Add more middleware tests

tests/Unit/Http/Middleware/AdminAuthenticateTest.php

@@ -0,0 +1,62 @@
+<?php
+
+namespace Tests\Unit\Http\Middleware;
+
+use Pterodactyl\Models\User;
+use Pterodactyl\Http\Middleware\AdminAuthenticate;
+use Symfony\Component\HttpKernel\Exception\HttpException;
+
+class AdminAuthenticateTest extends MiddlewareTestCase
+{
+    /**
+     * Test that an admin is authenticated.
+     */
+    public function testAdminsAreAuthenticated()
+    {
+        $user = factory(User::class)->make(['root_admin' => 1]);
+
+        $this->request->shouldReceive('user')->withNoArgs()->twice()->andReturn($user);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Test that a missing user in the request triggers an error.
+     */
+    public function testExceptionIsThrownIfUserDoesNotExist()
+    {
+        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
+
+        try {
+            $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+        } catch (HttpException $exception) {
+            $this->assertEquals(403, $exception->getStatusCode());
+        }
+    }
+
+    /**
+     * Test that an exception is thrown if the user is not an admin.
+     */
+    public function testExceptionIsThrownIfUserIsNotAnAdmin()
+    {
+        $user = factory(User::class)->make(['root_admin' => 0]);
+
+        $this->request->shouldReceive('user')->withNoArgs()->twice()->andReturn($user);
+
+        try {
+            $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+        } catch (HttpException $exception) {
+            $this->assertEquals(403, $exception->getStatusCode());
+        }
+    }
+
+    /**
+     * Return an instance of the middleware using mocked dependencies.
+     *
+     * @return \Pterodactyl\Http\Middleware\AdminAuthenticate
+     */
+    private function getMiddleware(): AdminAuthenticate
+    {
+        return new AdminAuthenticate();
+    }
+}

tests/Unit/Http/Middleware/AuthenticateTest.php

@@ -0,0 +1,57 @@
+<?php
+
+namespace Tests\Unit\Http\Middleware;
+
+use Illuminate\Http\RedirectResponse;
+use Pterodactyl\Http\Middleware\Authenticate;
+
+class AuthenticateTest extends MiddlewareTestCase
+{
+    /**
+     * Test that a logged in user validates correctly.
+     */
+    public function testLoggedInUser()
+    {
+        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturn(true);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Test that a logged out user results in a redirect.
+     */
+    public function testLoggedOutUser()
+    {
+        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
+        $this->request->shouldReceive('ajax')->withNoArgs()->once()->andReturn(false);
+        $this->request->shouldReceive('expectsJson')->withNoArgs()->once()->andReturn(false);
+
+        $response = $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+        $this->assertInstanceOf(RedirectResponse::class, $response);
+        $this->assertEquals(302, $response->getStatusCode());
+        $this->assertEquals(route('auth.login'), $response->getTargetUrl());
+    }
+
+    /**
+     * Test that a logged out user via an API/Ajax request returns a HTTP error.
+     *
+     * @expectedException \Illuminate\Auth\AuthenticationException
+     */
+    public function testLoggedOUtUserApiRequest()
+    {
+        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
+        $this->request->shouldReceive('ajax')->withNoArgs()->once()->andReturn(true);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Return an instance of the middleware using mocked dependencies.
+     *
+     * @return \Pterodactyl\Http\Middleware\Authenticate
+     */
+    private function getMiddleware(): Authenticate
+    {
+        return new Authenticate();
+    }
+}

tests/Unit/Http/Middleware/DaemonAuthenticateTest.php

@@ -0,0 +1,77 @@
+<?php
+
+namespace Tests\Unit\Http\Middleware;
+
+use Mockery as m;
+use Pterodactyl\Models\Node;
+use Pterodactyl\Http\Middleware\DaemonAuthenticate;
+use Pterodactyl\Contracts\Repository\NodeRepositoryInterface;
+
+class DaemonAuthenticateTest extends MiddlewareTestCase
+{
+    /**
+     * @var \Pterodactyl\Contracts\Repository\NodeRepositoryInterface|\Mockery\Mock
+     */
+    private $repository;
+
+    /**
+     * Setup tests.
+     */
+    public function setUp()
+    {
+        parent::setUp();
+
+        $this->repository = m::mock(NodeRepositoryInterface::class);
+    }
+
+    /**
+     * Test a valid daemon connection.
+     */
+    public function testValidDaemonConnection()
+    {
+        $node = factory(Node::class)->make();
+
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.name');
+        $this->request->shouldReceive('header')->with('X-Access-Node')->twice()->andReturn($node->uuid);
+
+        $this->repository->shouldReceive('findWhere')->with(['daemonSecret' => $node->uuid])->once()->andReturn($node);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+        $this->assertRequestHasAttribute('node');
+        $this->assertRequestAttributeEquals($node, 'node');
+    }
+
+    /**
+     * Test that ignored routes do not continue through the middleware.
+     */
+    public function testIgnoredRouteShouldContinue()
+    {
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('daemon.configuration');
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+        $this->assertRequestMissingAttribute('node');
+    }
+
+    /**
+     * Test that a request missing a X-Access-Node header causes an exception.
+     *
+     * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
+     */
+    public function testExceptionThrownIfMissingHeader()
+    {
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.name');
+        $this->request->shouldReceive('header')->with('X-Access-Node')->once()->andReturn(false);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Return an instance of the middleware using mocked dependencies.
+     *
+     * @return \Pterodactyl\Http\Middleware\DaemonAuthenticate
+     */
+    private function getMiddleware(): DaemonAuthenticate
+    {
+        return new DaemonAuthenticate($this->repository);
+    }
+}

