mirror of
https://github.com/pelican-dev/panel.git
synced 2026-05-04 18:00:48 +03:00
Lance Pioch
@@ -38,7 +38,7 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
|
||||
|
||||
$this
|
||||
->withHeader('Accept', 'application/vnd.panel.v1+json')
|
||||
->withHeader('Authorization', 'Bearer '.$this->key->identifier.$this->key->token);
|
||||
->withHeader('Authorization', 'Bearer ' . $this->key->identifier . $this->key->token);
|
||||
}
|
||||
|
||||
public function getApiUser(): User
|
||||
@@ -58,7 +58,7 @@ abstract class ApplicationApiIntegrationTestCase extends IntegrationTestCase
|
||||
{
|
||||
$this->key = $this->createApiKey($user, $permissions);
|
||||
|
||||
$this->withHeader('Authorization', 'Bearer '.$this->key->identifier.$this->key->token);
|
||||
$this->withHeader('Authorization', 'Bearer ' . $this->key->identifier . $this->key->token);
|
||||
|
||||
return $this->key;
|
||||
}
|
||||
|
||||
@@ -48,7 +48,7 @@ class EggControllerTest extends ApplicationApiIntegrationTestCase
|
||||
$this->assertSame(
|
||||
$expected,
|
||||
$actual,
|
||||
'Unable to find JSON fragment: '.PHP_EOL.PHP_EOL."[$expected]".PHP_EOL.PHP_EOL.'within'.PHP_EOL.PHP_EOL."[$actual]."
|
||||
'Unable to find JSON fragment: ' . PHP_EOL . PHP_EOL . "[$expected]" . PHP_EOL . PHP_EOL . 'within' . PHP_EOL . PHP_EOL . "[$actual]."
|
||||
);
|
||||
}
|
||||
}
|
||||
@@ -60,7 +60,7 @@ class EggControllerTest extends ApplicationApiIntegrationTestCase
|
||||
{
|
||||
$egg = Egg::query()->findOrFail(1);
|
||||
|
||||
$response = $this->getJson('/api/application/eggs/'.$egg->id);
|
||||
$response = $this->getJson('/api/application/eggs/' . $egg->id);
|
||||
$response->assertStatus(Response::HTTP_OK);
|
||||
$response->assertJsonStructure([
|
||||
'object',
|
||||
@@ -82,7 +82,7 @@ class EggControllerTest extends ApplicationApiIntegrationTestCase
|
||||
{
|
||||
$egg = Egg::query()->findOrFail(1);
|
||||
|
||||
$response = $this->getJson('/api/application/eggs/'.$egg->id.'?include=servers,variables');
|
||||
$response = $this->getJson('/api/application/eggs/' . $egg->id . '?include=servers,variables');
|
||||
$response->assertStatus(Response::HTTP_OK);
|
||||
$response->assertJsonStructure([
|
||||
'object',
|
||||
|
||||
@@ -16,7 +16,7 @@ class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase
|
||||
{
|
||||
$user = User::factory()->create(['external_id' => Str::random()]);
|
||||
|
||||
$response = $this->getJson('/api/application/users/external/'.$user->external_id);
|
||||
$response = $this->getJson('/api/application/users/external/' . $user->external_id);
|
||||
$response->assertStatus(Response::HTTP_OK);
|
||||
$response->assertJsonCount(2);
|
||||
$response->assertJsonStructure([
|
||||
@@ -64,7 +64,7 @@ class ExternalUserControllerTest extends ApplicationApiIntegrationTestCase
|
||||
$user = User::factory()->create(['external_id' => Str::random()]);
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/users/external/'.$user->external_id);
|
||||
$response = $this->getJson('/api/application/users/external/' . $user->external_id);
|
||||
$this->assertAccessDeniedJson($response);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -89,7 +89,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
||||
{
|
||||
$user = User::factory()->create();
|
||||
|
||||
$response = $this->getJson('/api/application/users/'.$user->id);
|
||||
$response = $this->getJson('/api/application/users/' . $user->id);
|
||||
$response->assertStatus(Response::HTTP_OK);
|
||||
$response->assertJsonCount(2);
|
||||
$response->assertJsonStructure([
|
||||
@@ -124,7 +124,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
||||
$user = User::factory()->create();
|
||||
$server = $this->createServerModel(['user_id' => $user->id]);
|
||||
|
||||
$response = $this->getJson('/api/application/users/'.$user->id.'?include=servers');
|
||||
$response = $this->getJson('/api/application/users/' . $user->id . '?include=servers');
|
||||
$response->assertStatus(Response::HTTP_OK);
