MrUnknownDE/panel
1
0
Fork 0
mirror of https://github.com/MrUnknownDE/panel.git synced 2026-04-30 11:53:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Reformat for csfixer

Browse Source
This commit is contained in:
Dane Everitt
2021-01-23 12:05:09 -08:00
parent 0a60b4678b
commit 1e3fddbffd
151 changed files with 203 additions and 240 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
tests/Integration/Api/Client/Server/Allocation/AllocationAuthorizationTest.php
View File

@@ -32,20 +32,20 @@ class AllocationAuthorizationTest extends ClientApiIntegrationTestCase
// This is the only valid call for this test, accessing the allocation for the same
// server that the API user is the owner of.
$response = $this->actingAs($user)->json($method, $this->link($server1, "/network/allocations/" . $allocation1->id . $endpoint));
$response = $this->actingAs($user)->json($method, $this->link($server1, '/network/allocations/' . $allocation1->id . $endpoint));
$this->assertTrue($response->status() <= 204 || $response->status() === 400 || $response->status() === 422);
// This request fails because the allocation is valid for that server but the user
// making the request is not authorized to perform that action.
$this->actingAs($user)->json($method, $this->link($server2, "/network/allocations/" . $allocation2->id . $endpoint))->assertForbidden();
$this->actingAs($user)->json($method, $this->link($server2, '/network/allocations/' . $allocation2->id . $endpoint))->assertForbidden();
// Both of these should report a 404 error due to the allocations being linked to
// servers that are not the same as the server in the request, or are assigned
// to a server for which the user making the request has no access to.
$this->actingAs($user)->json($method, $this->link($server1, "/network/allocations/" . $allocation2->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, "/network/allocations/" . $allocation3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server2, "/network/allocations/" . $allocation3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server3, "/network/allocations/" . $allocation3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, '/network/allocations/' . $allocation2->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, '/network/allocations/' . $allocation3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server2, '/network/allocations/' . $allocation3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server3, '/network/allocations/' . $allocation3->id . $endpoint))->assertNotFound();
}
/**
@@ -54,9 +54,9 @@ class AllocationAuthorizationTest extends ClientApiIntegrationTestCase
public function methodDataProvider(): array
{
return [
["POST", ""],
["DELETE", ""],
["POST", "/primary"],
['POST', ''],
['DELETE', ''],
['POST', '/primary'],
];
}
}

10
tests/Integration/Api/Client/Server/Allocation/CreateNewAllocationTest.php
View File

@@ -3,8 +3,8 @@
namespace Pterodactyl\Tests\Integration\Api\Client\Server\Allocation;
use Illuminate\Http\Response;
use Pterodactyl\Models\Permission;
use Pterodactyl\Models\Allocation;
use Pterodactyl\Models\Permission;
use Pterodactyl\Tests\Integration\Api\Client\ClientApiIntegrationTestCase;
class CreateNewAllocationTest extends ClientApiIntegrationTestCase
@@ -33,7 +33,7 @@ class CreateNewAllocationTest extends ClientApiIntegrationTestCase
[$user, $server] = $this->generateTestAccount($permission);
$server->update(['allocation_limit' => 2]);
$response = $this->actingAs($user)->postJson($this->link($server, "/network/allocations"));
$response = $this->actingAs($user)->postJson($this->link($server, '/network/allocations'));
$response->assertJsonPath('object', Allocation::RESOURCE_NAME);
$matched = Allocation::query()->findOrFail($response->json('attributes.id'));
@@ -52,7 +52,7 @@ class CreateNewAllocationTest extends ClientApiIntegrationTestCase
[$user, $server] = $this->generateTestAccount([Permission::ACTION_ALLOCATION_UPDATE]);
$server->update(['allocation_limit' => 2]);
$this->actingAs($user)->postJson($this->link($server, "/network/allocations"))->assertForbidden();
$this->actingAs($user)->postJson($this->link($server, '/network/allocations'))->assertForbidden();
}
/**
@@ -66,7 +66,7 @@ class CreateNewAllocationTest extends ClientApiIntegrationTestCase
[$user, $server] = $this->generateTestAccount();
$server->update(['allocation_limit' => 2]);
$this->actingAs($user)->postJson($this->link($server, "/network/allocations"))
$this->actingAs($user)->postJson($this->link($server, '/network/allocations'))
->assertStatus(Response::HTTP_BAD_REQUEST)
->assertJsonPath('errors.0.code', 'AutoAllocationNotEnabledException')
->assertJsonPath('errors.0.detail', 'Server auto-allocation is not enabled for this instance.');
@@ -81,7 +81,7 @@ class CreateNewAllocationTest extends ClientApiIntegrationTestCase
[$user, $server] = $this->generateTestAccount();
$server->update(['allocation_limit' => 1]);
$this->actingAs($user)->postJson($this->link($server, "/network/allocations"))
$this->actingAs($user)->postJson($this->link($server, '/network/allocations'))
->assertStatus(Response::HTTP_BAD_REQUEST)
->assertJsonPath('errors.0.code', 'DisplayException')
->assertJsonPath('errors.0.detail', 'Cannot assign additional allocations to this server: limit has been reached.');