tests/Unit/Http/Middleware/LanguageMiddlewareTest.php

@@ -0,0 +1,53 @@
+<?php
+
+namespace Tests\Unit\Http\Middleware;
+
+use Mockery as m;
+use Illuminate\Foundation\Application;
+use Illuminate\Contracts\Config\Repository;
+use Pterodactyl\Http\Middleware\LanguageMiddleware;
+
+class LanguageMiddlewareTest extends MiddlewareTestCase
+{
+    /**
+     * @var \Illuminate\Foundation\Application|\Mockery\Mock
+     */
+    private $appMock;
+
+    /**
+     * @var \Illuminate\Contracts\Config\Repository|\Mockery\Mock
+     */
+    private $config;
+
+    /**
+     * Setup tests.
+     */
+    public function setUp()
+    {
+        parent::setUp();
+
+        $this->appMock = m::mock(Application::class);
+        $this->config = m::mock(Repository::class);
+    }
+
+    /**
+     * Test that a language is defined via the middleware.
+     */
+    public function testLanguageIsSet()
+    {
+        $this->config->shouldReceive('get')->with('app.locale', 'en')->once()->andReturn('en');
+        $this->appMock->shouldReceive('setLocale')->with('en')->once()->andReturnNull();
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Return an instance of the middleware using mocked dependencies.
+     *
+     * @return \Pterodactyl\Http\Middleware\LanguageMiddleware
+     */
+    private function getMiddleware(): LanguageMiddleware
+    {
+        return new LanguageMiddleware($this->appMock, $this->config);
+    }
+}

tests/Unit/Http/Middleware/RedirectIfAuthenticatedTest.php

@@ -0,0 +1,60 @@
+<?php
+
+namespace Tests\Unit\Http\Middleware;
+
+use Mockery as m;
+use Illuminate\Auth\AuthManager;
+use Illuminate\Http\RedirectResponse;
+use Pterodactyl\Http\Middleware\RedirectIfAuthenticated;
+
+class RedirectIfAuthenticatedTest extends MiddlewareTestCase
+{
+    /**
+     * @var \Illuminate\Auth\AuthManager|\Mockery\Mock
+     */
+    private $authManager;
+
+    /**
+     * Setup tests.
+     */
+    public function setUp()
+    {
+        parent::setUp();
+
+        $this->authManager = m::mock(AuthManager::class);
+    }
+
+    /**
+     * Test that an authenticated user is redirected.
+     */
+    public function testAuthenticatedUserIsRedirected()
+    {
+        $this->authManager->shouldReceive('guard')->with(null)->once()->andReturnSelf();
+        $this->authManager->shouldReceive('check')->with(null)->once()->andReturn(true);
+
+        $response = $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+        $this->assertInstanceOf(RedirectResponse::class, $response);
+        $this->assertEquals(route('index'), $response->getTargetUrl());
+    }
+
+    /**
+     * Test that a non-authenticated user continues through the middleware.
+     */
+    public function testNonAuthenticatedUserIsNotRedirected()
+    {
+        $this->authManager->shouldReceive('guard')->with(null)->once()->andReturnSelf();
+        $this->authManager->shouldReceive('check')->with(null)->once()->andReturn(false);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Return an instance of the middleware using mocked dependencies.
+     *
+     * @return \Pterodactyl\Http\Middleware\RedirectIfAuthenticated
+     */
+    private function getMiddleware(): RedirectIfAuthenticated
+    {
+        return new RedirectIfAuthenticated($this->authManager);
+    }
+}