|
||||
$response->assertJsonCount(2);
|
||||
$response->assertJsonStructure([
|
||||
@@ -157,7 +157,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
||||
$user = User::factory()->create();
|
||||
$this->createServerModel(['user_id' => $user->id]);
|
||||
|
||||
$response = $this->getJson('/api/application/users/'.$user->id.'?include=servers');
|
||||
$response = $this->getJson('/api/application/users/' . $user->id . '?include=servers');
|
||||
$response->assertStatus(Response::HTTP_OK);
|
||||
$response->assertJsonCount(2)->assertJsonCount(1, 'attributes.relationships');
|
||||
$response->assertJsonStructure([
|
||||
@@ -199,7 +199,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
||||
$user = User::factory()->create();
|
||||
$this->createNewDefaultApiKey($this->getApiUser(), ['r_users' => 0]);
|
||||
|
||||
$response = $this->getJson('/api/application/users/'.$user->id);
|
||||
$response = $this->getJson('/api/application/users/' . $user->id);
|
||||
$this->assertAccessDeniedJson($response);
|
||||
}
|
||||
|
||||
@@ -242,7 +242,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
||||
{
|
||||
$user = User::factory()->create();
|
||||
|
||||
$response = $this->patchJson('/api/application/users/'.$user->id, [
|
||||
$response = $this->patchJson('/api/application/users/' . $user->id, [
|
||||
'username' => 'new.test.name',
|
||||
'email' => 'new@emailtest.com',
|
||||
'first_name' => $user->name_first,
|
||||
@@ -272,7 +272,7 @@ class UserControllerTest extends ApplicationApiIntegrationTestCase
|
||||
$user = User::factory()->create();
|
||||
$this->assertDatabaseHas('users', ['id' => $user->id]);
|
||||
|
||||
$response = $this->delete('/api/application/users/'.$user->id);
|
||||
$response = $this->delete('/api/application/users/' . $user->id);
|
||||
$response->assertStatus(Response::HTTP_NO_CONTENT);
|
||||
|
||||
$this->assertDatabaseMissing('users', ['id' => $user->id]);
|
||||
|
||||
@@ -28,7 +28,7 @@ class AccountControllerTest extends ClientApiIntegrationTestCase
|
||||
'first_name' => $user->name_first,
|
||||
'last_name' => $user->name_last,
|
||||
'language' => 'en',
|
||||
'image' => 'https://gravatar.com/avatar/'.md5(Str::lower($user->email)),
|
||||
'image' => 'https://gravatar.com/avatar/' . md5(Str::lower($user->email)),
|
||||
'admin' => false,
|
||||
'root_admin' => false,
|
||||
'2fa_enabled' => false,
|
||||
@@ -47,7 +47,7 @@ class AccountControllerTest extends ClientApiIntegrationTestCase
|
||||
$user = User::factory()->create();
|
||||
|
||||
$response = $this->actingAs($user)->putJson('/api/client/account/email', [
|
||||
'email' => $email = Str::random().'@example.com',
|
||||
'email' => $email = Str::random() . '@example.com',
|
||||
'password' => 'password',
|
||||
]);
|
||||
|
||||
|
||||
@@ -83,7 +83,7 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
|
||||
{
|
||||
$ips = [];
|
||||
for ($i = 0; $i < 100; $i++) {
|
||||
$ips[] = '127.0.0.'.$i;
|
||||
$ips[] = '127.0.0.' . $i;
|
||||
}
|
||||
|
||||
$this->actingAs(User::factory()->create())
|
||||
@@ -162,7 +162,7 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
|
||||
'key_type' => ApiKey::TYPE_ACCOUNT,
|
||||
]);
|
||||
|
||||
$response = $this->actingAs($user)->delete('/api/client/account/api-keys/'.$key->identifier);
|
||||
$response = $this->actingAs($user)->delete('/api/client/account/api-keys/' . $key->identifier);
|
||||
$response->assertStatus(Response::HTTP_NO_CONTENT);
|
||||
|
||||
$this->assertDatabaseMissing('api_keys', ['id' => $key->id]);
|
||||
@@ -205,7 +205,7 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
|
||||
]);
|
||||
|
||||
$this->actingAs($user)
|
||||
->deleteJson('/api/client/account/api-keys/'.$key->identifier)
|
||||
->deleteJson('/api/client/account/api-keys/' . $key->identifier)
|
||||
->assertNotFound();
|
||||
|
||||
$this->assertDatabaseHas('api_keys', ['id' => $key->id]);
|
||||
@@ -226,7 +226,7 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
|
||||
]);
