Return Http test cases to a passing state
This commit is contained in:
Dane Everitt
parent
eaae74fe33
commit
536180ed0c
26 changed files with 140 additions and 1113 deletions
|
|
@ -4,6 +4,7 @@ namespace Tests\Unit\Http\Middleware;
|
|||
|
||||
use Pterodactyl\Models\User;
|
||||
use Pterodactyl\Http\Middleware\AdminAuthenticate;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
|
||||
class AdminAuthenticateTest extends MiddlewareTestCase
|
||||
{
|
||||
|
|
@ -21,11 +22,11 @@ class AdminAuthenticateTest extends MiddlewareTestCase
|
|||
|
||||
/**
|
||||
* Test that a missing user in the request triggers an error.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfUserDoesNotExist()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
|
|
@ -33,11 +34,11 @@ class AdminAuthenticateTest extends MiddlewareTestCase
|
|||
|
||||
/**
|
||||
* Test that an exception is thrown if the user is not an admin.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfUserIsNotAnAdmin()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
$user = factory(User::class)->make(['root_admin' => 0]);
|
||||
|
||||
$this->request->shouldReceive('user')->withNoArgs()->twice()->andReturn($user);
|
||||
|
|
|
|||
|
|
@ -1,19 +1,20 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\API\Application;
|
||||
namespace Tests\Unit\Http\Middleware\Api\Application;
|
||||
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser;
|
||||
|
||||
class AuthenticateUserTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* Test that no user defined results in an access denied exception.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
*/
|
||||
public function testNoUserDefined()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
$this->setRequestUserModel(null);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
|
|
@ -21,11 +22,11 @@ class AuthenticateUserTest extends MiddlewareTestCase
|
|||
|
||||
/**
|
||||
* Test that a non-admin user results an an exception.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
*/
|
||||
public function testNonAdminUser()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
$this->generateRequestUserModel(['root_admin' => false]);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
|
|
|
|||
|
|
@ -1,10 +1,11 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\API;
|
||||
namespace Tests\Unit\Http\Middleware\Api;
|
||||
|
||||
use Pterodactyl\Models\ApiKey;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Http\Middleware\Api\AuthenticateIPAccess;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
|
||||
class AuthenticateIPAccessTest extends MiddlewareTestCase
|
||||
{
|
||||
|
|
@ -49,11 +50,11 @@ class AuthenticateIPAccessTest extends MiddlewareTestCase
|
|||
/**
|
||||
* Test that an exception is thrown when an invalid IP address
|
||||
* tries to connect and there is an IP restriction.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
*/
|
||||
public function testWithInvalidIP()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
$model = factory(ApiKey::class)->make(['allowed_ips' => '["127.0.0.1"]']);
|
||||
$this->setRequestAttribute('api_key', $model);
|
||||
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\API;
|
||||
namespace Tests\Unit\Http\Middleware\Api;
|
||||
|
||||
use Mockery as m;
|
||||
use Cake\Chronos\Chronos;
|
||||
|
|
@ -13,6 +13,7 @@ use Pterodactyl\Http\Middleware\Api\AuthenticateKey;
|
|||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
|
||||
use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
|
||||
class AuthenticateKeyTest extends MiddlewareTestCase
|
||||
{
|
||||
|
|
@ -62,11 +63,11 @@ class AuthenticateKeyTest extends MiddlewareTestCase
|
|||
|
||||
/**
|
||||
* Test that an invalid API identifier throws an exception.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
*/
|
||||
public function testInvalidIdentifier()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
$this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturn('abcd1234');
|
||||
$this->repository->shouldReceive('findFirstWhere')->andThrow(new RecordNotFoundException);
|
||||
|
||||
|
|
@ -141,11 +142,11 @@ class AuthenticateKeyTest extends MiddlewareTestCase
|
|||
/**
|
||||
* Test that a valid token identifier with an invalid token attached to it
|
||||
* triggers an exception.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
*/
|
||||
public function testInvalidTokenForIdentifier()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
$model = factory(ApiKey::class)->make();
|
||||
|
||||
$this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturn($model->identifier . 'asdf');
|
||||
|
|
@ -4,19 +4,27 @@ namespace Tests\Unit\Http\Middleware\Api\Daemon;
|
|||
|
||||
use Mockery as m;
|
||||
use Pterodactyl\Models\Node;
|
||||
use Illuminate\Contracts\Encryption\Encrypter;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Repositories\Eloquent\NodeRepository;
|
||||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||
use Pterodactyl\Contracts\Repository\NodeRepositoryInterface;
|
||||
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
|
||||
use Pterodactyl\Http\Middleware\Api\Daemon\DaemonAuthenticate;
|
||||
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
|
||||
class DaemonAuthenticateTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\NodeRepositoryInterface|\Mockery\Mock
|
||||
* @var \Mockery\MockInterface
|
||||
*/
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* @var \Mockery\MockInterface
|
||||
*/
|
||||
private $encrypter;
|
||||
|
||||
/**
|
||||
* Setup tests.
