Remove last references to removed api_key model
This commit is contained in:
parent
815ce0e451
commit
3a83a2d5ac
8 changed files with 47 additions and 167 deletions
|
@ -1,38 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Models;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
|
||||
class APILog extends Model
|
||||
{
|
||||
/**
|
||||
* The table associated with the model.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $table = 'api_logs';
|
||||
|
||||
/**
|
||||
* The attributes excluded from the model's JSON form.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $hidden = [];
|
||||
|
||||
/**
|
||||
* Fields that are not mass assignable.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $guarded = ['id', 'created_at', 'updated_at'];
|
||||
|
||||
/**
|
||||
* Cast values to correct type.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $casts = [
|
||||
'authorized' => 'boolean',
|
||||
];
|
||||
}
|
|
@ -1,34 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Models;
|
||||
|
||||
use Pterodactyl\Services\Acl\Api\AdminAcl;
|
||||
|
||||
class ApiKey extends Model
|
||||
{
|
||||
/**
|
||||
* Different API keys that can exist on the system.
|
||||
*/
|
||||
public const TYPE_ACCOUNT = 1;
|
||||
public const TYPE_APPLICATION = 2;
|
||||
|
||||
/**
|
||||
* Cast values to correct type.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $casts = [
|
||||
'allowed_ips' => 'array',
|
||||
'user_id' => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_USERS => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_ALLOCATIONS => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_DATABASE_HOSTS => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_SERVER_DATABASES => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_EGGS => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_LOCATIONS => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_NESTS => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_NODES => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_SERVERS => 'int',
|
||||
'r_' . AdminAcl::RESOURCE_ROLES => 'int',
|
||||
];
|
||||
}
|
|
@ -3,8 +3,7 @@
|
|||
namespace Pterodactyl\Tests\Integration\Api\Application;
|
||||
|
||||
use Pterodactyl\Models\User;
|
||||
use Pterodactyl\Models\ApiKey;
|
||||
use Pterodactyl\Services\Acl\Api\AdminAcl;
|
||||
use Pterodactyl\Models\PersonalAccessToken;
|
||||
use Pterodactyl\Tests\Integration\IntegrationTestCase;
|
||||
use Illuminate\Foundation\Testing\DatabaseTransactions;
|
||||
use Pterodactyl\Tests\Traits\Integration\CreatesTestModels;
|
||||
|
@ -16,16 +15,19 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
|
|||
use DatabaseTransactions;
|
||||
use IntegrationJsonRequestAssertions;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Models\ApiKey
|
||||
*/
|
||||
private $key;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Models\User
|
||||
*/
|
||||
private $user;
|
||||
|
||||
/**
|
||||
* @var string[]
|
||||
*/
|
||||
protected $defaultHeaders = [
|
||||
'Accept' => 'application/vnd.pterodactyl.v1+json',
|
||||
'Content-Type' => 'application/json',
|
||||
];
|
||||
|
||||
/**
|
||||
* Bootstrap application API tests. Creates a default admin user and associated API key
|
||||
* and also sets some default headers required for accessing the API.
|
||||
|
@ -35,12 +37,8 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
|
|||
parent::setUp();
|
||||
|
||||
$this->user = User::factory()->create(['root_admin' => true]);
|
||||
$this->key = $this->createApiKey($this->user);
|
||||
|
||||
$this->withHeader('Accept', 'application/vnd.pterodactyl.v1+json');
|
||||
$this->withHeader('Authorization', 'Bearer ' . $this->getApiKey()->identifier . decrypt($this->getApiKey()->token));
|
||||
|
||||
$this->withMiddleware('api..key:' . ApiKey::TYPE_APPLICATION);
|
||||
$this->createNewAccessToken();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -51,62 +49,15 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
|
|||
return $this->user;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return \Pterodactyl\Models\ApiKey
|
||||
*/
|
||||
public function getApiKey(): ApiKey
|
||||
{
|
||||
return $this->key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new default API key and refreshes the headers using it.
|
||||
*
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param array $permissions
|
||||
*
|
||||
* @return \Pterodactyl\Models\ApiKey
|
||||
*/
|
||||
protected function createNewDefaultApiKey(User $user, array $permissions = []): ApiKey
|
||||
protected function createNewAccessToken(array $abilities = ['*']): PersonalAccessToken
|
||||
{
|
||||
$this->key = $this->createApiKey($user, $permissions);
|
||||
$this->refreshHeaders($this->key);
|
||||
$token = $this->user->createToken('test', $abilities);
|
||||
|
||||
return $this->key;
|
||||
}
|
||||
$this->withHeader('Authorization', 'Bearer ' . $token->plainTextToken);
|
||||
|
||||
/**
|
||||
* Refresh the authorization header for a request to use a different API key.