|
||||
|
||||
$this->actingAs($user)
|
||||
->deleteJson('/api/client/account/api-keys/'.$key->identifier)
|
||||
->deleteJson('/api/client/account/api-keys/' . $key->identifier)
|
||||
->assertNotFound();
|
||||
|
||||
$this->assertDatabaseHas('api_keys', ['id' => $key->id]);
|
||||
|
||||
@@ -69,7 +69,7 @@ abstract class ClientApiIntegrationTestCase extends IntegrationTestCase
|
||||
throw new \InvalidArgumentException(sprintf('Cannot create link for Model of type %s', class_basename($model)));
|
||||
}
|
||||
|
||||
return $link.($append ? '/'.ltrim($append, '/') : '');
|
||||
return $link . ($append ? '/' . ltrim($append, '/') : '');
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -298,7 +298,7 @@ class ClientControllerTest extends ClientApiIntegrationTestCase
|
||||
$this->createServerModel(['user_id' => $users[1]->id]);
|
||||
$this->createServerModel(['user_id' => $users[2]->id]);
|
||||
|
||||
$response = $this->actingAs($users[0])->getJson('/api/client?type='.$type);
|
||||
$response = $this->actingAs($users[0])->getJson('/api/client?type=' . $type);
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertJsonCount(0, 'data');
|
||||
|
||||
@@ -30,20 +30,20 @@ class AllocationAuthorizationTest extends ClientApiIntegrationTestCase
|
||||
|
||||
// This is the only valid call for this test, accessing the allocation for the same
|
||||
// server that the API user is the owner of.
|
||||
$response = $this->actingAs($user)->json($method, $this->link($server1, '/network/allocations/'.$allocation1->id.$endpoint));
|
||||
$response = $this->actingAs($user)->json($method, $this->link($server1, '/network/allocations/' . $allocation1->id . $endpoint));
|
||||
$this->assertTrue($response->status() <= 204 || $response->status() === 400 || $response->status() === 422);
|
||||
|
||||
// This request fails because the allocation is valid for that server but the user
|
||||
// making the request is not authorized to perform that action.
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/network/allocations/'.$allocation2->id.$endpoint))->assertForbidden();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/network/allocations/' . $allocation2->id . $endpoint))->assertForbidden();
|
||||
|
||||
// Both of these should report a 404 error due to the allocations being linked to
|
||||
// servers that are not the same as the server in the request, or are assigned
|
||||
// to a server for which the user making the request has no access to.
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/network/allocations/'.$allocation2->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/network/allocations/'.$allocation3->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/network/allocations/'.$allocation3->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/network/allocations/'.$allocation3->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/network/allocations/' . $allocation2->id . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/network/allocations/' . $allocation3->id . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/network/allocations/' . $allocation3->id . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/network/allocations/' . $allocation3->id . $endpoint))->assertNotFound();
|
||||
}
|
||||
|
||||
public static function methodDataProvider(): array
|
||||
|
||||
@@ -38,20 +38,20 @@ class BackupAuthorizationTest extends ClientApiIntegrationTestCase
|
||||
|
||||
// This is the only valid call for this test, accessing the backup for the same
|
||||
// server that the API user is the owner of.
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/backups/'.$backup1->uuid.$endpoint))
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/backups/' . $backup1->uuid . $endpoint))
|
||||
->assertStatus($method === 'DELETE' ? 204 : 200);
|
||||
|
||||
// This request fails because the backup is valid for that server but the user
|
||||
// making the request is not authorized to perform that action.