|
||||
*/
|
||||
|
|
@ -24,7 +32,8 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
|
|||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->repository = m::mock(NodeRepositoryInterface::class);
|
||||
$this->encrypter = m::mock(Encrypter::class);
|
||||
$this->repository = m::mock(NodeRepository::class);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -33,7 +42,7 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
|
|||
*/
|
||||
public function testResponseShouldContinueIfRouteIsExempted()
|
||||
{
|
||||
$this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('daemon.configuration');
|
||||
$this->request->expects('route->getName')->withNoArgs()->andReturn('daemon.configuration');
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
|
@ -44,8 +53,8 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
|
|||
*/
|
||||
public function testResponseShouldFailIfNoTokenIsProvided()
|
||||
{
|
||||
$this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route');
|
||||
$this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturnNull();
|
||||
$this->request->expects('route->getName')->withNoArgs()->andReturn('random.route');
|
||||
$this->request->expects('bearerToken')->withNoArgs()->andReturnNull();
|
||||
|
||||
try {
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
|
|
@ -58,17 +67,54 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
|
|||
}
|
||||
|
||||
/**
|
||||
* Test that passing in an invalid node daemon secret will result in a HTTP/403
|
||||
* error response.
|
||||
* Test that passing in an invalid node daemon secret will result in a bad request
|
||||
* exception being returned.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
* @param string $token
|
||||
* @dataProvider badTokenDataProvider
|
||||
*/
|
||||
public function testResponseShouldFailIfNoNodeIsFound()
|
||||
public function testResponseShouldFailIfTokenFormatIsIncorrect(string $token)
|
||||
{
|
||||
$this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route');
|
||||
$this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturn('test1234');
|
||||
$this->expectException(BadRequestHttpException::class);
|
||||
|
||||
$this->repository->shouldReceive('findFirstWhere')->with([['daemonSecret', '=', 'test1234']])->once()->andThrow(new RecordNotFoundException);
|
||||
$this->request->expects('route->getName')->withNoArgs()->andReturn('random.route');
|
||||
$this->request->expects('bearerToken')->withNoArgs()->andReturn($token);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an access denied error is returned if the node is valid but the token
|
||||
* provided is not valid.
|
||||
*/
|
||||
public function testResponseShouldFailIfTokenIsNotValid()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
/** @var \Pterodactyl\Models\Node $model */
|
||||
$model = factory(Node::class)->make();
|
||||
|
||||
$this->request->expects('route->getName')->withNoArgs()->andReturn('random.route');
|
||||
$this->request->expects('bearerToken')->withNoArgs()->andReturn($model->daemon_token_id . '.random_string_123');
|
||||
|
||||
$this->repository->expects('findFirstWhere')->with(['daemon_token_id' => $model->daemon_token_id])->andReturn($model);
|
||||
$this->encrypter->expects('decrypt')->with($model->daemon_token)->andReturns(decrypt($model->daemon_token));
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an access denied exception is returned if the node is not found using
|
||||
* the token ID provided.
|
||||
*/
|
||||
public function testResponseShouldFailIfNodeIsNotFound()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
$this->request->expects('route->getName')->withNoArgs()->andReturn('random.route');
|
||||
$this->request->expects('bearerToken')->withNoArgs()->andReturn('abcd1234.random_string_123');
|
||||
|
||||
$this->repository->expects('findFirstWhere')->with(['daemon_token_id' => 'abcd1234'])->andThrow(RecordNotFoundException::class);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
|
@ -78,18 +124,39 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
|
|||
*/
|
||||
public function testSuccessfulMiddlewareProcess()
|
||||
{
|
||||
/** @var \Pterodactyl\Models\Node $model */
|
||||
$model = factory(Node::class)->make();
|
||||
|
||||
$this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route');
|
||||
$this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturn($model->daemonSecret);
|
||||
$this->request->expects('route->getName')->withNoArgs()->andReturn('random.route');
|
||||
$this->request->expects('bearerToken')->withNoArgs()->andReturn($model->daemon_token_id . '.' . decrypt($model->daemon_token));
|
||||
|
||||
$this->repository->shouldReceive('findFirstWhere')->with([['daemonSecret', '=', $model->daemonSecret]])->once()->andReturn($model);
|
||||
$this->repository->expects('findFirstWhere')->with(['daemon_token_id' => $model->daemon_token_id])->andReturn($model);
|
||||
$this->encrypter->expects('decrypt')->with($model->daemon_token)->andReturns(decrypt($model->daemon_token));
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('node');
|
||||
$this->assertRequestAttributeEquals($model, 'node');
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides different tokens that should trigger a bad request exception due to
|
||||
* their formatting.
