StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

First go at integration tests

Browse source
This commit is contained in:
Dane Everitt 2018-03-04 16:30:16 -06:00
parent 89db9390df
commit e2aa01c9cc
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
16 changed files with 610 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

142
tests/Integration/Api/Application/ApplicationApiIntegrationTestCase.php Normal file
View file

@ -0,0 +1,142 @@
<?php
namespace Pterodactyl\Tests\Integration\Api\Application;
use Pterodactyl\Models\User;
use PHPUnit\Framework\Assert;
use Pterodactyl\Models\ApiKey;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Tests\Traits\Integration\CreatesTestModels;
use Tests\Traits\IntegrationJsonRequestAssertions;
use Pterodactyl\Tests\Integration\IntegrationTestCase;
use Illuminate\Foundation\Testing\DatabaseTransactions;
use Pterodactyl\Transformers\Api\Application\BaseTransformer;
use Pterodactyl\Transformers\Api\Client\BaseClientTransformer;
abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
{
use CreatesTestModels, DatabaseTransactions, IntegrationJsonRequestAssertions;
/**
* @var \Pterodactyl\Models\ApiKey
*/
private $key;
/**
* @var \Pterodactyl\Models\User
*/
private $user;
/**
* Bootstrap application API tests. Creates a default admin user and associated API key
* and also sets some default headers required for accessing the API.
*/
public function setUp()
{
parent::setUp();
$this->user = $this->createApiUser();
$this->key = $this->createApiKey($this->user);
$this->withHeader('Accept', 'application/vnd.pterodactyl.v1+json');
$this->withHeader('Authorization', 'Bearer ' . $this->getApiKey()->identifier . decrypt($this->getApiKey()->token));
$this->withMiddleware('api..key:' . ApiKey::TYPE_APPLICATION);
}
/**
* @return \Pterodactyl\Models\User
*/
public function getApiUser(): User
{
return $this->user;
}
/**
* @return \Pterodactyl\Models\ApiKey
*/
public function getApiKey(): ApiKey
{
return $this->key;
}
/**
* Creates a new default API key and refreshes the headers using it.
*
* @param \Pterodactyl\Models\User $user
* @param array $permissions
* @return \Pterodactyl\Models\ApiKey
*/
protected function createNewDefaultApiKey(User $user, array $permissions = []): ApiKey
{
$this->key = $this->createApiKey($user, $permissions);
$this->refreshHeaders($this->key);
return $this->key;
}
/**
* Refresh the authorization header for a request to use a different API key.
*
* @param \Pterodactyl\Models\ApiKey $key
*/
protected function refreshHeaders(ApiKey $key)
{
$this->withHeader('Authorization', 'Bearer ' . $key->identifier . decrypt($key->token));
}
/**
* Create an administrative user.
*
* @return \Pterodactyl\Models\User
*/
protected function createApiUser(): User
{
return factory(User::class)->create([
'root_admin' => true,
]);
}
/**
* Create a new application API key for a given user model.
*
* @param \Pterodactyl\Models\User $user
* @param array $permissions
* @return \Pterodactyl\Models\ApiKey
*/
protected function createApiKey(User $user, array $permissions = []): ApiKey
{
return factory(ApiKey::class)->create(array_merge([
'user_id' => $user->id,
'key_type' => ApiKey::TYPE_APPLICATION,
'r_servers' => AdminAcl::READ | AdminAcl::WRITE,
'r_nodes' => AdminAcl::READ | AdminAcl::WRITE,
'r_allocations' => AdminAcl::READ | AdminAcl::WRITE,
'r_users' => AdminAcl::READ | AdminAcl::WRITE,
'r_locations' => AdminAcl::READ | AdminAcl::WRITE,
'r_nests' => AdminAcl::READ | AdminAcl::WRITE,
'r_eggs' => AdminAcl::READ | AdminAcl::WRITE,
'r_database_hosts' => AdminAcl::READ | AdminAcl::WRITE,
'r_server_databases' => AdminAcl::READ | AdminAcl::WRITE,
'r_packs' => AdminAcl::READ | AdminAcl::WRITE,
], $permissions));
}
/**
* Return a transformer that can be used for testing purposes.
*
* @param string $abstract
* @return \Pterodactyl\Transformers\Api\Application\BaseTransformer
*/
protected function getTransformer(string $abstract): BaseTransformer
{
/** @var \Pterodactyl\Transformers\Api\Application\BaseTransformer $transformer */
$transformer = $this->app->make($abstract);
$transformer->setKey($this->getApiKey());
Assert::assertInstanceOf(BaseTransformer::class, $transformer);
Assert::assertNotInstanceOf(BaseClientTransformer::class, $transformer);
return $transformer;
}
}

