1
<?php
2

3
namespace Pterodactyl\Policies;
4

5
use Pterodactyl\Models\User;
6
use Pterodactyl\Models\Server;
7

8
class ServerPolicy
9
{
10
    /**
11
     * Checks if the user has the given permission on/for the server.
12
     */
13
    protected function checkPermission(User $user, Server $server, string $permission): bool
14
    {
15
        $subuser = $server->subusers->where('user_id', $user->id)->first();
16
        if (!$subuser || empty($permission)) {
17
            return false;
18
        }
19

20
        return in_array($permission, $subuser->permissions);
21
    }
22

23
    /**
24
     * Runs before any of the functions are called. Used to determine if user is root admin, if so, ignore permissions.
25
     */
26
    public function before(User $user, string $ability, Server $server): bool
27
    {
28
        if ($user->root_admin || $server->owner_id === $user->id) {
29
            return true;
30
        }
31

32
        return $this->checkPermission($user, $server, $ability);
33
    }
34

35
    /**
36
     * This is a horrendous hack to avoid Laravel's "smart" behavior that does
37
     * not call the before() function if there isn't a function matching the
38
     * policy permission.
39
     */
40
    public function __call(string $name, mixed $arguments)
41
    {
42
        // do nothing
43
    }
44
}
45

46