1
1
mirror of https://github.com/pterodactyl/panel.git synced 2024-11-25 18:42:31 +01:00

Add test cases for sending a command to a server

This commit is contained in:
Dane Everitt 2020-06-27 12:04:41 -07:00
parent 4cb95d8063
commit 8cfdb3acce
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
8 changed files with 160 additions and 46 deletions

View File

@ -3,8 +3,9 @@
namespace Pterodactyl\Http\Requests\Api\Client\Servers; namespace Pterodactyl\Http\Requests\Api\Client\Servers;
use Pterodactyl\Models\Permission; use Pterodactyl\Models\Permission;
use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
class SendCommandRequest extends GetServerRequest class SendCommandRequest extends ClientApiRequest
{ {
/** /**
* Determine if the API user has permission to perform this action. * Determine if the API user has permission to perform this action.

View File

@ -20,7 +20,7 @@ use Pterodactyl\Models\ApiKey;
$factory->define(Pterodactyl\Models\Server::class, function (Faker $faker) { $factory->define(Pterodactyl\Models\Server::class, function (Faker $faker) {
return [ return [
'uuid' => $faker->unique()->uuid, 'uuid' => Uuid::uuid4()->toString(),
'uuidShort' => str_random(8), 'uuidShort' => str_random(8),
'name' => $faker->firstName, 'name' => $faker->firstName,
'description' => implode(' ', $faker->sentences()), 'description' => implode(' ', $faker->sentences()),

View File

@ -6,20 +6,9 @@ use Mockery;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use Illuminate\Http\Response; use Illuminate\Http\Response;
use Illuminate\Auth\AuthManager; use Illuminate\Auth\AuthManager;
use Pterodactyl\Tests\Integration\IntegrationTestCase;
class AccountControllerTest extends IntegrationTestCase class AccountControllerTest extends ClientApiIntegrationTestCase
{ {
/**
* Clean up after running tests.
*/
protected function tearDown(): void
{
User::query()->forceDelete();
parent::tearDown();
}
/** /**
* Test that the user's account details are returned from the account endpoint. * Test that the user's account details are returned from the account endpoint.
*/ */

View File

@ -5,9 +5,8 @@ namespace Pterodactyl\Tests\Integration\Api\Client;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use Illuminate\Http\Response; use Illuminate\Http\Response;
use Pterodactyl\Models\ApiKey; use Pterodactyl\Models\ApiKey;
use Pterodactyl\Tests\Integration\IntegrationTestCase;
class ApiKeyControllerTest extends IntegrationTestCase class ApiKeyControllerTest extends ClientApiIntegrationTestCase
{ {
/** /**
* Cleanup after tests. * Cleanup after tests.
@ -15,7 +14,6 @@ class ApiKeyControllerTest extends IntegrationTestCase
protected function tearDown(): void protected function tearDown(): void
{ {
ApiKey::query()->forceDelete(); ApiKey::query()->forceDelete();
User::query()->forceDelete();
parent::tearDown(); parent::tearDown();
} }

View File

@ -0,0 +1,53 @@
<?php
namespace Pterodactyl\Tests\Integration\Api\Client;
use Pterodactyl\Models\Node;
use Pterodactyl\Models\User;
use Pterodactyl\Models\Server;
use Pterodactyl\Models\Subuser;
use Pterodactyl\Models\Location;
use Pterodactyl\Tests\Integration\IntegrationTestCase;
abstract class ClientApiIntegrationTestCase extends IntegrationTestCase
{
/**
* Cleanup after running tests.
*/
protected function tearDown(): void
{
Server::query()->forceDelete();
Node::query()->forceDelete();
Location::query()->forceDelete();
User::query()->forceDelete();
parent::tearDown();
}
/**
* Generates a user and a server for that user. If an array of permissions is passed it
* is assumed that the user is actually a subuser of the server.
*
* @param string[] $permissions
* @return array
*/
protected function generateTestAccount(array $permissions = []): array
{
/** @var \Pterodactyl\Models\User $user */
$user = factory(User::class)->create();
if (empty($permissions)) {
return [$user, $this->createServerModel(['user_id' => $user->id])];
}
$server = $this->createServerModel();
Subuser::query()->create([
'user_id' => $user->id,
'server_id' => $server->id,
'permissions' => $permissions,
]);
return [$user, $server];
}
}

