More middleware tests
This commit is contained in:
parent
d844a36167
commit
7b3393aff9
11 changed files with 547 additions and 56 deletions
|
@ -12,7 +12,7 @@ class DatabaseBelongsToServer
|
|||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface
|
||||
*/
|
||||
protected $repository;
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* DatabaseAccess constructor.
|
||||
|
@ -40,7 +40,7 @@ class DatabaseBelongsToServer
|
|||
$server = $request->attributes->get('server');
|
||||
|
||||
$database = $this->repository->find($request->input('database'));
|
||||
if ($database->server_id !== $server->id) {
|
||||
if (is_null($database) || $database->server_id !== $server->id) {
|
||||
throw new NotFoundHttpException;
|
||||
}
|
||||
|
||||
|
|
|
@ -50,7 +50,7 @@ class SubuserBelongsToServer
|
|||
|
||||
$hash = $request->route()->parameter('subuser', 0);
|
||||
$subuser = $this->repository->find($this->hashids->decodeFirst($hash, 0));
|
||||
if (! $subuser || $subuser->server_id !== $server->id) {
|
||||
if (is_null($subuser) || $subuser->server_id !== $server->id) {
|
||||
throw new NotFoundHttpException;
|
||||
}
|
||||
|
||||
|
|
39
tests/Assertions/MiddlewareAttributeAssertionsTrait.php
Normal file
39
tests/Assertions/MiddlewareAttributeAssertionsTrait.php
Normal file
|
@ -0,0 +1,39 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Assertions;
|
||||
|
||||
use PHPUnit\Framework\Assert;
|
||||
|
||||
trait MiddlewareAttributeAssertionsTrait
|
||||
{
|
||||
/**
|
||||
* Assert a request has an attribute assigned to it.
|
||||
*
|
||||
* @param string $attribute
|
||||
*/
|
||||
public function assertRequestHasAttribute(string $attribute)
|
||||
{
|
||||
Assert::assertTrue($this->request->attributes->has($attribute), 'Assert that request mock has ' . $attribute . ' attribute.');
|
||||
}
|
||||
|
||||
/**
|
||||
* Assert a request does not have an attribute assigned to it.
|
||||
*
|
||||
* @param string $attribute
|
||||
*/
|
||||
public function assertRequestMissingAttribute(string $attribute)
|
||||
{
|
||||
Assert::assertFalse($this->request->attributes->has($attribute), 'Assert that request mock does not have ' . $attribute . ' attribute.');
|
||||
}
|
||||
|
||||
/**
|
||||
* Assert a request attribute matches an expected value.
|
||||
*
|
||||
* @param mixed $expected
|
||||
* @param string $attribute
|
||||
*/
|
||||
public function assertRequestAttributeEquals($expected, string $attribute)
|
||||
{
|
||||
Assert::assertEquals($expected, $this->request->attributes->get($attribute));
|
||||
}
|
||||
}
|
31
tests/Traits/Http/MocksMiddlewareClosure.php
Normal file
31
tests/Traits/Http/MocksMiddlewareClosure.php
Normal file
|
@ -0,0 +1,31 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Traits\Http;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use BadFunctionCallException;
|
||||
|
||||
trait MocksMiddlewareClosure
|
||||
{
|
||||
/**
|
||||
* @var \Illuminate\Http\Request
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Provide a closure to be used when validating that the response from the middleware
|
||||
* is the same request object we passed into it.
|
||||
*/
|
||||
protected function getClosureAssertions(): Closure
|
||||
{
|
||||
if (is_null($this->request)) {
|
||||
throw new BadFunctionCallException('Calling getClosureAssertions without defining a request object is not supported.');
|
||||
}
|
||||
|
||||
return function ($response) {
|
||||
$this->assertInstanceOf(Request::class, $response);
|
||||
$this->assertSame($this->request, $response);
|
||||
};
|
||||
}
|
||||
}
|
|
@ -2,29 +2,21 @@
|
|||
|
||||
namespace Tests\Unit\Http\Middleware\Daemon;
|
||||
|
||||
use Closure;
|
||||
use Mockery as m;
|
||||
use Tests\TestCase;
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\Node;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||
use Pterodactyl\Http\Middleware\Daemon\DaemonAuthenticate;
|
||||
use Pterodactyl\Contracts\Repository\NodeRepositoryInterface;
|
||||
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
|
||||
|
||||
class DaemonAuthenticateTest extends TestCase
|
||||
class DaemonAuthenticateTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\NodeRepositoryInterface|\Mockery\Mock
|
||||
*/
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* @var \Illuminate\Http\Request|\Mockery\Mock
|
||||
*/
|
||||
private $request;
|
||||
|
||||
/**
|
||||
* Setup tests.
