StarMC/Astral-nook
StarMC/Astral-nook
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Implement fix to allow root admins to view all servers.

Browse source 
closes #722
This commit is contained in:
Dane Everitt 2017-11-05 12:38:39 -06:00
parent fb2909a1c7
commit 6409fffdad
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
22 changed files with 143 additions and 166 deletions
Download patch file Download diff file Expand all files Collapse all files

26
tests/Unit/Http/Controllers/Base/IndexControllerTest.php
View file

@ -10,17 +10,16 @@
namespace Tests\Unit\Http\Controllers\Base;
use Mockery as m;
use Tests\TestCase;
use Illuminate\Http\Request;
use Pterodactyl\Models\User;
use Pterodactyl\Models\Server;
use Tests\Assertions\ControllerAssertionsTrait;
use Tests\Unit\Http\Controllers\ControllerTestCase;
use Pterodactyl\Http\Controllers\Base\IndexController;
use Pterodactyl\Services\DaemonKeys\DaemonKeyProviderService;
use Pterodactyl\Contracts\Repository\ServerRepositoryInterface;
use Pterodactyl\Contracts\Repository\Daemon\ServerRepositoryInterface as DaemonServerRepositoryInterface;
class IndexControllerTest extends TestCase
class IndexControllerTest extends ControllerTestCase
{
use ControllerAssertionsTrait;
@ -44,11 +43,6 @@ class IndexControllerTest extends TestCase
*/
protected $repository;
/**
* @var \Illuminate\Http\Request|\Mockery\Mock
*/
protected $request;
/**
* Setup tests.
*/
@ -59,7 +53,6 @@ class IndexControllerTest extends TestCase
$this->daemonRepository = m::mock(DaemonServerRepositoryInterface::class);
$this->keyProviderService = m::mock(DaemonKeyProviderService::class);
$this->repository = m::mock(ServerRepositoryInterface::class);
$this->request = m::mock(Request::class);
$this->controller = new IndexController($this->keyProviderService, $this->daemonRepository, $this->repository);
}
@ -69,9 +62,8 @@ class IndexControllerTest extends TestCase
*/
public function testIndexController()
{
$model = factory(User::class)->make();
$model = $this->setRequestUser();
$this->request->shouldReceive('user')->withNoArgs()->andReturn($model);
$this->request->shouldReceive('input')->with('query')->once()->andReturn('searchTerm');
$this->repository->shouldReceive('search')->with('searchTerm')->once()->andReturnSelf()
->shouldReceive('filterUserAccessServers')->with(
@ -90,12 +82,11 @@ class IndexControllerTest extends TestCase
*/
public function testStatusController()
{
$user = factory(User::class)->make();
$user = $this->setRequestUser();
$server = factory(Server::class)->make(['suspended' => 0, 'installed' => 1]);
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturn($user);
$this->repository->shouldReceive('findFirstWhere')->with([['uuidShort', '=', $server->uuidShort]])->once()->andReturn($server);
$this->keyProviderService->shouldReceive('handle')->with($server->id, $user->id)->once()->andReturn('test123');
$this->keyProviderService->shouldReceive('handle')->with($server, $user)->once()->andReturn('test123');
$this->daemonRepository->shouldReceive('setNode')->with($server->node_id)->once()->andReturnSelf()
->shouldReceive('setAccessServer')->with($server->uuid)->once()->andReturnSelf()
@ -114,12 +105,11 @@ class IndexControllerTest extends TestCase
*/
public function testStatusControllerWhenServerNotInstalled()
{
$user = factory(User::class)->make();
$user = $this->setRequestUser();
$server = factory(Server::class)->make(['suspended' => 0, 'installed' => 0]);
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturn($user);
$this->repository->shouldReceive('findFirstWhere')->with([['uuidShort', '=', $server->uuidShort]])->once()->andReturn($server);
$this->keyProviderService->shouldReceive('handle')->with($server->id, $user->id)->once()->andReturn('test123');
$this->keyProviderService->shouldReceive('handle')->with($server, $user)->once()->andReturn('test123');
$response = $this->controller->status($this->request, $server->uuidShort);
$this->assertIsJsonResponse($response);
@ -137,7 +127,7 @@ class IndexControllerTest extends TestCase
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturn($user);
$this->repository->shouldReceive('findFirstWhere')->with([['uuidShort', '=', $server->uuidShort]])->once()->andReturn($server);
$this->keyProviderService->shouldReceive('handle')->with($server->id, $user->id)->once()->andReturn('test123');
$this->keyProviderService->shouldReceive('handle')->with($server, $user)->once()->andReturn('test123');
$response = $this->controller->status($this->request, $server->uuidShort);
$this->assertIsJsonResponse($response);