View File

@ -2,29 +2,13 @@
namespace Pterodactyl\Tests\Integration\Api\Client; namespace Pterodactyl\Tests\Integration\Api\Client;
use Pterodactyl\Models\Node;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use Pterodactyl\Models\Server; use Pterodactyl\Models\Server;
use Pterodactyl\Models\Subuser; use Pterodactyl\Models\Subuser;
use Pterodactyl\Models\Location;
use Pterodactyl\Models\Permission; use Pterodactyl\Models\Permission;
use Pterodactyl\Tests\Integration\IntegrationTestCase;
class ClientControllerTest extends IntegrationTestCase class ClientControllerTest extends ClientApiIntegrationTestCase
{ {
/**
* Cleanup after tests are run.
*/
protected function tearDown(): void
{
Server::query()->forceDelete();
User::query()->forceDelete();
Node::query()->forceDelete();
Location::query()->forceDelete();
parent::tearDown();
}
/** /**
* Test that only the servers a logged in user is assigned to are returned by the * Test that only the servers a logged in user is assigned to are returned by the
* API endpoint. Obviously there are cases such as being an administrator or being * API endpoint. Obviously there are cases such as being an administrator or being

View File

@ -0,0 +1,100 @@
<?php
namespace Pterodactyl\Tests\Integration\Api\Client\Server;
use Mockery;
use GuzzleHttp\Psr7\Request;
use Illuminate\Http\Response;
use Pterodactyl\Models\Permission;
use GuzzleHttp\Exception\BadResponseException;
use GuzzleHttp\Psr7\Response as GuzzleResponse;
use Pterodactyl\Repositories\Wings\DaemonCommandRepository;
use Pterodactyl\Tests\Integration\Api\Client\ClientApiIntegrationTestCase;
class CommandControllerTest extends ClientApiIntegrationTestCase
{
/** @var \Mockery\MockInterface */
private $repository;
/**
* Setup tests.
*/
public function setUp(): void
{
parent::setUp();
$this->repository = Mockery::mock(DaemonCommandRepository::class);
$this->app->instance(DaemonCommandRepository::class, $this->repository);
}
/**
* Test that a validation error is returned if there is no command present in the
* request.
*/
public function testValidationErrorIsReturnedIfNoCommandIsPresent()
{
[$user, $server] = $this->generateTestAccount();
$response = $this->actingAs($user)->postJson("/api/client/servers/{$server->uuid}/command", [
'command' => '',
]);
$response->assertStatus(Response::HTTP_UNPROCESSABLE_ENTITY);
$response->assertJsonPath('errors.0.code', 'required');
}
/**
* Test that a subuser without the required permission receives an error when trying to
* execute the command.
*/
public function testSubuserWithoutPermissionReceivesError()
{
[$user, $server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
$response = $this->actingAs($user)->postJson("/api/client/servers/{$server->uuid}/command", [
'command' => 'say Test',
]);
$response->assertStatus(Response::HTTP_FORBIDDEN);
}
/**
* Test that a command can be sent to the server.
*/
public function testCommandCanSendToServer()
{
[$user, $server] = $this->generateTestAccount([Permission::ACTION_CONTROL_CONSOLE]);
$this->repository->expects('setServer')->with(Mockery::on(function ($value) use ($server) {
return $value->uuid === $server->uuid;
}))->andReturnSelf();
$this->repository->expects('send')->with('say Test')->andReturn(new GuzzleResponse);
$response = $this->actingAs($user)->postJson("/api/client/servers/{$server->uuid}/command", [
'command' => 'say Test',
]);
$response->assertStatus(Response::HTTP_NO_CONTENT);
}
/**
* Test that an error is returned when the server is offline that is more specific than the
* regular daemon connection error.
*/
public function testErrorIsReturnedWhenServerIsOffline()
{
[$user, $server] = $this->generateTestAccount();
$this->repository->expects('setServer->send')->andThrows(
new BadResponseException('', new Request('GET', 'test'), new GuzzleResponse(Response::HTTP_BAD_GATEWAY))
);
$response = $this->actingAs($user)->postJson("/api/client/servers/{$server->uuid}/command", [
'command' => 'say Test',
]);
$response->assertStatus(Response::HTTP_BAD_GATEWAY);
$response->assertJsonPath('errors.0.code', 'HttpException');
$response->assertJsonPath('errors.0.detail', 'Server must be online in order to send commands.');
}
}

View File

@ -6,20 +6,9 @@ use Carbon\Carbon;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use Illuminate\Http\Response; use Illuminate\Http\Response;
use PragmaRX\Google2FA\Google2FA; use PragmaRX\Google2FA\Google2FA;
use Pterodactyl\Tests\Integration\IntegrationTestCase;
class TwoFactorControllerTest extends IntegrationTestCase class TwoFactorControllerTest extends ClientApiIntegrationTestCase
{ {
/**
* Clean up after tests have run.
*/
protected function tearDown(): void
{
User::query()->forceDelete();
parent::tearDown();
}
/** /**
* Test that image data for enabling 2FA is returned by the endpoint and that the user * Test that image data for enabling 2FA is returned by the endpoint and that the user
* record in the database is updated as expected. * record in the database is updated as expected.