|
||||
*/
|
||||
|
@ -33,8 +25,6 @@ class DaemonAuthenticateTest extends TestCase
|
|||
parent::setUp();
|
||||
|
||||
$this->repository = m::mock(NodeRepositoryInterface::class);
|
||||
$this->request = m::mock(Request::class);
|
||||
$this->request->attributes = new ParameterBag();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -98,8 +88,8 @@ class DaemonAuthenticateTest extends TestCase
|
|||
$this->repository->shouldReceive('findFirstWhere')->with([['daemonSecret', '=', $model->daemonSecret]])->once()->andReturn($model);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertTrue($this->request->attributes->has('node'), 'Assert request attributes contains node.');
|
||||
$this->assertSame($model, $this->request->attributes->get('node'));
|
||||
$this->assertRequestHasAttribute('node');
|
||||
$this->assertRequestAttributeEquals($model, 'node');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -111,16 +101,4 @@ class DaemonAuthenticateTest extends TestCase
|
|||
{
|
||||
return new DaemonAuthenticate($this->repository);
|
||||
}
|
||||
|
||||
/**
|
||||
* Provide a closure to be used when validating that the response from the middleware
|
||||
* is the same request object we passed into it.
|
||||
*/
|
||||
private function getClosureAssertions(): Closure
|
||||
{
|
||||
return function ($response) {
|
||||
$this->assertInstanceOf(Request::class, $response);
|
||||
$this->assertSame($this->request, $response);
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
58
tests/Unit/Http/Middleware/MiddlewareTestCase.php
Normal file
58
tests/Unit/Http/Middleware/MiddlewareTestCase.php
Normal file
|
@ -0,0 +1,58 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware;
|
||||
|
||||
use Mockery as m;
|
||||
use Tests\TestCase;
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\User;
|
||||
use Tests\Traits\Http\MocksMiddlewareClosure;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
use Tests\Assertions\MiddlewareAttributeAssertionsTrait;
|
||||
|
||||
abstract class MiddlewareTestCase extends TestCase
|
||||
{
|
||||
use MiddlewareAttributeAssertionsTrait, MocksMiddlewareClosure;
|
||||
|
||||
/**
|
||||
* @var \Illuminate\Http\Request|\Mockery\Mock
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Setup tests with a mocked request object and normal attributes.
|
||||
*/
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->request = m::mock(Request::class);
|
||||
$this->request->attributes = new ParameterBag();
|
||||
}
|
||||
|
||||
/**
|
||||
* Set a request attribute on the mock object.
|
||||
*
|
||||
* @param string $attribute
|
||||
* @param mixed $value
|
||||
*/
|
||||
protected function setRequestAttribute(string $attribute, $value)
|
||||
{
|
||||
$this->request->attributes->set($attribute, $value);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the mocked request user. If a user model is not provided, a factory model
|
||||
* will be created and returned.
