tests/Integration/Api/Application/ApplicationApiIntegrationTestCase.php

<?php

namespace App\Tests\Integration\Api\Application;

use App\Models\Allocation;
use Illuminate\Http\Request;
use App\Models\User;
use PHPUnit\Framework\Assert;
use App\Models\ApiKey;
use App\Models\Database;
use App\Models\DatabaseHost;
use App\Models\Egg;
use App\Models\Mount;
use App\Models\Node;
use App\Models\Server;
use App\Models\Role;
use App\Services\Acl\Api\AdminAcl;
use App\Tests\Integration\IntegrationTestCase;
use App\Tests\Traits\Integration\CreatesTestModels;
use App\Transformers\Api\Application\BaseTransformer;
use App\Transformers\Api\Client\BaseClientTransformer;
use App\Tests\Traits\Http\IntegrationJsonRequestAssertions;

abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
{
    use CreatesTestModels;
    use IntegrationJsonRequestAssertions;

    private ApiKey $key;

    private User $user;

    /**
     * Bootstrap application API tests. Creates a default admin user and associated API key
     * and also sets some default headers required for accessing the API.
     */
    protected function setUp(): void
    {
        parent::setUp();

        $this->user = $this->createApiUser();
        $this->key = $this->createApiKey($this->user);

        $this
            ->withHeader('Accept', 'application/vnd.panel.v1+json')
            ->withHeader('Authorization', 'Bearer ' . $this->key->identifier . $this->key->token);
    }

    public function getApiUser(): User
    {
        return $this->user;
    }

    public function getApiKey(): ApiKey
    {
        return $this->key;
    }

    /**
     * Creates a new default API key and refreshes the headers using it.
     */
    protected function createNewDefaultApiKey(User $user, array $permissions = []): ApiKey
    {
        $this->key = $this->createApiKey($user, $permissions);

        $this->withHeader('Authorization', 'Bearer ' . $this->key->identifier . $this->key->token);

        return $this->key;
    }

    /**
     * Create an administrative user.
     */
    protected function createApiUser(): User
    {
        $user = User::factory()->create();
        $user->syncRoles(Role::getRootAdmin());

        return $user;
    }

    /**
     * Create a new application API key for a given user model.
     */
    protected function createApiKey(User $user, array $permissions = []): ApiKey
    {
        return ApiKey::factory()->create([
            'user_id' => $user->id,
            'key_type' => ApiKey::TYPE_APPLICATION,
            'permissions' => array_merge([
                Server::RESOURCE_NAME => AdminAcl::READ | AdminAcl::WRITE,
                Node::RESOURCE_NAME => AdminAcl::READ | AdminAcl::WRITE,
                Allocation::RESOURCE_NAME => AdminAcl::READ | AdminAcl::WRITE,
                User::RESOURCE_NAME => AdminAcl::READ | AdminAcl::WRITE,
                Egg::RESOURCE_NAME => AdminAcl::READ | AdminAcl::WRITE,
                DatabaseHost::RESOURCE_NAME => AdminAcl::READ | AdminAcl::WRITE,
                Database::RESOURCE_NAME => AdminAcl::READ | AdminAcl::WRITE,
                Mount::RESOURCE_NAME => AdminAcl::READ | AdminAcl::WRITE,
                Role::RESOURCE_NAME => AdminAcl::READ | AdminAcl::WRITE,
            ], $permissions),
        ]);
    }

    /**
     * Return a transformer that can be used for testing purposes.
     */
    protected function getTransformer(string $abstract): BaseTransformer
    {
        $request = Request::createFromGlobals();
        $request->setUserResolver(function () {
            return $this->getApiKey()->user;
        });

        $transformer = $abstract::fromRequest($request);

        Assert::assertInstanceOf(BaseTransformer::class, $transformer);
        Assert::assertNotInstanceOf(BaseClientTransformer::class, $transformer);

        return $transformer;
    }
}
First go at integration tests 2018-03-04 16:30:16 -06:00			`<?php`

Switch namespace back to App 2024-03-12 22:39:16 -04:00			`namespace App\Tests\Integration\Api\Application;`
First go at integration tests 2018-03-04 16:30:16 -06:00
Refactor api key permissions (#361) * use RESOURCE_NAME for requests * use RESOURCE_NAME for transformers * add permissions field to api key * add migration for new permissions field * update tests * remove debug log * set column type to "json" * remove default attribute to fix tests * fix default value for permissions * fix after merge * fix after merge * allow to "register" custom permissions * add "role" to default resource names * fix after merge * fix phpstan * fix migrations 2024-11-06 09:09:10 +01:00			`use App\Models\Allocation;`
Update transformers and controllers to no longer pull an API key attribute 2022-05-22 15:37:39 -04:00			`use Illuminate\Http\Request;`
Switch namespace back to App 2024-03-12 22:39:16 -04:00			`use App\Models\User;`
First go at integration tests 2018-03-04 16:30:16 -06:00			`use PHPUnit\Framework\Assert;`
Switch namespace back to App 2024-03-12 22:39:16 -04:00			`use App\Models\ApiKey;`
Refactor api key permissions (#361) * use RESOURCE_NAME for requests * use RESOURCE_NAME for transformers * add permissions field to api key * add migration for new permissions field * update tests * remove debug log * set column type to "json" * remove default attribute to fix tests * fix default value for permissions * fix after merge * fix after merge * allow to "register" custom permissions * add "role" to default resource names * fix after merge * fix phpstan * fix migrations 2024-11-06 09:09:10 +01:00			`use App\Models\Database;`
			`use App\Models\DatabaseHost;`
			`use App\Models\Egg;`
			`use App\Models\Mount;`
			`use App\Models\Node;`
			`use App\Models\Server;`
Admin Roles (#502) * add spatie/permissions * add policies * add role resource * add root admin role handling * replace some "root_admin" with function * add model specific permissions * make permission selection nicer * fix user creation * fix tests * add back subuser checks in server policy * add custom model for role * assign new users to role if root_admin is set * add api for roles * fix phpstan * add permissions for settings page * remove "restore" and "forceDelete" permissions * add user count to list * prevent deletion if role has users * update user list * fix server policy * remove old `root_admin` column * small refactor * fix tests * forgot can checks here * forgot use * disable editing own roles & disable assigning root admin * don't allow to rename root admin role * remove php bombing exception handler * fix role assignment when creating a user * fix disableOptionWhen * fix missing `root_admin` attribute on react frontend * add permission check for bulk delete * rename viewAny to viewList * improve canAccessPanel check * fix admin not displaying for non-root admins * make sure non root admins can't edit root admins * fix import * fix settings page permission check * fix server permissions for non-subusers * fix settings page permission check v2 * small cleanup * cleanup config file * move consts from resouce into enum & model * Update database/migrations/2024_08_01_114538_remove_root_admin_column.php Co-authored-by: Lance Pioch <lancepioch@gmail.com> * fix config * fix phpstan * fix phpstan 2.0 --------- Co-authored-by: Lance Pioch <lancepioch@gmail.com> 2024-09-21 12:27:41 +02:00			`use App\Models\Role;`
Switch namespace back to App 2024-03-12 22:39:16 -04:00			`use App\Services\Acl\Api\AdminAcl;`
			`use App\Tests\Integration\IntegrationTestCase;`
			`use App\Tests\Traits\Integration\CreatesTestModels;`
			`use App\Transformers\Api\Application\BaseTransformer;`
			`use App\Transformers\Api\Client\BaseClientTransformer;`
			`use App\Tests\Traits\Http\IntegrationJsonRequestAssertions;`
First go at integration tests 2018-03-04 16:30:16 -06:00
			`abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase`
			`{`
Use more standardized phpcs 2021-01-23 12:33:34 -08:00			`use CreatesTestModels;`
			`use IntegrationJsonRequestAssertions;`
First go at integration tests 2018-03-04 16:30:16 -06:00
Upgrade to Laravel 9 (#4413) Co-authored-by: DaneEveritt <dane@daneeveritt.com> 2022-10-14 10:59:20 -06:00			`private ApiKey $key;`
First go at integration tests 2018-03-04 16:30:16 -06:00
Upgrade to Laravel 9 (#4413) Co-authored-by: DaneEveritt <dane@daneeveritt.com> 2022-10-14 10:59:20 -06:00			`private User $user;`
First go at integration tests 2018-03-04 16:30:16 -06:00
			`/**`
			`* Bootstrap application API tests. Creates a default admin user and associated API key`
			`* and also sets some default headers required for accessing the API.`
			`*/`
Fix tests visibility 2024-03-19 21:09:16 -04:00			`protected function setUp(): void`
First go at integration tests 2018-03-04 16:30:16 -06:00			`{`
			`parent::setUp();`

			`$this->user = $this->createApiUser();`
			`$this->key = $this->createApiKey($this->user);`

Ensure tokens are found in the database using the expected logic 2022-05-22 16:05:58 -04:00			`$this`
Switch namespace back to App 2024-03-12 22:39:16 -04:00			`->withHeader('Accept', 'application/vnd.panel.v1+json')`
replace encrypt/ decrypt with encrypted casting 2024-05-28 15:24:20 +02:00			`->withHeader('Authorization', 'Bearer ' . $this->key->identifier . $this->key->token);`
First go at integration tests 2018-03-04 16:30:16 -06:00			`}`

			`public function getApiUser(): User`
			`{`
			`return $this->user;`
			`}`

			`public function getApiKey(): ApiKey`
			`{`
			`return $this->key;`
			`}`

			`/**`
			`* Creates a new default API key and refreshes the headers using it.`
			`*/`
			`protected function createNewDefaultApiKey(User $user, array $permissions = []): ApiKey`
			`{`
			`$this->key = $this->createApiKey($user, $permissions);`

replace encrypt/ decrypt with encrypted casting 2024-05-28 15:24:20 +02:00			`$this->withHeader('Authorization', 'Bearer ' . $this->key->identifier . $this->key->token);`
First go at integration tests 2018-03-04 16:30:16 -06:00
Ensure tokens are found in the database using the expected logic 2022-05-22 16:05:58 -04:00			`return $this->key;`
First go at integration tests 2018-03-04 16:30:16 -06:00			`}`

			`/**`
			`* Create an administrative user.`
			`*/`
			`protected function createApiUser(): User`
			`{`
Admin Roles (#502) * add spatie/permissions * add policies * add role resource * add root admin role handling * replace some "root_admin" with function * add model specific permissions * make permission selection nicer * fix user creation * fix tests * add back subuser checks in server policy * add custom model for role * assign new users to role if root_admin is set * add api for roles * fix phpstan * add permissions for settings page * remove "restore" and "forceDelete" permissions * add user count to list * prevent deletion if role has users * update user list * fix server policy * remove old `root_admin` column * small refactor * fix tests * forgot can checks here * forgot use * disable editing own roles & disable assigning root admin * don't allow to rename root admin role * remove php bombing exception handler * fix role assignment when creating a user * fix disableOptionWhen * fix missing `root_admin` attribute on react frontend * add permission check for bulk delete * rename viewAny to viewList * improve canAccessPanel check * fix admin not displaying for non-root admins * make sure non root admins can't edit root admins * fix import * fix settings page permission check * fix server permissions for non-subusers * fix settings page permission check v2 * small cleanup * cleanup config file * move consts from resouce into enum & model * Update database/migrations/2024_08_01_114538_remove_root_admin_column.php Co-authored-by: Lance Pioch <lancepioch@gmail.com> * fix config * fix phpstan * fix phpstan 2.0 --------- Co-authored-by: Lance Pioch <lancepioch@gmail.com> 2024-09-21 12:27:41 +02:00			`$user = User::factory()->create();`
			`$user->syncRoles(Role::getRootAdmin());`

			`return $user;`
First go at integration tests 2018-03-04 16:30:16 -06:00			`}`

			`/**`
			`* Create a new application API key for a given user model.`
			`*/`
			`protected function createApiKey(User $user, array $permissions = []): ApiKey`
			`{`
Refactor api key permissions (#361) * use RESOURCE_NAME for requests * use RESOURCE_NAME for transformers * add permissions field to api key * add migration for new permissions field * update tests * remove debug log * set column type to "json" * remove default attribute to fix tests * fix default value for permissions * fix after merge * fix after merge * allow to "register" custom permissions * add "role" to default resource names * fix after merge * fix phpstan * fix migrations 2024-11-06 09:09:10 +01:00			`return ApiKey::factory()->create([`
First go at integration tests 2018-03-04 16:30:16 -06:00			`'user_id' => $user->id,`
			`'key_type' => ApiKey::TYPE_APPLICATION,`
Refactor api key permissions (#361) * use RESOURCE_NAME for requests * use RESOURCE_NAME for transformers * add permissions field to api key * add migration for new permissions field * update tests * remove debug log * set column type to "json" * remove default attribute to fix tests * fix default value for permissions * fix after merge * fix after merge * allow to "register" custom permissions * add "role" to default resource names * fix after merge * fix phpstan * fix migrations 2024-11-06 09:09:10 +01:00			`'permissions' => array_merge([`
			`Server::RESOURCE_NAME => AdminAcl::READ \| AdminAcl::WRITE,`
			`Node::RESOURCE_NAME => AdminAcl::READ \| AdminAcl::WRITE,`
			`Allocation::RESOURCE_NAME => AdminAcl::READ \| AdminAcl::WRITE,`
			`User::RESOURCE_NAME => AdminAcl::READ \| AdminAcl::WRITE,`
			`Egg::RESOURCE_NAME => AdminAcl::READ \| AdminAcl::WRITE,`
			`DatabaseHost::RESOURCE_NAME => AdminAcl::READ \| AdminAcl::WRITE,`
			`Database::RESOURCE_NAME => AdminAcl::READ \| AdminAcl::WRITE,`
			`Mount::RESOURCE_NAME => AdminAcl::READ \| AdminAcl::WRITE,`
			`Role::RESOURCE_NAME => AdminAcl::READ \| AdminAcl::WRITE,`
			`], $permissions),`
			`]);`
First go at integration tests 2018-03-04 16:30:16 -06:00			`}`

			`/**`
			`* Return a transformer that can be used for testing purposes.`
			`*/`
			`protected function getTransformer(string $abstract): BaseTransformer`
			`{`
Update transformers and controllers to no longer pull an API key attribute 2022-05-22 15:37:39 -04:00			`$request = Request::createFromGlobals();`
			`$request->setUserResolver(function () {`
			`return $this->getApiKey()->user;`
			`});`

			`$transformer = $abstract::fromRequest($request);`
First go at integration tests 2018-03-04 16:30:16 -06:00
			`Assert::assertInstanceOf(BaseTransformer::class, $transformer);`
			`Assert::assertNotInstanceOf(BaseClientTransformer::class, $transformer);`

			`return $transformer;`
			`}`
			`}`