207
tests/Integration/Api/Application/Location/LocationControllerTest.php Normal file
View file

@ -0,0 +1,207 @@
<?php
namespace Pterodactyl\Tests\Integration\Api\Application\Location;
use Pterodactyl\Models\Node;
use Pterodactyl\Models\Location;
use Pterodactyl\Transformers\Api\Application\NodeTransformer;
use Pterodactyl\Transformers\Api\Application\ServerTransformer;
use Pterodactyl\Tests\Integration\Api\Application\ApplicationApiIntegrationTestCase;
class LocationControllerTest extends ApplicationApiIntegrationTestCase
{
/**
* Test getting all locations through the API.
*/
public function testGetLocations()
{
$locations = factory(Location::class)->times(2)->create();
$response = $this->json('GET', '/api/application/locations');
$response->assertStatus(200);
$response->assertJsonCount(2, 'data');
$response->assertJsonStructure([
'object',
'data' => [
['object', 'attributes' => ['id', 'short', 'long', 'created_at', 'updated_at']],
['object', 'attributes' => ['id', 'short', 'long', 'created_at', 'updated_at']],
],
'meta' => ['pagination' => ['total', 'count', 'per_page', 'current_page', 'total_pages']],
]);
$response
->assertJson([
'object' => 'list',
'data' => [[], []],
'meta' => [
'pagination' => [
'total' => 2,
'count' => 2,
'per_page' => 50,
'current_page' => 1,
'total_pages' => 1,
],
],
])
->assertJsonFragment([
'object' => 'location',
'attributes' => [
'id' => $locations[0]->id,
'short' => $locations[0]->short,
'long' => $locations[0]->long,
'created_at' => $this->formatTimestamp($locations[0]->created_at),
'updated_at' => $this->formatTimestamp($locations[0]->updated_at),
],
])->assertJsonFragment([
'object' => 'location',
'attributes' => [
'id' => $locations[1]->id,
'short' => $locations[1]->short,
'long' => $locations[1]->long,
'created_at' => $this->formatTimestamp($locations[1]->created_at),
'updated_at' => $this->formatTimestamp($locations[1]->updated_at),
],
]);
}
/**
* Test getting a single location on the API.
*/
public function testGetSingleLocation()
{
$location = factory(Location::class)->create();
$response = $this->json('GET', '/api/application/locations/' . $location->id);
$response->assertStatus(200);
$response->assertJsonCount(2);
$response->assertJsonStructure(['object', 'attributes' => ['id', 'short', 'long', 'created_at', 'updated_at']]);
$response->assertJson([
'object' => 'location',
'attributes' => [
'id' => $location->id,
'short' => $location->short,
'long' => $location->long,
'created_at' => $this->formatTimestamp($location->created_at),
'updated_at' => $this->formatTimestamp($location->updated_at),
],
], true);
}
/**
* Test that all of the defined relationships for a location can be loaded successfully.
*/
public function testRelationshipsCanBeLoaded()
{
$location = factory(Location::class)->create();
$server = $this->createServerModel(['user_id' => $this->getApiUser()->id, 'location_id' => $location->id]);
$response = $this->json('GET', '/api/application/locations/' . $location->id . '?include=servers,nodes');
$response->assertStatus(200);
$response->assertJsonCount(2)->assertJsonCount(2, 'attributes.relationships');
$response->assertJsonStructure([
'attributes' => [
'relationships' => [
'nodes' => ['object', 'data' => [['attributes' => ['id']]]],
'servers' => ['object', 'data' => [['attributes' => ['id']]]],
],
],
]);
// Just assert that we see the expected relationship IDs in the response.
$response->assertJson([
'attributes' => [
'relationships' => [
'nodes' => [
'object' => 'list',
'data' => [
[
'object' => 'node',
'attributes' => $this->getTransformer(NodeTransformer::class)->transform($server->getRelation('node')),
],
],
],
'servers' => [
'object' => 'list',
'data' => [
[
'object' => 'server',
'attributes' => $this->getTransformer(ServerTransformer::class)->transform($server),
],
],
],
],
],
]);
}
/**
* Test that a relationship that an API key does not have permission to access
* cannot be loaded onto the model.
*/
public function testKeyWithoutPermissionCannotLoadRelationship()
{
$this->createNewDefaultApiKey($this->getApiUser(), ['r_nodes' => 0]);
$location = factory(Location::class)->create();
factory(Node::class)->create(['location_id' => $location->id]);
$response = $this->json('GET', '/api/application/locations/' . $location->id . '?include=nodes');
$response->assertStatus(200);
$response->assertJsonCount(2)->assertJsonCount(1, 'attributes.relationships');
$response->assertJsonStructure([
'attributes' => [
'relationships' => [
'nodes' => ['object', 'attributes'],
],
],
]);
// Just assert that we see the expected relationship IDs in the response.
$response->assertJson([
'attributes' => [
'relationships' => [
'nodes' => [
'object' => 'null_resource',
'attributes' => null,
],
],
],
]);
}
/**
* Test that a missing location returns a 404 error.
*
* GET /api/application/locations/:id
*/
public function testGetMissingLocation()
{
$response = $this->json('GET', '/api/application/locations/nil');
$this->assertNotFoundJson($response);
}
/**
* Test that an authentication error occurs if a key does not have permission
* to access a resource.
*/
public function testErrorReturnedIfNoPermission()
{
$location = factory(Location::class)->create();
$this->createNewDefaultApiKey($this->getApiUser(), ['r_locations' => 0]);
$response = $this->json('GET', '/api/application/locations/' . $location->id);
$this->assertAccessDeniedJson($response);
}
/**
* Test that a location's existence is not exposed unless an API key has permission
* to access the resource.
*/
public function testResourceIsNotExposedWithoutPermissions()
{
$this->createNewDefaultApiKey($this->getApiUser(), ['r_locations' => 0]);
$response = $this->json('GET', '/api/application/locations/nil');
$this->assertAccessDeniedJson($response);
}
}

