pterodactyl/panel
1
0
Fork 0
mirror of https://github.com/pterodactyl/panel.git synced 2026-06-13 08:10:52 -05:00
Code Issues Packages Projects Releases 128 Wiki Activity
Files
develop
panel/tests/Integration/Api/Remote/ServerTransferControllerTest.php
Carlton 33695c642d Fix transfer status permission checks (#5573)
2026-03-26 16:53:41 -07:00

112 lines
4.2 KiB
PHP
Raw Permalink Blame History

<?php
namespace Pterodactyl\Tests\Integration\Api\Remote;
use Pterodactyl\Models\Node;
use Pterodactyl\Models\Location;
use Pterodactyl\Models\Allocation;
use Pterodactyl\Models\ServerTransfer;
use Pterodactyl\Tests\Integration\IntegrationTestCase;
class ServerTransferControllerTest extends IntegrationTestCase
{
protected ServerTransfer $transfer;
public function setup(): void
{
parent::setUp();
$server = $this->createServerModel();
$new = Node::factory()
->for(Location::factory())
->has(Allocation::factory())
->create();
$this->transfer = ServerTransfer::factory()->for($server)->create([
'old_allocation' => $server->allocation_id,
'new_allocation' => $new->allocations->first()->id,
'new_node' => $new->id,
'old_node' => $server->node_id,
]);
}
public function testSuccessStatusUpdateCanBeSentFromNewNode(): void
{
$server = $this->transfer->server;
$newNode = $this->transfer->newNode;
$this
->withHeader('Authorization', "Bearer $newNode->daemon_token_id." . $newNode->getDecryptedKey())
->postJson("/api/remote/servers/{$server->uuid}/transfer/success")
->assertNoContent();
$this->assertTrue($this->transfer->refresh()->successful);
}
public function testFailureStatusUpdateCanBeSentFromOldNode(): void
{
$server = $this->transfer->server;
$oldNode = $this->transfer->oldNode;
$this->withHeader('Authorization', "Bearer $oldNode->daemon_token_id." . $oldNode->getDecryptedKey())
->postJson("/api/remote/servers/{$server->uuid}/transfer/failure")
->assertNoContent();
$this->assertFalse($this->transfer->refresh()->successful);
}
public function testFailureStatusUpdateCanBeSentFromNewNode(): void
{
$server = $this->transfer->server;
$newNode = $this->transfer->newNode;
$this->withHeader('Authorization', "Bearer $newNode->daemon_token_id." . $newNode->getDecryptedKey())
->postJson("/api/remote/servers/{$server->uuid}/transfer/failure")
->assertNoContent();
$this->assertFalse($this->transfer->refresh()->successful);
}
public function testSuccessStatusUpdateCannotBeSentFromOldNode(): void
{
$server = $this->transfer->server;
$oldNode = $this->transfer->oldNode;
$this->withHeader('Authorization', "Bearer $oldNode->daemon_token_id." . $oldNode->getDecryptedKey())
->postJson("/api/remote/servers/{$server->uuid}/transfer/success")
->assertForbidden()
->assertJsonPath('errors.0.code', 'HttpForbiddenException')
->assertJsonPath('errors.0.detail', 'Requesting node does not have permission to access this server.');
$this->assertNull($this->transfer->refresh()->successful);
}
public function testSuccessStatusUpdateCannotBeSentFromUnauthorizedNode(): void
{
$server = $this->transfer->server;
$node = Node::factory()->for(Location::factory())->create();
$this->withHeader('Authorization', "Bearer $node->daemon_token_id." . $node->getDecryptedKey())
->postJson("/api/remote/servers/$server->uuid/transfer/success")
->assertForbidden()
->assertJsonPath('errors.0.code', 'HttpForbiddenException')
->assertJsonPath('errors.0.detail', 'Requesting node does not have permission to access this server.');
$this->assertNull($this->transfer->refresh()->successful);
}
public function testFailureStatusUpdateCannotBeSentFromUnauthorizedNode(): void
{
$server = $this->transfer->server;
$node = Node::factory()->for(Location::factory())->create();
$this->withHeader('Authorization', "Bearer $node->daemon_token_id." . $node->getDecryptedKey())
->postJson("/api/remote/servers/$server->uuid/transfer/failure")->assertForbidden()
->assertJsonPath('errors.0.code', 'HttpForbiddenException')
->assertJsonPath('errors.0.detail', 'Requesting node does not have permission to access this server.');
$this->assertNull($this->transfer->refresh()->successful);
}
}
Reference in New Issue View Git Blame Copy Permalink