|
||||
*
|
||||
* @param \Pterodactyl\Models\ApiKey $key
|
||||
*/
|
||||
protected function refreshHeaders(ApiKey $key)
|
||||
{
|
||||
$this->withHeader('Authorization', 'Bearer ' . $key->identifier . decrypt($key->token));
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new application API key for a given user model.
|
||||
*
|
||||
* @param \Pterodactyl\Models\User $user
|
||||
* @param array $permissions
|
||||
*
|
||||
* @return \Pterodactyl\Models\ApiKey
|
||||
*/
|
||||
protected function createApiKey(User $user, array $permissions = []): ApiKey
|
||||
{
|
||||
return ApiKey::factory()->create(array_merge([
|
||||
'user_id' => $user->id,
|
||||
'key_type' => ApiKey::TYPE_APPLICATION,
|
||||
'r_servers' => AdminAcl::READ | AdminAcl::WRITE,
|
||||
'r_nodes' => AdminAcl::READ | AdminAcl::WRITE,
|
||||
'r_allocations' => AdminAcl::READ | AdminAcl::WRITE,
|
||||
'r_users' => AdminAcl::READ | AdminAcl::WRITE,
|
||||
'r_locations' => AdminAcl::READ | AdminAcl::WRITE,
|
||||
'r_nests' => AdminAcl::READ | AdminAcl::WRITE,
|
||||
'r_eggs' => AdminAcl::READ | AdminAcl::WRITE,
|
||||
'r_database_hosts' => AdminAcl::READ | AdminAcl::WRITE,
|
||||
'r_server_databases' => AdminAcl::READ | AdminAcl::WRITE,
|
||||
], $permissions));
|
||||
return $token->accessToken;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -125,7 +125,7 @@ class EggControllerTest extends ApplicationApiIntegrationTestCase
|
|||
public function testErrorReturnedIfNoPermission()
|
||||
{
|
||||
$egg = $this->repository->find(1);
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_eggs' => 0]);
|
||||
$this->createNewAccessToken(['r_eggs' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/nests/' . $egg->nest_id . '/eggs');
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
@ -137,7 +137,7 @@ class EggControllerTest extends ApplicationApiIntegrationTestCase
|
|||
*/
|
||||
public function testResourceIsNotExposedWithoutPermissions()
|
||||
{
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_eggs' => 0]);
|
||||
$this->createNewAccessToken(['r_eggs' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/eggs/nil');
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
|
|
@ -142,7 +142,7 @@ class LocationControllerTest extends ApplicationApiIntegrationTestCase
|
|||
*/
|
||||
public function testKeyWithoutPermissionCannotLoadRelationship()
|
||||
{
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_nodes' => 0]);
|
||||
$this->createNewAccessToken(['r_nodes' => 0]);
|
||||
|
||||
$location = Location::factory()->create();
|
||||
Node::factory()->create(['location_id' => $location->id]);
|
||||
|
@ -189,7 +189,7 @@ class LocationControllerTest extends ApplicationApiIntegrationTestCase
|
|||
public function testErrorReturnedIfNoPermission()
|
||||
{
|
||||
$location = Location::factory()->create();
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_locations' => 0]);
|
||||
$this->createNewAccessToken(['r_locations' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/locations/' . $location->id);
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
@ -201,7 +201,7 @@ class LocationControllerTest extends ApplicationApiIntegrationTestCase
|
|||
*/
|
||||
public function testResourceIsNotExposedWithoutPermissions()
|
||||
{
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_locations' => 0]);
|
||||
$this->createNewAccessToken(['r_locations' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/locations/nil');
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
|
|
@ -123,7 +123,7 @@ class NestControllerTest extends ApplicationApiIntegrationTestCase
|
|||
public function testErrorReturnedIfNoPermission()
|
||||
{
|
||||
$nest = $this->repository->find(1);
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_nests' => 0]);
|
||||
$this->createNewAccessToken(['r_nests' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/nests/' . $nest->id);
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
@ -136,7 +136,7 @@ class NestControllerTest extends ApplicationApiIntegrationTestCase
|
|||
public function testResourceIsNotExposedWithoutPermissions()
|
||||
{
|
||||
$nest = $this->repository->find(1);
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_nests' => 0]);
|
||||
$this->createNewAccessToken(['r_nests' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/nests/' . $nest->id);
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
|
|
@ -59,7 +59,7 @@ class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase
|
|||
public function testErrorReturnedIfNoPermission()
|
||||
{
|
||||
$user = User::factory()->create();
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]);