|
||||
*
|
||||
* @param \Pterodactyl\Models\User|null $user
|
||||
* @return \Pterodactyl\Models\User
|
||||
*/
|
||||
protected function setRequestUser(User $user = null): User
|
||||
{
|
||||
$user = $user instanceof User ? $user : factory(User::class)->make();
|
||||
$this->request->shouldReceive('user')->withNoArgs()->andReturn($user);
|
||||
|
||||
return $user;
|
||||
}
|
||||
}
|
|
@ -2,20 +2,16 @@
|
|||
|
||||
namespace Tests\Unit\Http\Middleware\Server;
|
||||
|
||||
use Closure;
|
||||
use Mockery as m;
|
||||
use Tests\TestCase;
|
||||
use Illuminate\View\View;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\Response;
|
||||
use Pterodactyl\Models\Server;
|
||||
use Illuminate\Contracts\Session\Session;
|
||||
use Illuminate\Contracts\Config\Repository;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Http\Middleware\AccessingValidServer;
|
||||
use Pterodactyl\Contracts\Repository\ServerRepositoryInterface;
|
||||
|
||||
class AccessingValidServerTest extends TestCase
|
||||
class AccessingValidServerTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Illuminate\Contracts\Config\Repository|\Mockery\Mock
|
||||
|
@ -27,11 +23,6 @@ class AccessingValidServerTest extends TestCase
|
|||
*/
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* @var \Illuminate\Http\Request|\Mockery\Mock
|
||||
*/
|
||||
private $request;
|
||||
|
||||
/**
|
||||
* @var \Illuminate\Contracts\Session\Session|\Mockery\Mock
|
||||
*/
|
||||
|
@ -46,8 +37,6 @@ class AccessingValidServerTest extends TestCase
|
|||
|
||||
$this->config = m::mock(Repository::class);
|
||||
$this->repository = m::mock(ServerRepositoryInterface::class);
|
||||
$this->request = m::mock(Request::class);
|
||||
$this->request->attributes = new ParameterBag();
|
||||
$this->session = m::mock(Session::class);
|
||||
}
|
||||
|
||||
|
@ -139,8 +128,8 @@ class AccessingValidServerTest extends TestCase
|
|||
$this->session->shouldReceive('now')->with('server_data.model', $model)->once()->andReturnNull();
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertTrue($this->request->attributes->has('server'), 'Assert request attributes contains server.');
|
||||
$this->assertSame($model, $this->request->attributes->get('server'));
|
||||
$this->assertRequestHasAttribute('server');
|
||||
$this->assertRequestAttributeEquals($model, 'server');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -170,16 +159,4 @@ class AccessingValidServerTest extends TestCase
|
|||
{
|
||||
return new AccessingValidServer($this->config, $this->repository, $this->session);
|
||||
}
|
||||
|
||||
/**
|
||||
* Provide a closure to be used when validating that the response from the middleware
|
||||
* is the same request object we passed into it.
|
||||
*/
|
||||
private function getClosureAssertions(): Closure
|
||||
{
|
||||
return function ($response) {
|
||||
$this->assertInstanceOf(Request::class, $response);
|
||||
$this->assertSame($this->request, $response);
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,79 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\Server;
|
||||
|
||||
use Mockery as m;
|
||||
use Pterodactyl\Models\Server;
|
||||
use Illuminate\Contracts\Session\Session;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Http\Middleware\Server\AuthenticateAsSubuser;
|
||||
use Pterodactyl\Services\DaemonKeys\DaemonKeyProviderService;
|
||||
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
|
||||
|
||||
class AuthenticateAsSubuserTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Services\DaemonKeys\DaemonKeyProviderService|\Mockery\Mock
|
||||
*/
|
||||
private $keyProviderService;
|
||||
|
||||
/**
|
||||
* @var \Illuminate\Contracts\Session\Session|\Mockery\Mock
|
||||
*/
|
||||
private $session;
|
||||
|
||||
/**
|
||||
* Setup tests.
|
||||
*/
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->keyProviderService = m::mock(DaemonKeyProviderService::class);
|
||||
$this->session = m::mock(Session::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test a successful instance of the middleware.
|
||||
*/
|
||||
public function testSuccessfulMiddleware()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$user = $this->setRequestUser();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->keyProviderService->shouldReceive('handle')->with($model->id, $user->id)->once()->andReturn('abc123');
|
||||
$this->session->shouldReceive('now')->with('server_data.token', 'abc123')->once()->andReturnNull();
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('server_token');
|
||||
$this->assertRequestAttributeEquals('abc123', 'server_token');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test middleware handles missing token exception.
|
||||
*
|
||||
* @expectedException \Illuminate\Auth\AuthenticationException
|
||||
* @expectedExceptionMessage This account does not have permission to access this server.
