misc_pterodactyl-panel/tests/Unit/Http/Controllers/Base/APIControllerTest.php

<?php
/**
 * Pterodactyl - Panel
 * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
 *
 * This software is licensed under the terms of the MIT license.
 * https://opensource.org/licenses/MIT
 */

namespace Tests\Unit\Http\Controllers\Base;

use Mockery as m;
use Tests\TestCase;
use Illuminate\Http\Request;
use Pterodactyl\Models\User;
use Prologue\Alerts\AlertsMessageBag;
use Tests\Assertions\ControllerAssertionsTrait;
use Pterodactyl\Services\Api\KeyCreationService;
use Pterodactyl\Http\Controllers\Base\APIController;
use Pterodactyl\Http\Requests\Base\ApiKeyFormRequest;
use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;

class APIControllerTest extends TestCase
{
    use ControllerAssertionsTrait;

    /**
     * @var \Prologue\Alerts\AlertsMessageBag
     */
    protected $alert;

    /**
     * @var \Pterodactyl\Http\Controllers\Base\APIController
     */
    protected $controller;

    /**
     * @var \Pterodactyl\Services\Api\KeyCreationService
     */
    protected $keyService;

    /**
     * @var \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface
     */
    protected $repository;

    /**
     * @var \Illuminate\Http\Request
     */
    protected $request;

    /**
     * Setup tests.
     */
    public function setUp()
    {
        parent::setUp();

        $this->alert = m::mock(AlertsMessageBag::class);
        $this->keyService = m::mock(KeyCreationService::class);
        $this->repository = m::mock(ApiKeyRepositoryInterface::class);
        $this->request = m::mock(Request::class);

        $this->controller = new APIController($this->alert, $this->repository, $this->keyService);
    }

    /**
     * Test the index controller.
     */
    public function testIndexController()
    {
        $model = factory(User::class)->make();

        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturn($model);
        $this->repository->shouldReceive('findWhere')->with([['user_id', '=', $model->id]])->once()->andReturn(['testkeys']);

        $response = $this->controller->index($this->request);
        $this->assertIsViewResponse($response);
        $this->assertViewNameEquals('base.api.index', $response);
        $this->assertViewHasKey('keys', $response);
        $this->assertViewKeyEquals('keys', ['testkeys'], $response);
    }

    /**
     * Test the create API view controller.
     *
     * @dataProvider rootAdminDataProvider
     */
    public function testCreateController($admin)
    {
        $model = factory(User::class)->make(['root_admin' => $admin]);
        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturn($model);

        $response = $this->controller->create($this->request);
        $this->assertIsViewResponse($response);
        $this->assertViewNameEquals('base.api.new', $response);
        $this->assertViewHasKey('permissions.user', $response);
        $this->assertViewHasKey('permissions.admin', $response);

        if ($admin) {
            $this->assertViewKeyNotEquals('permissions.admin', null, $response);
        } else {
            $this->assertViewKeyEquals('permissions.admin', null, $response);
        }
    }

    /**
     * Test the store functionality for a non-admin user.
     *
     * @dataProvider rootAdminDataProvider
     */
    public function testStoreController($admin)
    {
        $this->request = m::mock(ApiKeyFormRequest::class);
        $model = factory(User::class)->make(['root_admin' => $admin]);

        if ($admin) {
            $this->request->shouldReceive('input')->with('admin_permissions', [])->once()->andReturn(['admin.permission']);
        }

        $this->request->shouldReceive('user')->withNoArgs()->andReturn($model);
        $this->request->shouldReceive('input')->with('allowed_ips')->once()->andReturnNull();
        $this->request->shouldReceive('input')->with('memo')->once()->andReturnNull();
        $this->request->shouldReceive('input')->with('permissions', [])->once()->andReturn(['test.permission']);

        $this->keyService->shouldReceive('handle')->with([
            'user_id' => $model->id,
            'allowed_ips' => null,
            'memo' => null,
        ], ['test.permission'], ($admin) ? ['admin.permission'] : [])->once()->andReturn('testToken');

        $this->alert->shouldReceive('success')->with(trans('base.api.index.keypair_created', ['token' => 'testToken']))->once()->andReturnSelf()
            ->shouldReceive('flash')->withNoArgs()->once()->andReturnNull();

        $response = $this->controller->store($this->request);
        $this->assertIsRedirectResponse($response);
        $this->assertRedirectRouteEquals('account.api', $response);
    }

    /**
     * Test the API key revocation controller.
     */
    public function testRevokeController()
    {
        $model = factory(User::class)->make();
        $this->request->shouldReceive('user')->withNoArgs()->once()->andReturn($model);

        $this->repository->shouldReceive('deleteWhere')->with([
            ['user_id', '=', $model->id],
            ['public', '=', 'testKey123'],
        ])->once()->andReturnNull();

        $response = $this->controller->revoke($this->request, 'testKey123');
        $this->assertIsResponse($response);
        $this->assertEmpty($response->getContent());
        $this->assertResponseCodeEquals(204, $response);
    }

    /**
     * Data provider to determine if a user is a root admin.
     *
     * @return array
     */
    public function rootAdminDataProvider()
    {
        return [[0], [1]];
    }
}