From 536180ed0c30c3e0da161b6344b819be3ca1aeb6 Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Tue, 23 Jun 2020 21:59:37 -0700 Subject: [PATCH] Return Http test cases to a passing state --- .phpunit.result.cache | 1 + app/Http/Kernel.php | 11 -- .../Api/Daemon/DaemonAuthenticate.php | 18 +- .../Server/DatabaseBelongsToServer.php | 56 ------ .../Server/ScheduleBelongsToServer.php | 60 ------ .../Server/SubuserBelongsToServer.php | 67 ------- composer.json | 2 +- composer.lock | 15 +- database/factories/ModelFactory.php | 2 +- .../Admin/StatisticsControllerTest.php | 110 ----------- .../Base/AccountControllerTest.php | 0 .../Controllers/Base/IndexControllerTest.php | 181 ------------------ .../Base/SecurityControllerTest.php | 156 --------------- .../Http/Middleware/AdminAuthenticateTest.php | 9 +- .../Api/Application/AuthenticateUserTest.php | 11 +- .../{API => Api}/AuthenticateIPAccessTest.php | 7 +- .../{API => Api}/AuthenticateKeyTest.php | 11 +- .../Api/Daemon/DaemonAuthenticateTest.php | 101 ++++++++-- .../{API => Api}/SetSessionDriverTest.php | 2 +- .../Unit/Http/Middleware/AuthenticateTest.php | 5 +- .../Middleware/DaemonAuthenticateTest.php | 78 -------- .../Server/AccessingValidServerTest.php | 14 +- .../Server/AuthenticateAsSubuserTest.php | 7 +- .../Server/DatabaseBelongsToServerTest.php | 92 --------- .../Server/ScheduleBelongsToServerTest.php | 81 -------- .../Server/SubuserBelongsToServerTest.php | 156 --------------- 26 files changed, 140 insertions(+), 1113 deletions(-) create mode 100644 .phpunit.result.cache delete mode 100644 app/Http/Middleware/Server/DatabaseBelongsToServer.php delete mode 100644 app/Http/Middleware/Server/ScheduleBelongsToServer.php delete mode 100644 app/Http/Middleware/Server/SubuserBelongsToServer.php delete mode 100644 tests/Unit/Http/Controllers/Admin/StatisticsControllerTest.php delete mode 100644 tests/Unit/Http/Controllers/Base/AccountControllerTest.php delete mode 100644 tests/Unit/Http/Controllers/Base/IndexControllerTest.php delete mode 100644 tests/Unit/Http/Controllers/Base/SecurityControllerTest.php rename tests/Unit/Http/Middleware/{API => Api}/AuthenticateIPAccessTest.php (92%) rename tests/Unit/Http/Middleware/{API => Api}/AuthenticateKeyTest.php (96%) rename tests/Unit/Http/Middleware/{API => Api}/SetSessionDriverTest.php (96%) delete mode 100644 tests/Unit/Http/Middleware/DaemonAuthenticateTest.php delete mode 100644 tests/Unit/Http/Middleware/Server/DatabaseBelongsToServerTest.php delete mode 100644 tests/Unit/Http/Middleware/Server/ScheduleBelongsToServerTest.php delete mode 100644 tests/Unit/Http/Middleware/Server/SubuserBelongsToServerTest.php diff --git a/.phpunit.result.cache b/.phpunit.result.cache new file mode 100644 index 000000000..f220749fb --- /dev/null +++ b/.phpunit.result.cache @@ -0,0 +1 @@ +C:37:"PHPUnit\Runner\DefaultTestResultCache":21204:{a:2:{s:7:"defects";a:37:{s:79:"Tests\Unit\Http\Controllers\Admin\StatisticsControllerTest::testIndexController";i:4;s:73:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testIndexController";i:4;s:74:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusController";i:4;s:96:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusControllerWhenServerNotInstalled";i:4;s:95:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusControllerWhenServerIsSuspended";i:4;s:103:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusControllerWithServerConnectionException";i:4;s:94:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusControllerWithRequestException";i:4;s:87:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testIndexWithout2FactorEnabled";i:4;s:84:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testIndexWith2FactorEnabled";i:4;s:83:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testStore with data set #0";i:4;s:83:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testStore with data set #1";i:4;s:108:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testStoreWithInvalidTokenException with data set #0";i:4;s:108:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testStoreWithInvalidTokenException with data set #1";i:4;s:82:"Tests\Unit\Http\Middleware\API\Application\AuthenticateUserTest::testNoUserDefined";i:6;s:81:"Tests\Unit\Http\Middleware\API\Application\AuthenticateUserTest::testNonAdminUser";i:6;s:74:"Tests\Unit\Http\Middleware\API\AuthenticateIPAccessTest::testWithInvalidIP";i:6;s:73:"Tests\Unit\Http\Middleware\API\AuthenticateKeyTest::testInvalidIdentifier";i:6;s:81:"Tests\Unit\Http\Middleware\API\AuthenticateKeyTest::testInvalidTokenForIdentifier";i:6;s:105:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldContinueIfRouteIsExempted";i:4;s:103:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfNoTokenIsProvided";i:4;s:99:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfNoNodeIsFound";i:4;s:93:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testSuccessfulMiddlewareProcess";i:4;s:89:"Tests\Unit\Http\Middleware\AdminAuthenticateTest::testExceptionIsThrownIfUserDoesNotExist";i:6;s:89:"Tests\Unit\Http\Middleware\AdminAuthenticateTest::testExceptionIsThrownIfUserIsNotAnAdmin";i:6;s:62:"Tests\Unit\Http\Middleware\AuthenticateTest::testLoggedOutUser";i:6;s:76:"Tests\Unit\Http\Middleware\DaemonAuthenticateTest::testValidDaemonConnection";i:4;s:81:"Tests\Unit\Http\Middleware\DaemonAuthenticateTest::testIgnoredRouteShouldContinue";i:4;s:85:"Tests\Unit\Http\Middleware\DaemonAuthenticateTest::testExceptionThrownIfMissingHeader";i:3;s:100:"Tests\Unit\Http\Middleware\Server\AccessingValidServerTest::testExceptionIsThrownIfServerIsSuspended";i:6;s:103:"Tests\Unit\Http\Middleware\Server\AccessingValidServerTest::testExceptionIsThrownIfServerIsNotInstalled";i:6;s:98:"Tests\Unit\Http\Middleware\Server\AuthenticateAsSubuserTest::testExceptionIsThrownIfNoTokenIsFound";i:6;s:107:"Tests\Unit\Http\Middleware\Server\DatabaseBelongsToServerTest::testExceptionIsThrownIfNoDatabaseRecordFound";i:6;s:119:"Tests\Unit\Http\Middleware\Server\DatabaseBelongsToServerTest::testExceptionIsThrownIfDatabaseServerDoesNotMatchCurrent";i:6;s:115:"Tests\Unit\Http\Middleware\Server\ScheduleBelongsToServerTest::testExceptionIsThrownIfScheduleDoesNotBelongToServer";i:6;s:123:"Tests\Unit\Http\Middleware\Server\SubuserBelongsToServerTest::testExceptionIsThrownIfSubuserServerDoesNotMatchRequestServer";i:6;s:101:"Tests\Unit\Http\Middleware\Server\SubuserBelongsToServerTest::testExceptionIsThrownIfNoSubuserIsFound";i:6;s:100:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfNodeIsNotFound";i:5;}s:5:"times";a:167:{s:81:"Tests\Unit\Commands\Environment\EmailSettingsCommandTest::testSmtpDriverSelection";d:0.692;s:98:"Tests\Unit\Commands\Environment\EmailSettingsCommandTest::testSmtpDriverSelectionWithOptionsPassed";d:0.038;s:84:"Tests\Unit\Commands\Environment\EmailSettingsCommandTest::testPHPMailDriverSelection";d:0.046;s:84:"Tests\Unit\Commands\Environment\EmailSettingsCommandTest::testMailgunDriverSelection";d:0.05;s:101:"Tests\Unit\Commands\Environment\EmailSettingsCommandTest::testMailgunDriverSelectionWithOptionsPassed";d:0.037;s:85:"Tests\Unit\Commands\Environment\EmailSettingsCommandTest::testMandrillDriverSelection";d:0.052;s:102:"Tests\Unit\Commands\Environment\EmailSettingsCommandTest::testMandrillDriverSelectionWithOptionsPassed";d:0.038;s:85:"Tests\Unit\Commands\Environment\EmailSettingsCommandTest::testPostmarkDriverSelection";d:0.051;s:102:"Tests\Unit\Commands\Environment\EmailSettingsCommandTest::testPostmarkDriverSelectionWithOptionsPassed";d:0.037;s:77:"Tests\Unit\Commands\Location\DeleteLocationCommandTest::testLocationIsDeleted";d:0.106;s:93:"Tests\Unit\Commands\Location\DeleteLocationCommandTest::testLocationIsDeletedIfPassedInOption";d:0.042;s:106:"Tests\Unit\Commands\Location\DeleteLocationCommandTest::testInteractiveEnvironmentAllowsReAttemptingSearch";d:0.06;s:115:"Tests\Unit\Commands\Location\DeleteLocationCommandTest::testNonInteractiveEnvironmentThrowsErrorIfNoLocationIsFound";d:0.041;s:94:"Tests\Unit\Commands\Location\MakeLocationCommandTest::testLocationIsCreatedWithNoOptionsPassed";d:0.044;s:95:"Tests\Unit\Commands\Location\MakeLocationCommandTest::testLocationIsCreatedWhenOptionsArePassed";d:0.045;s:109:"Tests\Unit\Commands\Maintenance\CleanServiceBackupFilesCommandTest::testCommandCleansFilesMoreThan5MinutesOld";d:0.044;s:114:"Tests\Unit\Commands\Maintenance\CleanServiceBackupFilesCommandTest::testCommandDoesNotCleanFileLessThan5MinutesOld";d:0.039;s:77:"Tests\Unit\Commands\Schedule\ProcessRunnableCommandTest::testScheduleIsQueued";d:0.062;s:94:"Tests\Unit\Commands\Schedule\ProcessRunnableCommandTest::testScheduleWithNoTasksIsNotProcessed";d:0.042;s:127:"Tests\Unit\Commands\Schedule\ProcessRunnableCommandTest::testScheduleWithTasksObjectThatIsNotInstanceOfCollectionIsNotProcessed";d:0.042;s:69:"Tests\Unit\Commands\Server\BulkPowerActionCommandTest::testSendAction";d:0.149;s:74:"Tests\Unit\Commands\Server\BulkPowerActionCommandTest::testSendWithFilters";d:0.05;s:79:"Tests\Unit\Commands\Server\BulkPowerActionCommandTest::testSendWithEmptyOptions";d:0.043;s:92:"Tests\Unit\Commands\Server\BulkPowerActionCommandTest::testValidationErrors