Handle missing daemon keys better and fix subuser missing key errors

2026-04-19 14:53:45 +02:00 · 2018-03-03 21:31:44 -06:00
parent 18e394eb14
commit a4f03f5d02
6 changed files with 74 additions and 49 deletions
--- a/app/Services/DaemonKeys/DaemonKeyProviderService.php
+++ b/app/Services/DaemonKeys/DaemonKeyProviderService.php
@@ -28,6 +28,7 @@ use Carbon\Carbon;
 use Pterodactyl\Models\User;
 use Pterodactyl\Models\Server;
 use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
+use Pterodactyl\Contracts\Repository\SubuserRepositoryInterface;
 use Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface;

 class DaemonKeyProviderService
@@ -47,21 +48,29 @@ class DaemonKeyProviderService
     */
    private $repository;

+    /**
+     * @var \Pterodactyl\Contracts\Repository\SubuserRepositoryInterface
+     */
+    private $subuserRepository;
+
    /**
     * GetDaemonKeyService constructor.
     *
     * @param \Pterodactyl\Services\DaemonKeys\DaemonKeyCreationService      $keyCreationService
     * @param \Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface $repository
     * @param \Pterodactyl\Services\DaemonKeys\DaemonKeyUpdateService        $keyUpdateService
+     * @param \Pterodactyl\Contracts\Repository\SubuserRepositoryInterface   $subuserRepository
     */
    public function __construct(
        DaemonKeyCreationService $keyCreationService,
        DaemonKeyRepositoryInterface $repository,
-        DaemonKeyUpdateService $keyUpdateService
+        DaemonKeyUpdateService $keyUpdateService,
+        SubuserRepositoryInterface $subuserRepository
    ) {
        $this->keyCreationService = $keyCreationService;
        $this->keyUpdateService = $keyUpdateService;
        $this->repository = $repository;
+        $this->subuserRepository = $subuserRepository;
    }

    /**
@@ -89,10 +98,18 @@ class DaemonKeyProviderService
                return $this->keyCreationService->handle($server->id, $user->id);
            }

-            // If they aren't the admin or owner of the server, they shouldn't get access.
-            // Subusers should always have an entry created when they are, so if there is
-            // no record, it should fail.
-            throw $exception;
+            // Check if user is a subuser for this server. Ideally they should always have
+            // a record associated with them in the database, but we should still handle
+            // that potentiality here.
+            //
+            // If no subuser is found, a RecordNotFoundException will be thrown, thus handling
+            // the parent error as well.
+            $subuser = $this->subuserRepository->findFirstWhere([
+                ['user_id', '=', $user->id],
+                ['server_id', '=', $server->id],
+            ]);
+
+            return $this->keyCreationService->handle($subuser->server_id, $subuser->user_id);
        }

        if (! $updateIfExpired || Carbon::now()->diffInSeconds($key->expires_at, false) > 0) {