diff --git a/app/Models/APILog.php b/app/Models/APILog.php deleted file mode 100644 index 359daa4ed..000000000 --- a/app/Models/APILog.php +++ /dev/null @@ -1,38 +0,0 @@ - 'boolean', - ]; -} diff --git a/app/Models/ApiKey.php b/app/Models/ApiKey.php deleted file mode 100644 index 66f661af7..000000000 --- a/app/Models/ApiKey.php +++ /dev/null @@ -1,34 +0,0 @@ - 'array', - 'user_id' => 'int', - 'r_' . AdminAcl::RESOURCE_USERS => 'int', - 'r_' . AdminAcl::RESOURCE_ALLOCATIONS => 'int', - 'r_' . AdminAcl::RESOURCE_DATABASE_HOSTS => 'int', - 'r_' . AdminAcl::RESOURCE_SERVER_DATABASES => 'int', - 'r_' . AdminAcl::RESOURCE_EGGS => 'int', - 'r_' . AdminAcl::RESOURCE_LOCATIONS => 'int', - 'r_' . AdminAcl::RESOURCE_NESTS => 'int', - 'r_' . AdminAcl::RESOURCE_NODES => 'int', - 'r_' . AdminAcl::RESOURCE_SERVERS => 'int', - 'r_' . AdminAcl::RESOURCE_ROLES => 'int', - ]; -} diff --git a/tests/Integration/Api/Application/ApplicationApiIntegrationTestCase.php b/tests/Integration/Api/Application/ApplicationApiIntegrationTestCase.php index e7d2c1019..a15f88002 100644 --- a/tests/Integration/Api/Application/ApplicationApiIntegrationTestCase.php +++ b/tests/Integration/Api/Application/ApplicationApiIntegrationTestCase.php @@ -3,8 +3,7 @@ namespace Pterodactyl\Tests\Integration\Api\Application; use Pterodactyl\Models\User; -use Pterodactyl\Models\ApiKey; -use Pterodactyl\Services\Acl\Api\AdminAcl; +use Pterodactyl\Models\PersonalAccessToken; use Pterodactyl\Tests\Integration\IntegrationTestCase; use Illuminate\Foundation\Testing\DatabaseTransactions; use Pterodactyl\Tests\Traits\Integration\CreatesTestModels; @@ -16,16 +15,19 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase use DatabaseTransactions; use IntegrationJsonRequestAssertions; - /** - * @var \Pterodactyl\Models\ApiKey - */ - private $key; - /** * @var \Pterodactyl\Models\User */ private $user; + /** + * @var string[] + */ + protected $defaultHeaders = [ + 'Accept' => 'application/vnd.pterodactyl.v1+json', + 'Content-Type' => 'application/json', + ]; + /** * Bootstrap application API tests. Creates a default admin user and associated API key * and also sets some default headers required for accessing the API. @@ -35,12 +37,8 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase parent::setUp(); $this->user = User::factory()->create(['root_admin' => true]); - $this->key = $this->createApiKey($this->user); - $this->withHeader('Accept', 'application/vnd.pterodactyl.v1+json'); - $this->withHeader('Authorization', 'Bearer ' . $this->getApiKey()->identifier . decrypt($this->getApiKey()->token)); - - $this->withMiddleware('api..key:' . ApiKey::TYPE_APPLICATION); + $this->createNewAccessToken(); } /** @@ -51,62 +49,15 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase return $this->user; } - /** - * @return \Pterodactyl\Models\ApiKey - */ - public function getApiKey(): ApiKey - { - return $this->key; - } - /** * Creates a new default API key and refreshes the headers using it. - * - * @param \Pterodactyl\Models\User $user - * @param array $permissions - * - * @return \Pterodactyl\Models\ApiKey */ - protected function createNewDefaultApiKey(User $user, array $permissions = []): ApiKey + protected function createNewAccessToken(array $abilities = ['*']): PersonalAccessToken { - $this->key = $this->createApiKey($user, $permissions); - $this->refreshHeaders($this->key); + $token = $this->user->createToken('test', $abilities); - return $this->key; - } + $this->withHeader('Authorization', 'Bearer ' . $token->plainTextToken); - /** - * Refresh the authorization header for a request to use a different API key. - * - * @param \Pterodactyl\Models\ApiKey $key - */ - protected function refreshHeaders(ApiKey $key) - { - $this->withHeader('Authorization', 'Bearer ' . $key->identifier . decrypt($key->token)); - } - - /** - * Create a new application API key for a given user model. - * - * @param \Pterodactyl\Models\User $user - * @param array $permissions - * - * @return \Pterodactyl\Models\ApiKey - */ - protected function createApiKey(User $user, array $permissions = []): ApiKey - { - return ApiKey::factory()->create(array_merge([ - 'user_id' => $user->id, - 'key_type' => ApiKey::TYPE_APPLICATION, - 'r_servers' => AdminAcl::READ | AdminAcl::WRITE, - 'r_nodes' => AdminAcl::READ | AdminAcl::WRITE, - 'r_allocations' => AdminAcl::READ | AdminAcl::WRITE, - 'r_users' => AdminAcl::READ | AdminAcl::WRITE, - 'r_locations' => AdminAcl::READ | AdminAcl::WRITE, - 