with data set #0";d:0.043;s:92:"Tests\Unit\Commands\Server\BulkPowerActionCommandTest::testValidationErrors with data set #1";d:0.038;s:92:"Tests\Unit\Commands\Server\BulkPowerActionCommandTest::testValidationErrors with data set #2";d:0.038;s:92:"Tests\Unit\Commands\Server\BulkPowerActionCommandTest::testValidationErrors with data set #3";d:0.038;s:92:"Tests\Unit\Commands\Server\BulkPowerActionCommandTest::testValidationErrors with data set #4";d:0.038;s:72:"Tests\Unit\Commands\User\DeleteUserCommandTest::testCommandWithNoOptions";d:0.065;s:83:"Tests\Unit\Commands\User\DeleteUserCommandTest::testCommandWithInvalidInitialSearch";d:0.047;s:67:"Tests\Unit\Commands\User\DeleteUserCommandTest::testReSearchAbility";d:0.044;s:102:"Tests\Unit\Commands\User\DeleteUserCommandTest::testAnsweringNoToDeletionConfirmationWillNotDeleteUser";d:0.043;s:81:"Tests\Unit\Commands\User\DeleteUserCommandTest::testNoInteractionWithSingleResult";d:0.043;s:84:"Tests\Unit\Commands\User\DeleteUserCommandTest::testNoInteractionWithMultipleResults";d:0.045;s:78:"Tests\Unit\Commands\User\DeleteUserCommandTest::testNoInteractionWithNoResults";d:0.037;s:97:"Tests\Unit\Commands\User\DisableTwoFactorCommandTest::testTwoFactorIsDisabledWhenNoOptionIsPassed";d:0.041;s:95:"Tests\Unit\Commands\User\DisableTwoFactorCommandTest::testTwoFactorIsDisabledWhenOptionIsPassed";d:0.041;s:76:"Tests\Unit\Commands\User\MakeUserCommandTest::testCommandWithNoPassedOptions";d:0.053;s:77:"Tests\Unit\Commands\User\MakeUserCommandTest::testCommandWithNoPasswordOption";d:0.044;s:74:"Tests\Unit\Commands\User\MakeUserCommandTest::testCommandWithOptionsPassed";d:0.043;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #0";d:0.603;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #1";d:0.038;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #2";d:0.038;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #3";d:0.038;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #4";d:0.041;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #5";d:0.037;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #6";d:0.038;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #7";d:0.037;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #8";d:0.037;s:59:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #9";d:0.037;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #10";d:0.038;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #11";d:0.038;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #12";d:0.037;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #13";d:0.039;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #14";d:0.038;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #15";d:0.037;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #16";d:0.037;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #17";d:0.037;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #18";d:0.043;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #19";d:0.037;s:60:"Tests\Unit\Helpers\IsDigitTest::testHelper with data set #20";d:0.037;s:77:"Tests\Unit\Http\Controllers\Admin\DatabaseControllerTest::testIndexController";d:0.174;s:76:"Tests\Unit\Http\Controllers\Admin\DatabaseControllerTest::testViewController";d:0.047;s:57:"Tests\Unit\Http\Controllers\MailControllerTest::testIndex";d:0.052;s:79:"Tests\Unit\Http\Controllers\Admin\StatisticsControllerTest::testIndexController";d:0.145;s:73:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testIndexController";d:0.054;s:74:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusController";d:0.039;s:96:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusControllerWhenServerNotInstalled";d:0.04;s:95:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusControllerWhenServerIsSuspended";d:0.037;s:103:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusControllerWithServerConnectionException";d:0.038;s:94:"Tests\Unit\Http\Controllers\Base\IndexControllerTest::testStatusControllerWithRequestException";d:0.04;s:87:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testIndexWithout2FactorEnabled";d:0.068;s:84:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testIndexWith2FactorEnabled";d:0.042;s:83:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testStore with data set #0";d:0.044;s:83:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testStore with data set #1";d:0.041;s:108:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testStoreWithInvalidTokenException with data set #0";d:0.049;s:108:"Tests\Unit\Http\Controllers\Base\SecurityControllerTest::testStoreWithInvalidTokenException with data set #1";d:0.043;s:82:"Tests\Unit\Http\Middleware\API\Application\AuthenticateUserTest::testNoUserDefined";d:0.044;s:81:"Tests\Unit\Http\Middleware\API\Application\AuthenticateUserTest::testNonAdminUser";d:0.047;s:78:"Tests\Unit\Http\Middleware\API\Application\AuthenticateUserTest::testAdminUser";d:0.041;s:81:"Tests\Unit\Http\Middleware\API\AuthenticateIPAccessTest::testWithNoIPRestrictions";d:0.043;s:72:"Tests\Unit\Http\Middleware\API\AuthenticateIPAccessTest::testWithValidIP";d:0.044;s:84:"Tests\Unit\Http\Middleware\API\AuthenticateIPAccessTest::testValidIPAgainstCIDRRange";d:0.043;s:74:"Tests\Unit\Http\Middleware\API\AuthenticateIPAccessTest::testWithInvalidIP";d:0.04;s:89:"Tests\Unit\Http\Middleware\API\AuthenticateKeyTest::testMissingBearerTokenThrowsException";d:0.049;s:73:"Tests\Unit\Http\Middleware\API\AuthenticateKeyTest::testInvalidIdentifier";d:0.042;s:66:"Tests\Unit\Http\Middleware\API\AuthenticateKeyTest::testValidToken";d:0.045;s:77:"Tests\Unit\Http\Middleware\API\AuthenticateKeyTest::testValidTokenWithUserKey";d:0.044;s:74:"Tests\Unit\Http\Middleware\API\AuthenticateKeyTest::testAccessWithoutToken";d:0.042;s:81:"Tests\Unit\Http\Middleware\API\AuthenticateKeyTest::testInvalidTokenForIdentifier";d:0.041;s:105:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldContinueIfRouteIsExempted";d:0.05;s:103:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfNoTokenIsProvided";d:0.038;s:99:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfNoNodeIsFound";d:0.035;s:93:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testSuccessfulMiddlewareProcess";d:0.04;s:67:"Tests\Unit\Http\Middleware\API\SetSessionDriverTest::testMiddleware";d:0.039;s:76:"Tests\Unit\Http\Middleware\AdminAuthenticateTest::testAdminsAreAuthenticated";d:0.049;s:89:"Tests\Unit\Http\Middleware\AdminAuthenticateTest::testExceptionIsThrownIfUserDoesNotExist";d:0.043;s:89:"Tests\Unit\Http\Middleware\AdminAuthenticateTest::testExceptionIsThrownIfUserIsNotAnAdmin";d:0.041;s:61:"Tests\Unit\Http\Middleware\AuthenticateTest::testLoggedInUser";d:0.04;s:62:"Tests\Unit\Http\Middleware\AuthenticateTest::testLoggedOutUser";d:0.039;s:76:"Tests\Unit\Http\Middleware\DaemonAuthenticateTest::testValidDaemonConnection";d:0.04;s:81:"Tests\Unit\Http\Middleware\DaemonAuthenticateTest::testIgnoredRouteShouldContinue";d:0.037;s:85:"Tests\Unit\Http\Middleware\DaemonAuthenticateTest::testExceptionThrownIfMissingHeader";d:0.038;s:76:"Tests\Unit\Http\Middleware\LanguageMiddlewareTest::testLanguageIsSetForGuest";d:0.044;s:89:"Tests\Unit\Http\Middleware\LanguageMiddlewareTest::testLanguageIsSetWithAuthenticatedUser";d:0.042;s:64:"Tests\Unit\Http\Middleware\MaintenanceMiddlewareTest::testHandle";d:0.047;s:81:"Tests\Unit\Http\Middleware\MaintenanceMiddlewareTest::testHandleInMaintenanceMode";d:0.047;s:89:"Tests\Unit\Http\Middleware\RedirectIfAuthenticatedTest::testAuthenticatedUserIsRedirected";d:0.047;s:95:"Tests\Unit\Http\Middleware\RedirectIfAuthenticatedTest::testNonAuthenticatedUserIsNotRedirected";d:0.037;s:85:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testRequestMissingUser";d:0.042;s:105:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testRequestOnIgnoredRoute with data set #0";d:0.042;s:105:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testRequestOnIgnoredRoute with data set #1";d:0.045;s:105:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testRequestOnIgnoredRoute with data set #2";d:0.043;s:105:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testRequestOnIgnoredRoute with data set #3";d:0.041;s:105:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testRequestOnIgnoredRoute with data set #4";d:0.04;s:105:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testRequestOnIgnoredRoute with data set #5";d:0.041;s:105:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testRequestOnIgnoredRoute with data set #6";d:0.042;s:105:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testRequestOnIgnoredRoute with data set #7";d:0.041;s:95:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testTwoFactorRequirementDisabled";d:0.042;s:103:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testTwoFactorRequirementWithInvalidValue";d:0.041;s:118:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testTwoFactorEnabledForAdminsAsAdminUserWith2FADisabled";d:0.043;s:117:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testTwoFactorEnabledForAdminsAsAdminUserWith2FAEnabled";d:0.04;s:102:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testTwoFactorEnabledForAdminsAsNonAdmin";d:0.05;s:115:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testTwoFactorEnabledForAllUsersAsUserWith2FADisabled";d:0.042;s:114:"Tests\Unit\Http\Middleware\RequireTwoFactorAuthenticationTest::testTwoFactorEnabledForAllUsersAsUserWith2FAEnabled";d:0.041;s:100:"Tests\Unit\Http\Middleware\Server\AccessingValidServerTest::testExceptionIsThrownIfServerIsSuspended";d:0.052;s:103:"Tests\Unit\Http\Middleware\Server\AccessingValidServerTest::testExceptionIsThrownIfServerIsNotInstalled";d:0.042;s:109:"Tests\Unit\Http\Middleware\Server\AccessingValidServerTest::testCorrectErrorPagesAreRendered with data set #0";d:0.038;s:109:"Tests\Unit\Http\Middleware\Server\AccessingValidServerTest::testCorrectErrorPagesAreRendered with data set #1";d:0.039;s:109:"Tests\Unit\Http\Middleware\Server\AccessingValidServerTest::testCorrectErrorPagesAreRendered with data set #2";d:0.039;s:82:"Tests\Unit\Http\Middleware\Server\AccessingValidServerTest::testValidServerProcess";d:0.042;s:85:"Tests\Unit\Http\Middleware\Server\AuthenticateAsSubuserTest::testSuccessfulMiddleware";d:0.05;s:98:"Tests\Unit\Http\Middleware\Server\AuthenticateAsSubuserTest::testExceptionIsThrownIfNoTokenIsFound";d:0.043;s:87:"Tests\Unit\Http\Middleware\Server\DatabaseBelongsToServerTest::testSuccessfulMiddleware";d:0.045;s:107:"Tests\Unit\Http\Middleware\Server\DatabaseBelongsToServerTest::testExceptionIsThrownIfNoDatabaseRecordFound";d:0.043;s:119:"Tests\Unit\Http\Middleware\Server\DatabaseBelongsToServerTest::testExceptionIsThrownIfDatabaseServerDoesNotMatchCurrent";d:0.042;s:87:"Tests\Unit\Http\Middleware\Server\ScheduleBelongsToServerTest::testSuccessfulMiddleware";d:0.051;s:115:"Tests\Unit\Http\Middleware\Server\ScheduleBelongsToServerTest::testExceptionIsThrownIfScheduleDoesNotBelongToServer";d:0.042;s:86:"Tests\Unit\Http\Middleware\Server\SubuserBelongsToServerTest::testSuccessfulMiddleware";d:0.044;s:102:"Tests\Unit\Http\Middleware\Server\SubuserBelongsToServerTest::testSuccessfulMiddlewareWhenPatchRequest";d:0.041;s:104:"Tests\Unit\Http\Middleware\Server\SubuserBelongsToServerTest::testExceptionIsThrownIfUserTriesToEditSelf";d:0.044;s:123:"Tests\Unit\Http\Middleware\Server\SubuserBelongsToServerTest::testExceptionIsThrownIfSubuserServerDoesNotMatchRequestServer";d:0.041;s:101:"Tests\Unit\Http\Middleware\Server\SubuserBelongsToServerTest::testExceptionIsThrownIfNoSubuserIsFound";d:0.041;s:82:"Tests\Unit\Http\Middleware\Api\Application\AuthenticateUserTest::testNoUserDefined";d:0.038;s:81:"Tests\Unit\Http\Middleware\Api\Application\AuthenticateUserTest::testNonAdminUser";d:0.041;s:78:"Tests\Unit\Http\Middleware\Api\Application\AuthenticateUserTest::testAdminUser";d:0.042;s:81:"Tests\Unit\Http\Middleware\Api\AuthenticateIPAccessTest::testWithNoIPRestrictions";d:0.044;s:72:"Tests\Unit\Http\Middleware\Api\AuthenticateIPAccessTest::testWithValidIP";d:0.045;s:84:"Tests\Unit\Http\Middleware\Api\AuthenticateIPAccessTest::testValidIPAgainstCIDRRange";d:0.046;s:74:"Tests\Unit\Http\Middleware\Api\AuthenticateIPAccessTest::testWithInvalidIP";d:0.04;s:89:"Tests\Unit\Http\Middleware\Api\AuthenticateKeyTest::testMissingBearerTokenThrowsException";d:0.051;s:73:"Tests\Unit\Http\Middleware\Api\AuthenticateKeyTest::testInvalidIdentifier";d:0.042;s:66:"Tests\Unit\Http\Middleware\Api\AuthenticateKeyTest::testValidToken";d:0.046;s:77:"Tests\Unit\Http\Middleware\Api\AuthenticateKeyTest::testValidTokenWithUserKey";d:0.042;s:74:"Tests\Unit\Http\Middleware\Api\AuthenticateKeyTest::testAccessWithoutToken";d:0.042;s:81:"Tests\Unit\Http\Middleware\Api\AuthenticateKeyTest::testInvalidTokenForIdentifier";d:0.041;s:67:"Tests\Unit\Http\Middleware\Api\SetSessionDriverTest::testMiddleware";d:0.039;s:108:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfTokenFormatIsIncorrect";d:0.034;s:101:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfTokenIsNotValid";d:0.113;s:100:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfNodeIsNotFound";d:0.038;s:125:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfTokenFormatIsIncorrect with data set #0";d:0.04;s:125:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfTokenFormatIsIncorrect with data set #1";d:0.038;s:125:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfTokenFormatIsIncorrect with data set #2";d:0.038;s:125:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfTokenFormatIsIncorrect with data set #3";d:0.037;s:125:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfTokenFormatIsIncorrect with data set #4";d:0.039;s:125:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfTokenFormatIsIncorrect with data set #5";d:0.042;s:125:"Tests\Unit\Http\Middleware\Api\Daemon\DaemonAuthenticateTest::testResponseShouldFailIfTokenFormatIsIncorrect with data set #6";d:0.038;}}} \ No newline at end of file diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index c6d537a26..ade6ff4a7 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -30,10 +30,7 @@ use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse; use Pterodactyl\Http\Middleware\Server\AccessingValidServer; use Pterodactyl\Http\Middleware\Server\AuthenticateAsSubuser; use Pterodactyl\Http\Middleware\Api\Daemon\DaemonAuthenticate; -use Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer; use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication; -use Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer; -use Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer; use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode; use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull; use Pterodactyl\Http\Middleware\Api\Client\SubstituteClientApiBindings; @@ -113,14 +110,6 @@ class Kernel extends HttpKernel 'recaptcha' => VerifyReCaptcha::class, 'node.maintenance' => MaintenanceMiddleware::class, - // Server specific middleware (used for authenticating access to resources) - // - // These are only used for individual server authentication, and not global - // actions from other resources. They are defined in the route files. - 'server..database' => DatabaseBelongsToServer::class, - 'server..subuser' => SubuserBelongsToServer::class, - 'server..schedule' => ScheduleBelongsToServer::class, - // API Specific Middleware 'api..key' => AuthenticateKey::class, ]; diff --git a/app/Http/Middleware/Api/Daemon/DaemonAuthenticate.php b/app/Http/Middleware/Api/Daemon/DaemonAuthenticate.php index a2b1e716e..bc365e63c 100644 --- a/app/Http/Middleware/Api/Daemon/DaemonAuthenticate.php +++ b/app/Http/Middleware/Api/Daemon/DaemonAuthenticate.php @@ -5,8 +5,8 @@ namespace Pterodactyl\Http\Middleware\Api\Daemon; use Closure; use Illuminate\Http\Request; use Illuminate\Contracts\Encryption\Encrypter; +use Pterodactyl\Repositories\Eloquent\NodeRepository; use Symfony\Component\HttpKernel\Exception\HttpException; -use Pterodactyl\Contracts\Repository\NodeRepositoryInterface; use Pterodactyl\Exceptions\Repository\RecordNotFoundException; use Symfony\Component\HttpKernel\Exception\BadRequestHttpException; use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; @@ -14,10 +14,15 @@ use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; class DaemonAuthenticate { /** - * @var \Pterodactyl\Contracts\Repository\NodeRepositoryInterface + * @var \Pterodactyl\Repositories\Eloquent\NodeRepository */ private $repository; + /** + * @var \Illuminate\Contracts\Encryption\Encrypter + */ + private $encrypter; + /** * Daemon routes that this middleware should be skipped on. * @@ -27,18 +32,13 @@ class DaemonAuthenticate 'daemon.configuration', ]; - /** - * @var \Illuminate\Contracts\Encryption\Encrypter - */ - private $encrypter; - /** * DaemonAuthenticate constructor. * * @param \Illuminate\Contracts\Encryption\Encrypter $encrypter - * @param \Pterodactyl\Contracts\Repository\NodeRepositoryInterface $repository + * @param \Pterodactyl\Repositories\Eloquent\NodeRepository $repository */ - public function __construct(Encrypter $encrypter, NodeRepositoryInterface $repository) + public function __construct(Encrypter $encrypter, NodeRepository $repository) { $this->repository = $repository; $this->encrypter = $encrypter; diff --git a/app/Http/Middleware/Server/DatabaseBelongsToServer.php b/app/Http/Middleware/Server/DatabaseBelongsToServer.php deleted file mode 100644 index 169b67525..000000000 --- a/app/Http/Middleware/Server/DatabaseBelongsToServer.php +++ /dev/null @@ -1,56 +0,0 @@ -repository = $repository; - } - - /** - * Check if a database being requested belongs to the currently loaded server. - * If it does not, throw a 404 error, otherwise continue on with the request - * and set an attribute with the database. - * - * @param \Illuminate\Http\Request $request - * @param \Closure $next - * @return mixed - * - * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException - */ - public function handle(Request $request, Closure $next) - { - $server = $request->attributes->get('server'); - $database = $request->input('database') ?? $request->route()->parameter('database'); - - if (! is_digit($database)) { - throw new NotFoundHttpException; - } - - $database = $this->repository->find($database); - if (is_null($database) || $database->server_id !