|
||||
$this->createNewAccessToken(['r_users' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/users/external/' . $user->external_id);
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
@ -71,7 +71,7 @@ class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase
|
|||
*/
|
||||
public function testResourceIsNotExposedWithoutPermissions()
|
||||
{
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]);
|
||||
$this->createNewAccessToken(['r_users' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/users/external/nil');
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
|
|
@ -16,7 +16,8 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
|||
*/
|
||||
public function testGetUsers()
|
||||
{
|
||||
$user = User::factory()->create();
|
||||
$user = $this->getApiUser();
|
||||
$created = User::factory()->create();
|
||||
|
||||
$response = $this->getJson('/api/application/users');
|
||||
$response->assertStatus(Response::HTTP_OK);
|
||||
|
@ -45,24 +46,6 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
|||
],
|
||||
],
|
||||
])
|
||||
->assertJsonFragment([
|
||||
'object' => 'user',
|
||||
'attributes' => [
|
||||
'id' => $this->getApiUser()->id,
|
||||
'external_id' => $this->getApiUser()->external_id,
|
||||
'uuid' => $this->getApiUser()->uuid,
|
||||
'username' => $this->getApiUser()->username,
|
||||
'email' => $this->getApiUser()->email,
|
||||
'language' => $this->getApiUser()->language,
|
||||
'admin_role_id' => $this->getApiUser()->admin_role_id,
|
||||
'root_admin' => (bool) $this->getApiUser()->root_admin,
|
||||
'2fa' => (bool) $this->getApiUser()->totp_enabled,
|
||||
'avatar_url' => $this->getApiUser()->avatarURL(),
|
||||
'role_name' => $this->getApiUser()->adminRoleName(),
|
||||
'created_at' => $this->formatTimestamp($this->getApiUser()->created_at),
|
||||
'updated_at' => $this->formatTimestamp($this->getApiUser()->updated_at),
|
||||
],
|
||||
])
|
||||
->assertJsonFragment([
|
||||
'object' => 'user',
|
||||
'attributes' => [
|
||||
|
@ -80,6 +63,24 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
|||
'created_at' => $this->formatTimestamp($user->created_at),
|
||||
'updated_at' => $this->formatTimestamp($user->updated_at),
|
||||
],
|
||||
])
|
||||
->assertJsonFragment([
|
||||
'object' => 'user',
|
||||
'attributes' => [
|
||||
'id' => $created->id,
|
||||
'external_id' => $created->external_id,
|
||||
'uuid' => $created->uuid,
|
||||
'username' => $created->username,
|
||||
'email' => $created->email,
|
||||
'language' => $created->language,
|
||||
'admin_role_id' => $created->admin_role_id,
|
||||
'root_admin' => (bool) $created->root_admin,
|
||||
'2fa' => (bool) $created->totp_enabled,
|
||||
'avatar_url' => $created->avatarURL(),
|
||||
'role_name' => $created->adminRoleName(),
|
||||
'created_at' => $this->formatTimestamp($created->created_at),
|
||||
'updated_at' => $this->formatTimestamp($created->updated_at),
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
|
@ -152,7 +153,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
|||
*/
|
||||
public function testKeyWithoutPermissionCannotLoadRelationship()
|
||||
{
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_servers' => 0]);
|
||||
$this->createNewAccessToken(['r_servers' => 0]);
|
||||
|
||||
$user = User::factory()->create();
|
||||
$this->createServerModel(['user_id' => $user->id]);
|
||||
|
@ -197,7 +198,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
|||
public function testErrorReturnedIfNoPermission()
|
||||
{
|
||||
$user = User::factory()->create();
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]);
|
||||
$this->createNewAccessToken(['r_users' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/users/' . $user->id);
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
@ -209,7 +210,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
|||
*/
|
||||
public function testResourceIsNotExposedWithoutPermissions()
|
||||
{
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]);
|
||||
$this->createNewAccessToken(['r_users' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/users/nil');
|
||||
$this->assertAccessDeniedJson($response);
|
||||
|
@ -294,7 +295,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
|||
*/
|
||||
public function testApiKeyWithoutWritePermissions(string $method, string $url)
|
||||
{
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => AdminAcl::READ]);
|
||||
$this->createNewAccessToken(['r_users' => AdminAcl::READ]);
|
||||
|
||||
if (str_contains($url, '{id}')) {
|
||||
$user = User::factory()->create();
|
||||
|
|
Loading…
Reference in a new issue