StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat: bump account key limit to 25 (#4417)

Browse source 
Closes #4394
This commit is contained in:
Dane Everitt 2022-10-08 14:14:03 -07:00 committed by GitHub
parent 2e61a4db13
commit e0e0689846
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

7
tests/Integration/Api/Client/ApiKeyControllerTest.php
View file

@ -96,16 +96,17 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
}
/**
* Test that no more than 5 API keys can exist at any one time for an account. This prevents
* Test that no more than 25 API keys can exist at any one time for an account. This prevents
* a DoS attack vector against the panel.
*
* @see https://github.com/pterodactyl/panel/security/advisories/GHSA-pjmh-7xfm-r4x9
* @see https://github.com/pterodactyl/panel/issues/4394
*/
public function testNoMoreThanFiveApiKeysCanBeCreatedForAnAccount()
public function testApiKeyLimitIsApplied()
{
/** @var \Pterodactyl\Models\User $user */
$user = User::factory()->create();
ApiKey::factory()->times(5)->for($user)->create([
ApiKey::factory()->times(25)->for($user)->create([
'key_type' => ApiKey::TYPE_ACCOUNT,
]);