app/Http/Middleware/AdminAuthenticate.php

<?php

namespace App\Http\Middleware;

use Illuminate\Http\Request;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

class AdminAuthenticate
{
    /**
     * Handle an incoming request.
     *
     * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
     */
    public function handle(Request $request, \Closure $next): mixed
    {
        if (!$request->user() || !$request->user()->isRootAdmin()) {
            throw new AccessDeniedHttpException();
        }

        return $next($request);
    }
}
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 13:58:49 -05:00			`<?php`
Apply fixes from StyleCI 2016-12-07 22:46:38 +00:00
Switch namespace back to App 2024-03-12 22:39:16 -04:00			`namespace App\Http\Middleware;`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 13:58:49 -05:00
Update all the middlewares 2017-10-29 12:37:25 -05:00			`use Illuminate\Http\Request;`
Implement fix to allow root admins to view all servers. closes #722 2017-11-05 12:38:39 -06:00			`use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 13:58:49 -05:00
			`class AdminAuthenticate`
			`{`
			`/**`
			`* Handle an incoming request.`
			`*`
Implement changes to administrative user revocation, closes #733 2017-12-03 14:00:47 -06:00			`* @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 13:58:49 -05:00			`*/`
Laravel 10 (#4706) 2023-02-23 12:30:16 -07:00			`public function handle(Request $request, \Closure $next): mixed`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 13:58:49 -05:00			`{`
Admin Roles (#502) * add spatie/permissions * add policies * add role resource * add root admin role handling * replace some "root_admin" with function * add model specific permissions * make permission selection nicer * fix user creation * fix tests * add back subuser checks in server policy * add custom model for role * assign new users to role if root_admin is set * add api for roles * fix phpstan * add permissions for settings page * remove "restore" and "forceDelete" permissions * add user count to list * prevent deletion if role has users * update user list * fix server policy * remove old `root_admin` column * small refactor * fix tests * forgot can checks here * forgot use * disable editing own roles & disable assigning root admin * don't allow to rename root admin role * remove php bombing exception handler * fix role assignment when creating a user * fix disableOptionWhen * fix missing `root_admin` attribute on react frontend * add permission check for bulk delete * rename viewAny to viewList * improve canAccessPanel check * fix admin not displaying for non-root admins * make sure non root admins can't edit root admins * fix import * fix settings page permission check * fix server permissions for non-subusers * fix settings page permission check v2 * small cleanup * cleanup config file * move consts from resouce into enum & model * Update database/migrations/2024_08_01_114538_remove_root_admin_column.php Co-authored-by: Lance Pioch <lancepioch@gmail.com> * fix config * fix phpstan * fix phpstan 2.0 --------- Co-authored-by: Lance Pioch <lancepioch@gmail.com> 2024-09-21 12:27:41 +02:00			`if (!$request->user() \|\| !$request->user()->isRootAdmin()) {`
Use more standardized phpcs 2021-01-23 12:33:34 -08:00			`throw new AccessDeniedHttpException();`
Initial Commit of Files PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0 2015-12-06 13:58:49 -05:00			`}`

			`return $next($request);`
			`}`
			`}`