17
tests/Unit/Http/Middleware/AdminAuthenticateTest.php
View file

@ -4,7 +4,6 @@ namespace Tests\Unit\Http\Middleware;
use Pterodactyl\Models\User;
use Pterodactyl\Http\Middleware\AdminAuthenticate;
use Symfony\Component\HttpKernel\Exception\HttpException;
class AdminAuthenticateTest extends MiddlewareTestCase
{
@ -22,20 +21,20 @@ class AdminAuthenticateTest extends MiddlewareTestCase
/**
* Test that a missing user in the request triggers an error.
*
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
*/
public function testExceptionIsThrownIfUserDoesNotExist()
{
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
try {
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
} catch (HttpException $exception) {
$this->assertEquals(403, $exception->getStatusCode());
}
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test that an exception is thrown if the user is not an admin.
*
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
*/
public function testExceptionIsThrownIfUserIsNotAnAdmin()
{
@ -43,11 +42,7 @@ class AdminAuthenticateTest extends MiddlewareTestCase
$this->request->shouldReceive('user')->withNoArgs()->twice()->andReturn($user);
try {
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
} catch (HttpException $exception) {
$this->assertEquals(403, $exception->getStatusCode());
}
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**

23
tests/Unit/Http/Middleware/AuthenticateTest.php
View file

@ -2,7 +2,6 @@
namespace Tests\Unit\Http\Middleware;
use Illuminate\Http\RedirectResponse;
use Pterodactyl\Http\Middleware\Authenticate;
class AuthenticateTest extends MiddlewareTestCase
@ -18,29 +17,13 @@ class AuthenticateTest extends MiddlewareTestCase
}
/**
* Test that a logged out user results in a redirect.
* Test that a logged out user results in an exception.
*
* @expectedException \Illuminate\Auth\AuthenticationException
*/
public function testLoggedOutUser()
{
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
$this->request->shouldReceive('ajax')->withNoArgs()->once()->andReturn(false);
$this->request->shouldReceive('expectsJson')->withNoArgs()->once()->andReturn(false);
$response = $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
$this->assertInstanceOf(RedirectResponse::class, $response);
$this->assertEquals(302, $response->getStatusCode());
$this->assertEquals(route('auth.login'), $response->getTargetUrl());
}
/**
* Test that a logged out user via an API/Ajax request returns a HTTP error.
*
* @expectedException \Illuminate\Auth\AuthenticationException
*/
public function testLoggedOUtUserApiRequest()
{
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
$this->request->shouldReceive('ajax')->withNoArgs()->once()->andReturn(true);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}

8
tests/Unit/Http/Middleware/Daemon/DaemonAuthenticateTest.php
View file

@ -60,6 +60,8 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
/**
* Test that passing in an invalid node daemon secret will result in a HTTP/403
* error response.
*
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
*/
public function testResponseShouldFailIfNoNodeIsFound()
{
@ -68,11 +70,7 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
$this->repository->shouldReceive('findFirstWhere')->with([['daemonSecret', '=', 'test1234']])->once()->andThrow(new RecordNotFoundException);
try {
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
} catch (HttpException $exception) {
$this->assertEquals(403, $exception->getStatusCode(), 'Assert that a status code of 403 is returned.');
}
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**

6
tests/Unit/Http/Middleware/Server/AuthenticateAsSubuserTest.php
View file

@ -42,7 +42,7 @@ class AuthenticateAsSubuserTest extends MiddlewareTestCase
$user = $this->setRequestUser();
$this->setRequestAttribute('server', $model);
$this->keyProviderService->shouldReceive('handle')->with($model->id, $user->id)->once()->andReturn('abc123');
$this->keyProviderService->shouldReceive('handle')->with($model, $user)->once()->andReturn('abc123');
$this->session->shouldReceive('now')->with('server_data.token', 'abc123')->once()->andReturnNull();
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
@ -53,7 +53,7 @@ class AuthenticateAsSubuserTest extends MiddlewareTestCase
/**
* Test middleware handles missing token exception.
*
* @expectedException \Illuminate\Auth\AuthenticationException
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
* @expectedExceptionMessage This account does not have permission to access this server.
*/
public function testExceptionIsThrownIfNoTokenIsFound()
@ -62,7 +62,7 @@ class AuthenticateAsSubuserTest extends MiddlewareTestCase
$user = $this->setRequestUser();
$this->setRequestAttribute('server', $model);
$this->keyProviderService->shouldReceive('handle')->with($model->id, $user->id)->once()->andThrow(new RecordNotFoundException);
$this->keyProviderService->shouldReceive('handle')->with($model, $user)->once()->andThrow(new RecordNotFoundException);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}