StarMC/Astral-nook
StarMC/Astral-nook
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Implement changes to administrative user revocation, closes #733

Browse source
This commit is contained in:
Dane Everitt 2017-12-03 14:00:47 -06:00
parent 20beb2f280
commit 975597b4d0
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
19 changed files with 458 additions and 125 deletions
Download patch file Download diff file Expand all files Collapse all files

115
tests/Unit/Services/DaemonKeys/RevokeMultipleDaemonKeysServiceTest.php Normal file
View file

@ -0,0 +1,115 @@
<?php
namespace Tests\Unit\Services\DaemonKeys;
use Mockery as m;
use Tests\TestCase;
use Pterodactyl\Models\User;
use Pterodactyl\Models\Server;
use Pterodactyl\Models\DaemonKey;
use Tests\Traits\MocksRequestException;
use Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface;
use Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService;
use Pterodactyl\Contracts\Repository\Daemon\ServerRepositoryInterface;
class RevokeMultipleDaemonKeysServiceTest extends TestCase
{
use MocksRequestException;
/**
* @var \Pterodactyl\Contracts\Repository\Daemon\ServerRepositoryInterface|\Mockery\Mock
*/
private $daemonRepository;
/**
* @var \Pterodactyl\Contracts\Repository\DaemonKeyRepositoryInterface|\Mockery\Mock
*/
private $repository;
/**
* Setup tests.
*/
public function setUp()
{
parent::setUp();
$this->daemonRepository = m::mock(ServerRepositoryInterface::class);
$this->repository = m::mock(DaemonKeyRepositoryInterface::class);
}
/**
* Test that keys can be successfully revoked.
*/
public function testSuccessfulKeyRevocation()
{
$user = factory(User::class)->make();
$server = factory(Server::class)->make();
$key = factory(DaemonKey::class)->make(['user_id' => $user->id]);
$key->setRelation('server', $server);
$this->repository->shouldReceive('getKeysForRevocation')->with($user)->once()->andReturn(collect([$key]));
$this->daemonRepository->shouldReceive('setNode')->with($server->node_id)->once()->andReturnSelf();
$this->daemonRepository->shouldReceive('revokeAccessKey')->with([$key->secret])->once()->andReturnNull();
$this->repository->shouldReceive('deleteKeys')->with([$key->id])->once()->andReturnNull();
$this->getService()->handle($user);
$this->assertTrue(true);
}
/**
* Test that an exception thrown by a call to the daemon is handled.
*
* @expectedException \Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException
*/
public function testExceptionThrownFromDaemonCallIsHandled()
{
$this->configureExceptionMock();
$user = factory(User::class)->make();
$server = factory(Server::class)->make();
$key = factory(DaemonKey::class)->make(['user_id' => $user->id]);
$key->setRelation('server', $server);
$this->repository->shouldReceive('getKeysForRevocation')->with($user)->once()->andReturn(collect([$key]));
$this->daemonRepository->shouldReceive('setNode->revokeAccessKey')->with([$key->secret])->once()->andThrow($this->getExceptionMock());
$this->getService()->handle($user);
}
/**
* Test that the behavior for handling exceptions that should not be thrown
* immediately is working correctly and adds them to the array.
*/
public function testIgnoredExceptionsAreHandledProperly()
{
$this->configureExceptionMock();
$user = factory(User::class)->make();
$server = factory(Server::class)->make();
$key = factory(DaemonKey::class)->make(['user_id' => $user->id]);
$key->setRelation('server', $server);
$this->repository->shouldReceive('getKeysForRevocation')->with($user)->once()->andReturn(collect([$key]));
$this->daemonRepository->shouldReceive('setNode->revokeAccessKey')->with([$key->secret])->once()->andThrow($this->getExceptionMock());
$this->repository->shouldReceive('deleteKeys')->with([$key->id])->once()->andReturnNull();
$service = $this->getService();
$service->handle($user, true);
$this->assertNotEmpty($service->getExceptions());
$this->assertArrayHasKey($server->node_id, $service->getExceptions());
$this->assertSame(array_get($service->getExceptions(), $server->node_id), $this->getExceptionMock());
$this->assertTrue(true);
}
/**
* Return an instance of the service for testing.
*
* @return \Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService
*/
private function getService(): RevokeMultipleDaemonKeysService
{
return new RevokeMultipleDaemonKeysService($this->repository, $this->daemonRepository);
}
}