2
tests/Integration/Api/Client/Server/Allocation/DeleteAllocationTest.php
View File

@@ -3,8 +3,8 @@
namespace Pterodactyl\Tests\Integration\Api\Client\Server\Allocation;
use Illuminate\Http\Response;
use Pterodactyl\Models\Permission;
use Pterodactyl\Models\Allocation;
use Pterodactyl\Models\Permission;
use Pterodactyl\Tests\Integration\Api\Client\ClientApiIntegrationTestCase;
class DeleteAllocationTest extends ClientApiIntegrationTestCase

18
tests/Integration/Api/Client/Server/Backup/BackupAuthorizationTest.php
View File

@@ -41,20 +41,20 @@ class BackupAuthorizationTest extends ClientApiIntegrationTestCase
// This is the only valid call for this test, accessing the backup for the same
// server that the API user is the owner of.
$this->actingAs($user)->json($method, $this->link($server1, "/backups/" . $backup1->uuid . $endpoint))
$this->actingAs($user)->json($method, $this->link($server1, '/backups/' . $backup1->uuid . $endpoint))
->assertStatus($method === 'DELETE' ? 204 : 200);
// This request fails because the backup is valid for that server but the user
// making the request is not authorized to perform that action.
$this->actingAs($user)->json($method, $this->link($server2, "/backups/" . $backup2->uuid . $endpoint))->assertForbidden();
$this->actingAs($user)->json($method, $this->link($server2, '/backups/' . $backup2->uuid . $endpoint))->assertForbidden();
// Both of these should report a 404 error due to the backup being linked to
// servers that are not the same as the server in the request, or are assigned
// to a server for which the user making the request has no access to.
$this->actingAs($user)->json($method, $this->link($server1, "/backups/" . $backup2->uuid . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, "/backups/" . $backup3->uuid . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server2, "/backups/" . $backup3->uuid . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server3, "/backups/" . $backup3->uuid . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, '/backups/' . $backup2->uuid . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, '/backups/' . $backup3->uuid . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server2, '/backups/' . $backup3->uuid . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server3, '/backups/' . $backup3->uuid . $endpoint))->assertNotFound();
}
/**
@@ -63,9 +63,9 @@ class BackupAuthorizationTest extends ClientApiIntegrationTestCase
public function methodDataProvider(): array
{
return [
["GET", ""],
["GET", "/download"],
["DELETE", ""],
['GET', ''],
['GET', '/download'],
['DELETE', ''],
];
}
}

16
tests/Integration/Api/Client/Server/Database/DatabaseAuthorizationTest.php
View File

@@ -49,20 +49,20 @@ class DatabaseAuthorizationTest extends ClientApiIntegrationTestCase
$hashids = $this->app->make(HashidsInterface::class);
// This is the only valid call for this test, accessing the database for the same
// server that the API user is the owner of.
$this->actingAs($user)->json($method, $this->link($server1, "/databases/" . $hashids->encode($database1->id) . $endpoint))
$this->actingAs($user)->json($method, $this->link($server1, '/databases/' . $hashids->encode($database1->id) . $endpoint))
->assertStatus($method === 'DELETE' ? 204 : 200);
// This request fails because the database is valid for that server but the user
// making the request is not authorized to perform that action.
$this->actingAs($user)->json($method, $this->link($server2, "/databases/" . $hashids->encode($database2->id) . $endpoint))->assertForbidden();
$this->actingAs($user)->json($method, $this->link($server2, '/databases/' . $hashids->encode($database2->id) . $endpoint))->assertForbidden();
// Both of these should report a 404 error due to the database being linked to
// servers that are not the same as the server in the request, or are assigned
// to a server for which the user making the request has no access to.
$this->actingAs($user)->json($method, $this->link($server1, "/databases/" . $hashids->encode($database2->id) . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, "/databases/" . $hashids->encode($database3->id) . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server2, "/databases/" . $hashids->encode($database3->id) . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server3, "/databases/" . $hashids->encode($database3->id) . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, '/databases/' . $hashids->encode($database2->id) . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, '/databases/' . $hashids->encode($database3->id) . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server2, '/databases/' . $hashids->encode($database3->id) . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server3, '/databases/' . $hashids->encode($database3->id) . $endpoint))->assertNotFound();
}
/**
@@ -71,8 +71,8 @@ class DatabaseAuthorizationTest extends ClientApiIntegrationTestCase
public function methodDataProvider(): array
{
return [
["POST", "/rotate-password"],
["DELETE", ""],
['POST', '/rotate-password'],
['DELETE', ''],
];
}
}