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/backups/'.$backup2->uuid.$endpoint))->assertForbidden();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/backups/' . $backup2->uuid . $endpoint))->assertForbidden();
|
||||
|
||||
// Both of these should report a 404 error due to the backup being linked to
|
||||
// servers that are not the same as the server in the request, or are assigned
|
||||
// to a server for which the user making the request has no access to.
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/backups/'.$backup2->uuid.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/backups/'.$backup3->uuid.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/backups/'.$backup3->uuid.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/backups/'.$backup3->uuid.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/backups/' . $backup2->uuid . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/backups/' . $backup3->uuid . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/backups/' . $backup3->uuid . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/backups/' . $backup3->uuid . $endpoint))->assertNotFound();
|
||||
}
|
||||
|
||||
public static function methodDataProvider(): array
|
||||
|
||||
@@ -40,20 +40,20 @@ class DatabaseAuthorizationTest extends ClientApiIntegrationTestCase
|
||||
|
||||
// This is the only valid call for this test, accessing the database for the same
|
||||
// server that the API user is the owner of.
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/databases/'.$database1->id.$endpoint))
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/databases/' . $database1->id . $endpoint))
|
||||
->assertStatus($method === 'DELETE' ? 204 : 200);
|
||||
|
||||
// This request fails because the database is valid for that server but the user
|
||||
// making the request is not authorized to perform that action.
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/databases/'.$database2->id.$endpoint))->assertForbidden();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/databases/' . $database2->id . $endpoint))->assertForbidden();
|
||||
|
||||
// Both of these should report a 404 error due to the database being linked to
|
||||
// servers that are not the same as the server in the request, or are assigned
|
||||
// to a server for which the user making the request has no access to.
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/databases/'.$database2->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/databases/'.$database3->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/databases/'.$database3->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/databases/'.$database3->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/databases/' . $database2->id . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/databases/' . $database3->id . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/databases/' . $database3->id . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/databases/' . $database3->id . $endpoint))->assertNotFound();
|
||||
}
|
||||
|
||||
public static function methodDataProvider(): array
|
||||
|
||||
@@ -47,13 +47,13 @@ class GetServerSchedulesTest extends ClientApiIntegrationTestCase
|
||||
$response->assertJsonCount(1, 'data');
|
||||
}
|
||||
|
||||
$response->assertJsonCount(1, $prefix.'attributes.relationships.tasks.data');
|
||||
$response->assertJsonCount(1, $prefix . 'attributes.relationships.tasks.data');
|
||||
|
||||
$response->assertJsonPath($prefix.'object', Schedule::RESOURCE_NAME);
|
||||
$response->assertJsonPath($prefix.'attributes.relationships.tasks.data.0.object', Task::RESOURCE_NAME);
|
||||
$response->assertJsonPath($prefix . 'object', Schedule::RESOURCE_NAME);
|
||||
$response->assertJsonPath($prefix . 'attributes.relationships.tasks.data.0.object', Task::RESOURCE_NAME);
|
||||
|
||||
$this->assertJsonTransformedWith($response->json($prefix.'attributes'), $schedule);
|
||||
$this->assertJsonTransformedWith($response->json($prefix.'attributes.relationships.tasks.data.0.attributes'), $task);
|
||||
$this->assertJsonTransformedWith($response->json($prefix . 'attributes'), $schedule);
|
||||
$this->assertJsonTransformedWith($response->json($prefix . 'attributes.relationships.tasks.data.0.attributes'), $task);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -38,20 +38,20 @@ class ScheduleAuthorizationTest extends ClientApiIntegrationTestCase
|
||||
|
||||
// This is the only valid call for this test, accessing the schedule for the same
|
||||
// server that the API user is the owner of.
|
||||
$response = $this->actingAs($user)->json($method, $this->link($server1, '/schedules/'.$schedule1->id.$endpoint));
|
||||
$response = $this->actingAs($user)->json($method, $this->link($server1, '/schedules/' . $schedule1->id . $endpoint));
|
||||
$this->assertTrue($response->status() <= 204 || $response->status() === 400 || $response->status() === 422);
|
||||
|
||||
// This request fails because the schedule is valid for that server but the user
|
||||
// making the request is not authorized to perform that action.
