Merge remote-tracking branch 'upstream/main' into Admin-Side-Updates

pelican-dev · May 18, 2024 · 918de79 · 918de79
2 parents 2662bab + 38b92ae
commit 918de79
Show file tree

Hide file tree

Showing 11 changed files with 97 additions and 1,050 deletions.
diff --git a/app/Filament/Resources/DatabaseHostResource/RelationManagers/DatabasesRelationManager.php b/app/Filament/Resources/DatabaseHostResource/RelationManagers/DatabasesRelationManager.php
@@ -28,7 +28,7 @@ public function form(Form $form): Form
                         Action::make('rotate')
                             ->icon('tabler-refresh')
                             ->requiresConfirmation()
-                            ->action(fn (DatabasePasswordService $service, Database $db) => $service->handle($db))
+                            ->action(fn (DatabasePasswordService $service, Database $database) => $service->handle($database))
                     )
                     ->formatStateUsing(fn (Database $database) => decrypt($database->password)),
                 Forms\Components\TextInput::make('remote')->label('Connections From'),
@@ -37,27 +37,26 @@ public function form(Form $form): Form
                     ->label('JDBC Connection String')
                     ->columnSpanFull()
                     ->formatStateUsing(fn (Forms\Get $get, Database $database) => 'jdbc:mysql://' . $get('username') . ':' . urlencode(decrypt($database->password)) . '@' . $database->host->host . ':' . $database->host->port . '/' . $get('database')),
-                Forms\Components\TextInput::make('created_at'),
-                Forms\Components\TextInput::make('updated_at'),
             ]);
     }
     public function table(Table $table): Table
     {
         return $table
             ->recordTitleAttribute('servers')
             ->columns([
-                Tables\Columns\TextColumn::make('database'),
-                Tables\Columns\TextColumn::make('username'),
+                Tables\Columns\TextColumn::make('database')->icon('tabler-database'),
+                Tables\Columns\TextColumn::make('username')->icon('tabler-user'),
                 //Tables\Columns\TextColumn::make('password'),
                 Tables\Columns\TextColumn::make('remote'),
-                Tables\Columns\TextColumn::make('server.name'),
-                // TODO ->url(route('filament.admin.resources.servers.edit', ['record', ''])),
+                Tables\Columns\TextColumn::make('server.name')
+                    ->icon('tabler-brand-docker')
+                    ->url(fn (Database $database) => route('filament.admin.resources.servers.edit', ['record' => $database->server_id])),
                 Tables\Columns\TextColumn::make('max_connections'),
-                Tables\Columns\TextColumn::make('created_at'),
+                Tables\Columns\TextColumn::make('created_at')->dateTime(),
             ])
             ->actions([
                 Tables\Actions\DeleteAction::make(),
-                Tables\Actions\ViewAction::make(),
+                Tables\Actions\ViewAction::make()->color('primary'),
                 //Tables\Actions\EditAction::make(),
             ]);
     }

diff --git a/app/Filament/Resources/UserResource.php b/app/Filament/Resources/UserResource.php
@@ -31,7 +31,6 @@ public static function getPages(): array
     {
         return [
             'index' => Pages\ListUsers::route('/'),
-            'create' => Pages\CreateUser::route('/create'),
             'edit' => Pages\EditUser::route('/{record}/edit'),
         ];
     }

diff --git a/app/Filament/Resources/UserResource/Pages/CreateUser.php b/app/Filament/Resources/UserResource/Pages/CreateUser.php
diff --git a/app/Filament/Resources/UserResource/Pages/ListUsers.php b/app/Filament/Resources/UserResource/Pages/ListUsers.php
@@ -4,10 +4,13 @@
 
 use App\Filament\Resources\UserResource;
 use App\Models\User;
+use App\Services\Users\UserCreationService;
 use Filament\Actions;
+use Filament\Notifications\Notification;
 use Filament\Resources\Pages\ListRecords;
 use Filament\Tables\Table;
 use Filament\Tables;
+use Filament\Forms;
 
 class ListUsers extends ListRecords
 {
@@ -73,8 +76,49 @@ public function table(Table $table): Table
     protected function getHeaderActions(): array
     {
         return [
-            Actions\CreateAction::make()
-                ->label('Create User'),
+            Actions\CreateAction::make('create')
+                ->label('Create User')
+                ->createAnother(false)
+                ->form([
+                    Forms\Components\Grid::make()
+                        ->schema([
+                            Forms\Components\TextInput::make('username')
+                                ->alphaNum()
+                                ->required()
+                                ->maxLength(191),
+                            Forms\Components\TextInput::make('email')
+                                ->email()
+                                ->required()
+                                ->unique()
+                                ->maxLength(191),
+
+                            Forms\Components\TextInput::make('password')
+                                ->hintIcon('tabler-question-mark')
+                                ->hintIconTooltip('Providing a user password is optional. New user email will prompt users to create a password the first time they login.')
+                                ->password(),
+
+                            Forms\Components\ToggleButtons::make('root_admin')
+                                ->label('Administrator (Root)')
+                                ->options([
+                                    false => 'No',
+                                    true => 'Admin',
+                                ])
+                                ->colors([
+                                    false => 'primary',
+                                    true => 'danger',
+                                ])
+                                ->inline()
+                                ->required()
+                                ->default(false),
+                        ]),
+                ])
+                ->successRedirectUrl(route('filament.admin.resources.users.index'))
+                ->action(function (array $data) {
+                    resolve(UserCreationService::class)->handle($data);
+                    Notification::make()->title('User Created!')->success()->send();
+
+                    return redirect()->route('filament.admin.resources.users.index');
+                }),
         ];
     }
 }
diff --git a/app/Http/Controllers/Api/Remote/Backups/BackupRemoteUploadController.php b/app/Http/Controllers/Api/Remote/Backups/BackupRemoteUploadController.php
@@ -11,6 +11,7 @@
 use App\Extensions\Filesystem\S3Filesystem;
 use Symfony\Component\HttpKernel\Exception\ConflictHttpException;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
+use App\Exceptions\Http\HttpForbiddenException;
 
