        ];

        $this->userRepository
--- a/app/Server/Http/Controllers/ControlMessageController.php
+++ b/app/Server/Http/Controllers/ControlMessageController.php
@@ -8,7 +8,6 @@ use App\Http\QueryParameters;
 use Ratchet\ConnectionInterface;
 use Ratchet\WebSocket\MessageComponentInterface;
 use React\Promise\Deferred;
-use React\Promise\FulfilledPromise;
 use React\Promise\PromiseInterface;
 use stdClass;

@@ -81,11 +80,11 @@ class ControlMessageController implements MessageComponentInterface
    protected function authenticate(ConnectionInterface $connection, $data)
    {
        $this->verifyAuthToken($connection)
-            ->then(function () use ($connection, $data) {
+            ->then(function ($user) use ($connection, $data) {
                if ($data->type === 'http') {
-                    $this->handleHttpConnection($connection, $data);
+                    $this->handleHttpConnection($connection, $data, $user);
                } elseif($data->type === 'tcp') {
-                    $this->handleTcpConnection($connection, $data);
+                    $this->handleTcpConnection($connection, $data, $user);
                }
            }, function () use ($connection) {
                $connection->send(json_encode([
@@ -98,9 +97,9 @@ class ControlMessageController implements MessageComponentInterface
            });
    }

-    protected function handleHttpConnection(ConnectionInterface $connection, $data)
+    protected function handleHttpConnection(ConnectionInterface $connection, $data, $user = null)
    {
-        if (! $this->hasValidSubdomain($connection, $data->subdomain)) {
+        if (! $this->hasValidSubdomain($connection, $data->subdomain, $user)) {
            return;
        }

@@ -118,7 +117,7 @@ class ControlMessageController implements MessageComponentInterface
        ]));
    }

-    protected function handleTcpConnection(ConnectionInterface $connection, $data)
+    protected function handleTcpConnection(ConnectionInterface $connection, $data, $user = null)
    {
        $connectionInfo = $this->connectionManager->storeTcpConnection($data->port, $connection);

@@ -167,7 +166,7 @@ class ControlMessageController implements MessageComponentInterface
    protected function verifyAuthToken(ConnectionInterface $connection): PromiseInterface
    {
        if (config('expose.admin.validate_auth_tokens') !== true) {
-            return new FulfilledPromise();
+            return \React\Promise\resolve(null);
        }

        $deferred = new Deferred();
@@ -187,8 +186,20 @@ class ControlMessageController implements MessageComponentInterface
        return $deferred->promise();
    }

-    protected function hasValidSubdomain(ConnectionInterface $connection, ?string $subdomain): bool
+    protected function hasValidSubdomain(ConnectionInterface $connection, ?string $subdomain, ?array $user): bool
    {
+        if (! is_null($user) && $user['can_specify_subdomains'] === 0 && ! is_null($subdomain)) {
+            $connection->send(json_encode([
+                'event' => 'subdomainTaken',
+                'data' => [
+                    'message' => config('expose.admin.messages.custom_subdomain_unauthorized'),
+                ],
+            ]));
+            $connection->close();
+
+            return false;
+        }
+
        if (! is_null($subdomain)) {
            $controlConnection = $this->connectionManager->findControlConnectionForSubdomain($subdomain);
            if (! is_null($controlConnection) || $subdomain === config('expose.admin.subdomain')) {