'r_nests' => AdminAcl::READ | AdminAcl::WRITE, - 'r_eggs' => AdminAcl::READ | AdminAcl::WRITE, - 'r_database_hosts' => AdminAcl::READ | AdminAcl::WRITE, - 'r_server_databases' => AdminAcl::READ | AdminAcl::WRITE, - ], $permissions)); + return $token->accessToken; } } diff --git a/tests/Integration/Api/Application/Eggs/EggControllerTest.php b/tests/Integration/Api/Application/Eggs/EggControllerTest.php index 96bdda77c..37d01e61f 100644 --- a/tests/Integration/Api/Application/Eggs/EggControllerTest.php +++ b/tests/Integration/Api/Application/Eggs/EggControllerTest.php @@ -125,7 +125,7 @@ class EggControllerTest extends ApplicationApiIntegrationTestCase public function testErrorReturnedIfNoPermission() { $egg = $this->repository->find(1); - $this->createNewDefaultApiKey($this->getApiUser(), ['r_eggs' => 0]); + $this->createNewAccessToken(['r_eggs' => 0]); $response = $this->getJson('/api/application/nests/' . $egg->nest_id . '/eggs'); $this->assertAccessDeniedJson($response); @@ -137,7 +137,7 @@ class EggControllerTest extends ApplicationApiIntegrationTestCase */ public function testResourceIsNotExposedWithoutPermissions() { - $this->createNewDefaultApiKey($this->getApiUser(), ['r_eggs' => 0]); + $this->createNewAccessToken(['r_eggs' => 0]); $response = $this->getJson('/api/application/eggs/nil'); $this->assertAccessDeniedJson($response); diff --git a/tests/Integration/Api/Application/Location/LocationControllerTest.php b/tests/Integration/Api/Application/Location/LocationControllerTest.php index 463effd4e..479169fba 100644 --- a/tests/Integration/Api/Application/Location/LocationControllerTest.php +++ b/tests/Integration/Api/Application/Location/LocationControllerTest.php @@ -142,7 +142,7 @@ class LocationControllerTest extends ApplicationApiIntegrationTestCase */ public function testKeyWithoutPermissionCannotLoadRelationship() { - $this->createNewDefaultApiKey($this->getApiUser(), ['r_nodes' => 0]); + $this->createNewAccessToken(['r_nodes' => 0]); $location = Location::factory()->create(); Node::factory()->create(['location_id' => $location->id]); @@ -189,7 +189,7 @@ class LocationControllerTest extends ApplicationApiIntegrationTestCase public function testErrorReturnedIfNoPermission() { $location = Location::factory()->create(); - $this->createNewDefaultApiKey($this->getApiUser(), ['r_locations' => 0]); + $this->createNewAccessToken(['r_locations' => 0]); $response = $this->getJson('/api/application/locations/' . $location->id); $this->assertAccessDeniedJson($response); @@ -201,7 +201,7 @@ class LocationControllerTest extends ApplicationApiIntegrationTestCase */ public function testResourceIsNotExposedWithoutPermissions() { - $this->createNewDefaultApiKey($this->getApiUser(), ['r_locations' => 0]); + $this->createNewAccessToken(['r_locations' => 0]); $response = $this->getJson('/api/application/locations/nil'); $this->assertAccessDeniedJson($response); diff --git a/tests/Integration/Api/Application/Nests/NestControllerTest.php b/tests/Integration/Api/Application/Nests/NestControllerTest.php index 935b91564..5c336f119 100644 --- a/tests/Integration/Api/Application/Nests/NestControllerTest.php +++ b/tests/Integration/Api/Application/Nests/NestControllerTest.php @@ -123,7 +123,7 @@ class NestControllerTest extends ApplicationApiIntegrationTestCase public function testErrorReturnedIfNoPermission() { $nest = $this->repository->find(1); - $this->createNewDefaultApiKey($this->getApiUser(), ['r_nests' => 0]); + $this->createNewAccessToken(['r_nests' => 0]); $response = $this->getJson('/api/application/nests/' . $nest->id); $this->assertAccessDeniedJson($response); @@ -136,7 +136,7 @@ class NestControllerTest extends ApplicationApiIntegrationTestCase public function testResourceIsNotExposedWithoutPermissions() { $nest = $this->repository->find(1); - $this->createNewDefaultApiKey($this->getApiUser(), ['r_nests' => 0]); + $this->createNewAccessToken(['r_nests' => 0]); $response = $this->getJson('/api/application/nests/' . $nest->id); $this->assertAccessDeniedJson($response); diff --git a/tests/Integration/Api/Application/Users/ExternalUserControllerTest.php b/tests/Integration/Api/Application/Users/ExternalUserControllerTest.php index f634931c1..8883225e0 100644 --- a/tests/Integration/Api/Application/Users/ExternalUserControllerTest.php +++ b/tests/Integration/Api/Application/Users/ExternalUserControllerTest.php @@ -59,7 +59,7 @@ class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase public function