MrUnknownDE/panel
1
0
Fork 0
mirror of https://github.com/MrUnknownDE/panel.git synced 2026-04-12 19:33:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Address two bugs in subuser system.

Browse Source 
1.) Prevents adding the owner of a server as a subuser which could
potentially break things.
2.) Prevents adding duplicate subusers for a server.
This commit is contained in:
Dane Everitt
2016-12-30 16:28:43 -05:00
parent ef8e0b5a74
commit 0afa568095
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/Repositories/SubuserRepository.php
View File

@@ -117,6 +117,7 @@ class SubuserRepository
public function create($sid, array $data)
{
$server = Models\Server::findOrFail($sid);
$validator = Validator::make($data, [
'permissions' => 'required|array',
'email' => 'required|email',
@@ -140,6 +141,10 @@ class SubuserRepository
} catch (\Exception $ex) {
throw $ex;
}
} else if ($server->owner === $user->id) {
throw new DisplayException('You cannot add the owner of a server as a subuser.');
} else if (Models\Subuser::select('id')->where('user_id', $user->id)->where('server_id', $server->id)->first()) {
throw new DisplayException('A subuser with that email already exists for this server.');
}
$uuid = new UuidService;
@@ -159,6 +164,7 @@ class SubuserRepository
if (! is_null($this->permissions[$permission])) {
array_push($daemonPermissions, $this->permissions[$permission]);
}
$model = new Models\Permission;
$model->fill([
'user_id' => $user->id,