tests/Unit/Http/Middleware/RequireTwoFactorAuthenticationTest.php

@@ -0,0 +1,181 @@
+<?php
+
+namespace Tests\Unit\Http\Middleware;
+
+use Mockery as m;
+use Pterodactyl\Models\User;
+use Krucas\Settings\Settings;
+use Illuminate\Http\RedirectResponse;
+use Prologue\Alerts\AlertsMessageBag;
+use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
+
+class RequireTwoFactorAuthenticationTest extends MiddlewareTestCase
+{
+    /**
+     * @var \Prologue\Alerts\AlertsMessageBag|\Mockery\Mock
+     */
+    private $alert;
+
+    /**
+     * @var \Krucas\Settings\Settings|\Mockery\Mock
+     */
+    private $settings;
+
+    /**
+     * Setup tests.
+     */
+    public function setUp()
+    {
+        parent::setUp();
+
+        $this->alert = m::mock(AlertsMessageBag::class);
+        $this->settings = m::mock(Settings::class);
+    }
+
+    /**
+     * Test that a missing user does not trigger this middleware.
+     */
+    public function testRequestMissingUser()
+    {
+        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Test that the middleware is ignored on specific routes.
+     *
+     * @dataProvider ignoredRoutesDataProvider
+     */
+    public function testRequestOnIgnoredRoute($route)
+    {
+        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturn(true);
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn($route);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Test disabled 2FA requirement.
+     */
+    public function testTwoFactorRequirementDisabled()
+    {
+        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturn(true);
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route');
+
+        $this->settings->shouldReceive('get')->with('2fa', 0)->once()->andReturn(RequireTwoFactorAuthentication::LEVEL_NONE);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Test 2FA required for admins as an administrative user who has 2FA disabled.
+     */
+    public function testTwoFactorEnabledForAdminsAsAdminUserWith2FADisabled()
+    {
+        $user = factory(User::class)->make(['root_admin' => 1, 'use_totp' => 0]);
+
+        $this->request->shouldReceive('user')->withNoArgs()->times(3)->andReturn($user);
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route');
+
+        $this->settings->shouldReceive('get')->with('2fa', 0)->once()->andReturn(RequireTwoFactorAuthentication::LEVEL_ADMIN);
+        $this->alert->shouldReceive('danger')->with(trans('auth.2fa_must_be_enabled'))->once()->andReturnSelf();
+        $this->alert->shouldReceive('flash')->withNoArgs()->once()->andReturnSelf();
+
+        $response = $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+        $this->assertInstanceOf(RedirectResponse::class, $response);
+        $this->assertEquals(route('account.security'), $response->getTargetUrl());
+    }
+
+    /**
+     * Test 2FA required for admins as an administrative user who has 2FA enabled.
+     */
+    public function testTwoFactorEnabledForAdminsAsAdminUserWith2FAEnabled()
+    {
+        $user = factory(User::class)->make(['root_admin' => 1, 'use_totp' => 1]);
+
+        $this->request->shouldReceive('user')->withNoArgs()->times(3)->andReturn($user);
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route');
+
+        $this->settings->shouldReceive('get')->with('2fa', 0)->once()->andReturn(RequireTwoFactorAuthentication::LEVEL_ADMIN);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Test 2FA required for admins as an administrative user.
+     */
+    public function testTwoFactorEnabledForAdminsAsNonAdmin()
+    {
+        $user = factory(User::class)->make(['root_admin' => 0]);
+
+        $this->request->shouldReceive('user')->withNoArgs()->twice()->andReturn($user);
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route');
+
+        $this->settings->shouldReceive('get')->with('2fa', 0)->once()->andReturn(RequireTwoFactorAuthentication::LEVEL_ADMIN);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Test 2FA required for all users without 2FA enabled.
+     */
+    public function testTwoFactorEnabledForAllUsersAsUserWith2FADisabled()
+    {
+        $user = factory(User::class)->make(['use_totp' => 0]);
+
+        $this->request->shouldReceive('user')->withNoArgs()->twice()->andReturn($user);
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route');
+
+        $this->settings->shouldReceive('get')->with('2fa', 0)->once()->andReturn(RequireTwoFactorAuthentication::LEVEL_ALL);
+        $this->alert->shouldReceive('danger')->with(trans('auth.2fa_must_be_enabled'))->once()->andReturnSelf();
+        $this->alert->shouldReceive('flash')->withNoArgs()->once()->andReturnSelf();
+
+        $response = $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+        $this->assertInstanceOf(RedirectResponse::class, $response);
+        $this->assertEquals(route('account.security'), $response->getTargetUrl());
+    }
+
+    /**
+     * Test 2FA required for all users without 2FA enabled.
+     */
+    public function testTwoFactorEnabledForAllUsersAsUserWith2FAEnabled()
+    {
+        $user = factory(User::class)->make(['use_totp' => 1]);
+
+        $this->request->shouldReceive('user')->withNoArgs()->twice()->andReturn($user);
+        $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route');
+
+        $this->settings->shouldReceive('get')->with('2fa', 0)->once()->andReturn(RequireTwoFactorAuthentication::LEVEL_ALL);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Routes that should be ignored.
+     *
+     * @return array
+     */
+    public function ignoredRoutesDataProvider()
+    {
+        return [
+            ['account.security'],
+            ['account.security.revoke'],
+            ['account.security.totp'],
+            ['account.security.totp.set'],
+            ['account.security.totp.disable'],
+            ['auth.totp'],
+            ['auth.logout'],
+        ];
+    }
+
+    /**
+     * Return an instance of the middleware using mocked dependencies.
+     *
+     * @return \Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication
+     */
+    private function getMiddleware(): RequireTwoFactorAuthentication
+    {
+        return new RequireTwoFactorAuthentication($this->alert, $this->settings);
+    }
+}