90
tests/Unit/Services/Users/UserUpdateServiceTest.php
View file

@ -1,36 +1,32 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* This software is licensed under the terms of the MIT license.
* https://opensource.org/licenses/MIT
*/
namespace Tests\Unit\Services\Users;
use Mockery as m;
use Tests\TestCase;
use Pterodactyl\Models\User;
use Illuminate\Support\Collection;
use Illuminate\Contracts\Hashing\Hasher;
use Pterodactyl\Services\Users\UserUpdateService;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
use Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService;
class UserUpdateServiceTest extends TestCase
{
/**
* @var \Illuminate\Contracts\Hashing\Hasher
* @var \Illuminate\Contracts\Hashing\Hasher|\Mockery\Mock
*/
protected $hasher;
private $hasher;
/**
* @var \Pterodactyl\Contracts\Repository\UserRepositoryInterface
* @var \Pterodactyl\Contracts\Repository\UserRepositoryInterface|\Mockery\Mock
*/
protected $repository;
private $repository;
/**
* @var \Pterodactyl\Services\Users\UserUpdateService
* @var \Pterodactyl\Services\DaemonKeys\RevokeMultipleDaemonKeysService|\Mockery\Mock
*/
protected $service;
private $revocationService;
/**
* Setup tests.
@ -41,8 +37,7 @@ class UserUpdateServiceTest extends TestCase
$this->hasher = m::mock(Hasher::class);
$this->repository = m::mock(UserRepositoryInterface::class);
$this->service = new UserUpdateService($this->hasher, $this->repository);
$this->revocationService = m::mock(RevokeMultipleDaemonKeysService::class);
}
/**
@ -50,9 +45,14 @@ class UserUpdateServiceTest extends TestCase
*/
public function testUpdateUserWithoutTouchingHasherIfNoPasswordPassed()
{
$this->repository->shouldReceive('update')->with(1, ['test-data' => 'value'])->once()->andReturnNull();
$user = factory(User::class)->make();
$this->revocationService->shouldReceive('getExceptions')->withNoArgs()->once()->andReturn([]);
$this->repository->shouldReceive('update')->with($user->id, ['test-data' => 'value'])->once()->andReturnNull();
$this->assertNull($this->service->handle(1, ['test-data' => 'value']));
$response = $this->getService()->handle($user, ['test-data' => 'value']);
$this->assertInstanceOf(Collection::class, $response);
$this->assertTrue($response->has('model'));
$this->assertTrue($response->has('exceptions'));
}
/**
@ -60,9 +60,61 @@ class UserUpdateServiceTest extends TestCase
*/
public function testUpdateUserAndHashPasswordIfProvided()
{
$user = factory(User::class)->make();
$this->hasher->shouldReceive('make')->with('raw_pass')->once()->andReturn('enc_pass');
$this->repository->shouldReceive('update')->with(1, ['password' => 'enc_pass'])->once()->andReturnNull();
$this->revocationService->shouldReceive('getExceptions')->withNoArgs()->once()->andReturn([]);
$this->repository->shouldReceive('update')->with($user->id, ['password' => 'enc_pass'])->once()->andReturnNull();
$this->assertNull($this->service->handle(1, ['password' => 'raw_pass']));
$response = $this->getService()->handle($user, ['password' => 'raw_pass']);
$this->assertInstanceOf(Collection::class, $response);
$this->assertTrue($response->has('model'));
$this->assertTrue($response->has('exceptions'));
}
/**
* Test that an admin can revoke a user's administrative status.
*/
public function testAdministrativeUserRevokingAdminStatus()
{
$user = factory(User::class)->make(['root_admin' => true]);
$service = $this->getService();
$service->setUserLevel(User::USER_LEVEL_ADMIN);
$this->revocationService->shouldReceive('handle')->with($user, false)->once()->andReturnNull();
$this->revocationService->shouldReceive('getExceptions')->withNoArgs()->once()->andReturn([]);
$this->repository->shouldReceive('update')->with($user->id, ['root_admin' => false])->once()->andReturnNull();
$response = $service->handle($user, ['root_admin' => false]);
$this->assertInstanceOf(Collection::class, $response);
$this->assertTrue($response->has('model'));
$this->assertTrue($response->has('exceptions'));
}
/**
* Test that a normal user is unable to set an administrative status for themselves.
*/
public function testNormalUserShouldNotRevokeAdminStatus()
{
$user = factory(User::class)->make(['root_admin' => false]);
$service = $this->getService();
$service->setUserLevel(User::USER_LEVEL_USER);
$this->revocationService->shouldReceive('getExceptions')->withNoArgs()->once()->andReturn([]);
$this->repository->shouldReceive('update')->with($user->id, [])->once()->andReturnNull();
$response = $service->handle($user, ['root_admin' => true]);
$this->assertInstanceOf(Collection::class, $response);
$this->assertTrue($response->has('model'));
$this->assertTrue($response->has('exceptions'));
}
/**
* Return an instance of the service for testing.
*
* @return \Pterodactyl\Services\Users\UserUpdateService
*/
private function getService(): UserUpdateService
{
return new UserUpdateService($this->hasher, $this->revocationService, $this->repository);
}
}