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/schedules/'.$schedule2->id.$endpoint))->assertForbidden();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/schedules/' . $schedule2->id . $endpoint))->assertForbidden();
|
||||
|
||||
// Both of these should report a 404 error due to the schedules being linked to
|
||||
// servers that are not the same as the server in the request, or are assigned
|
||||
// to a server for which the user making the request has no access to.
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/schedules/'.$schedule2->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/schedules/'.$schedule3->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/schedules/'.$schedule3->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/schedules/'.$schedule3->id.$endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/schedules/' . $schedule2->id . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/schedules/' . $schedule3->id . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/schedules/' . $schedule3->id . $endpoint))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/schedules/' . $schedule3->id . $endpoint))->assertNotFound();
|
||||
}
|
||||
|
||||
public static function methodDataProvider(): array
|
||||
|
||||
@@ -33,7 +33,7 @@ class GetStartupAndVariablesTest extends ClientApiIntegrationTestCase
|
||||
])->save();
|
||||
$server = $server->refresh();
|
||||
|
||||
$response = $this->actingAs($user)->getJson($this->link($server).'/startup');
|
||||
$response = $this->actingAs($user)->getJson($this->link($server) . '/startup');
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertJsonPath('meta.startup_command', 'java bungeecord.jar --version [hidden]');
|
||||
@@ -52,10 +52,10 @@ class GetStartupAndVariablesTest extends ClientApiIntegrationTestCase
|
||||
public function testStartupDataIsNotReturnedWithoutPermission(): void
|
||||
{
|
||||
[$user, $server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
|
||||
$this->actingAs($user)->getJson($this->link($server).'/startup')->assertForbidden();
|
||||
$this->actingAs($user)->getJson($this->link($server) . '/startup')->assertForbidden();
|
||||
|
||||
$user2 = User::factory()->create();
|
||||
$this->actingAs($user2)->getJson($this->link($server).'/startup')->assertNotFound();
|
||||
$this->actingAs($user2)->getJson($this->link($server) . '/startup')->assertNotFound();
|
||||
}
|
||||
|
||||
public static function permissionsDataProvider(): array
|
||||
|
||||
@@ -23,7 +23,7 @@ class UpdateStartupVariableTest extends ClientApiIntegrationTestCase
|
||||
'startup' => 'java {{SERVER_JARFILE}} --version {{BUNGEE_VERSION}}',
|
||||
])->save();
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server).'/startup/variable', [
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'BUNGEE_VERSION',
|
||||
'value' => '1.2.3',
|
||||
]);
|
||||
@@ -32,7 +32,7 @@ class UpdateStartupVariableTest extends ClientApiIntegrationTestCase
|
||||
$response->assertJsonPath('errors.0.code', 'ValidationException');
|
||||
$response->assertJsonPath('errors.0.detail', 'The value may only contain letters and numbers.');
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server).'/startup/variable', [
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'BUNGEE_VERSION',
|
||||
'value' => '123',
|
||||
]);
|
||||
@@ -62,7 +62,7 @@ class UpdateStartupVariableTest extends ClientApiIntegrationTestCase
|
||||
$server->fill(['egg_id' => $egg->id])->save();
|
||||
$server->refresh();
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server).'/startup/variable', [
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'BUNGEE_VERSION',
|
||||
'value' => '123',
|
||||
]);
|
||||
@@ -71,7 +71,7 @@ class UpdateStartupVariableTest extends ClientApiIntegrationTestCase
|
||||
$response->assertJsonPath('errors.0.code', 'BadRequestHttpException');
|
||||
$response->assertJsonPath('errors.0.detail', 'The environment variable you are trying to edit does not exist.');
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server).'/startup/variable', [
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'SERVER_JARFILE',
|
||||
'value' => 'server2.jar',
|
||||
]);
|
||||
@@ -100,7 +100,7 @@ class UpdateStartupVariableTest extends ClientApiIntegrationTestCase
|
||||
|
||||
$server->refresh();
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server).'/startup/variable', [
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'SERVER_JARFILE',
|
||||
'value' => 'server2.jar',
|
||||
]);
|
||||
@@ -125,7 +125,7 @@ class UpdateStartupVariableTest extends ClientApiIntegrationTestCase
|
||||
$server->fill(['egg_id' => $egg->id])->save();
|
||||
$server->refresh();
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server).'/startup/variable', [
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'BUNGEE_VERSION',
|
||||
'value' => '',
|
||||
]);
|
||||
@@ -141,10 +141,10 @@ class UpdateStartupVariableTest extends ClientApiIntegrationTestCase
|
||||
public function testStartupVariableCannotBeUpdatedIfNotUserViewable(): void
|
||||
{
|
||||
[$user, $server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
|
||||
$this->actingAs($user)->putJson($this->link($server).'/startup/variable')->assertForbidden();
|
||||
$this->actingAs($user)->putJson($this->link($server) . '/startup/variable')->assertForbidden();
|
||||
|
||||
$user2 = User::factory()->create();
|
||||
$this->actingAs($user2)->putJson($this->link($server).'/startup/variable')->assertNotFound();
|
||||
$this->actingAs($user2)->putJson($this->link($server) . '/startup/variable')->assertNotFound();
|
||||
}
|
||||
|
||||
public static function permissionsDataProvider(): array
|
||||
|
||||
@@ -23,7 +23,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
|
||||
{
|
||||
[$user, $server] = $this->generateTestAccount($permissions);
|
||||
|
||||
$response = $this->actingAs($user)->postJson($this->link($server).'/users', [
|
||||
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
|
||||
'email' => $email = $this->faker->email(),
|
||||
'permissions' => [
|
||||
Permission::ACTION_USER_CREATE,
|
||||
@@ -60,7 +60,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
|
||||
Permission::ACTION_CONTROL_CONSOLE,
|
||||
]);
|
||||
|
||||
$response = $this->actingAs($user)->postJson($this->link($server).'/users', [
|
||||
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
|
||||
'email' => $this->faker->email(),
|
||||
'permissions' => [
|
||||
Permission::ACTION_USER_CREATE,
|
||||
@@ -80,9 +80,9 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
|
||||
{
|
||||
[$user, $server] = $this->generateTestAccount();
|
||||
|
||||
$email = str_repeat(Str::random(35), 7).'@gmail.com'; // 255 is the hard limit for the column in MySQL.
|
||||
$email = str_repeat(Str::random(35), 7) . '@gmail.com'; // 255 is the hard limit for the column in MySQL.
|
||||
|
||||
$response = $this->actingAs($user)->postJson($this->link($server).'/users', [
|
||||
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
|
||||
'email' => $email,
|
||||
'permissions' => [
|
||||
Permission::ACTION_USER_CREATE,
|
||||
@@ -91,8 +91,8 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
|
||||
|
||||
$response->assertOk();
|
||||
|
||||
$response = $this->actingAs($user)->postJson($this->link($server).'/users', [
|
||||
'email' => $email.'.au',
|
||||
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
|
||||
'email' => $email . '.au',
|
||||
'permissions' => [
|
||||
Permission::ACTION_USER_CREATE,
|
||||
],
|
||||
@@ -114,7 +114,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
|
||||
/** @var \App\Models\User $existing */
|
||||
$existing = User::factory()->create(['email' => $this->faker->email()]);
|
||||
|
||||
$response = $this->actingAs($user)->postJson($this->link($server).'/users', [
|
||||
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
|
||||
'email' => $existing->email,
|
||||
'permissions' => [
|
||||
Permission::ACTION_USER_CREATE,
|
||||
@@ -134,7 +134,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
|
||||
{
|
||||
[$user, $server] = $this->generateTestAccount();
|
||||
|
||||
$response = $this->actingAs($user)->postJson($this->link($server).'/users', [
|
||||
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
|
||||
'email' => $email = $this->faker->email(),
|
||||
'permissions' => [
|
||||
Permission::ACTION_USER_CREATE,
|
||||
@@ -143,7 +143,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
|
||||
|
||||
$response->assertOk();
|
||||
|
||||
$response = $this->actingAs($user)->postJson($this->link($server).'/users', [
|
||||
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
|
||||
'email' => $email,
|
||||
'permissions' => [
|
||||
Permission::ACTION_USER_CREATE,
|
||||
|
||||
@@ -31,7 +31,7 @@ class DeleteSubuserTest extends ClientApiIntegrationTestCase
|
||||
|
||||
$real = Uuid::uuid4()->toString();
|
||||
// Generate a UUID that lines up with a user in the database if it were to be cast to an int.
|
||||
$uuid = $differentUser->id.substr($real, strlen((string) $differentUser->id));
|
||||
$uuid = $differentUser->id . substr($real, strlen((string) $differentUser->id));
|
||||
|
||||
/** @var \App\Models\User $subuser */
|
||||
$subuser = User::factory()->create(['uuid' => $uuid]);
|
||||
@@ -44,11 +44,11 @@ class DeleteSubuserTest extends ClientApiIntegrationTestCase
|
||||
|
||||
$mock->expects('setServer->revokeUserJTI')->with($subuser->id)->andReturnUndefined();
|
||||
|
||||
$this->actingAs($user)->deleteJson($this->link($server)."/users/$subuser->uuid")->assertNoContent();
|
||||
$this->actingAs($user)->deleteJson($this->link($server) . "/users/$subuser->uuid")->assertNoContent();
|
||||
|
||||
// Try the same test, but this time with a UUID that if cast to an int (shouldn't) line up with
|
||||
// anything in the database.
|
||||
$uuid = '18180000'.substr(Uuid::uuid4()->toString(), 8);
|
||||
$uuid = '18180000' . substr(Uuid::uuid4()->toString(), 8);
|
||||
/** @var \App\Models\User $subuser */
|
||||
$subuser = User::factory()->create(['uuid' => $uuid]);
|
||||
|
||||
@@ -60,6 +60,6 @@ class DeleteSubuserTest extends ClientApiIntegrationTestCase
|
||||
|
||||
$mock->expects('setServer->revokeUserJTI')->with($subuser->id)->andReturnUndefined();
|
||||
|
||||
$this->actingAs($user)->deleteJson($this->link($server)."/users/$subuser->uuid")->assertNoContent();
|
||||
$this->actingAs($user)->deleteJson($this->link($server) . "/users/$subuser->uuid")->assertNoContent();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -41,12 +41,12 @@ class SubuserAuthorizationTest extends ClientApiIntegrationTestCase
|
||||
}
|
||||
|
||||
// This route is acceptable since they're accessing a subuser on their own server.
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/users/'.$internal->uuid))->assertStatus($method === 'POST' ? 422 : ($method === 'DELETE' ? 204 : 200));
|
||||
$this->actingAs($user)->json($method, $this->link($server1, '/users/' . $internal->uuid))->assertStatus($method === 'POST' ? 422 : ($method === 'DELETE' ? 204 : 200));
|
||||
|
||||
// This route can be revealed since the subuser belongs to the correct server, but
|
||||
// errors out with a 403 since $user does not have the right permissions for this.
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/users/'.$internal->uuid))->assertForbidden();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/users/'.$internal->uuid))->assertNotFound();
|
||||
$this->actingAs($user)->json($method, $this->link($server2, '/users/' . $internal->uuid))->assertForbidden();
|
||||
$this->actingAs($user)->json($method, $this->link($server3, '/users/' . $internal->uuid))->assertNotFound();
|
||||
}
|
||||
|
||||
public static function methodDataProvider(): array
|
||||
|
||||
@@ -69,7 +69,7 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
|
||||
$this->expectException(AccessDeniedHttpException::class);
|
||||
|
||||
$this->request->expects('route->getName')->withNoArgs()->andReturn('random.route');
|
||||
$this->request->expects('bearerToken')->withNoArgs()->andReturn($node->daemon_token_id.'.random_string_123');
|
||||
$this->request->expects('bearerToken')->withNoArgs()->andReturn($node->daemon_token_id . '.random_string_123');
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
}
|
||||
@@ -98,7 +98,7 @@ class DaemonAuthenticateTest extends MiddlewareTestCase
|
||||
$node->save();
|
||||
|
||||
$this->request->expects('route->getName')->withNoArgs()->andReturn('random.route');
|
||||
$this->request->expects('bearerToken')->withNoArgs()->andReturn($node->daemon_token_id.'.the_same');
|
||||
$this->request->expects('bearerToken')->withNoArgs()->andReturn($node->daemon_token_id . '.the_same');
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||
$this->assertRequestHasAttribute('node');
|
||||
|
||||
@@ -143,7 +143,7 @@ class SftpAuthenticationControllerTest extends IntegrationTestCase
|
||||
$this->setAuthorization($server->node);
|
||||
|
||||
$this->postJson('/api/remote/sftp/auth', [
|
||||
'username' => $user->username.'.'.$server->uuid_short,
|
||||
'username' => $user->username . '.' . $server->uuid_short,
|
||||
'password' => 'foobar',
|
||||
])
|
||||
->assertForbidden()
|
||||
@@ -173,7 +173,7 @@ class SftpAuthenticationControllerTest extends IntegrationTestCase
|
||||
$this->setAuthorization($server->node);
|
||||
|
||||
$data = [
|
||||
'username' => $user->username.'.'.$server->uuid_short,
|
||||
'username' => $user->username . '.' . $server->uuid_short,
|
||||
'password' => 'foobar',
|
||||
];
|
||||
|
||||
@@ -188,7 +188,7 @@ class SftpAuthenticationControllerTest extends IntegrationTestCase
|
||||
->assertJsonPath('permissions.0', '*');
|
||||
|
||||
$this->setAuthorization();
|
||||
$data['username'] = $user->username.'.'.$this->server->uuid_short;
|
||||
$data['username'] = $user->username . '.' . $this->server->uuid_short;
|
||||
|
||||
$this->post('/api/remote/sftp/auth', $data)
|
||||
->assertOk()
|
||||
@@ -220,7 +220,7 @@ class SftpAuthenticationControllerTest extends IntegrationTestCase
|
||||
*/
|
||||
protected function getUsername(bool $long = false): string
|
||||
{
|
||||
return $this->user->username.'.'.($long ? $this->server->uuid : $this->server->uuid_short);
|
||||
return $this->user->username . '.' . ($long ? $this->server->uuid : $this->server->uuid_short);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -230,6 +230,6 @@ class SftpAuthenticationControllerTest extends IntegrationTestCase
|
||||
{
|
||||
$node = $node ?? $this->server->node;
|
||||
|
||||
$this->withHeader('Authorization', 'Bearer '.$node->daemon_token_id.'.'.$node->daemon_token);
|
||||
$this->withHeader('Authorization', 'Bearer ' . $node->daemon_token_id . '.' . $node->daemon_token);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -21,8 +21,8 @@ class UserControllerTest extends IntegrationTestCase
|
||||
{
|
||||
$unique = Str::random();
|
||||
$users = [
|
||||
User::factory()->create(['username' => $unique.'_1']),
|
||||
User::factory()->create(['username' => $unique.'_2']),
|
||||
User::factory()->create(['username' => $unique . '_1']),
|
||||
User::factory()->create(['username' => $unique . '_2']),
|
||||
];
|
||||
|
||||
$servers = [
|
||||
@@ -38,7 +38,7 @@ class UserControllerTest extends IntegrationTestCase
|
||||
/** @var \App\Http\Controllers\Admin\UserController $controller */
|
||||
$controller = $this->app->make(UserController::class);
|
||||
|
||||
$request = Request::create('/admin/users?filter[username]='.$unique);
|
||||
$request = Request::create('/admin/users?filter[username]=' . $unique);
|
||||
$this->app->instance(Request::class, $request);
|
||||
|
||||
$data = $controller->index($request)->getData();
|
||||
|
||||
@@ -29,7 +29,7 @@ class DatabaseManagementServiceTest extends IntegrationTestCase
|
||||
{
|
||||
$this->assertSame('s1_example', DatabaseManagementService::generateUniqueDatabaseName('example', 1));
|
||||
$this->assertSame('s123_something_else', DatabaseManagementService::generateUniqueDatabaseName('something_else', 123));
|
||||
$this->assertSame('s123_'.str_repeat('a', 43), DatabaseManagementService::generateUniqueDatabaseName(str_repeat('a', 100), 123));
|
||||
$this->assertSame('s123_' . str_repeat('a', 43), DatabaseManagementService::generateUniqueDatabaseName(str_repeat('a', 100), 123));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user