== $server->id) { - throw new NotFoundHttpException; - } - - $request->attributes->set('database', $database); - - return $next($request); - } -} diff --git a/app/Http/Middleware/Server/ScheduleBelongsToServer.php b/app/Http/Middleware/Server/ScheduleBelongsToServer.php deleted file mode 100644 index b76636291..000000000 --- a/app/Http/Middleware/Server/ScheduleBelongsToServer.php +++ /dev/null @@ -1,60 +0,0 @@ -hashids = $hashids; - $this->repository = $repository; - } - - /** - * Determine if a task is assigned to the active server. - * - * @param \Illuminate\Http\Request $request - * @param \Closure $next - * @return mixed - * - * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException - * @throws \Symfony\Component\HttpKernel\Exception\NotFoundHttpException - */ - public function handle(Request $request, Closure $next) - { - $server = $request->attributes->get('server'); - - $scheduleId = $this->hashids->decodeFirst($request->route()->parameter('schedule'), 0); - $schedule = $this->repository->getScheduleWithTasks($scheduleId); - - if ($schedule->server_id !== $server->id) { - throw new NotFoundHttpException; - } - - $request->attributes->set('schedule', $schedule); - - return $next($request); - } -} diff --git a/app/Http/Middleware/Server/SubuserBelongsToServer.php b/app/Http/Middleware/Server/SubuserBelongsToServer.php deleted file mode 100644 index 7efc64990..000000000 --- a/app/Http/Middleware/Server/SubuserBelongsToServer.php +++ /dev/null @@ -1,67 +0,0 @@ -hashids = $hashids; - $this->repository = $repository; - } - - /** - * Determine if a user has permission to access and modify subuser. - * - * @param \Illuminate\Http\Request $request - * @param \Closure $next - * @return mixed - * - * @throws \Pterodactyl\Exceptions\DisplayException - * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException - * @throws \Symfony\Component\HttpKernel\Exception\NotFoundHttpException - */ - public function handle(Request $request, Closure $next) - { - $server = $request->attributes->get('server'); - - $hash = $request->route()->parameter('subuser', 0); - $subuser = $this->repository->find($this->hashids->decodeFirst($hash, 0)); - if (is_null($subuser) || $subuser->server_id !== $server->id) { - throw new NotFoundHttpException; - } - - if ($request->method() === 'PATCH') { - if ($subuser->user_id === $request->user()->id) { - throw new DisplayException(trans('exceptions.subusers.editing_self')); - } - } - - $request->attributes->set('subuser', $subuser); - - return $next($request); - } -} diff --git a/composer.json b/composer.json index 5c85ecdf4..0ccfab915 100644 --- a/composer.json +++ b/composer.json @@ -44,7 +44,7 @@ "require-dev": { "barryvdh/laravel-debugbar": "^3.3", "barryvdh/laravel-ide-helper": "^2.7", - "codedungeon/phpunit-result-printer": "0.25.1", + "codedungeon/phpunit-result-printer": "^0.28.0", "friendsofphp/php-cs-fixer": "2.16.1", "fzaninotto/faker": "^1.9", "laravel/dusk": "^6.3", diff --git a/composer.lock b/composer.lock index 0ddb8d227..7593ee4b4 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "79af09c27859a87b05f58bde40a29576", + "content-hash": "155b8e930e604c0476fa975b1084ca3f", "packages": [ { "name": "appstract/laravel-blade-directives", @@ -6252,16 +6252,16 @@ }, { "name": "codedungeon/phpunit-result-printer", - "version": "0.25.1", + "version": "0.28.0", "source": { "type": "git", "url": "https://github.com/mikeerickson/phpunit-pretty-result-printer.git", - "reference": "4a689ac40366eb4adf166cf4676da7ef30d82315" + "reference": "bc023b0311589bee19047425083163ffa3f0cf88" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/mikeerickson/phpunit-pretty-result-printer/zipball/4a689ac40366eb4adf166cf4676da7ef30d82315", - "reference": "4a689ac40366eb4adf166cf4676da7ef30d82315", + "url": "https://api.github.com/repos/mikeerickson/phpunit-pretty-result-printer/zipball/bc023b0311589bee19047425083163ffa3f0cf88", + "reference": "bc023b0311589bee19047425083163ffa3f0cf88", "shasum": "" }, "require": { @@ -6269,10 +6269,9 @@ "codedungeon/php-cli-colors": "^1.10.2", "hassankhan/config": "^0.11.2", "php": "^7.1", - "symfony/yaml": "^2.7|^3.0|^4.0" + "symfony/yaml": "^2.7|^3.0|^4.0|^5.0" }, "require-dev": { - "phpunit/phpunit": "7.5.*", "spatie/phpunit-watcher": "^1.6" }, "type": "library", @@ -6301,7 +6300,7 @@ "result-printer", "testing" ], - "time": "2019-02-01T19:13:43+00:00" + "time": "2020-06-24T00:16:05+00:00" }, { "name": "composer/ca-bundle", diff --git a/database/factories/ModelFactory.php b/database/factories/ModelFactory.php index b55a92804..db12c08d9 100644 --- a/database/factories/ModelFactory.php +++ b/database/factories/ModelFactory.php @@ -95,7 +95,7 @@ $factory->define(Pterodactyl\Models\Node::class, function (Faker $faker) { 'disk_overallocate' => 0, 'upload_size' => 100, 'daemon_token_id' => Str::random(Node::DAEMON_TOKEN_ID_LENGTH), - 'daemon_token' => Str::random(Node::DAEMON_TOKEN_LENGTH), + 'daemon_token' => encrypt(Str::random(Node::DAEMON_TOKEN_LENGTH)), 'daemonListen' => 8080, 'daemonSFTP' => 2022, 'daemonBase' => '/var/lib/pterodactyl/volumes', diff --git a/tests/Unit/Http/Controllers/Admin/StatisticsControllerTest.php b/tests/Unit/Http/Controllers/Admin/StatisticsControllerTest.php deleted file mode 100644 index d9ea3ec28..000000000 --- a/tests/Unit/Http/Controllers/Admin/StatisticsControllerTest.php +++ /dev/null @@ -1,110 +0,0 @@ -allocationRepository = m::mock(AllocationRepositoryInterface::class); - $this->databaseRepository = m::mock(DatabaseRepositoryInterface::class); - $this->eggRepository = m::mock(EggRepositoryInterface::class); - $this->nodeRepository = m::mock(NodeRepositoryInterface::class); - $this->serverRepository = m::mock(ServerRepositoryInterface::class); - $this->userRepository = m::mock(UserRepositoryInterface::class); - } - - public function testIndexController() - { - $controller = $this->getController(); - - $this->serverRepository->shouldReceive('all')->withNoArgs(); - $this->nodeRepository->shouldReceive('all')->withNoArgs()->andReturn(collect([factory(Node::class)->make(), factory(Node::class)->make()])); - $this->userRepository->shouldReceive('count')->withNoArgs(); - $this->eggRepository->shouldReceive('count')->withNoArgs(); - $this->databaseRepository->shouldReceive('count')->withNoArgs(); - $this->allocationRepository->shouldReceive('count')->withNoArgs(); - $this->serverRepository->shouldReceive('getSuspendedServersCount')->withNoArgs(); - - $this->nodeRepository->shouldReceive('getUsageStatsRaw')->twice()->andReturn([ - 'memory' => [ - 'value' => 1024, - 'max' => 512, - ], - 'disk' => [ - 'value' => 1024, - 'max' => 512, - ], - ]); - - $controller->shouldReceive('injectJavascript')->once(); - - $response = $controller->index(); - - $this->assertIsViewResponse($response); - $this->assertViewNameEquals('admin.statistics', $response); - } - - private function getController() - { - return $this->buildMockedController(StatisticsController::class, [$this->allocationRepository, - $this->databaseRepository, - $this->eggRepository, - $this->nodeRepository, - $this->serverRepository, - $this->userRepository, ] - ); - } -} diff --git a/tests/Unit/Http/Controllers/Base/AccountControllerTest.php b/tests/Unit/Http/Controllers/Base/AccountControllerTest.php deleted file mode 100644 index e69de29bb..000000000 diff --git a/tests/Unit/Http/Controllers/Base/IndexControllerTest.php b/tests/Unit/Http/Controllers/Base/IndexControllerTest.php deleted file mode 100644 index 7be401ac2..000000000 --- a/tests/Unit/Http/Controllers/Base/IndexControllerTest.php +++ /dev/null @@ -1,181 +0,0 @@ -. - * - * This software is licensed under the terms of the MIT license. - * https://opensource.org/licenses/MIT - */ - -namespace Tests\Unit\Http\Controllers\Base; - -use Mockery as m; -use Pterodactyl\Models\User; -use GuzzleHttp\Psr7\Response; -use Pterodactyl\Models\Server; -use GuzzleHttp\Psr7\ServerRequest; -use GuzzleHttp\Exception\ConnectException; -use GuzzleHttp\Exception\RequestException; -use Tests\Assertions\ControllerAssertionsTrait; -use Tests\Unit\Http\Controllers\ControllerTestCase; -use Pterodactyl\Http\Controllers\Base\IndexController; -use Illuminate\Contracts\Pagination\LengthAwarePaginator; -use Symfony\Component\HttpKernel\Exception\HttpException; -use Pterodactyl\Services\DaemonKeys\DaemonKeyProviderService; -use