Merge branch 'develop' into matthewpi/transfer-improvements

This commit is contained in:
Dane Everitt 2020-12-24 10:27:44 -08:00 committed by GitHub
commit 2d081e5170
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 193 deletions

View File

@ -3,12 +3,12 @@
"meta": {
"version": "PTDL_v1"
},
"exported_at": "2020-11-03T04:22:56+00:00",
"exported_at": "2020-12-04T12:08:20-05:00",
"name": "Paper",
"author": "parker@pterodactyl.io",
"description": "High performance Spigot fork that aims to fix gameplay and mechanics inconsistencies.",
"features": ["eula"],
"image": "quay.io\/pterodactyl\/core:java",
"image": "quay.io\/pterodactyl\/core:java-11",
"startup": "java -Xms128M -Xmx{{SERVER_MEMORY}}M -Dterminal.jline=false -Dterminal.ansi=true -jar {{SERVER_JARFILE}}",
"config": {
"files": "{\r\n \"server.properties\": {\r\n \"parser\": \"properties\",\r\n \"find\": {\r\n \"server-ip\": \"0.0.0.0\",\r\n \"server-port\": \"{{server.build.default.port}}\"\r\n }\r\n }\r\n}",
@ -18,7 +18,7 @@
},
"scripts": {
"installation": {
"script": "#!\/bin\/bash\r\n# Paper Installation Script\r\n#\r\n# Server Files: \/mnt\/server\r\napt update\r\napt install -y curl jq\r\n\r\nif [ -n \"${DL_PATH}\" ]; then\r\n echo -e \"using supplied download url\"\r\n DOWNLOAD_URL=`eval echo $(echo ${DL_PATH} | sed -e 's\/{{\/${\/g' -e 's\/}}\/}\/g')`\r\nelse\r\n VER_EXISTS=`curl -s https:\/\/papermc.io\/api\/v1\/paper | jq -r --arg VERSION $MINECRAFT_VERSION '.versions[] | contains($VERSION)' | grep true`\r\n LATEST_PAPER_VERSION=`curl -s https:\/\/papermc.io\/api\/v1\/paper | jq -r '.versions' | jq -r '.[0]'`\r\n \r\n if [ \"${VER_EXISTS}\" == \"true\" ]; then\r\n echo -e \"Version is valid. Using version ${MINECRAFT_VERSION}\"\r\n else\r\n echo -e \"Using the latest paper version\"\r\n MINECRAFT_VERSION=${LATEST_PAPER_VERSION}\r\n fi\r\n \r\n BUILD_EXISTS=`curl -s https:\/\/papermc.io\/api\/v1\/paper\/${MINECRAFT_VERSION} | jq -r --arg BUILD ${BUILD_NUMBER} '.builds.all[] | IN($BUILD)' | grep true`\r\n LATEST_PAPER_BUILD=`curl -s https:\/\/papermc.io\/api\/v1\/paper\/${MINECRAFT_VERSION} | jq -r '.builds.latest'`\r\n \r\n if [ \"${BUILD_EXISTS}\" == \"true\" ] || [ ${BUILD_NUMBER} == \"latest\" ]; then\r\n echo -e \"Build is valid. Using version ${BUILD_NUMBER}\"\r\n else\r\n echo -e \"Using the latest paper build\"\r\n BUILD_NUMBER=${LATEST_PAPER_BUILD}\r\n fi\r\n \r\n echo \"Version being downloaded\"\r\n echo -e \"MC Version: ${MINECRAFT_VERSION}\"\r\n echo -e \"Build: ${BUILD_NUMBER}\"\r\n DOWNLOAD_URL=https:\/\/papermc.io\/api\/v1\/paper\/${MINECRAFT_VERSION}\/${BUILD_NUMBER}\/download \r\nfi\r\n\r\ncd \/mnt\/server\r\n\r\necho -e \"running curl -o ${SERVER_JARFILE} ${DOWNLOAD_URL}\"\r\n\r\nif [ -f ${SERVER_JARFILE} ]; then\r\n mv ${SERVER_JARFILE} ${SERVER_JARFILE}.old\r\nfi\r\n\r\ncurl -o ${SERVER_JARFILE} ${DOWNLOAD_URL}\r\n\r\nif [ ! -f server.properties ]; then\r\n echo -e \"Downloading MC server.properties\"\r\n curl -o server.properties https:\/\/raw.githubusercontent.com\/parkervcp\/eggs\/master\/minecraft\/java\/server.properties\r\nfi",