43
tests/Integration/IntegrationTestCase.php Normal file
View file

@ -0,0 +1,43 @@
<?php
namespace Pterodactyl\Tests\Integration;
use Tests\TestCase;
use Cake\Chronos\Chronos;
use Illuminate\Database\Eloquent\Model;
use Pterodactyl\Transformers\Api\Application\BaseTransformer;
abstract class IntegrationTestCase extends TestCase
{
/**
* Setup base integration test cases.
*/
public function setUp()
{
parent::setUp();
// Disable event dispatcher to prevent eloquence from trying to
// perform validation on models going into the database. If this is
// not disabled, eloquence validation errors get swallowed and
// the tests cannot complete because nothing is put into the database.
Model::unsetEventDispatcher();
}
protected function connectionsToTransact()
{
return ['testing'];
}
/**
* Return an ISO-8601 formatted timestamp to use in the API response.
*
* @param string $timestamp
* @return string
*/
protected function formatTimestamp(string $timestamp): string
{
return Chronos::createFromFormat(Chronos::DEFAULT_TO_STRING_FORMAT, $timestamp)
->setTimezone(BaseTransformer::RESPONSE_TIMEZONE)
->toIso8601String();
}
}

50
tests/Traits/Http/IntegrationJsonRequestAssertions.php Normal file
View file

@ -0,0 +1,50 @@
<?php
namespace Tests\Traits;
use Illuminate\Foundation\Testing\TestResponse;
trait IntegrationJsonRequestAssertions
{
/**
* Make assertions about a 404 response on the API.
*
* @param \Illuminate\Foundation\Testing\TestResponse $response
*/
public function assertNotFoundJson(TestResponse $response)
{
$response->assertStatus(404);
$response->assertJsonStructure(['errors' => [['code', 'status', 'detail']]]);
$response->assertJsonCount(1, 'errors');
$response->assertJson([
'errors' => [
[
'code' => 'NotFoundHttpException',
'status' => '404',
'detail' => 'The requested resource does not exist on this server.',
],
],
], true);
}
/**
* Make assertions about a 403 error returned by the API.
*
* @param \Illuminate\Foundation\Testing\TestResponse $response
*/
public function assertAccessDeniedJson(TestResponse $response)
{
$response->assertStatus(403);
$response->assertJsonStructure(['errors' => [['code', 'status', 'detail']]]);
$response->assertJsonCount(1, 'errors');
$response->assertJson([
'errors' => [
[
'code' => 'AccessDeniedHttpException',
'status' => '403',
'detail' => 'This action is unauthorized.',
],
],
], true);
}
}

