forked from pterodactyl/panel
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCreateServerSubuserTest.php
More file actions
166 lines (137 loc) · 5.75 KB
/
CreateServerSubuserTest.php
File metadata and controls
166 lines (137 loc) · 5.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
<?php
namespace Pterodactyl\Tests\Integration\Api\Client\Server\Schedule;
use Illuminate\Support\Str;
use Pterodactyl\Models\User;
use Illuminate\Http\Response;
use Pterodactyl\Models\Subuser;
use Pterodactyl\Models\Permission;
use Illuminate\Foundation\Testing\WithFaker;
use Pterodactyl\Tests\Integration\Api\Client\ClientApiIntegrationTestCase;
class CreateServerSubuserTest extends ClientApiIntegrationTestCase
{
use WithFaker;
/**
* Test that a subuser can be created for a server.
*
* @param array $permissions
* @dataProvider permissionsDataProvider
*/
public function testSubuserCanBeCreated($permissions)
{
[$user, $server] = $this->generateTestAccount($permissions);
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
'email' => $email = $this->faker->email,
'permissions' => [
Permission::ACTION_USER_CREATE,
],
]);
$response->assertOk();
/** @var \Pterodactyl\Models\User $subuser */
$subuser = User::query()->where('email', $email)->firstOrFail();
$response->assertJsonPath('object', Subuser::RESOURCE_NAME);
$response->assertJsonPath('attributes.uuid', $subuser->uuid);
$response->assertJsonPath('attributes.permissions', [
Permission::ACTION_USER_CREATE,
Permission::ACTION_WEBSOCKET_CONNECT,
]);
$expected = $response->json('attributes');
unset($expected['permissions']);
$this->assertJsonTransformedWith($expected, $subuser);
}
/**
* Tests that an error is returned if a subuser attempts to create a new subuser and assign
* permissions that their account does not also possess.
*/
public function testErrorIsReturnedIfAssigningPermissionsNotAssignedToSelf()
{
[$user, $server] = $this->generateTestAccount([
Permission::ACTION_USER_CREATE,
Permission::ACTION_USER_READ,
Permission::ACTION_CONTROL_CONSOLE,
]);
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
'email' => $email = $this->faker->email,
'permissions' => [
Permission::ACTION_USER_CREATE,
Permission::ACTION_USER_UPDATE, // This permission is not assigned to the subuser.
],
]);
$response->assertForbidden();
$response->assertJsonPath('errors.0.code', 'HttpForbiddenException');
$response->assertJsonPath('errors.0.detail', 'Cannot assign permissions to a subuser that your account does not actively possess.');
}
/**
* Throws some bad data at the API and ensures that a subuser cannot be created.
*/
public function testSubuserWithExcessivelyLongEmailCannotBeCreated()
{
[$user, $server] = $this->generateTestAccount();
$email = str_repeat(Str::random(20), 9) . '1@gmail.com'; // 191 is the hard limit for the column in MySQL.
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
'email' => $email,
'permissions' => [
Permission::ACTION_USER_CREATE,
],
]);
$response->assertOk();
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
'email' => $email . '.au',
'permissions' => [
Permission::ACTION_USER_CREATE,
],
]);
$response->assertStatus(Response::HTTP_UNPROCESSABLE_ENTITY);
$response->assertJsonPath('errors.0.detail', 'The email must be between 1 and 191 characters.');
$response->assertJsonPath('errors.0.meta.source_field', 'email');
}
/**
* Test that creating a subuser when there is already an account with that email runs
* as expected and does not create a new account.
*/
public function testCreatingSubuserWithSameEmailAsExistingUserWorks()
{
[$user, $server] = $this->generateTestAccount();
/** @var \Pterodactyl\Models\User $existing */
$existing = factory(User::class)->create(['email' => $this->faker->email]);
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
'email' => $existing->email,
'permissions' => [
Permission::ACTION_USER_CREATE,
],
]);
$response->assertOk();
$response->assertJsonPath('object', Subuser::RESOURCE_NAME);
$response->assertJsonPath('attributes.uuid', $existing->uuid);
}
/**
* Test that an error is returned if the account associated with an email address is already
* associated with the server instance.
*/
public function testAddingSubuserThatAlreadyIsAssignedReturnsError()
{
[$user, $server] = $this->generateTestAccount();
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
'email' => $email = $this->faker->email,
'permissions' => [
Permission::ACTION_USER_CREATE,
],
]);
$response->assertOk();
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
'email' => $email,
'permissions' => [
Permission::ACTION_USER_CREATE,
],
]);
$response->assertStatus(Response::HTTP_BAD_REQUEST);
$response->assertJsonPath('errors.0.code', 'ServerSubuserExistsException');
$response->assertJsonPath('errors.0.detail', 'A user with that email address is already assigned as a subuser for this server.');
}
/**
* @return array
*/
public function permissionsDataProvider(): array
{
return [[[]], [[Permission::ACTION_USER_CREATE]]];
}
}