"script": "#!\/bin\/bash\r\n# Paper Installation Script\r\n#\r\n# Server Files: \/mnt\/server\r\nPROJECT=paper\r\n\r\napt update\r\napt install -y curl jq\r\n\r\nif [ -n \"${DL_PATH}\" ]; then\r\n\techo -e \"Using supplied download url: ${DL_PATH}\"\r\n\tDOWNLOAD_URL=`eval echo $(echo ${DL_PATH} | sed -e 's\/{{\/${\/g' -e 's\/}}\/}\/g')`\r\nelse\r\n\tVER_EXISTS=`curl -s https:\/\/papermc.io\/api\/v2\/projects\/${PROJECT} | jq -r --arg VERSION $MINECRAFT_VERSION '.versions[] | contains($VERSION)' | grep true`\r\n\tLATEST_VERSION=`curl -s https:\/\/papermc.io\/api\/v2\/projects\/${PROJECT} | jq -r '.versions' | jq -r '.[-1]'`\r\n\r\n\tif [ \"${VER_EXISTS}\" == \"true\" ]; then\r\n\t\techo -e \"Version is valid. Using version ${MINECRAFT_VERSION}\"\r\n\telse\r\n\t\techo -e \"Using the latest ${PROJECT} version\"\r\n\t\tMINECRAFT_VERSION=${LATEST_VERSION}\r\n\tfi\r\n\t\r\n\tBUILD_EXISTS=`curl -s https:\/\/papermc.io\/api\/v2\/projects\/${PROJECT}\/versions\/${MINECRAFT_VERSION} | jq -r --arg BUILD ${BUILD_NUMBER} '.builds[] | tostring | contains($BUILD)' | grep true`\r\n\tLATEST_BUILD=`curl -s https:\/\/papermc.io\/api\/v2\/projects\/${PROJECT}\/versions\/${MINECRAFT_VERSION} | jq -r '.builds' | jq -r '.[-1]'`\r\n\t\r\n\tif [ \"${BUILD_EXISTS}\" == \"true\" ]; then\r\n\t\techo -e \"Build is valid for version ${MINECRAFT_VERSION}. Using build ${BUILD_NUMBER}\"\r\n\telse\r\n\t\techo -e \"Using the latest ${PROJECT} build for version ${MINECRAFT_VERSION}\"\r\n\t\tBUILD_NUMBER=${LATEST_BUILD}\r\n\tfi\r\n\t\r\n\tJAR_NAME=${PROJECT}-${MINECRAFT_VERSION}-${BUILD_NUMBER}.jar\r\n\t\r\n\techo \"Version being downloaded\"\r\n\techo -e \"MC Version: ${MINECRAFT_VERSION}\"\r\n\techo -e \"Build: ${BUILD_NUMBER}\"\r\n\techo -e \"JAR Name of Build: ${JAR_NAME}\"\r\n\tDOWNLOAD_URL=https:\/\/papermc.io\/api\/v2\/projects\/${PROJECT}\/versions\/${MINECRAFT_VERSION}\/builds\/${BUILD_NUMBER}\/downloads\/${JAR_NAME}\r\nfi\r\n\r\ncd \/mnt\/server\r\n\r\necho -e \"Running curl -o ${SERVER_JARFILE} ${DOWNLOAD_URL}\"\r\n\r\nif [ -f ${SERVER_JARFILE} ]; then\r\n\tmv ${SERVER_JARFILE} ${SERVER_JARFILE}.old\r\nfi\r\n\r\ncurl -o ${SERVER_JARFILE} ${DOWNLOAD_URL}\r\n\r\nif [ ! -f server.properties ]; then\r\n echo -e \"Downloading MC server.properties\"\r\n curl -o server.properties https:\/\/raw.githubusercontent.com\/parkervcp\/eggs\/master\/minecraft\/java\/server.properties\r\nfi",
"container": "debian:buster-slim",
"entrypoint": "bash"
}

View File

@ -22,7 +22,7 @@ class WebsocketControllerTest extends ClientApiIntegrationTestCase
$this->actingAs($user)->getJson("/api/client/servers/{$server->uuid}/websocket")
->assertStatus(Response::HTTP_FORBIDDEN)
->assertJsonPath('errors.0.code', 'HttpException')
->assertJsonPath('errors.0.code', 'HttpForbiddenException')
->assertJsonPath('errors.0.detail', 'You do not have permission to connect to this server\'s websocket.');
}

View File

@ -1,189 +0,0 @@
<?php
namespace Tests\Unit\Http\Middleware;
use Mockery as m;
use Pterodactyl\Models\User;
use Illuminate\Http\RedirectResponse;
use Prologue\Alerts\AlertsMessageBag;
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
class RequireTwoFactorAuthenticationTest extends MiddlewareTestCase
{
/**
* @var \Prologue\Alerts\AlertsMessageBag|\Mockery\Mock
*/
private $alert;
/**
* Setup tests.
*/
public function setUp(): void
{
parent::setUp();
$this->alert = m::mock(AlertsMessageBag::class);
}
/**
* Test that a missing user does not trigger this middleware.
*/
public function testRequestMissingUser()
{
$this->setRequestUserModel(null);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test that the middleware is ignored on specific routes.
*
* @dataProvider ignoredRoutesDataProvider
* @param string $route
*/
public function testRequestOnIgnoredRoute($route)
{
$this->generateRequestUserModel();
$this->setRequestRouteName($route);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test disabled 2FA requirement.
*/
public function testTwoFactorRequirementDisabled()
{
$this->generateRequestUserModel();
$this->setRequestRouteName('random.route');
$this->setRequirementLevel(RequireTwoFactorAuthentication::LEVEL_NONE);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test that an invalid value for the level skips the check and continues with the request.
*/
public function testTwoFactorRequirementWithInvalidValue()
{
$this->generateRequestUserModel();
$this->setRequestRouteName('random.route');
$this->setRequirementLevel(333);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test 2FA required for admins as an administrative user who has 2FA disabled.
*/
public function testTwoFactorEnabledForAdminsAsAdminUserWith2FADisabled()
{
$user = factory(User::class)->make(['root_admin' => 1, 'use_totp' => 0]);
$this->setRequestUserModel($user);
$this->setRequestRouteName('random.route');
$this->setRequirementLevel(RequireTwoFactorAuthentication::LEVEL_ADMIN);
$this->alert->shouldReceive('danger')->with(trans('auth.2fa_must_be_enabled'))->once()->andReturnSelf();
$this->alert->shouldReceive('flash')->withNoArgs()->once()->andReturnSelf();
$response = $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
$this->assertInstanceOf(RedirectResponse::class, $response);
$this->assertEquals(route('account'), $response->getTargetUrl());
}
/**
* Test 2FA required for admins as an administrative user who has 2FA enabled.
*/
public function testTwoFactorEnabledForAdminsAsAdminUserWith2FAEnabled()
{
$user = factory(User::class)->make(['root_admin' => 1, 'use_totp' => 1]);
$this->setRequestUserModel($user);
$this->setRequestRouteName('random.route');
$this->setRequirementLevel(RequireTwoFactorAuthentication::LEVEL_ADMIN);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test 2FA required for admins as an administrative user.
*/
public function testTwoFactorEnabledForAdminsAsNonAdmin()
{
$user = factory(User::class)->make(['root_admin' => 0]);
$this->setRequestUserModel($user);
$this->setRequestRouteName('random.route');
$this->setRequirementLevel(RequireTwoFactorAuthentication::LEVEL_ADMIN);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test 2FA required for all users without 2FA enabled.
*/
public function testTwoFactorEnabledForAllUsersAsUserWith2FADisabled()
{
$user = factory(User::class)->make(['use_totp' => 0]);
$this->setRequestUserModel($user);
$this->setRequestRouteName('random.route');
$this->setRequirementLevel(RequireTwoFactorAuthentication::LEVEL_ALL);
$this->alert->shouldReceive('danger')->with(trans('auth.2fa_must_be_enabled'))->once()->andReturnSelf();
$this->alert->shouldReceive('flash')->withNoArgs()->once()->andReturnSelf();
$response = $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
$this->assertInstanceOf(RedirectResponse::class, $response);
$this->assertEquals(route('account'), $response->getTargetUrl());
}
/**
* Test 2FA required for all users without 2FA enabled.
*/
public function testTwoFactorEnabledForAllUsersAsUserWith2FAEnabled()
{
$user = factory(User::class)->make(['use_totp' => 1]);
$this->setRequestUserModel($user);
$this->setRequestRouteName('random.route');
$this->setRequirementLevel(RequireTwoFactorAuthentication::LEVEL_ALL);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Routes that should be ignored.
*
* @return array
*/
public function ignoredRoutesDataProvider()
{
return [
['auth'],
['account'],
['account.security.revoke'],
['account.security.totp'],
['account.security.totp.set'],
['account.security.totp.disable'],
['auth.totp'],
['auth.logout'],
];
}
/**
* Return an instance of the middleware using mocked dependencies.
*
* @return \Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication
*/
private function getMiddleware(): RequireTwoFactorAuthentication
{
return new RequireTwoFactorAuthentication($this->alert);
}
/**
* Set the authentication level requirement.
*
* @param int $level
*/
private function setRequirementLevel(int $level)
{
config()->set('pterodactyl.auth.2fa_required', $level);
}
}