CoCalc -- BaseTransformer.php

GitHub Repository: pterodactyl/panel
Path: blob/1.0-develop/app/Transformers/Api/Application/BaseTransformer.php
¹⁰²⁸⁰ views
1
<?php
2

3
namespace Pterodactyl\Transformers\Api\Application;
4

5
use Carbon\CarbonImmutable;
6
use Carbon\CarbonInterface;
7
use Illuminate\Http\Request;
8
use Webmozart\Assert\Assert;
9
use Pterodactyl\Models\ApiKey;
10
use Illuminate\Container\Container;
11
use Illuminate\Database\Eloquent\Model;
12
use League\Fractal\TransformerAbstract;
13
use Pterodactyl\Services\Acl\Api\AdminAcl;
14

15
/**
16
 * @method array transform(Model $model)
17
 */
18
abstract class BaseTransformer extends TransformerAbstract
19
{
20
    public const RESPONSE_TIMEZONE = 'UTC';
21

22
    protected Request $request;
23

24
    /**
25
     * BaseTransformer constructor.
26
     */
27
    public function __construct()
28
    {
29
        // Transformers allow for dependency injection on the handle method.
30
        if (method_exists($this, 'handle')) {
31
            Container::getInstance()->call([$this, 'handle']);
32
        }
33
    }
34

35
    /**
36
     * Return the resource name for the JSONAPI output.
37
     */
38
    abstract public function getResourceName(): string;
39

40
    /**
41
     * Sets the request on the instance.
42
     */
43
    public function setRequest(Request $request): self
44
    {
45
        $this->request = $request;
46

47
        return $this;
48
    }
49

50
    /**
51
     * Returns a new transformer instance with the request set on the instance.
52
     */
53
    public static function fromRequest(Request $request): static
54
    {
55
        return app(static::class)->setRequest($request);
56
    }
57

58
    /**
59
     * Determine if the API key loaded onto the transformer has permission
60
     * to access a different resource. This is used when including other
61
     * models on a transformation request.
62
     *
63
     * @deprecated — prefer $user->can/cannot methods
64
     */
65
    protected function authorize(string $resource): bool
66
    {
67
        $allowed = [ApiKey::TYPE_ACCOUNT, ApiKey::TYPE_APPLICATION];
68

69
        $token = $this->request->user()?->currentAccessToken();
70
        if (!$token instanceof ApiKey || !in_array($token->key_type, $allowed)) {
71
            return false;
72
        }
73

74
        // If this is not a deprecated application token type we can only check that
75
        // the user is a root admin at the moment. In a future release we'll be rolling
76
        // out more specific permissions for keys.
77
        if ($token->key_type === ApiKey::TYPE_ACCOUNT) {
78
            return $this->request->user()->root_admin;
79
        }
80

81
        return AdminAcl::check($token, $resource);
82
    }
83

84
    /**
85
     * Create a new instance of the transformer and pass along the currently
86
     * set API key.
87
     *
88
     * @template T of \Pterodactyl\Transformers\Api\Application\BaseTransformer
89
     *
90
     * @param class-string<T> $abstract
91
     *
92
     * @return T
93
     *
94
     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
95
     *
96
     * @noinspection PhpDocSignatureInspection
97
     */
98
    protected function makeTransformer(string $abstract)
99
    {
100
        Assert::subclassOf($abstract, self::class); // @phpstan-ignore staticMethod.alreadyNarrowedType
101

102
        return $abstract::fromRequest($this->request);
103
    }
104

105
    /**
106
     * Return an ISO-8601 formatted timestamp to use in the API response.
107
     */
108
    protected function formatTimestamp(string $timestamp): string
109
    {
110
        return CarbonImmutable::createFromFormat(CarbonInterface::DEFAULT_TO_STRING_FORMAT, $timestamp)
111
            ->setTimezone(self::RESPONSE_TIMEZONE)
112
            ->toAtomString();
113
    }
114
}
115

116
Product

Resources

Company
