sonot
/
PteroTheme
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove last references to removed api_key model

This commit is contained in:
Dane Everitt 2021-08-07 15:31:52 -07:00
parent 815ce0e451
commit 3a83a2d5ac
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
8 changed files with 47 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
app/Models/APILog.php
View File

@ -1,38 +0,0 @@
<?php
namespace Pterodactyl\Models;
use Illuminate\Database\Eloquent\Model;
class APILog extends Model
{
/**
* The table associated with the model.
*
* @var string
*/
protected $table = 'api_logs';
/**
* The attributes excluded from the model's JSON form.
*
* @var array
*/
protected $hidden = [];
/**
* Fields that are not mass assignable.
*
* @var array
*/
protected $guarded = ['id', 'created_at', 'updated_at'];
/**
* Cast values to correct type.
*
* @var array
*/
protected $casts = [
'authorized' => 'boolean',
];
}

34
app/Models/ApiKey.php
View File

@ -1,34 +0,0 @@
<?php
namespace Pterodactyl\Models;
use Pterodactyl\Services\Acl\Api\AdminAcl;
class ApiKey extends Model
{
/**
* Different API keys that can exist on the system.
*/
public const TYPE_ACCOUNT = 1;
public const TYPE_APPLICATION = 2;
/**
* Cast values to correct type.
*
* @var array
*/
protected $casts = [
'allowed_ips' => 'array',
'user_id' => 'int',
'r_' . AdminAcl::RESOURCE_USERS => 'int',
'r_' . AdminAcl::RESOURCE_ALLOCATIONS => 'int',
'r_' . AdminAcl::RESOURCE_DATABASE_HOSTS => 'int',
'r_' . AdminAcl::RESOURCE_SERVER_DATABASES => 'int',
'r_' . AdminAcl::RESOURCE_EGGS => 'int',
'r_' . AdminAcl::RESOURCE_LOCATIONS => 'int',
'r_' . AdminAcl::RESOURCE_NESTS => 'int',
'r_' . AdminAcl::RESOURCE_NODES => 'int',
'r_' . AdminAcl::RESOURCE_SERVERS => 'int',
'r_' . AdminAcl::RESOURCE_ROLES => 'int',
];
}

77
tests/Integration/Api/Application/ApplicationApiIntegrationTestCase.php
View File

@ -3,8 +3,7 @@
namespace Pterodactyl\Tests\Integration\Api\Application; namespace Pterodactyl\Tests\Integration\Api\Application;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use Pterodactyl\Models\ApiKey; use Pterodactyl\Models\PersonalAccessToken;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Pterodactyl\Tests\Integration\IntegrationTestCase; use Pterodactyl\Tests\Integration\IntegrationTestCase;
use Illuminate\Foundation\Testing\DatabaseTransactions; use Illuminate\Foundation\Testing\DatabaseTransactions;
use Pterodactyl\Tests\Traits\Integration\CreatesTestModels; use Pterodactyl\Tests\Traits\Integration\CreatesTestModels;
@ -16,16 +15,19 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
use DatabaseTransactions; use DatabaseTransactions;
use IntegrationJsonRequestAssertions; use IntegrationJsonRequestAssertions;
/**
* @var \Pterodactyl\Models\ApiKey
*/
private $key;
/** /**
* @var \Pterodactyl\Models\User * @var \Pterodactyl\Models\User
*/ */
private $user; private $user;
/**
* @var string[]
*/
protected $defaultHeaders = [
'Accept' => 'application/vnd.pterodactyl.v1+json',
'Content-Type' => 'application/json',
];
/** /**
* Bootstrap application API tests. Creates a default admin user and associated API key * Bootstrap application API tests. Creates a default admin user and associated API key
* and also sets some default headers required for accessing the API. * and also sets some default headers required for accessing the API.
@ -35,12 +37,8 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
parent::setUp(); parent::setUp();
$this->user = User::factory()->create(['root_admin' => true]); $this->user = User::factory()->create(['root_admin' => true]);
$this->key = $this->createApiKey($this->user);
$this->withHeader('Accept', 'application/vnd.pterodactyl.v1+json'); $this->createNewAccessToken();
$this->withHeader('Authorization', 'Bearer ' . $this->getApiKey()->identifier . decrypt($this->getApiKey()->token));
$this->withMiddleware('api..key:' . ApiKey::TYPE_APPLICATION);
} }
/** /**
@ -51,62 +49,15 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
return $this->user; return $this->user;
} }
/**
* @return \Pterodactyl\Models\ApiKey
*/
public function getApiKey(): ApiKey
{
return $this->key;
}
/** /**
* Creates a new default API key and refreshes the headers using it. * Creates a new default API key and refreshes the headers using it.
*
* @param \Pterodactyl\Models\User $user
* @param array $permissions
*
* @return \Pterodactyl\Models\ApiKey
*/ */
protected function createNewDefaultApiKey(User $user, array $permissions = []): ApiKey protected function createNewAccessToken(array $abilities = ['*']): PersonalAccessToken
{ {
$this->key = $this->createApiKey($user, $permissions); $token = $this->user->createToken('test', $abilities);
$this->refreshHeaders($this->key);
return $this->key; $this->withHeader('Authorization', 'Bearer ' . $token->plainTextToken);
}
/** return $token->accessToken;
* Refresh the authorization header for a request to use a different API key.
*
* @param \Pterodactyl\Models\ApiKey $key
*/
protected function refreshHeaders(ApiKey $key)
{
$this->withHeader('Authorization', 'Bearer ' . $key->identifier . decrypt($key->token));
}
/**
* Create a new application API key for a given user model.
*
* @param \Pterodactyl\Models\User $user
* @param array $permissions
*
* @return \Pterodactyl\Models\ApiKey
*/
protected function createApiKey(User $user, array $permissions = []): ApiKey
{
return ApiKey::factory()->create(array_merge([
'user_id' => $user->id,
'key_type' => ApiKey::TYPE_APPLICATION,
'r_servers' => AdminAcl::READ | AdminAcl::WRITE,
'r_nodes' => AdminAcl::READ | AdminAcl::WRITE,
'r_allocations' => AdminAcl::READ | AdminAcl::WRITE,
'r_users' => AdminAcl::READ | AdminAcl::WRITE,
'r_locations' => AdminAcl::READ | AdminAcl::WRITE,
'r_nests' => AdminAcl::READ | AdminAcl::WRITE,
'r_eggs' => AdminAcl::READ | AdminAcl::WRITE,
'r_database_hosts' => AdminAcl::READ | AdminAcl::WRITE,
'r_server_databases' => AdminAcl::READ | AdminAcl::WRITE,
], $permissions));
} }
} }

4
tests/Integration/Api/Application/Eggs/EggControllerTest.php
View File

@ -125,7 +125,7 @@ class EggControllerTest extends ApplicationApiIntegrationTestCase
public function testErrorReturnedIfNoPermission() public function testErrorReturnedIfNoPermission()
{ {
$egg = $this->repository->find(1); $egg = $this->repository->find(1);
$this->createNewDefaultApiKey($this->getApiUser(), ['r_eggs' => 0]); $this->createNewAccessToken(['r_eggs' => 0]);
$response = $this->getJson('/api/application/nests/' . $egg->nest_id . '/eggs'); $response = $this->getJson('/api/application/nests/' . $egg->nest_id . '/eggs');
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);
@ -137,7 +137,7 @@ class EggControllerTest extends ApplicationApiIntegrationTestCase
*/ */
public function testResourceIsNotExposedWithoutPermissions() public function testResourceIsNotExposedWithoutPermissions()
{ {
$this->createNewDefaultApiKey($this->getApiUser(), ['r_eggs' => 0]); $this->createNewAccessToken(['r_eggs' => 0]);
$response = $this->getJson('/api/application/eggs/nil'); $response = $this->getJson('/api/application/eggs/nil');
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);

6
tests/Integration/Api/Application/Location/LocationControllerTest.php
View File

@ -142,7 +142,7 @@ class LocationControllerTest extends ApplicationApiIntegrationTestCase
*/ */
public function testKeyWithoutPermissionCannotLoadRelationship() public function testKeyWithoutPermissionCannotLoadRelationship()
{ {
$this->createNewDefaultApiKey($this->getApiUser(), ['r_nodes' => 0]); $this->createNewAccessToken(['r_nodes' => 0]);
$location = Location::factory()->create(); $location = Location::factory()->create();
Node::factory()->create(['location_id' => $location->id]); Node::factory()->create(['location_id' => $location->id]);
@ -189,7 +189,7 @@ class LocationControllerTest extends ApplicationApiIntegrationTestCase
public function testErrorReturnedIfNoPermission() public function testErrorReturnedIfNoPermission()
{ {
$location = Location::factory()->create(); $location = Location::factory()->create();
$this->createNewDefaultApiKey($this->getApiUser(), ['r_locations' => 0]); $this->createNewAccessToken(['r_locations' => 0]);
$response = $this->getJson('/api/application/locations/' . $location->id); $response = $this->getJson('/api/application/locations/' . $location->id);
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);
@ -201,7 +201,7 @@ class LocationControllerTest extends ApplicationApiIntegrationTestCase
*/ */
public function testResourceIsNotExposedWithoutPermissions() public function testResourceIsNotExposedWithoutPermissions()
{ {
$this->createNewDefaultApiKey($this->getApiUser(), ['r_locations' => 0]); $this->createNewAccessToken(['r_locations' => 0]);
$response = $this->getJson('/api/application/locations/nil'); $response = $this->getJson('/api/application/locations/nil');
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);

4
tests/Integration/Api/Application/Nests/NestControllerTest.php
View File

@ -123,7 +123,7 @@ class NestControllerTest extends ApplicationApiIntegrationTestCase
public function testErrorReturnedIfNoPermission() public function testErrorReturnedIfNoPermission()
{ {
$nest = $this->repository->find(1); $nest = $this->repository->find(1);
$this->createNewDefaultApiKey($this->getApiUser(), ['r_nests' => 0]); $this->createNewAccessToken(['r_nests' => 0]);
$response = $this->getJson('/api/application/nests/' . $nest->id); $response = $this->getJson('/api/application/nests/' . $nest->id);
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);
@ -136,7 +136,7 @@ class NestControllerTest extends ApplicationApiIntegrationTestCase
public function testResourceIsNotExposedWithoutPermissions() public function testResourceIsNotExposedWithoutPermissions()
{ {
$nest = $this->repository->find(1); $nest = $this->repository->find(1);
$this->createNewDefaultApiKey($this->getApiUser(), ['r_nests' => 0]); $this->createNewAccessToken(['r_nests' => 0]);
$response = $this->getJson('/api/application/nests/' . $nest->id); $response = $this->getJson('/api/application/nests/' . $nest->id);
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);

4
tests/Integration/Api/Application/Users/ExternalUserControllerTest.php
View File

@ -59,7 +59,7 @@ class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase
public function testErrorReturnedIfNoPermission() public function testErrorReturnedIfNoPermission()
{ {
$user = User::factory()->create(); $user = User::factory()->create();
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]); $this->createNewAccessToken(['r_users' => 0]);
$response = $this->getJson('/api/application/users/external/' . $user->external_id); $response = $this->getJson('/api/application/users/external/' . $user->external_id);
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);
@ -71,7 +71,7 @@ class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase
*/ */
public function testResourceIsNotExposedWithoutPermissions() public function testResourceIsNotExposedWithoutPermissions()
{ {
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]); $this->createNewAccessToken(['r_users' => 0]);
$response = $this->getJson('/api/application/users/external/nil'); $response = $this->getJson('/api/application/users/external/nil');
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);