|
||||
*/
|
||||
public function testExceptionIsThrownIfNoTokenIsFound()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$user = $this->setRequestUser();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->keyProviderService->shouldReceive('handle')->with($model->id, $user->id)->once()->andThrow(new RecordNotFoundException);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an instance of the middleware using mocked dependencies.
|
||||
*
|
||||
* @return \Pterodactyl\Http\Middleware\Server\AuthenticateAsSubuser
|
||||
*/
|
||||
public function getMiddleware(): AuthenticateAsSubuser
|
||||
{
|
||||
return new AuthenticateAsSubuser($this->keyProviderService, $this->session);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,92 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\Server;
|
||||
|
||||
use Mockery as m;
|
||||
use Pterodactyl\Models\Server;
|
||||
use Pterodactyl\Models\Database;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer;
|
||||
use Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface;
|
||||
|
||||
class DatabaseBelongsToServerTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\DatabaseRepositoryInterface|\Mockery\Mock
|
||||
*/
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* Setup tests.
|
||||
*/
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->repository = m::mock(DatabaseRepositoryInterface::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test a successful middleware instance.
|
||||
*/
|
||||
public function testSuccessfulMiddleware()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$database = factory(Database::class)->make([
|
||||
'server_id' => $model->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('input')->with('database')->once()->andReturn($database->id);
|
||||
$this->repository->shouldReceive('find')->with($database->id)->once()->andReturn($database);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('database');
|
||||
$this->assertRequestAttributeEquals($database, 'database');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if no database record is found.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfNoDatabaseRecordFound()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$database = factory(Database::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('input')->with('database')->once()->andReturn($database->id);
|
||||
$this->repository->shouldReceive('find')->with($database->id)->once()->andReturnNull();
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is found if the database server does not match the
|
||||
* request server.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfDatabaseServerDoesNotMatchCurrent()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$database = factory(Database::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('input')->with('database')->once()->andReturn($database->id);
|
||||
$this->repository->shouldReceive('find')->with($database->id)->once()->andReturn($database);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an instance of the middleware using mocked dependencies.
|
||||
*
|
||||
* @return \Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer
|
||||
*/
|
||||
private function getMiddleware(): DatabaseBelongsToServer
|
||||
{
|
||||
return new DatabaseBelongsToServer($this->repository);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,81 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\Server;
|
||||
|
||||
use Mockery as m;
|
||||
use Pterodactyl\Models\Server;
|
||||
use Pterodactyl\Models\Schedule;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Contracts\Extensions\HashidsInterface;
|
||||
use Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer;
|
||||
use Pterodactyl\Contracts\Repository\ScheduleRepositoryInterface;
|
||||
|
||||
class ScheduleBelongsToServerTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Extensions\HashidsInterface|\Mockery\Mock
|
||||
*/
|
||||
private $hashids;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\ScheduleRepositoryInterface|\Mockery\Mock
|
||||
*/
|
||||
private $repository;
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->hashids = m::mock(HashidsInterface::class);
|
||||
$this->repository = m::mock(ScheduleRepositoryInterface::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test a successful middleware instance.
|
||||
*/
|
||||
public function testSuccessfulMiddleware()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$schedule = factory(Schedule::class)->make([
|
||||
'server_id' => $model->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('schedule')->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($schedule->id);
|
||||
$this->repository->shouldReceive('getScheduleWithTasks')->with($schedule->id)->once()->andReturn($schedule);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('schedule');
|
||||
$this->assertRequestAttributeEquals($schedule, 'schedule');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if the schedule does not belong to
|
||||
* the request server.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfScheduleDoesNotBelongToServer()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$schedule = factory(Schedule::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('schedule')->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($schedule->id);
|
||||
$this->repository->shouldReceive('getScheduleWithTasks')->with($schedule->id)->once()->andReturn($schedule);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an instance of the middleware using mocked dependencies.
