2020-10-10 23:45:24 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace Pterodactyl\Tests\Integration\Api\Client\Server\Startup;
|
|
|
|
|
|
|
|
use Pterodactyl\Models\User;
|
|
|
|
use Pterodactyl\Models\Permission;
|
|
|
|
use Pterodactyl\Models\EggVariable;
|
|
|
|
use Pterodactyl\Tests\Integration\Api\Client\ClientApiIntegrationTestCase;
|
|
|
|
|
|
|
|
class GetStartupAndVariablesTest extends ClientApiIntegrationTestCase
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Test that the startup command and variables are returned for a server, but only the variables
|
|
|
|
* that can be viewed by a user (e.g. user_viewable=true).
|
|
|
|
*
|
|
|
|
* @dataProvider permissionsDataProvider
|
|
|
|
*/
|
2022-10-14 16:59:20 +00:00
|
|
|
public function testStartupVariablesAreReturnedForServer(array $permissions)
|
2020-10-10 23:45:24 +00:00
|
|
|
{
|
|
|
|
/** @var \Pterodactyl\Models\Server $server */
|
|
|
|
[$user, $server] = $this->generateTestAccount($permissions);
|
|
|
|
|
|
|
|
$egg = $this->cloneEggAndVariables($server->egg);
|
2022-10-14 16:59:20 +00:00
|
|
|
// BUNGEE_VERSION should never be returned to the user in this API call, either in
|
2020-10-10 23:45:24 +00:00
|
|
|
// the array of variables, or revealed in the startup command.
|
|
|
|
$egg->variables()->first()->update([
|
|
|
|
'user_viewable' => false,
|
|
|
|
]);
|
|
|
|
|
|
|
|
$server->fill([
|
|
|
|
'egg_id' => $egg->id,
|
|
|
|
'startup' => 'java {{SERVER_JARFILE}} --version {{BUNGEE_VERSION}}',
|
|
|
|
])->save();
|
|
|
|
$server = $server->refresh();
|
|
|
|
|
2021-01-23 20:09:16 +00:00
|
|
|
$response = $this->actingAs($user)->getJson($this->link($server) . '/startup');
|
2020-10-10 23:45:24 +00:00
|
|
|
|
|
|
|
$response->assertOk();
|
|
|
|
$response->assertJsonPath('meta.startup_command', 'java bungeecord.jar --version [hidden]');
|
|
|
|
$response->assertJsonPath('meta.raw_startup_command', $server->startup);
|
|
|
|
|
|
|
|
$response->assertJsonPath('object', 'list');
|
|
|
|
$response->assertJsonCount(1, 'data');
|
|
|
|
$response->assertJsonPath('data.0.object', EggVariable::RESOURCE_NAME);
|
2022-11-25 20:29:04 +00:00
|
|
|
$this->assertJsonTransformedWith($response->json('data.0.attributes'), $egg->variables()->orderBy('id', 'desc')->first());
|
2020-10-10 23:45:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test that a user without the required permission, or who does not have any permission to
|
|
|
|
* access the server cannot get the startup information for it.
|
|
|
|
*/
|
|
|
|
public function testStartupDataIsNotReturnedWithoutPermission()
|
|
|
|
{
|
|
|
|
[$user, $server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
|
2021-01-23 20:09:16 +00:00
|
|
|
$this->actingAs($user)->getJson($this->link($server) . '/startup')->assertForbidden();
|
2020-10-10 23:45:24 +00:00
|
|
|
|
2021-01-23 20:09:16 +00:00
|
|
|
$user2 = User::factory()->create();
|
|
|
|
$this->actingAs($user2)->getJson($this->link($server) . '/startup')->assertNotFound();
|
2020-10-10 23:45:24 +00:00
|
|
|
}
|
|
|
|
|
2022-10-14 16:59:20 +00:00
|
|
|
public function permissionsDataProvider(): array
|
2020-10-10 23:45:24 +00:00
|
|
|
{
|
|
|
|
return [[[]], [[Permission::ACTION_STARTUP_READ]]];
|
|
|
|
}
|
|
|
|
}
|