 class BackupRemoteUploadController extends Controller
 {
@@ -32,18 +33,32 @@ public function __construct(private BackupManager $backupManager)
      */
     public function __invoke(Request $request, string $backup): JsonResponse
     {
+        // Get the node associated with the request.
+        /** @var \App\Models\Node $node */
+        $node = $request->attributes->get('node');
+
         // Get the size query parameter.
         $size = (int) $request->query('size');
         if (empty($size)) {
             throw new BadRequestHttpException('A non-empty "size" query parameter must be provided.');
         }
 
-        /** @var \App\Models\Backup $backup */
-        $backup = Backup::query()->where('uuid', $backup)->firstOrFail();
+        /** @var \App\Models\Backup $model */
+        $model = Backup::query()
+            ->where('uuid', $backup)
+            ->firstOrFail();
+
+        // Check that the backup is "owned" by the node making the request. This avoids other nodes
+        // from messing with backups that they don't own.
+        /** @var \App\Models\Server $server */
+        $server = $model->server;
+        if ($server->node_id !== $node->id) {
+            throw new HttpForbiddenException('You do not have permission to access that backup.');
+        }
 
         // Prevent backups that have already been completed from trying to
         // be uploaded again.
-        if (!is_null($backup->completed_at)) {
+        if (!is_null($model->completed_at)) {
             throw new ConflictHttpException('This backup is already in a completed state.');
         }
 
@@ -54,7 +69,7 @@ public function __invoke(Request $request, string $backup): JsonResponse
         }
 
         // The path where backup will be uploaded to
-        $path = sprintf('%s/%s.tar.gz', $backup->server->uuid, $backup->uuid);
+        $path = sprintf('%s/%s.tar.gz', $model->server->uuid, $model->uuid);
 
         // Get the S3 client
         $client = $adapter->getClient();
@@ -92,7 +107,7 @@ public function __invoke(Request $request, string $backup): JsonResponse
         }
 
         // Set the upload_id on the backup in the database.
-        $backup->update(['upload_id' => $params['UploadId']]);
+        $model->update(['upload_id' => $params['UploadId']]);
 
         return new JsonResponse([
             'parts' => $parts,

diff --git a/app/Http/Controllers/Api/Remote/Backups/BackupStatusController.php b/app/Http/Controllers/Api/Remote/Backups/BackupStatusController.php
@@ -13,6 +13,7 @@
 use App\Extensions\Filesystem\S3Filesystem;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use App\Http\Requests\Api\Remote\ReportBackupCompleteRequest;
+use App\Exceptions\Http\HttpForbiddenException;
 
 class BackupStatusController extends Controller
 {
@@ -30,8 +31,22 @@ public function __construct(private BackupManager $backupManager)
      */
     public function index(ReportBackupCompleteRequest $request, string $backup): JsonResponse
     {
+        // Get the node associated with the request.
+        /** @var \App\Models\Node $node */
+        $node = $request->attributes->get('node');
+
         /** @var \App\Models\Backup $model */
-        $model = Backup::query()->where('uuid', $backup)->firstOrFail();
+        $model = Backup::query()
+            ->where('uuid', $backup)
+            ->firstOrFail();
+
+        // Check that the backup is "owned" by the node making the request. This avoids other nodes
+        // from messing with backups that they don't own.
+        /** @var \App\Models\Server $server */
+        $server = $model->server;
+        if ($server->node_id !== $node->id) {
+            throw new HttpForbiddenException('You do not have permission to access that backup.');
+        }
 
         if ($model->is_successful) {
             throw new BadRequestHttpException('Cannot update the status of a backup that is already marked as completed.');

diff --git a/app/Models/Server.php b/app/Models/Server.php
@@ -326,6 +326,11 @@ public function activity(): MorphToMany
         return $this->morphToMany(ActivityLog::class, 'subject', 'activity_log_subjects');
     }
 
+    public function getRouteKeyName(): string
+    {
+        return 'id';
+    }
+
     public function resolveRouteBinding($value, $field = null): ?self
     {
         return match ($field) {