Files
pterodactyl_addon/database/seeders/DefaultRolesSeeder.php

110 lines
5.5 KiB
PHP

<?php
/**
* Default Roles Seeder
*
* @author Ball Studios <https://git.balls.studio>
* @license MIT
*/
namespace Database\Seeders;
use Illuminate\Database\Seeder;
use Pterodactyl\Addons\AdvancedAdmin\Models\Role;
use Pterodactyl\Addons\AdvancedAdmin\Models\RolePermission;
class DefaultRolesSeeder extends Seeder
{
private const ROLES = [
[
'name' => 'Owner',
'description' => 'Full server access — assigned to the server owner',
'color' => '#f59e0b',
'priority' => 100,
'is_default' => false,
'permissions' => [
'control.console' => 'allow', 'control.start' => 'allow', 'control.stop' => 'allow', 'control.restart' => 'allow',
'file.read' => 'allow', 'file.read-content' => 'allow', 'file.create' => 'allow', 'file.update' => 'allow', 'file.delete' => 'allow', 'file.archive' => 'allow', 'file.sftp' => 'allow',
'backup.read' => 'allow', 'backup.create' => 'allow', 'backup.delete' => 'allow', 'backup.download' => 'allow', 'backup.restore' => 'allow',
'allocation.read' => 'allow', 'allocation.create' => 'allow', 'allocation.update' => 'allow', 'allocation.delete' => 'allow',
'startup.read' => 'allow', 'startup.update' => 'allow', 'startup.docker-image' => 'allow',
'database.read' => 'allow', 'database.create' => 'allow', 'database.update' => 'allow', 'database.delete' => 'allow', 'database.view-password' => 'allow',
'schedule.read' => 'allow', 'schedule.create' => 'allow', 'schedule.update' => 'allow', 'schedule.delete' => 'allow',
'settings.read' => 'allow', 'settings.rename' => 'allow', 'settings.reinstall' => 'allow',
'user.read' => 'allow', 'user.create' => 'allow', 'user.update' => 'allow', 'user.delete' => 'allow',
'activity.read' => 'allow', 'websocket.connect' => 'allow',
],
],
[
'name' => 'Administrator',
'description' => 'High-privilege access — can manage files, users, databases',
'color' => '#ef4444',
'priority' => 80,
'is_default' => false,
'permissions' => [
'control.console' => 'allow', 'control.start' => 'allow', 'control.stop' => 'allow', 'control.restart' => 'allow',
'file.read' => 'allow', 'file.read-content' => 'allow', 'file.create' => 'allow', 'file.update' => 'allow', 'file.delete' => 'allow', 'file.archive' => 'allow', 'file.sftp' => 'allow',
'backup.read' => 'allow', 'backup.create' => 'allow', 'backup.delete' => 'allow', 'backup.download' => 'allow', 'backup.restore' => 'allow',
'database.read' => 'allow', 'database.create' => 'allow', 'database.update' => 'allow', 'database.delete' => 'allow', 'database.view-password' => 'allow',
'schedule.read' => 'allow', 'schedule.create' => 'allow', 'schedule.update' => 'allow', 'schedule.delete' => 'allow',
'settings.read' => 'allow', 'user.read' => 'allow', 'user.create' => 'allow', 'user.update' => 'allow',
'activity.read' => 'allow', 'websocket.connect' => 'allow',
],
],
[
'name' => 'Moderator',
'description' => 'Console access, read files, manage schedules',
'color' => '#3b82f6',
'priority' => 50,
'is_default' => false,
'permissions' => [
'control.console' => 'allow', 'control.start' => 'allow', 'control.stop' => 'allow', 'control.restart' => 'allow',
'file.read' => 'allow', 'file.read-content' => 'allow',
'backup.read' => 'allow', 'backup.create' => 'allow',
'schedule.read' => 'allow', 'schedule.create' => 'allow', 'schedule.update' => 'allow',
'settings.read' => 'allow', 'activity.read' => 'allow', 'websocket.connect' => 'allow',
],
],
[
'name' => 'Viewer',
'description' => 'Read-only access — can view console and files',
'color' => '#6b7280',
'priority' => 10,
'is_default' => true,
'permissions' => [
'control.console' => 'allow',
'file.read' => 'allow', 'file.read-content' => 'allow',
'backup.read' => 'allow',
'schedule.read' => 'allow',
'settings.read' => 'allow', 'activity.read' => 'allow', 'websocket.connect' => 'allow',
],
],
];
public function run(): void
{
foreach (self::ROLES as $roleData) {
if (Role::where('name', $roleData['name'])->exists()) continue;
$role = Role::create([
'name' => $roleData['name'],
'description' => $roleData['description'],
'color' => $roleData['color'],
'priority' => $roleData['priority'],
'is_default' => $roleData['is_default'],
'created_by' => null,
]);
foreach ($roleData['permissions'] as $perm => $value) {
RolePermission::create([
'role_id' => $role->id,
'permission' => $perm,
'value' => $value,
]);
}
$this->command->info("Created default role: {$roleData['name']}");
}
}
}