Add another sanity check for websocket permissions
This commit is contained in:
parent
9bffa6a94c
commit
75e0a862e7
|
@ -3,6 +3,7 @@
|
||||||
namespace Pterodactyl\Tests\Integration\Api\Client\Server;
|
namespace Pterodactyl\Tests\Integration\Api\Client\Server;
|
||||||
|
|
||||||
use Carbon\CarbonImmutable;
|
use Carbon\CarbonImmutable;
|
||||||
|
use Pterodactyl\Models\User;
|
||||||
use Illuminate\Http\Response;
|
use Illuminate\Http\Response;
|
||||||
use Lcobucci\JWT\Configuration;
|
use Lcobucci\JWT\Configuration;
|
||||||
use Pterodactyl\Models\Permission;
|
use Pterodactyl\Models\Permission;
|
||||||
|
@ -27,6 +28,18 @@ class WebsocketControllerTest extends ClientApiIntegrationTestCase
|
||||||
->assertJsonPath('errors.0.detail', 'You do not have permission to connect to this server\'s websocket.');
|
->assertJsonPath('errors.0.detail', 'You do not have permission to connect to this server\'s websocket.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Confirm users cannot access the websocket for another user's server.
|
||||||
|
*/
|
||||||
|
public function testUserWithoutPermissionForServerReceivesError()
|
||||||
|
{
|
||||||
|
[,$server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
|
||||||
|
[$user,] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
|
||||||
|
|
||||||
|
$this->actingAs($user)->getJson("/api/client/servers/{$server->uuid}/websocket")
|
||||||
|
->assertStatus(Response::HTTP_NOT_FOUND);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test that the expected permissions are returned for the server owner and that the JWT is
|
* Test that the expected permissions are returned for the server owner and that the JWT is
|
||||||
* configured correctly.
|
* configured correctly.
|
||||||
|
|
Loading…
Reference in New Issue