Pterodactyl\Contracts\Repository\ServerRepositoryInterface; -use Pterodactyl\Contracts\Repository\Daemon\ServerRepositoryInterface as DaemonServerRepositoryInterface; - -class IndexControllerTest extends ControllerTestCase -{ - use ControllerAssertionsTrait; - - /** - * @var \Pterodactyl\Http\Controllers\Base\IndexController - */ - protected $controller; - - /** - * @var \Pterodactyl\Contracts\Repository\Daemon\ServerRepositoryInterface|\Mockery\Mock - */ - protected $daemonRepository; - - /** - * @var \Pterodactyl\Services\DaemonKeys\DaemonKeyProviderService|\Mockery\Mock - */ - protected $keyProviderService; - - /** - * @var \Pterodactyl\Contracts\Repository\ServerRepositoryInterface|\Mockery\Mock - */ - protected $repository; - - /** - * Setup tests. - */ - public function setUp(): void - { - parent::setUp(); - - $this->daemonRepository = m::mock(DaemonServerRepositoryInterface::class); - $this->keyProviderService = m::mock(DaemonKeyProviderService::class); - $this->repository = m::mock(ServerRepositoryInterface::class); - - $this->controller = new IndexController($this->keyProviderService, $this->daemonRepository, $this->repository); - } - - /** - * Test the index controller. - */ - public function testIndexController() - { - $paginator = m::mock(LengthAwarePaginator::class); - $model = $this->generateRequestUserModel(); - - $this->request->shouldReceive('input')->with('query')->once()->andReturn('searchTerm'); - $this->repository->shouldReceive('setSearchTerm')->with('searchTerm')->once()->andReturnSelf() - ->shouldReceive('filterUserAccessServers')->with($model, User::FILTER_LEVEL_ALL, config('pterodactyl.paginate.frontend.servers')) - ->once()->andReturn($paginator); - - $response = $this->controller->index($this->request); - $this->assertIsViewResponse($response); - $this->assertViewNameEquals('templates.base.core', $response); - $this->assertViewHasKey('servers', $response); - $this->assertViewKeyEquals('servers', $paginator, $response); - } - - /** - * Test the status controller. - */ - public function testStatusController() - { - $user = $this->generateRequestUserModel(); - $server = factory(Server::class)->make(['suspended' => 0, 'installed' => 1]); - $psrResponse = new Response; - - $this->repository->shouldReceive('findFirstWhere')->with([['uuidShort', '=', $server->uuidShort]])->once()->andReturn($server); - $this->keyProviderService->shouldReceive('handle')->with($server, $user)->once()->andReturn('test123'); - - $this->daemonRepository->shouldReceive('setServer')->with($server)->once()->andReturnSelf() - ->shouldReceive('setToken')->with('test123')->once()->andReturnSelf() - ->shouldReceive('details')->withNoArgs()->once()->andReturn($psrResponse); - - $response = $this->controller->status($this->request, $server->uuidShort); - $this->assertIsJsonResponse($response); - $this->assertResponseJsonEquals(json_encode($psrResponse->getBody()), $response); - } - - /** - * Test the status controller if a server is not installed. - */ - public function testStatusControllerWhenServerNotInstalled() - { - $user = $this->generateRequestUserModel(); - $server = factory(Server::class)->make(['suspended' => 0, 'installed' => 0]); - - $this->repository->shouldReceive('findFirstWhere')->with([['uuidShort', '=', $server->uuidShort]])->once()->andReturn($server); - $this->keyProviderService->shouldReceive('handle')->with($server, $user)->once()->andReturn('test123'); - - $response = $this->controller->status($this->request, $server->uuidShort); - $this->assertIsJsonResponse($response); - $this->assertResponseCodeEquals(200, $response); - $this->assertResponseJsonEquals(['status' => 20], $response); - } - - /** - * Test the status controller when a server is suspended. - */ - public function testStatusControllerWhenServerIsSuspended() - { - $user = factory(User::class)->make(); - $server = factory(Server::class)->make(['suspended' => 1, 'installed' => 1]); - - $this->request->shouldReceive('user')->withNoArgs()->once()->andReturn($user); - $this->repository->shouldReceive('findFirstWhere')->with([['uuidShort', '=', $server->uuidShort]])->once()->andReturn($server); - $this->keyProviderService->shouldReceive('handle')->with($server, $user)->once()->andReturn('test123'); - - $response = $this->controller->status($this->request, $server->uuidShort); - $this->assertIsJsonResponse($response); - $this->assertResponseCodeEquals(200, $response); - $this->assertResponseJsonEquals(['status' => 30], $response); - } - - /** - * Test the status controller with a ServerConnectionException. - */ - public function testStatusControllerWithServerConnectionException() - { - $user = factory(User::class)->make(); - $server = factory(Server::class)->make(['suspended' => 0, 'installed' => 1]); - - $this->request->shouldReceive('user')->withNoArgs()->once()->andReturn($user); - $this->repository->shouldReceive('findFirstWhere')->with([['uuidShort', '=', $server->uuidShort]])->once()->andReturn($server); - $this->keyProviderService->shouldReceive('handle')->with($server, $user)->once()->andReturn('test123'); - - $this->daemonRepository->shouldReceive('setServer')->with($server)->once()->andReturnSelf() - ->shouldReceive('setToken')->with('test123')->once()->andReturnSelf() - ->shouldReceive('details')->withNoArgs()->once()->andThrow(new ConnectException('bad connection', new ServerRequest('', ''))); - - $this->expectExceptionObject(new HttpException(500, 'bad connection')); - $this->controller->status($this->request, $server->uuidShort); - } - - /** - * Test the status controller with a RequestException. - */ - public function testStatusControllerWithRequestException() - { - $user = factory(User::class)->make(); - $server = factory(Server::class)->make(['suspended' => 0, 'installed' => 1]); - - $this->request->shouldReceive('user')->withNoArgs()->once()->andReturn($user); - $this->repository->shouldReceive('findFirstWhere')->with([['uuidShort', '=', $server->uuidShort]])->once()->andReturn($server); - $this->keyProviderService->shouldReceive('handle')->with($server, $user)->once()->andReturn('test123'); - - $this->daemonRepository->shouldReceive('setServer')->with($server)->once()->andReturnSelf() - ->shouldReceive('setToken')->with('test123')->once()->andReturnSelf() - ->shouldReceive('details')->withNoArgs()->once()->andThrow(new RequestException('bad request', new ServerRequest('', ''))); - - $this->expectExceptionObject(new HttpException(500, 'bad request')); - $this->controller->status($this->request, $server->uuidShort); - } -} diff --git a/tests/Unit/Http/Controllers/Base/SecurityControllerTest.php b/tests/Unit/Http/Controllers/Base/SecurityControllerTest.php deleted file mode 100644 index fb79d3b3e..000000000 --- a/tests/Unit/Http/Controllers/Base/SecurityControllerTest.php +++ /dev/null @@ -1,156 +0,0 @@ -alert = m::mock(AlertsMessageBag::class); - $this->config = m::mock(Repository::class); - $this->repository = m::mock(SessionRepositoryInterface::class); - $this->toggleTwoFactorService = m::mock(ToggleTwoFactorService::class); - $this->twoFactorSetupService = m::mock(TwoFactorSetupService::class); - } - - /** - * Test TOTP generation controller. - */ - public function testIndexWithout2FactorEnabled() - { - $model = $this->generateRequestUserModel(['use_totp' => 0]); - - $this->twoFactorSetupService->shouldReceive('handle')->with($model)->once()->andReturn(new Collection([ - 'image' => 'test-image', - 'secret' => 'secret-code', - ])); - - $response = $this->getController()->index($this->request); - $this->assertIsJsonResponse($response); - $this->assertResponseCodeEquals(Response::HTTP_OK, $response); - $this->assertResponseJsonEquals(['enabled' => false, 'qr_image' => 'test-image', 'secret' => 'secret-code'], $response); - $this->assertResponseJsonEquals(['qrImage' => 'https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=qrCodeImage'], $response); - } - - /** - * Test TOTP setting controller when no exception is thrown by the service. - */ - public function testIndexWith2FactorEnabled() - { - $this->generateRequestUserModel(['use_totp' => 1]); - - $response = $this->getController()->index($this->request); - $this->assertIsJsonResponse($response); - $this->assertResponseCodeEquals(Response::HTTP_OK, $response); - $this->assertResponseJsonEquals(['enabled' => true], $response); - } - - /** - * Test that a 2FA token can be stored or deleted. - * - * @param string $func - * @dataProvider functionCallDataProvider - */ - public function testStore(string $func) - { - $model = $this->generateRequestUserModel(); - - $this->mockRequestInput('token', 'some-token'); - - if ($func === 'delete') { - $this->toggleTwoFactorService->shouldReceive('handle')->with($model, 'some-token', false); - } else { - $this->toggleTwoFactorService->shouldReceive('handle')->with($model, 'some-token'); - } - - $response = $this->getController()->{$func}($this->request); - $this->assertIsJsonResponse($response); - $this->assertResponseCodeEquals(Response::HTTP_OK, $response); - $this->assertResponseJsonEquals(['success' => true], $response); - } - - /** - * Test an invalid token exception is handled. - * - * @param string $func - * @dataProvider functionCallDataProvider - */ - public function testStoreWithInvalidTokenException(string $func) - { - $this->generateRequestUserModel(); - - $this->mockRequestInput('token'); - $this->toggleTwoFactorService->shouldReceive('handle')->andThrow(new TwoFactorAuthenticationTokenInvalid); - - $response = $this->getController()->{$func}($this->request); - $this->assertIsJsonResponse($response); - $this->assertResponseCodeEquals(Response::HTTP_OK, $response); - $this->assertResponseJsonEquals(['success' => false], $response); - } - - /** - * @return array - */ - public function functionCallDataProvider() - { - return [['store'], ['delete']]; - } - - /** - * Return an instance of the controller for testing with mocked dependencies. - * - * @return \Pterodactyl\Http\Controllers\Base\SecurityController - */ - private function getController(): SecurityController - { - return new SecurityController( - $this->alert, - $this->config, - $this->repository, - $this->toggleTwoFactorService, - $this->twoFactorSetupService - ); - } -} diff --git a/tests/Unit/Http/Middleware/AdminAuthenticateTest.php b/tests/Unit/Http/Middleware/AdminAuthenticateTest.php index eee9a6969..efe6e8212 100644 --- a/tests/Unit/Http/Middleware/AdminAuthenticateTest.php +++ b/tests/Unit/Http/Middleware/AdminAuthenticateTest.php @@ -4,6 +4,7 @@ namespace Tests\Unit\Http\Middleware; use Pterodactyl\Models\User; use Pterodactyl\Http\Middleware\AdminAuthenticate; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; class AdminAuthenticateTest extends MiddlewareTestCase { @@ -21,11 +22,11 @@ class AdminAuthenticateTest extends MiddlewareTestCase /** * Test that a missing user in the request triggers an error. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException */ public function testExceptionIsThrownIfUserDoesNotExist() { + $this->expectException(AccessDeniedHttpException::class); + $this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull(); $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); @@ -33,11 +34,11 @@ class AdminAuthenticateTest extends MiddlewareTestCase /** * Test that an exception is thrown if the user is not an admin. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException */ public function testExceptionIsThrownIfUserIsNotAnAdmin() { + $this->expectException(AccessDeniedHttpException::class); + $user = factory(User::class)->make(['root_admin' => 0]); $this->request->shouldReceive('user')->withNoArgs()->twice()->andReturn($user); diff --git a/tests/Unit/Http/Middleware/Api/Application/AuthenticateUserTest.php b/tests/Unit/Http/Middleware/Api/Application/AuthenticateUserTest.php index 7c0cfc9e7..3cbd7debf 100644 --- a/tests/Unit/Http/Middleware/Api/Application/AuthenticateUserTest.php +++ b/tests/Unit/Http/Middleware/Api/Application/AuthenticateUserTest.php @@ -1,19 +1,20 @@ expectException(AccessDeniedHttpException::class); + $this->setRequestUserModel(null); $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); @@ -21,11 +22,11 @@ class AuthenticateUserTest extends MiddlewareTestCase /** * Test that a non-admin user results an an exception. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException */ public function testNonAdminUser() { + $this->expectException(AccessDeniedHttpException::class); + $this->generateRequestUserModel(['root_admin' => false]); $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); diff --git a/tests/Unit/Http/Middleware/API/AuthenticateIPAccessTest.php b/tests/Unit/Http/Middleware/Api/AuthenticateIPAccessTest.php similarity index 92% rename from tests/Unit/Http/Middleware/API/AuthenticateIPAccessTest.php rename to tests/Unit/Http/Middleware/Api/AuthenticateIPAccessTest.php index 967fae0a3..8d47fdd54 100644 --- a/tests/Unit/Http/Middleware/API/AuthenticateIPAccessTest.php +++ b/tests/Unit/Http/Middleware/Api/AuthenticateIPAccessTest.php @@ -1,10 +1,11 @@ expectException(AccessDeniedHttpException::class); + $model = factory(ApiKey::class)->make(['allowed_ips' => '["127.0.0.1"]']); $this->setRequestAttribute('api_key', $model); diff --git a/tests/Unit/Http/Middleware/API/AuthenticateKeyTest.php b/tests/Unit/Http/Middleware/Api/AuthenticateKeyTest.php similarity index 96% rename from tests/Unit/Http/Middleware/API/AuthenticateKeyTest.php rename to tests/Unit/Http/Middleware/Api/AuthenticateKeyTest.php index 2b1b91a90..79715e4c8 100644 --- a/tests/Unit/Http/Middleware/API/AuthenticateKeyTest.php +++ b/tests/Unit/Http/Middleware/Api/AuthenticateKeyTest.php @@ -1,6 +1,6 @@ expectException(AccessDeniedHttpException::class); + $this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturn('abcd1234'); $this->repository->shouldReceive('findFirstWhere')->andThrow(new RecordNotFoundException); @@ -141,11 +142,11 @@ class AuthenticateKeyTest extends MiddlewareTestCase /** * Test that a valid token identifier with an invalid token attached to it * triggers an exception. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException */ public function testInvalidTokenForIdentifier() { + $this->expectException(AccessDeniedHttpException::class); + $model = factory(ApiKey::class)->make(); $this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturn($model->identifier . 'asdf'); diff --git a/tests/Unit/Http/Middleware/Api/Daemon/DaemonAuthenticateTest.php b/tests/Unit/Http/Middleware/Api/Daemon/DaemonAuthenticateTest.php index f5de32679..35699eb65 100644 --- a/tests/Unit/Http/Middleware/Api/Daemon/DaemonAuthenticateTest.php +++ b/tests/Unit/Http/Middleware/Api/Daemon/DaemonAuthenticateTest.php @@ -4,19 +4,27 @@ namespace Tests\Unit\Http\Middleware\Api\Daemon; use Mockery as m; use Pterodactyl\Models\Node; +use Illuminate\Contracts\Encryption\Encrypter; use Tests\Unit\Http\Middleware\MiddlewareTestCase; +use Pterodactyl\Repositories\Eloquent\NodeRepository; use Symfony\Component\HttpKernel\Exception\HttpException; -use Pterodactyl\Contracts\Repository\NodeRepositoryInterface; use Pterodactyl\Exceptions\Repository\RecordNotFoundException; use Pterodactyl\Http\Middleware\Api\Daemon\DaemonAuthenticate; +use Symfony\Component\HttpKernel\Exception\BadRequestHttpException; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; class DaemonAuthenticateTest extends MiddlewareTestCase { /** - * @var \Pterodactyl\Contracts\Repository\NodeRepositoryInterface|\Mockery\Mock + * @var \Mockery\MockInterface */ private $repository; + /** + * @var \Mockery\MockInterface + */ + private $encrypter; + /** * Setup tests. */ @@ -24,7 +32,8 @@ class DaemonAuthenticateTest extends MiddlewareTestCase { parent::setUp(); - $this->repository = m::mock(NodeRepositoryInterface::class); + $this->encrypter = m::mock(Encrypter::class); + $this->repository = m::mock(NodeRepository::class); } /** @@ -33,7 +42,7 @@ class DaemonAuthenticateTest extends MiddlewareTestCase */ public function testResponseShouldContinueIfRouteIsExempted() { - $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('daemon.configuration'); + $this->request->expects('route->getName')->withNoArgs()->andReturn('daemon.configuration'); $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); } @@ -44,8 +53,8 @@ class DaemonAuthenticateTest extends MiddlewareTestCase */ public function testResponseShouldFailIfNoTokenIsProvided() { - $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route'); - $this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturnNull(); + $this->request->expects('route->getName')->withNoArgs()->andReturn('random.route'); + $this->request->expects('bearerToken')->withNoArgs()->andReturnNull(); try { $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); @@ -58,17 +67,54 @@ class DaemonAuthenticateTest extends MiddlewareTestCase } /** - * Test that passing in an invalid node daemon secret will result in a HTTP/403 - * error response. + * Test that passing in an invalid node daemon secret will result in a bad request + * exception being returned. * - * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException + * @param string $token + * @dataProvider badTokenDataProvider */ - public function testResponseShouldFailIfNoNodeIsFound() + public function testResponseShouldFailIfTokenFormatIsIncorrect(string $token) { - $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route'); - $this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturn('test1234'); + $this->expectException(BadRequestHttpException::class); - $this->repository->shouldReceive('findFirstWhere')->with([['daemonSecret', '=', 'test1234']])->once()->andThrow(new RecordNotFoundException); + $this->request->expects('route->getName')->withNoArgs()->andReturn('random.route'); + $this->request->expects('bearerToken')->withNoArgs()->andReturn($token); + + $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); + } + + /** + * Test