ghzhost
diff --git a/‎app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php‎
Lines changed: 24 additions & 7 deletions b/‎app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php‎
Lines changed: 24 additions & 7 deletions
diff --git a/‎tests/Assertions/AssertsActivityLogged.php‎
Lines changed: 84 additions & 0 deletions b/‎tests/Assertions/AssertsActivityLogged.php‎
Lines changed: 84 additions & 0 deletions
@@ -2,7 +2,9 @@
 
 namespace Pterodactyl\Http\Requests\Api\Client\Account;
 
+use IPTools\Range;
 use Pterodactyl\Models\ApiKey;
+use Illuminate\Validation\Validator;
 use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
 
 class StoreApiKeyRequest extends ClientApiRequest
@@ -13,18 +15,33 @@ public function rules(): array
 
         return [
             'description' => $rules['memo'],
-            'allowed_ips' => $rules['allowed_ips'],
-            'allowed_ips.*' => 'ip',
+            'allowed_ips' => [...$rules['allowed_ips'], 'max:50'],
+            'allowed_ips.*' => 'string',
         ];
     }
 
     /**
-     * @return array|string[]
+     * Check that each of the values entered is actually valid.
      */
-    public function messages()
+    public function withValidator(Validator $validator): void
     {
-        return [
-            'allowed_ips.*' => 'All of the IP addresses entered must be valid IPv4 addresses.',
-        ];
+        $validator->after(function (Validator $validator) {
+            if (!is_array($ips = $this->input('allowed_ips'))) {
+                return;
+            }
+
+            foreach ($ips as $index => $ip) {
+                $valid = false;
+                try {
+                    $valid = Range::parse($ip)->valid();
+                } catch (\Exception $exception) {
+                    if ($exception->getMessage() !== 'Invalid IP address format') {
+                        throw $exception;
+                    }
+                } finally {
+                    $validator->errors()->addIf(!$valid, "allowed_ips.{$index}", '"' . $ip . '" is not a valid IP address or CIDR range.');
+                }
+            }
+        });
     }
 }
@@ -0,0 +1,84 @@
+<?php
+
+namespace Pterodactyl\Tests\Assertions;
+
+use PHPUnit\Framework\Assert;
+use Illuminate\Support\Facades\Event;
+use Pterodactyl\Events\ActivityLogged;
+use Illuminate\Database\Eloquent\Model;
+use Pterodactyl\Models\ActivityLogSubject;
+
+trait AssertsActivityLogged
+{
+    /**
+     * @param \Illuminate\Database\Eloquent\Model|array $subjects
+     */
+    public function assertActivityFor(string $event, ?Model $actor, ...$subjects): void
+    {
+        $this->assertActivityLogged($event);
+        $this->assertActivityActor($event, $actor);
+        $this->assertActivitySubjects($event, ...$subjects);
+    }
+
+    /**
+     * Asserts that the given activity log event was stored in the database.
+     */
+    public function assertActivityLogged(string $event): void
+    {
+        Event::assertDispatched(ActivityLogged::class, fn ($e) => $e->is($event));
+    }
+
+    /**
+     * Asserts that a given activity log event was stored with the subjects being
+     * any of the values provided.
+     *
+     * @param \Illuminate\Database\Eloquent\Model|array $subjects
+     */
+    public function assertActivitySubjects(string $event, $subjects): void
+    {
+        if (is_array($subjects)) {
+            \Webmozart\Assert\Assert::lessThanEq(count(func_get_args()), 2, 'Invalid call to ' . __METHOD__ . ': cannot provide additional arguments if providing an array.');
+        } else {
+            $subjects = array_slice(func_get_args(), 1);
+        }
+
+        Event::assertDispatched(ActivityLogged::class, function (ActivityLogged $e) use ($event, $subjects) {
+            Assert::assertEquals($event, $e->model->event);
+            Assert::assertNotEmpty($e->model->subjects);
+
+            foreach ($subjects as $subject) {
+                $match = $e->model->subjects->first(function (ActivityLogSubject $model) use ($subject) {
+                    return $model->subject_type === $subject->getMorphClass()
+                        && $model->subject_id = $subject->getKey();
+                });
+
+                Assert::assertNotNull(
+                    $match,
+                    sprintf('Failed asserting that event "%s" includes a %s[%d] subject', $event, get_class($subject), $subject->getKey())
+                );
+            }
+
+            return true;
+        });
+    }
+
+    /**
+     * Asserts that the provided event was logged into the activity logs with the provided
+     * actor model associated with it.
+     */
+    public function assertActivityActor(string $event, ?Model $actor = null): void
+    {
+        Event::assertDispatched(ActivityLogged::class, function (ActivityLogged $e) use ($event, $actor) {
+            Assert::assertEquals($event, $e->model->event);
+
+            if (is_null($actor)) {
+                Assert::assertNull($e->actor());
+            } else {
+                Assert::assertNotNull($e->actor());
+                Assert::assertTrue($e->actor()->is($actor));
+            }
+
+            return true;
+        });
+    }
+}