2
tests/Integration/Api/Client/Server/Schedule/ExecuteScheduleTest.php
View File

@@ -65,7 +65,7 @@ class ExecuteScheduleTest extends ClientApiIntegrationTestCase
'is_active' => false,
]);
$response = $this->actingAs($user)->postJson($this->link($schedule, "/execute"));
$response = $this->actingAs($user)->postJson($this->link($schedule, '/execute'));
$response->assertStatus(Response::HTTP_BAD_REQUEST);
$response->assertJsonPath('errors.0.code', 'BadRequestHttpException');

22
tests/Integration/Api/Client/Server/Schedule/ScheduleAuthorizationTest.php
View File

@@ -40,20 +40,20 @@ class ScheduleAuthorizationTest extends ClientApiIntegrationTestCase
// This is the only valid call for this test, accessing the schedule for the same
// server that the API user is the owner of.
$response = $this->actingAs($user)->json($method, $this->link($server1, "/schedules/" . $schedule1->id . $endpoint));
$response = $this->actingAs($user)->json($method, $this->link($server1, '/schedules/' . $schedule1->id . $endpoint));
$this->assertTrue($response->status() <= 204 || $response->status() === 400 || $response->status() === 422);
// This request fails because the schedule is valid for that server but the user
// making the request is not authorized to perform that action.
$this->actingAs($user)->json($method, $this->link($server2, "/schedules/" . $schedule2->id . $endpoint))->assertForbidden();
$this->actingAs($user)->json($method, $this->link($server2, '/schedules/' . $schedule2->id . $endpoint))->assertForbidden();
// Both of these should report a 404 error due to the schedules being linked to
// servers that are not the same as the server in the request, or are assigned
// to a server for which the user making the request has no access to.
$this->actingAs($user)->json($method, $this->link($server1, "/schedules/" . $schedule2->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, "/schedules/" . $schedule3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server2, "/schedules/" . $schedule3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server3, "/schedules/" . $schedule3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, '/schedules/' . $schedule2->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server1, '/schedules/' . $schedule3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server2, '/schedules/' . $schedule3->id . $endpoint))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server3, '/schedules/' . $schedule3->id . $endpoint))->assertNotFound();
}
/**
@@ -62,11 +62,11 @@ class ScheduleAuthorizationTest extends ClientApiIntegrationTestCase
public function methodDataProvider(): array
{
return [
["GET", ""],
["POST", ""],
["DELETE", ""],
["POST", "/execute"],
["POST", "/tasks"],
['GET', ''],
['POST', ''],
['DELETE', ''],
['POST', '/execute'],
['POST', '/tasks'],
];
}
}

6
tests/Integration/Api/Client/Server/Startup/GetStartupAndVariablesTest.php
View File

@@ -34,7 +34,7 @@ class GetStartupAndVariablesTest extends ClientApiIntegrationTestCase
])->save();
$server = $server->refresh();
$response = $this->actingAs($user)->getJson($this->link($server) . "/startup");
$response = $this->actingAs($user)->getJson($this->link($server) . '/startup');
$response->assertOk();
$response->assertJsonPath('meta.startup_command', 'java bungeecord.jar --version [hidden]');
@@ -53,10 +53,10 @@ class GetStartupAndVariablesTest extends ClientApiIntegrationTestCase
public function testStartupDataIsNotReturnedWithoutPermission()
{
[$user, $server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
$this->actingAs($user)->getJson($this->link($server) . "/startup")->assertForbidden();
$this->actingAs($user)->getJson($this->link($server) . '/startup')->assertForbidden();
$user2 = User::factory()->create();
$this->actingAs($user2)->getJson($this->link($server) . "/startup")->assertNotFound();
$this->actingAs($user2)->getJson($this->link($server) . '/startup')->assertNotFound();
}
/**

4
tests/Integration/Api/Client/Server/Startup/UpdateStartupVariableTest.php
View File

@@ -145,10 +145,10 @@ class UpdateStartupVariableTest extends ClientApiIntegrationTestCase
public function testStartupVariableCannotBeUpdatedIfNotUserViewable()
{
[$user, $server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
$this->actingAs($user)->putJson($this->link($server) . "/startup/variable")->assertForbidden();
$this->actingAs($user)->putJson($this->link($server) . '/startup/variable')->assertForbidden();
$user2 = User::factory()->create();
$this->actingAs($user2)->putJson($this->link($server) . "/startup/variable")->assertNotFound();
$this->actingAs($user2)->putJson($this->link($server) . '/startup/variable')->assertNotFound();
}
/**