|
||||
*
|
||||
* @return array|\string[][]
|
||||
*/
|
||||
public function badTokenDataProvider(): array
|
||||
{
|
||||
return [
|
||||
['foo'],
|
||||
['foobar'],
|
||||
['foo-bar'],
|
||||
['foo.bar.baz'],
|
||||
['.foo'],
|
||||
['foo.'],
|
||||
['foo..bar'],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an instance of the middleware using mocked dependencies.
|
||||
*
|
||||
|
|
@ -97,6 +164,6 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
|
|||
*/
|
||||
private function getMiddleware(): DaemonAuthenticate
|
||||
{
|
||||
return new DaemonAuthenticate($this->repository);
|
||||
return new DaemonAuthenticate($this->encrypter, $this->repository);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\API;
|
||||
namespace Tests\Unit\Http\Middleware\Api;
|
||||
|
||||
use Mockery as m;
|
||||
use Illuminate\Contracts\Config\Repository;
|
||||
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
namespace Tests\Unit\Http\Middleware;
|
||||
|
||||
use Illuminate\Auth\AuthenticationException;
|
||||
use Pterodactyl\Http\Middleware\Authenticate;
|
||||
|
||||
class AuthenticateTest extends MiddlewareTestCase
|
||||
|
|
@ -18,11 +19,11 @@ class AuthenticateTest extends MiddlewareTestCase
|
|||
|
||||
/**
|
||||
* Test that a logged out user results in an exception.
|
||||
*
|
||||
* @expectedException \Illuminate\Auth\AuthenticationException
|
||||
*/
|
||||
public function testLoggedOutUser()
|
||||
{
|
||||
$this->expectException(AuthenticationException::class);
|
||||
|
||||
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
|
|
|
|||
|
|
@ -1,78 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware;
|
||||
|
||||
use Mockery as m;
|
||||
use Pterodactyl\Models\Node;
|
||||
use Pterodactyl\Http\Middleware\DaemonAuthenticate;
|
||||
use Pterodactyl\Contracts\Repository\NodeRepositoryInterface;
|
||||
|
||||
class DaemonAuthenticateTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\NodeRepositoryInterface|\Mockery\Mock
|
||||
*/
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* Setup tests.
|
||||
*/
|
||||
public function setUp(): void
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->repository = m::mock(NodeRepositoryInterface::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test a valid daemon connection.
|
||||
*/
|
||||
public function testValidDaemonConnection()
|
||||
{
|
||||
$this->setRequestRouteName('random.name');
|
||||
$node = factory(Node::class)->make();
|
||||
|
||||
$this->request->shouldReceive('header')->with('X-Access-Node')->twice()->andReturn($node->daemonSecret);
|
||||
|
||||
$this->repository->shouldReceive('findFirstWhere')->with(['daemonSecret' => $node->daemonSecret])->once()->andReturn($node);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('node');
|
||||
$this->assertRequestAttributeEquals($node, 'node');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that ignored routes do not continue through the middleware.
|
||||
*/
|
||||
public function testIgnoredRouteShouldContinue()
|
||||
{
|
||||
$this->setRequestRouteName('daemon.configuration');
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestMissingAttribute('node');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that a request missing a X-Access-Node header causes an exception.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
*/
|
||||
public function testExceptionThrownIfMissingHeader()
|
||||
{
|
||||
$this->setRequestRouteName('random.name');
|
||||
|
||||
$this->request->shouldReceive('header')->with('X-Access-Node')->once()->andReturn(false);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an instance of the middleware using mocked dependencies.
