StarMC/Astral-nook
StarMC/Astral-nook
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Implement fix to allow root admins to view all servers.

Browse source 
closes #722
This commit is contained in:
Dane Everitt 2017-11-05 12:38:39 -06:00
parent fb2909a1c7
commit 6409fffdad
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
22 changed files with 143 additions and 166 deletions
Download patch file Download diff file Expand all files Collapse all files

17
tests/Unit/Http/Middleware/AdminAuthenticateTest.php
View file

@ -4,7 +4,6 @@ namespace Tests\Unit\Http\Middleware;
use Pterodactyl\Models\User;
use Pterodactyl\Http\Middleware\AdminAuthenticate;
use Symfony\Component\HttpKernel\Exception\HttpException;
class AdminAuthenticateTest extends MiddlewareTestCase
{
@ -22,20 +21,20 @@ class AdminAuthenticateTest extends MiddlewareTestCase
/**
* Test that a missing user in the request triggers an error.
*
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
*/
public function testExceptionIsThrownIfUserDoesNotExist()
{
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
try {
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
} catch (HttpException $exception) {
$this->assertEquals(403, $exception->getStatusCode());
}
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test that an exception is thrown if the user is not an admin.
*
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
*/
public function testExceptionIsThrownIfUserIsNotAnAdmin()
{
@ -43,11 +42,7 @@ class AdminAuthenticateTest extends MiddlewareTestCase
$this->request->shouldReceive('user')->withNoArgs()->twice()->andReturn($user);
try {
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
} catch (HttpException $exception) {
$this->assertEquals(403, $exception->getStatusCode());
}
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**

23
tests/Unit/Http/Middleware/AuthenticateTest.php
View file

@ -2,7 +2,6 @@
namespace Tests\Unit\Http\Middleware;
use Illuminate\Http\RedirectResponse;
use Pterodactyl\Http\Middleware\Authenticate;
class AuthenticateTest extends MiddlewareTestCase
@ -18,29 +17,13 @@ class AuthenticateTest extends MiddlewareTestCase
}
/**
* Test that a logged out user results in a redirect.
* Test that a logged out user results in an exception.
*
* @expectedException \Illuminate\Auth\AuthenticationException
*/
public function testLoggedOutUser()
{
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
$this->request->shouldReceive('ajax')->withNoArgs()->once()->andReturn(false);
$this->request->shouldReceive('expectsJson')->withNoArgs()->once()->andReturn(false);
$response = $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
$this->assertInstanceOf(RedirectResponse::class, $response);
$this->assertEquals(302, $response->getStatusCode());
$this->assertEquals(route('auth.login'), $response->getTargetUrl());
}
/**
* Test that a logged out user via an API/Ajax request returns a HTTP error.
*
* @expectedException \Illuminate\Auth\AuthenticationException
*/
public function testLoggedOUtUserApiRequest()
{
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
$this->request->shouldReceive('ajax')->withNoArgs()->once()->andReturn(true);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}

8
tests/Unit/Http/Middleware/Daemon/DaemonAuthenticateTest.php
View file

@ -60,6 +60,8 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
/**
* Test that passing in an invalid node daemon secret will result in a HTTP/403
* error response.
*
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
*/
public function testResponseShouldFailIfNoNodeIsFound()
{
@ -68,11 +70,7 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
$this->repository->shouldReceive('findFirstWhere')->with([['daemonSecret', '=', 'test1234']])->once()->andThrow(new RecordNotFoundException);
try {
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
} catch (HttpException $exception) {
$this->assertEquals(403, $exception->getStatusCode(), 'Assert that a status code of 403 is returned.');
}
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**

6
tests/Unit/Http/Middleware/Server/AuthenticateAsSubuserTest.php
View file

@ -42,7 +42,7 @@ class AuthenticateAsSubuserTest extends MiddlewareTestCase
$user = $this->setRequestUser();
$this->setRequestAttribute('server', $model);
$this->keyProviderService->shouldReceive('handle')->with($model->id, $user->id)->once()->andReturn('abc123');
$this->keyProviderService->shouldReceive('handle')->with($model, $user)->once()->andReturn('abc123');
$this->session->shouldReceive('now')->with('server_data.token', 'abc123')->once()->andReturnNull();
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
@ -53,7 +53,7 @@ class AuthenticateAsSubuserTest extends MiddlewareTestCase
/**
* Test middleware handles missing token exception.
*
* @expectedException \Illuminate\Auth\AuthenticationException
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
* @expectedExceptionMessage This account does not have permission to access this server.
*/
public function testExceptionIsThrownIfNoTokenIsFound()
@ -62,7 +62,7 @@ class AuthenticateAsSubuserTest extends MiddlewareTestCase
$user = $this->setRequestUser();
$this->setRequestAttribute('server', $model);
$this->keyProviderService->shouldReceive('handle')->with($model->id, $user->id)->once()->andThrow(new RecordNotFoundException);
$this->keyProviderService->shouldReceive('handle')->with($model, $user)->once()->andThrow(new RecordNotFoundException);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}