77
tests/Traits/Integration/CreatesTestModels.php Normal file
View file

@ -0,0 +1,77 @@
<?php
namespace Tests\Traits\Integration;
use Pterodactyl\Models\Egg;
use Pterodactyl\Models\Nest;
use Pterodactyl\Models\Node;
use Pterodactyl\Models\User;
use Pterodactyl\Models\Server;
use Pterodactyl\Models\Location;
use Pterodactyl\Models\Allocation;
use Illuminate\Database\Eloquent\Factory as EloquentFactory;
trait CreatesTestModels
{
/**
* Creates a server model in the databases for the purpose of testing. If an attribute
* is passed in that normally requires this function to create a model no model will be
* created and that attribute's value will be used.
*
* The returned server model will have all of the relationships loaded onto it.
*
* @param array $attributes
* @return \Pterodactyl\Models\Server
*/
public function createServerModel(array $attributes = []): Server
{
/** @var \Illuminate\Database\Eloquent\Factory $factory */
$factory = $this->app->make(EloquentFactory::class);
if (isset($attributes['user_id'])) {
$attributes['owner_id'] = $attributes['user_id'];
}
if (! isset($attributes['owner_id'])) {
$user = $factory->of(User::class)->create();
$attributes['owner_id'] = $user->id;
}
if (! isset($attributes['node_id'])) {
if (! isset($attributes['location_id'])) {
$location = $factory->of(Location::class)->create();
$attributes['location_id'] = $location->id;
}
$node = $factory->of(Node::class)->create(['location_id' => $attributes['location_id']]);
$attributes['node_id'] = $node->id;
}
if (! isset($attributes['allocation_id'])) {
$allocation = $factory->of(Allocation::class)->create(['node_id' => $attributes['node_id']]);
$attributes['allocation_id'] = $allocation->id;
}
if (! isset($attributes['nest_id'])) {
$nest = Nest::with('eggs')->first();
$attributes['nest_id'] = $nest->id;
if (! isset($attributes['egg_id'])) {
$attributes['egg_id'] = $nest->getRelation('eggs')->first()->id;
}
}
if (! isset($attributes['egg_id'])) {
$egg = Egg::where('nest_id', $attributes['nest_id'])->first();
$attributes['egg_id'] = $egg->id;
}
unset($attributes['user_id'], $attributes['location_id']);
$server = $factory->of(Server::class)->create($attributes);
return Server::with([
'location', 'user', 'node', 'allocation', 'nest', 'egg',
])->findOrFail($server->id);
}
}

1
tests/Unit/Http/Middleware/AdminAuthenticateTest.php
View file

@ -2,6 +2,7 @@
namespace Tests\Unit\Http\Middleware;
use Illuminate\Http\Request;
use Pterodactyl\Models\User;
use Pterodactyl\Http\Middleware\AdminAuthenticate;

11
tests/Unit/Http/Middleware/DaemonAuthenticateTest.php
View file

@ -29,12 +29,12 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
*/
public function testValidDaemonConnection()
{
$this->setRequestRouteName('random.name');
$node = factory(Node::class)->make();
$this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.name');
$this->request->shouldReceive('header')->with('X-Access-Node')->twice()->andReturn($node->uuid);
$this->request->shouldReceive('header')->with('X-Access-Node')->twice()->andReturn($node->daemonSecret);
$this->repository->shouldReceive('findFirstWhere')->with(['daemonSecret' => $node->uuid])->once()->andReturn($node);
$this->repository->shouldReceive('findFirstWhere')->with(['daemonSecret' => $node->daemonSecret])->once()->andReturn($node);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
$this->assertRequestHasAttribute('node');
@ -46,7 +46,7 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
*/
public function testIgnoredRouteShouldContinue()
{
$this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('daemon.configuration');
$this->setRequestRouteName('daemon.configuration');
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
$this->assertRequestMissingAttribute('node');
@ -59,7 +59,8 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
*/
public function testExceptionThrownIfMissingHeader()
{
$this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.name');
$this->setRequestRouteName('random.name');
$this->request->shouldReceive('header')->with('X-Access-Node')->once()->andReturn(false);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());