|
||||
*
|
||||
* @return \Pterodactyl\Http\Middleware\DaemonAuthenticate
|
||||
*/
|
||||
private function getMiddleware(): DaemonAuthenticate
|
||||
{
|
||||
return new DaemonAuthenticate($this->repository);
|
||||
}
|
||||
}
|
||||
|
|
@ -9,6 +9,8 @@ use Illuminate\Contracts\Routing\ResponseFactory;
|
|||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Http\Middleware\Server\AccessingValidServer;
|
||||
use Pterodactyl\Contracts\Repository\ServerRepositoryInterface;
|
||||
use Symfony\Component\HttpKernel\Exception\ConflictHttpException;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
|
||||
class AccessingValidServerTest extends MiddlewareTestCase
|
||||
{
|
||||
|
|
@ -41,12 +43,12 @@ class AccessingValidServerTest extends MiddlewareTestCase
|
|||
|
||||
/**
|
||||
* Test that an exception is thrown if the request is an API request and the server is suspended.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
* @expectedExceptionMessage Server is suspended and cannot be accessed.
|
||||
*/
|
||||
public function testExceptionIsThrownIfServerIsSuspended()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
$this->expectExceptionMessage('Server is suspended and cannot be accessed.');
|
||||
|
||||
$model = factory(Server::class)->make(['suspended' => 1]);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('server')->once()->andReturn('123456');
|
||||
|
|
@ -59,12 +61,12 @@ class AccessingValidServerTest extends MiddlewareTestCase
|
|||
|
||||
/**
|
||||
* Test that an exception is thrown if the request is an API request and the server is not installed.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\ConflictHttpException
|
||||
* @expectedExceptionMessage Server is still completing the installation process.
|
||||
*/
|
||||
public function testExceptionIsThrownIfServerIsNotInstalled()
|
||||
{
|
||||
$this->expectException(ConflictHttpException::class);
|
||||
$this->expectExceptionMessage('Server is still completing the installation process.');
|
||||
|
||||
$model = factory(Server::class)->make(['installed' => 0]);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('server')->once()->andReturn('123456');
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
|||
use Pterodactyl\Http\Middleware\Server\AuthenticateAsSubuser;
|
||||
use Pterodactyl\Services\DaemonKeys\DaemonKeyProviderService;
|
||||
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
|
||||
class AuthenticateAsSubuserTest extends MiddlewareTestCase
|
||||
{
|
||||
|
|
@ -44,12 +45,12 @@ class AuthenticateAsSubuserTest extends MiddlewareTestCase
|
|||
|
||||
/**
|
||||
* Test middleware handles missing token exception.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
* @expectedExceptionMessage This account does not have permission to access this server.
|
||||
*/
|
||||
public function testExceptionIsThrownIfNoTokenIsFound()
|
||||
{
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
$this->expectExceptionMessage('This account does not have permission to access this server.');
|
||||
|
||||
$model = factory(Server::class)->make();
|
||||
$user = $this->setRequestUser();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
|
|
|||
|
|
@ -1,92 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\Server;
|
||||
|
||||
use Mockery as m;
|
||||
use Pterodactyl\Models\Server;
|
||||
use Pterodactyl\Models\Database;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer;
|
||||
use Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface;
|
||||
|
||||
class DatabaseBelongsToServerTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface|\Mockery\Mock
|
||||
*/
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* Setup tests.
|
||||
*/
|
||||
public function setUp(): void
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->repository = m::mock(DatabaseRepositoryInterface::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test a successful middleware instance.
|
||||
*/
|
||||
public function testSuccessfulMiddleware()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$database = factory(Database::class)->make([
|
||||
'server_id' => $model->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('input')->with('database')->once()->andReturn($database->id);
|
||||
$this->repository->shouldReceive('find')->with($database->id)->once()->andReturn($database);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('database');
|
||||
$this->assertRequestAttributeEquals($database, 'database');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if no database record is found.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfNoDatabaseRecordFound()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$database = factory(Database::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('input')->with('database')->once()->andReturn($database->id);
|
||||
$this->repository->shouldReceive('find')->with($database->id)->once()->andReturnNull();
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is found if the database server does not match the
|
||||
* request server.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfDatabaseServerDoesNotMatchCurrent()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$database = factory(Database::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('input')->with('database')->once()->andReturn($database->id);
|
||||
$this->repository->shouldReceive('find')->with($database->id)->once()->andReturn($database);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an instance of the middleware using mocked dependencies.