that an access denied error is returned if the node is valid but the token + * provided is not valid. + */ + public function testResponseShouldFailIfTokenIsNotValid() + { + $this->expectException(AccessDeniedHttpException::class); + + /** @var \Pterodactyl\Models\Node $model */ + $model = factory(Node::class)->make(); + + $this->request->expects('route->getName')->withNoArgs()->andReturn('random.route'); + $this->request->expects('bearerToken')->withNoArgs()->andReturn($model->daemon_token_id . '.random_string_123'); + + $this->repository->expects('findFirstWhere')->with(['daemon_token_id' => $model->daemon_token_id])->andReturn($model); + $this->encrypter->expects('decrypt')->with($model->daemon_token)->andReturns(decrypt($model->daemon_token)); + + $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); + } + + /** + * Test that an access denied exception is returned if the node is not found using + * the token ID provided. + */ + public function testResponseShouldFailIfNodeIsNotFound() + { + $this->expectException(AccessDeniedHttpException::class); + + $this->request->expects('route->getName')->withNoArgs()->andReturn('random.route'); + $this->request->expects('bearerToken')->withNoArgs()->andReturn('abcd1234.random_string_123'); + + $this->repository->expects('findFirstWhere')->with(['daemon_token_id' => 'abcd1234'])->andThrow(RecordNotFoundException::class); $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); } @@ -78,18 +124,39 @@ class DaemonAuthenticateTest extends MiddlewareTestCase */ public function testSuccessfulMiddlewareProcess() { + /** @var \Pterodactyl\Models\Node $model */ $model = factory(Node::class)->make(); - $this->request->shouldReceive('route->getName')->withNoArgs()->once()->andReturn('random.route'); - $this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturn($model->daemonSecret); + $this->request->expects('route->getName')->withNoArgs()->andReturn('random.route'); + $this->request->expects('bearerToken')->withNoArgs()->andReturn($model->daemon_token_id . '.' . decrypt($model->daemon_token)); - $this->repository->shouldReceive('findFirstWhere')->with([['daemonSecret', '=', $model->daemonSecret]])->once()->andReturn($model); + $this->repository->expects('findFirstWhere')->with(['daemon_token_id' => $model->daemon_token_id])->andReturn($model); + $this->encrypter->expects('decrypt')->with($model->daemon_token)->andReturns(decrypt($model->daemon_token)); $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); $this->assertRequestHasAttribute('node'); $this->assertRequestAttributeEquals($model, 'node'); } + /** + * Provides different tokens that should trigger a bad request exception due to + * their formatting. + * + * @return array|\string[][] + */ + public function badTokenDataProvider(): array + { + return [ + ['foo'], + ['foobar'], + ['foo-bar'], + ['foo.bar.baz'], + ['.foo'], + ['foo.'], + ['foo..bar'], + ]; + } + /** * Return an instance of the middleware using mocked dependencies. * @@ -97,6 +164,6 @@ class DaemonAuthenticateTest extends MiddlewareTestCase */ private function getMiddleware(): DaemonAuthenticate { - return new DaemonAuthenticate($this->repository); + return new DaemonAuthenticate($this->encrypter, $this->repository); } } diff --git a/tests/Unit/Http/Middleware/API/SetSessionDriverTest.php b/tests/Unit/Http/Middleware/Api/SetSessionDriverTest.php similarity index 96% rename from tests/Unit/Http/Middleware/API/SetSessionDriverTest.php rename to tests/Unit/Http/Middleware/Api/SetSessionDriverTest.php index 68ed950cf..c41d742ef 100644 --- a/tests/Unit/Http/Middleware/API/SetSessionDriverTest.php +++ b/tests/Unit/Http/Middleware/Api/SetSessionDriverTest.php @@ -1,6 +1,6 @@ expectException(AuthenticationException::class); + $this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull(); $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); diff --git a/tests/Unit/Http/Middleware/DaemonAuthenticateTest.php b/tests/Unit/Http/Middleware/DaemonAuthenticateTest.php deleted file mode 100644 index 7329eb2d8..000000000 --- a/tests/Unit/Http/Middleware/DaemonAuthenticateTest.php +++ /dev/null @@ -1,78 +0,0 @@ -repository = m::mock(NodeRepositoryInterface::class); - } - - /** - * Test a valid daemon connection. - */ - public function testValidDaemonConnection() - { - $this->setRequestRouteName('random.name'); - $node = factory(Node::class)->make(); - - $this->request->shouldReceive('header')->with('X-Access-Node')->twice()->andReturn($node->daemonSecret); - - $this->repository->shouldReceive('findFirstWhere')->with(['daemonSecret' => $node->daemonSecret])->once()->andReturn($node); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - $this->assertRequestHasAttribute('node'); - $this->assertRequestAttributeEquals($node, 'node'); - } - - /** - * Test that ignored routes do not continue through the middleware. - */ - public function testIgnoredRouteShouldContinue() - { - $this->setRequestRouteName('daemon.configuration'); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - $this->assertRequestMissingAttribute('node'); - } - - /** - * Test that a request missing a X-Access-Node header causes an exception. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException - */ - public function testExceptionThrownIfMissingHeader() - { - $this->setRequestRouteName('random.name'); - - $this->request->shouldReceive('header')->with('X-Access-Node')->once()->andReturn(false); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - } - - /** - * Return an instance of the middleware using mocked dependencies. - * - * @return \Pterodactyl\Http\Middleware\DaemonAuthenticate - */ - private function getMiddleware(): DaemonAuthenticate - { - return new DaemonAuthenticate($this->repository); - } -} diff --git a/tests/Unit/Http/Middleware/Server/AccessingValidServerTest.php b/tests/Unit/Http/Middleware/Server/AccessingValidServerTest.php index 564902889..5cedbd9b9 100644 --- a/tests/Unit/Http/Middleware/Server/AccessingValidServerTest.php +++ b/tests/Unit/Http/Middleware/Server/AccessingValidServerTest.php @@ -9,6 +9,8 @@ use Illuminate\Contracts\Routing\ResponseFactory; use Tests\Unit\Http\Middleware\MiddlewareTestCase; use Pterodactyl\Http\Middleware\Server\AccessingValidServer; use Pterodactyl\Contracts\Repository\ServerRepositoryInterface; +use Symfony\Component\HttpKernel\Exception\ConflictHttpException; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; class AccessingValidServerTest extends MiddlewareTestCase { @@ -41,12 +43,12 @@ class AccessingValidServerTest extends MiddlewareTestCase /** * Test that an exception is thrown if the request is an API request and the server is suspended. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException - * @expectedExceptionMessage Server is suspended and cannot be accessed. */ public function testExceptionIsThrownIfServerIsSuspended() { + $this->expectException(AccessDeniedHttpException::class); + $this->expectExceptionMessage('Server is suspended and cannot be accessed.'); + $model = factory(Server::class)->make(['suspended' => 1]); $this->request->shouldReceive('route->parameter')->with('server')->once()->andReturn('123456'); @@ -59,12 +61,12 @@ class AccessingValidServerTest extends MiddlewareTestCase /** * Test that an exception is thrown if the request is an API request and the server is not installed. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\ConflictHttpException - * @expectedExceptionMessage Server is still completing the installation process. */ public function testExceptionIsThrownIfServerIsNotInstalled() { + $this->expectException(ConflictHttpException::class); + $this->expectExceptionMessage('Server is still completing the installation process.'); + $model = factory(Server::class)->make(['installed' => 0]); $this->request->shouldReceive('route->parameter')->with('server')->once()->andReturn('123456'); diff --git a/tests/Unit/Http/Middleware/Server/AuthenticateAsSubuserTest.php b/tests/Unit/Http/Middleware/Server/AuthenticateAsSubuserTest.php index b24a2c227..b9199a67a 100644 --- a/tests/Unit/Http/Middleware/Server/AuthenticateAsSubuserTest.php +++ b/tests/Unit/Http/Middleware/Server/AuthenticateAsSubuserTest.php @@ -8,6 +8,7 @@ use Tests\Unit\Http\Middleware\MiddlewareTestCase; use Pterodactyl\Http\Middleware\Server\AuthenticateAsSubuser; use Pterodactyl\Services\DaemonKeys\DaemonKeyProviderService; use Pterodactyl\Exceptions\Repository\RecordNotFoundException; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; class AuthenticateAsSubuserTest extends MiddlewareTestCase { @@ -44,12 +45,12 @@ class AuthenticateAsSubuserTest extends MiddlewareTestCase /** * Test middleware handles missing token exception. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException - * @expectedExceptionMessage This account does not have permission to access this server. */ public function testExceptionIsThrownIfNoTokenIsFound() { + $this->expectException(AccessDeniedHttpException::class); + $this->expectExceptionMessage('This account does not have permission to access this server.'); + $model = factory(Server::class)->make(); $user = $this->setRequestUser(); $this->setRequestAttribute('server', $model); diff --git a/tests/Unit/Http/Middleware/Server/DatabaseBelongsToServerTest.php b/tests/Unit/Http/Middleware/Server/DatabaseBelongsToServerTest.php deleted file mode 100644 index 0eed6945d..000000000 --- a/tests/Unit/Http/Middleware/Server/DatabaseBelongsToServerTest.php +++ /dev/null @@ -1,92 +0,0 @@ -repository = m::mock(DatabaseRepositoryInterface::class); - } - - /** - * Test a successful middleware instance. - */ - public function testSuccessfulMiddleware() - { - $model = factory(Server::class)->make(); - $database = factory(Database::class)->make([ - 'server_id' => $model->id, - ]); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('input')->with('database')->once()->andReturn($database->id); - $this->repository->shouldReceive('find')->with($database->id)->once()->andReturn($database); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - $this->assertRequestHasAttribute('database'); - $this->assertRequestAttributeEquals($database, 'database'); - } - - /** - * Test that an exception is thrown if no database record is found. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException - */ - public function testExceptionIsThrownIfNoDatabaseRecordFound() - { - $model = factory(Server::class)->make(); - $database = factory(Database::class)->make(); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('input')->with('database')->once()->andReturn($database->id); - $this->repository->shouldReceive('find')->with($database->id)->once()->andReturnNull(); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - } - - /** - * Test that an exception is found if the database server does not match the - * request server. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException - */ - public function testExceptionIsThrownIfDatabaseServerDoesNotMatchCurrent() - { - $model = factory(Server::class)->make(); - $database = factory(Database::class)->make(); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('input')->with('database')->once()->andReturn($database->id); - $this->repository->shouldReceive('find')->with($database->id)->once()->andReturn($database); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - } - - /** - * Return an instance of the middleware using mocked dependencies. - * - * @return \Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer - */ - private function getMiddleware(): DatabaseBelongsToServer - { - return new DatabaseBelongsToServer($this->repository); - } -} diff --git a/tests/Unit/Http/Middleware/Server/ScheduleBelongsToServerTest.php b/tests/Unit/Http/Middleware/Server/ScheduleBelongsToServerTest.php deleted file mode 100644 index ac455a84a..000000000 --- a/tests/Unit/Http/Middleware/Server/ScheduleBelongsToServerTest.php +++ /dev/null @@ -1,81 +0,0 @@ -hashids = m::mock(HashidsInterface::class); - $this->repository = m::mock(ScheduleRepositoryInterface::class); - } - - /** - * Test a successful middleware instance. - */ - public function testSuccessfulMiddleware() - { - $model = factory(Server::class)->make(); - $schedule = factory(Schedule::class)->make([ - 'server_id' => $model->id, - ]); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('route->parameter')->with('schedule')->once()->andReturn('abc123'); - $this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($schedule->id); - $this->repository->shouldReceive('getScheduleWithTasks')->with($schedule->id)->once()->andReturn($schedule); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - $this->assertRequestHasAttribute('schedule'); - $this->assertRequestAttributeEquals($schedule, 'schedule'); - } - - /** - * Test that an exception is thrown if the schedule does not belong to - * the request server. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException - */ - public function testExceptionIsThrownIfScheduleDoesNotBelongToServer() - { - $model = factory(Server::class)->make(); - $schedule = factory(Schedule::class)->make(); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('route->parameter')->with('schedule')->once()->andReturn('abc123'); - $this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($schedule->id); - $this->repository->shouldReceive('getScheduleWithTasks')->with($schedule->id)->once()->andReturn($schedule); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - } - - /** - * Return an instance of the middleware using mocked dependencies. - * - * @return \Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer - */ - private function getMiddleware(): ScheduleBelongsToServer - { - return new ScheduleBelongsToServer($this->hashids, $this->repository); - } -} diff --git a/tests/Unit/Http/Middleware/Server/SubuserBelongsToServerTest.php b/tests/Unit/Http/Middleware/Server/SubuserBelongsToServerTest.php deleted file mode 100644 index 7d06ece59..000000000 --- a/tests/Unit/Http/Middleware/Server/SubuserBelongsToServerTest.php +++ /dev/null @@ -1,156 +0,0 @@ -hashids = m::mock(HashidsInterface::class); - $this->repository = m::mock(SubuserRepositoryInterface::class); - } - - /** - * Test a successful middleware instance. - */ - public function testSuccessfulMiddleware() - { - $model = factory(Server::class)->make(); - $subuser = factory(Subuser::class)->make([ - 'server_id' => $model->id, - ]); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123'); - $this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id); - $this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser); - - $this->request->shouldReceive('method')->withNoArgs()->once()->andReturn('GET'); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - $this->assertRequestHasAttribute('subuser'); - $this->assertRequestAttributeEquals($subuser, 'subuser'); - } - - /** - * Test that a user can edit a user other than themselves. - */ - public function testSuccessfulMiddlewareWhenPatchRequest() - { - $this->setRequestUser(); - $model = factory(Server::class)->make(); - $subuser = factory(Subuser::class)->make([ - 'server_id' => $model->id, - ]); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123'); - $this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id); - $this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser); - - $this->request->shouldReceive('method')->withNoArgs()->once()->andReturn('PATCH'); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - $this->assertRequestHasAttribute('subuser'); - $this->assertRequestAttributeEquals($subuser, 'subuser'); - } - - /** - * Test that an exception is thrown if a user attempts to edit themself. - */ - public function testExceptionIsThrownIfUserTriesToEditSelf() - { - $user = $this->setRequestUser(); - $model = factory(Server::class)->make(); - $subuser = factory(Subuser::class)->make([ - 'server_id' => $model->id, - 'user_id' => $user->id, - ]); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123'); - $this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id); - $this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser); - - $this->request->shouldReceive('method')->withNoArgs()->once()->andReturn('PATCH'); - - try { - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - } catch (PterodactylException $exception) { - $this->assertInstanceOf(DisplayException::class, $exception); - $this->assertEquals(trans('exceptions.subusers.editing_self'), $exception->getMessage()); - } - } - - /** - * Test that an exception is thrown if a subuser server does not match the - * request server. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException - */ - public function testExceptionIsThrownIfSubuserServerDoesNotMatchRequestServer() - { - $model = factory(Server::class)->make(); - $subuser = factory(Subuser::class)->make(); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123'); - $this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id); - $this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - } - - /** - * Test that an exception is thrown if no subuser is found. - * - * @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException - */ - public function testExceptionIsThrownIfNoSubuserIsFound() - { - $model = factory(Server::class)->make(); - $subuser = factory(Subuser::class)->make(); - $this->setRequestAttribute('server', $model); - - $this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123'); - $this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id); - $this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturnNull(); - - $this->getMiddleware()->handle($this->request, $this->getClosureAssertions()); - } - - /** - * Return an instance of the middleware using mocked dependencies. - * - * @return \Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer - */ - private function getMiddleware(): SubuserBelongsToServer - { - return new SubuserBelongsToServer($this->hashids, $this->repository); - } -}