#591 - scripts

app/Actions/Script/CreateScript.php

@@ -4,6 +4,7 @@
 
 use App\Models\Script;
 use App\Models\User;
+use Illuminate\Support\Facades\Validator;
 
 class CreateScript
 {
@@ -12,6 +13,8 @@ class CreateScript
      */
     public function create(User $user, array $input): Script
     {
+        Validator::make($input, self::rules())->validate();
+
         $script = new Script([
             'user_id' => $user->id,
             'name' => $input['name'],

app/Actions/Script/ExecuteScript.php

@@ -7,6 +7,8 @@
 use App\Models\ScriptExecution;
 use App\Models\Server;
 use App\Models\ServerLog;
+use App\Models\User;
+use Illuminate\Support\Facades\Validator;
 use Illuminate\Validation\Rule;
 
 class ExecuteScript
@@ -14,24 +16,44 @@ class ExecuteScript
     /**
      * @param  array<string, mixed>  $input
      */
-    public function execute(Script $script, array $input): ScriptExecution
+    public function execute(Script $script, User $user, array $input): ScriptExecution
     {
+        Validator::make($input, self::rules($script, $input))->validate();
+
+        $variables = [];
+        foreach ($script->getVariables() as $variable) {
+            if (array_key_exists($variable, $input)) {
+                $variables[$variable] = $input[$variable] ?? '';
+            }
+        }
+
+        /** @var Server $server */
+        $server = Server::query()->findOrFail($input['server']);
+
+        if (! $user->can('update', $server)) {
+            abort(403, 'You do not have permission to execute scripts on this server.');
+        }
+
         $execution = new ScriptExecution([
             'script_id' => $script->id,
             'server_id' => $input['server'],
             'user' => $input['user'],
-            'variables' => $input['variables'] ?? [],
+            'variables' => $variables,
             'status' => ScriptExecutionStatus::EXECUTING,
         ]);
         $execution->save();
 
-        dispatch(function () use ($execution, $script): void {
+        $log = ServerLog::newLog($execution->server, 'script-'.$script->id.'-'.strtotime('now'));
+        $log->save();
+
+        $execution->server_log_id = $log->id;
+        $execution->save();
+
+        dispatch(function () use ($execution, $log): void {
             /** @var Server $server */
             $server = $execution->server;
 
             $content = $execution->getContent();
-            $log = ServerLog::newLog($server, 'script-'.$script->id.'-'.strtotime('now'));
-            $log->save();
             $execution->server_log_id = $log->id;
             $execution->save();
             $server->os()->runScript('~/', $content, $log, $execution->user);
@@ -49,7 +71,7 @@ public function execute(Script $script, array $input): ScriptExecution
      * @param  array<string, mixed>  $input
      * @return array<string, mixed>
      */
-    public static function rules(array $input): array
+    public static function rules(Script $script, array $input): array
     {
         $users = ['root'];
         if (isset($input['server'])) {
@@ -58,7 +80,7 @@ public static function rules(array $input): array
             $users = $server->getSshUsers();
         }
 
-        return [
+        $rules = [
             'server' => [
                 'required',
                 Rule::exists('servers', 'id'),
@@ -67,12 +89,16 @@ public static function rules(array $input): array
                 'required',
                 Rule::in($users),
             ],
-            'variables' => 'array',
-            'variables.*' => [
+        ];
+
+        foreach ($script->getVariables() as $variable) {
+            $rules[$variable] = [
                 'required',
                 'string',
                 'max:255',
-            ],
-        ];
+            ];
+        }
+
+        return $rules;
     }
 }

app/Actions/Site/DeleteSite.php

@@ -42,6 +42,9 @@ public function delete(Site $site, array $input): void
         $site->delete();
     }
 
+    /**
+     * @param  array<string, mixed>  $input
+     */
     private function validate(Site $site, array $input): void
     {
         Validator::make($input, [

app/Http/Controllers/ApplicationController.php

@@ -37,7 +37,7 @@ public function index(Server $server, Site $site): Response
         return Inertia::render('application/index', [
             'deployments' => DeploymentResource::collection($site->deployments()->latest()->simplePaginate(config('web.pagination_size'))),
             'deploymentScript' => $site->deploymentScript?->content,
-            'loadBalancerServers' => LoadBalancerServerResource::collection($site->loadBalancerServers)
+            'loadBalancerServers' => LoadBalancerServerResource::collection($site->loadBalancerServers),
         ]);
     }
 