|
||||
*
|
||||
* @return \Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer
|
||||
*/
|
||||
private function getMiddleware(): ScheduleBelongsToServer
|
||||
{
|
||||
return new ScheduleBelongsToServer($this->hashids, $this->repository);
|
||||
}
|
||||
}
|
156
tests/Unit/Http/Middleware/Server/SubuserBelongsToServerTest.php
Normal file
156
tests/Unit/Http/Middleware/Server/SubuserBelongsToServerTest.php
Normal file
|
@ -0,0 +1,156 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Unit\Http\Middleware\Server;
|
||||
|
||||
use Mockery as m;
|
||||
use Pterodactyl\Models\Server;
|
||||
use Pterodactyl\Models\Subuser;
|
||||
use Pterodactyl\Exceptions\DisplayException;
|
||||
use Pterodactyl\Exceptions\PterodactylException;
|
||||
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||
use Pterodactyl\Contracts\Extensions\HashidsInterface;
|
||||
use Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer;
|
||||
use Pterodactyl\Contracts\Repository\SubuserRepositoryInterface;
|
||||
|
||||
class SubuserBelongsToServerTest extends MiddlewareTestCase
|
||||
{
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Extensions\HashidsInterface|\Mockery\Mock
|
||||
*/
|
||||
private $hashids;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Contracts\Repository\SubuserRepositoryInterface|\Mockery\Mock
|
||||
*/
|
||||
private $repository;
|
||||
|
||||
/**
|
||||
* Setup tests.
|
||||
*/
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
$this->hashids = m::mock(HashidsInterface::class);
|
||||
$this->repository = m::mock(SubuserRepositoryInterface::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test a successful middleware instance.
|
||||
*/
|
||||
public function testSuccessfulMiddleware()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make([
|
||||
'server_id' => $model->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser);
|
||||
|
||||
$this->request->shouldReceive('method')->withNoArgs()->once()->andReturn('GET');
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('subuser');
|
||||
$this->assertRequestAttributeEquals($subuser, 'subuser');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that a user can edit a user other than themselves.
|
||||
*/
|
||||
public function testSuccessfulMiddlewareWhenPatchRequest()
|
||||
{
|
||||
$this->setRequestUser();
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make([
|
||||
'server_id' => $model->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser);
|
||||
|
||||
$this->request->shouldReceive('method')->withNoArgs()->once()->andReturn('PATCH');
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('subuser');
|
||||
$this->assertRequestAttributeEquals($subuser, 'subuser');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if a user attempts to edit themself.
|
||||
*/
|
||||
public function testExceptionIsThrownIfUserTriesToEditSelf()
|
||||
{
|
||||
$user = $this->setRequestUser();
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make([
|
||||
'server_id' => $model->id,
|
||||
'user_id' => $user->id,
|
||||
]);
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser);
|
||||
|
||||
$this->request->shouldReceive('method')->withNoArgs()->once()->andReturn('PATCH');
|
||||
|
||||
try {
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
} catch (PterodactylException $exception) {
|
||||
$this->assertInstanceOf(DisplayException::class, $exception);
|
||||
$this->assertEquals(trans('exceptions.subusers.editing_self'), $exception->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if a subuser server does not match the
|
||||
* request server.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfSubuserServerDoesNotMatchRequestServer()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturn($subuser);
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an exception is thrown if no subuser is found.
|
||||
*
|
||||
* @expectedException \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function testExceptionIsThrownIfNoSubuserIsFound()
|
||||
{
|
||||
$model = factory(Server::class)->make();
|
||||
$subuser = factory(Subuser::class)->make();
|
||||
$this->setRequestAttribute('server', $model);
|
||||
|
||||
$this->request->shouldReceive('route->parameter')->with('subuser', 0)->once()->andReturn('abc123');
|
||||
$this->hashids->shouldReceive('decodeFirst')->with('abc123', 0)->once()->andReturn($subuser->id);
|
||||
$this->repository->shouldReceive('find')->with($subuser->id)->once()->andReturnNull();
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an instance of the middleware using mocked dependencies.
|
||||
*
|
||||
* @return \Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer
|
||||
*/
|
||||
private function getMiddleware(): SubuserBelongsToServer
|
||||
{
|
||||
return new SubuserBelongsToServer($this->hashids, $this->repository);
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue