mirror of
https://github.com/pterodactyl/panel.git
synced 2024-11-25 10:32:31 +01:00
Add integration tests for remote user endpoint
This commit is contained in:
parent
e2aa01c9cc
commit
9905358bc3
@ -47,7 +47,7 @@ $factory->define(Pterodactyl\Models\User::class, function (Faker $faker) {
|
||||
|
||||
return [
|
||||
'id' => $faker->unique()->randomNumber(),
|
||||
'external_id' => null,
|
||||
'external_id' => $faker->unique()->isbn10,
|
||||
'uuid' => $faker->uuid,
|
||||
'username' => $faker->userName,
|
||||
'email' => $faker->safeEmail,
|
||||
|
@ -0,0 +1,80 @@
|
||||
<?php
|
||||
|
||||
namespace Pterodactyl\Tests\Integration\Api\Application\Users;
|
||||
|
||||
use Pterodactyl\Models\User;
|
||||
use Pterodactyl\Tests\Integration\Api\Application\ApplicationApiIntegrationTestCase;
|
||||
|
||||
class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase
|
||||
{
|
||||
/**
|
||||
* Test that a user can be retrieved by their external ID.
|
||||
*/
|
||||
public function testGetRemoteUser()
|
||||
{
|
||||
$user = factory(User::class)->create();
|
||||
|
||||
$response = $this->json('GET', '/api/application/users/external/' . $user->external_id);
|
||||
$response->assertStatus(200);
|
||||
$response->assertJsonCount(2);
|
||||
$response->assertJsonStructure([
|
||||
'object',
|
||||
'attributes' => [
|
||||
'id', 'external_id', 'uuid', 'username', 'email', 'first_name', 'last_name',
|
||||
'language', 'root_admin', '2fa', 'created_at', 'updated_at',
|
||||
],
|
||||
]);
|
||||
|
||||
$response->assertJson([
|
||||
'object' => 'user',
|
||||
'attributes' => [
|
||||
'id' => $user->id,
|
||||
'external_id' => $user->external_id,
|
||||
'uuid' => $user->uuid,
|
||||
'username' => $user->username,
|
||||
'email' => $user->email,
|
||||
'first_name' => $user->name_first,
|
||||
'last_name' => $user->name_last,
|
||||
'language' => $user->language,
|
||||
'root_admin' => (bool) $user->root_admin,
|
||||
'2fa' => (bool) $user->totp_enabled,
|
||||
'created_at' => $this->formatTimestamp($user->created_at),
|
||||
'updated_at' => $this->formatTimestamp($user->updated_at),
|
||||
],
|
||||
], true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an invalid external ID returns a 404 error.
|
||||
*/
|
||||
public function testGetMissingLocation()
|
||||
{
|
||||
$response = $this->json('GET', '/api/application/users/external/nil');
|
||||
$this->assertNotFoundJson($response);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an authentication error occurs if a key does not have permission
|
||||
* to access a resource.
|
||||
*/
|
||||
public function testErrorReturnedIfNoPermission()
|
||||
{
|
||||
$user = factory(User::class)->create();
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]);
|
||||
|
||||
$response = $this->json('GET', '/api/application/users/external/' . $user->external_id);
|
||||
$this->assertAccessDeniedJson($response);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that a users's existence is not exposed unless an API key has permission
|
||||
* to access the resource.
|
||||
*/
|
||||
public function testResourceIsNotExposedWithoutPermissions()
|
||||
{
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]);
|
||||
|
||||
$response = $this->json('GET', '/api/application/users/external/nil');
|
||||
$this->assertAccessDeniedJson($response);
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user