app/Http/Controllers/ScriptController.php

@@ -0,0 +1,95 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Actions\Script\CreateScript;
+use App\Actions\Script\EditScript;
+use App\Actions\Script\ExecuteScript;
+use App\Http\Resources\ScriptExecutionResource;
+use App\Http\Resources\ScriptResource;
+use App\Models\Script;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Http\Resources\Json\ResourceCollection;
+use Inertia\Inertia;
+use Inertia\Response;
+use Spatie\RouteAttributes\Attributes\Delete;
+use Spatie\RouteAttributes\Attributes\Get;
+use Spatie\RouteAttributes\Attributes\Middleware;
+use Spatie\RouteAttributes\Attributes\Post;
+use Spatie\RouteAttributes\Attributes\Prefix;
+use Spatie\RouteAttributes\Attributes\Put;
+
+#[Prefix('scripts')]
+#[Middleware(['auth'])]
+class ScriptController extends Controller
+{
+    #[Get('/', name: 'scripts')]
+    public function index(): Response
+    {
+        $this->authorize('viewAny', Script::class);
+
+        return Inertia::render('scripts/index', [
+            'scripts' => ScriptResource::collection(user()->scripts()->simplePaginate(config('web.pagination_size'))),
+        ]);
+    }
+
+    #[Get('/json', name: 'scripts.json')]
+    public function json(): ResourceCollection
+    {
+        $this->authorize('viewAny', Script::class);
+
+        return ScriptResource::collection(user()->scripts()->get());
+    }
+
+    #[Get('/{script}', name: 'scripts.show')]
+    public function show(Script $script): Response
+    {
+        $this->authorize('view', $script);
+
+        return Inertia::render('scripts/show', [
+            'script' => new ScriptResource($script),
+            'executions' => ScriptExecutionResource::collection(
+                $script->executions()->latest()->simplePaginate(config('web.pagination_size'))
+            ),
+        ]);
+    }
+
+    #[Post('/', name: 'scripts.store')]
+    public function store(Request $request): RedirectResponse
+    {
+        $this->authorize('create', Script::class);
+
+        app(CreateScript::class)->create(user(), $request->input());
+
+        return back()->with('success', 'Script created.');
+    }
+
+    #[Put('/{script}', name: 'scripts.update')]
+    public function update(Script $script, Request $request): RedirectResponse
+    {
+        $this->authorize('update', $script);
+
+        app(EditScript::class)->edit($script, user(), $request->input());
+
+        return back()->with('success', 'Script updated.');
+    }
+
+    #[Delete('/{script}', name: 'scripts.destroy')]
+    public function destroy(Script $script): RedirectResponse
+    {
+        $this->authorize('delete', $script);
+
+        $script->delete();
+
+        return back()->with('success', 'Script deleted.');
+    }
+
+    #[Post('/{script}/execute', name: 'scripts.execute')]
+    public function execute(Request $request, Script $script): RedirectResponse
+    {
+        app(ExecuteScript::class)->execute($script, user(), $request->input());
+
+        return redirect()->route('scripts.show', $script)->with('info', 'Script is being executed.');
+    }
+}

app/Http/Resources/ScriptExecutionResource.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Resources;
+
+use App\Models\ScriptExecution;
+use Illuminate\Http\Request;
+use Illuminate\Http\Resources\Json\JsonResource;
+
+/** @mixin ScriptExecution */
+class ScriptExecutionResource extends JsonResource
+{
+    /**
+     * @return array<string, mixed>
+     */
+    public function toArray(Request $request): array
+    {
+        return [
+            'id' => $this->id,
+            'script_id' => $this->script_id,
+            'server_id' => $this->server_id,
+            'server' => new ServerResource($this->server),
+            'server_log_id' => $this->server_log_id,
+            'log' => ServerLogResource::make($this->serverLog),
+            'user' => $this->user,
+            'variables' => $this->variables,
+            'status' => $this->status,
+            'status_color' => ScriptExecution::$statusColors[$this->status] ?? 'gray',
+            'created_at' => $this->created_at,
+            'updated_at' => $this->updated_at,
+        ];
+    }
+}

app/Http/Resources/ScriptResource.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Resources;
+
+use App\Models\Script;
+use Illuminate\Http\Request;
+use Illuminate\Http\Resources\Json\JsonResource;
+
+/** @mixin Script */
+class ScriptResource extends JsonResource
+{
+    /**
+     * @return array<string, mixed>
+     */
+    public function toArray(Request $request): array
+    {
+        return [
+            'id' => $this->id,
+            'user_id' => $this->user_id,
+            'user' => new UserResource($this->whenLoaded('user')),
+            'name' => $this->name,
+            'content' => $this->content,
+            'variables' => $this->getVariables(),
+            'last_execution' => ScriptExecutionResource::make($this->lastExecution),
+            'created_at' => $this->created_at,
+            'updated_at' => $this->updated_at,
+        ];
+    }
+}