14
tests/Integration/Api/Client/Server/Subuser/CreateServerSubuserTest.php
View File

@@ -24,7 +24,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
{
[$user, $server] = $this->generateTestAccount($permissions);
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
'email' => $email = $this->faker->email,
'permissions' => [
Permission::ACTION_USER_CREATE,
@@ -61,7 +61,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
Permission::ACTION_CONTROL_CONSOLE,
]);
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
'email' => $email = $this->faker->email,
'permissions' => [
Permission::ACTION_USER_CREATE,
@@ -83,7 +83,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
$email = str_repeat(Str::random(20), 9) . '1@gmail.com'; // 191 is the hard limit for the column in MySQL.
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
'email' => $email,
'permissions' => [
Permission::ACTION_USER_CREATE,
@@ -92,7 +92,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
$response->assertOk();
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
'email' => $email . '.au',
'permissions' => [
Permission::ACTION_USER_CREATE,
@@ -115,7 +115,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
/** @var \Pterodactyl\Models\User $existing */
$existing = User::factory()->create(['email' => $this->faker->email]);
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
'email' => $existing->email,
'permissions' => [
Permission::ACTION_USER_CREATE,
@@ -135,7 +135,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
{
[$user, $server] = $this->generateTestAccount();
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
'email' => $email = $this->faker->email,
'permissions' => [
Permission::ACTION_USER_CREATE,
@@ -144,7 +144,7 @@ class CreateServerSubuserTest extends ClientApiIntegrationTestCase
$response->assertOk();
$response = $this->actingAs($user)->postJson($this->link($server) . "/users", [
$response = $this->actingAs($user)->postJson($this->link($server) . '/users', [
'email' => $email,
'permissions' => [
Permission::ACTION_USER_CREATE,

2
tests/Integration/Api/Client/Server/Subuser/DeleteSubuserTest.php
View File

@@ -33,7 +33,7 @@ class DeleteSubuserTest extends ClientApiIntegrationTestCase
$differentUser = User::factory()->create();
// Generate a UUID that lines up with a user in the database if it were to be cast to an int.
$uuid = $differentUser->id . str_repeat('a', strlen((string)$differentUser->id)) . substr(Uuid::uuid4()->toString(), 8);
$uuid = $differentUser->id . str_repeat('a', strlen((string) $differentUser->id)) . substr(Uuid::uuid4()->toString(), 8);
/** @var \Pterodactyl\Models\User $subuser */
$subuser = User::factory()->create(['uuid' => $uuid]);

8
tests/Integration/Api/Client/Server/Subuser/SubuserAuthorizationTest.php
View File

@@ -43,12 +43,12 @@ class SubuserAuthorizationTest extends ClientApiIntegrationTestCase
}
// This route is acceptable since they're accessing a subuser on their own server.
$this->actingAs($user)->json($method, $this->link($server1, "/users/" . $internal->uuid))->assertStatus($method === 'POST' ? 422 : ($method === 'DELETE' ? 204 : 200));
$this->actingAs($user)->json($method, $this->link($server1, '/users/' . $internal->uuid))->assertStatus($method === 'POST' ? 422 : ($method === 'DELETE' ? 204 : 200));
// This route can be revealed since the subuser belongs to the correct server, but
// errors out with a 403 since $user does not have the right permissions for this.
$this->actingAs($user)->json($method, $this->link($server2, "/users/" . $internal->uuid))->assertForbidden();
$this->actingAs($user)->json($method, $this->link($server3, "/users/" . $internal->uuid))->assertNotFound();
$this->actingAs($user)->json($method, $this->link($server2, '/users/' . $internal->uuid))->assertForbidden();
$this->actingAs($user)->json($method, $this->link($server3, '/users/' . $internal->uuid))->assertNotFound();
}
/**
@@ -56,6 +56,6 @@ class SubuserAuthorizationTest extends ClientApiIntegrationTestCase
*/
public function methodDataProvider(): array
{
return [["GET"], ["POST"], ["DELETE"]];
return [['GET'], ['POST'], ['DELETE']];
}
}

1
tests/Integration/Api/Client/Server/WebsocketControllerTest.php
View File

@@ -105,7 +105,6 @@ class WebsocketControllerTest extends ClientApiIntegrationTestCase
'Failed to validate that the JWT data returned was signed using the Node\'s secret key.'
);
// Check that the claims are generated correctly.
$this->assertSame($permissions, $token->claims()->get('permissions'));
}