testErrorReturnedIfNoPermission() { $user = User::factory()->create(); - $this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]); + $this->createNewAccessToken(['r_users' => 0]); $response = $this->getJson('/api/application/users/external/' . $user->external_id); $this->assertAccessDeniedJson($response); @@ -71,7 +71,7 @@ class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase */ public function testResourceIsNotExposedWithoutPermissions() { - $this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]); + $this->createNewAccessToken(['r_users' => 0]); $response = $this->getJson('/api/application/users/external/nil'); $this->assertAccessDeniedJson($response); diff --git a/tests/Integration/Api/Application/Users/UserControllerTest.php b/tests/Integration/Api/Application/Users/UserControllerTest.php index ce32c6bee..ea9e36064 100644 --- a/tests/Integration/Api/Application/Users/UserControllerTest.php +++ b/tests/Integration/Api/Application/Users/UserControllerTest.php @@ -16,7 +16,8 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase */ public function testGetUsers() { - $user = User::factory()->create(); + $user = $this->getApiUser(); + $created = User::factory()->create(); $response = $this->getJson('/api/application/users'); $response->assertStatus(Response::HTTP_OK); @@ -45,24 +46,6 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase ], ], ]) - ->assertJsonFragment([ - 'object' => 'user', - 'attributes' => [ - 'id' => $this->getApiUser()->id, - 'external_id' => $this->getApiUser()->external_id, - 'uuid' => $this->getApiUser()->uuid, - 'username' => $this->getApiUser()->username, - 'email' => $this->getApiUser()->email, - 'language' => $this->getApiUser()->language, - 'admin_role_id' => $this->getApiUser()->admin_role_id, - 'root_admin' => (bool) $this->getApiUser()->root_admin, - '2fa' => (bool) $this->getApiUser()->totp_enabled, - 'avatar_url' => $this->getApiUser()->avatarURL(), - 'role_name' => $this->getApiUser()->adminRoleName(), - 'created_at' => $this->formatTimestamp($this->getApiUser()->created_at), - 'updated_at' => $this->formatTimestamp($this->getApiUser()->updated_at), - ], - ]) ->assertJsonFragment([ 'object' => 'user', 'attributes' => [ @@ -80,6 +63,24 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase 'created_at' => $this->formatTimestamp($user->created_at), 'updated_at' => $this->formatTimestamp($user->updated_at), ], + ]) + ->assertJsonFragment([ + 'object' => 'user', + 'attributes' => [ + 'id' => $created->id, + 'external_id' => $created->external_id, + 'uuid' => $created->uuid, + 'username' => $created->username, + 'email' => $created->email, + 'language' => $created->language, + 'admin_role_id' => $created->admin_role_id, + 'root_admin' => (bool) $created->root_admin, + '2fa' => (bool) $created->totp_enabled, + 'avatar_url' => $created->avatarURL(), + 'role_name' => $created->adminRoleName(), + 'created_at' => $this->formatTimestamp($created->created_at), + 'updated_at' => $this->formatTimestamp($created->updated_at), + ], ]); } @@ -152,7 +153,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase */ public function testKeyWithoutPermissionCannotLoadRelationship() { - $this->createNewDefaultApiKey($this->getApiUser(), ['r_servers' => 0]); + $this->createNewAccessToken(['r_servers' => 0]); $user = User::factory()->create(); $this->createServerModel(['user_id' => $user->id]); @@ -197,7 +198,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase public function testErrorReturnedIfNoPermission() { $user = User::factory()->create(); - $this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]); + $this->createNewAccessToken(['r_users' => 0]); $response = $this->getJson('/api/application/users/' . $user->id); $this->assertAccessDeniedJson($response); @@ -209,7 +210,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase */ public function testResourceIsNotExposedWithoutPermissions() { - $this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]); + $this->createNewAccessToken(['r_users' => 0]); $response = $this->getJson('/api/application/users/nil'); $this->assertAccessDeniedJson($response); @@ -294,7 +295,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase */ public function testApiKeyWithoutWritePermissions(string $method, string $url) { - $this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => AdminAcl::READ]); + $this->createNewAccessToken(['r_users' => AdminAcl::READ]); if (str_contains($url, '{id}')) { $user = User::factory()->create();