|
||||
*
|
||||
* @return \Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer
|
||||
*/
|
||||
private function getMiddleware(): DatabaseBelongsToServer
|
||||
{
|
||||
return new DatabaseBelongsToServer($this->repository);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,81 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\Server;
|
||||
|
||||
use Mockery as m;
|
||||
use Pterodactyl\Models\Server;
|
||||
use Pterodactyl\Models\Schedule;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Contracts\Extensions\HashidsInterface;
|
||||
use Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer;
|
||||
use Pterodactyl\Contracts\Repository\ScheduleRepositoryInterface;
|
||||
|
||||
class ScheduleBelongsToServerTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Extensions\HashidsInterface|\Mockery\Mock
|
||||
*/
|
||||
private $hashids;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\ScheduleRepositoryInterface|\Mockery\Mock
|
||||
*/
|
||||
private $repository;
|
||||
|
||||
public function setUp(): void
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->hashids = m::mock(HashidsInterface::class);
|
||||
$this->repository = m::mock(ScheduleRepositoryInterface::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test a successful middleware instance.
|
||||
*/
|
||||
public function testSuccessfulMiddleware()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$schedule = factory(Schedule::class)->make([
|
||||
'server_id' => $model->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('schedule')->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($schedule->id);
|
||||
$this->repository->shouldReceive('getScheduleWithTasks')->with($schedule->id)->once()->andReturn($schedule);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('schedule');
|
||||
$this->assertRequestAttributeEquals($schedule, 'schedule');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if the schedule does not belong to
|
||||
* the request server.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfScheduleDoesNotBelongToServer()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$schedule = factory(Schedule::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('schedule')->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($schedule->id);
|
||||
$this->repository->shouldReceive('getScheduleWithTasks')->with($schedule->id)->once()->andReturn($schedule);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an instance of the middleware using mocked dependencies.
|
||||
*
|
||||
* @return \Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer
|
||||
*/
|
||||
private function getMiddleware(): ScheduleBelongsToServer
|
||||
{
|
||||
return new ScheduleBelongsToServer($this->hashids, $this->repository);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,156 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\Server;
|
||||
|
||||
use Mockery as m;
|
||||
use Pterodactyl\Models\Server;
|
||||
use Pterodactyl\Models\Subuser;
|
||||
use Pterodactyl\Exceptions\DisplayException;
|
||||
use Pterodactyl\Exceptions\PterodactylException;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Contracts\Extensions\HashidsInterface;
|
||||
use Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer;
|
||||
use Pterodactyl\Contracts\Repository\SubuserRepositoryInterface;
|
||||
|
||||
class SubuserBelongsToServerTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Extensions\HashidsInterface|\Mockery\Mock
|
||||
*/
|
||||
private $hashids;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\SubuserRepositoryInterface|\Mockery\Mock
|
||||
*/
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* Setup tests.
|
||||
*/
|
||||
public function setUp(): void
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->hashids = m::mock(HashidsInterface::class);
|
||||
$this->repository = m::mock(SubuserRepositoryInterface::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test a successful middleware instance.
|
||||
*/
|
||||
public function testSuccessfulMiddleware()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make([
|
||||
'server_id' => $model->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser);
|
||||
|
||||
$this->request->shouldReceive('method')->withNoArgs()->once()->andReturn('GET');
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('subuser');
|
||||
$this->assertRequestAttributeEquals($subuser, 'subuser');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that a user can edit a user other than themselves.
|
||||
*/
|
||||
public function testSuccessfulMiddlewareWhenPatchRequest()
|
||||
{
|
||||
$this->setRequestUser();
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make([
|
||||
'server_id' => $model->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser);
|
||||
|
||||
$this->request->shouldReceive('method')->withNoArgs()->once()->andReturn('PATCH');
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('subuser');
|
||||
$this->assertRequestAttributeEquals($subuser, 'subuser');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if a user attempts to edit themself.
|
||||
*/
|
||||
public function testExceptionIsThrownIfUserTriesToEditSelf()
|
||||
{
|
||||
$user = $this->setRequestUser();
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make([
|
||||
'server_id' => $model->id,
|
||||
'user_id' => $user->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser);
|
||||
|
||||
$this->request->shouldReceive('method')->withNoArgs()->once()->andReturn('PATCH');
|
||||
|
||||
try {
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
} catch (PterodactylException $exception) {
|
||||
$this->assertInstanceOf(DisplayException::class, $exception);
|
||||
$this->assertEquals(trans('exceptions.subusers.editing_self'), $exception->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if a subuser server does not match the
|
||||
* request server.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfSubuserServerDoesNotMatchRequestServer()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if no subuser is found.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfNoSubuserIsFound()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturnNull();
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an instance of the middleware using mocked dependencies.
|
||||
*
|
||||
* @return \Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer
|
||||
*/
|
||||
private function getMiddleware(): SubuserBelongsToServer
|
||||
{
|
||||
return new SubuserBelongsToServer($this->hashids, $this->repository);
|
||||
}
|
||||
}
|
||||
Reference in a new issue