47
tests/Integration/Api/Application/Users/UserControllerTest.php
View File

@ -16,7 +16,8 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
*/ */
public function testGetUsers() public function testGetUsers()
{ {
$user = User::factory()->create(); $user = $this->getApiUser();
$created = User::factory()->create();
$response = $this->getJson('/api/application/users'); $response = $this->getJson('/api/application/users');
$response->assertStatus(Response::HTTP_OK); $response->assertStatus(Response::HTTP_OK);
@ -45,24 +46,6 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
], ],
], ],
]) ])
->assertJsonFragment([
'object' => 'user',
'attributes' => [
'id' => $this->getApiUser()->id,
'external_id' => $this->getApiUser()->external_id,
'uuid' => $this->getApiUser()->uuid,
'username' => $this->getApiUser()->username,
'email' => $this->getApiUser()->email,
'language' => $this->getApiUser()->language,
'admin_role_id' => $this->getApiUser()->admin_role_id,
'root_admin' => (bool) $this->getApiUser()->root_admin,
'2fa' => (bool) $this->getApiUser()->totp_enabled,
'avatar_url' => $this->getApiUser()->avatarURL(),
'role_name' => $this->getApiUser()->adminRoleName(),
'created_at' => $this->formatTimestamp($this->getApiUser()->created_at),
'updated_at' => $this->formatTimestamp($this->getApiUser()->updated_at),
],
])
->assertJsonFragment([ ->assertJsonFragment([
'object' => 'user', 'object' => 'user',
'attributes' => [ 'attributes' => [
@ -80,6 +63,24 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
'created_at' => $this->formatTimestamp($user->created_at), 'created_at' => $this->formatTimestamp($user->created_at),
'updated_at' => $this->formatTimestamp($user->updated_at), 'updated_at' => $this->formatTimestamp($user->updated_at),
], ],
])
->assertJsonFragment([
'object' => 'user',
'attributes' => [
'id' => $created->id,
'external_id' => $created->external_id,
'uuid' => $created->uuid,
'username' => $created->username,
'email' => $created->email,
'language' => $created->language,
'admin_role_id' => $created->admin_role_id,
'root_admin' => (bool) $created->root_admin,
'2fa' => (bool) $created->totp_enabled,
'avatar_url' => $created->avatarURL(),
'role_name' => $created->adminRoleName(),
'created_at' => $this->formatTimestamp($created->created_at),
'updated_at' => $this->formatTimestamp($created->updated_at),
],
]); ]);
} }
@ -152,7 +153,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
*/ */
public function testKeyWithoutPermissionCannotLoadRelationship() public function testKeyWithoutPermissionCannotLoadRelationship()
{ {
$this->createNewDefaultApiKey($this->getApiUser(), ['r_servers' => 0]); $this->createNewAccessToken(['r_servers' => 0]);
$user = User::factory()->create(); $user = User::factory()->create();
$this->createServerModel(['user_id' => $user->id]); $this->createServerModel(['user_id' => $user->id]);
@ -197,7 +198,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
public function testErrorReturnedIfNoPermission() public function testErrorReturnedIfNoPermission()
{ {
$user = User::factory()->create(); $user = User::factory()->create();
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]); $this->createNewAccessToken(['r_users' => 0]);
$response = $this->getJson('/api/application/users/' . $user->id); $response = $this->getJson('/api/application/users/' . $user->id);
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);
@ -209,7 +210,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
*/ */
public function testResourceIsNotExposedWithoutPermissions() public function testResourceIsNotExposedWithoutPermissions()
{ {
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]); $this->createNewAccessToken(['r_users' => 0]);
$response = $this->getJson('/api/application/users/nil'); $response = $this->getJson('/api/application/users/nil');
$this->assertAccessDeniedJson($response); $this->assertAccessDeniedJson($response);
@ -294,7 +295,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
*/ */
public function testApiKeyWithoutWritePermissions(string $method, string $url) public function testApiKeyWithoutWritePermissions(string $method, string $url)
{ {
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => AdminAcl::READ]); $this->createNewAccessToken(['r_users' => AdminAcl::READ]);
if (str_contains($url, '{id}')) { if (str_contains($url, '{id}')) {
$user = User::factory()->create(); $user = User::factory()->create();