Differential D2635 Diff 7519 src/tests/Feature/Controller/Reseller/DomainsTest.php

Changeset View

Standalone View

src/tests/Feature/Controller/Reseller/DomainsTest.php

	Show All 12 Lines
	{			{
	/**			/**
	* {@inheritDoc}			* {@inheritDoc}
	*/			*/
	public function setUp(): void			public function setUp(): void
	{			{
	parent::setUp();			parent::setUp();
	self::useResellerUrl();			self::useResellerUrl();
	\config(['app.tenant_id' => 1]);

	$this->deleteTestDomain('domainscontroller.com');			$this->deleteTestDomain('domainscontroller.com');
	}			}

	/**			/**
	* {@inheritDoc}			* {@inheritDoc}
	*/			*/
	public function tearDown(): void			public function tearDown(): void
	{			{
	\config(['app.tenant_id' => 1]);
	$this->deleteTestDomain('domainscontroller.com');			$this->deleteTestDomain('domainscontroller.com');

	parent::tearDown();			parent::tearDown();
	}			}

	/**			/**
	* Test domain confirm request			* Test domain confirm request
	*/			*/
	public function testConfirm(): void			public function testConfirm(): void
	{			{
	$reseller1 = $this->getTestUser('reseller@kolabnow.com');			$reseller1 = $this->getTestUser('reseller@' . \config('app.domain'));
	$domain = $this->getTestDomain('domainscontroller.com', [			$domain = $this->getTestDomain('domainscontroller.com', [
	'status' => Domain::STATUS_NEW,			'status' => Domain::STATUS_NEW,
	'type' => Domain::TYPE_EXTERNAL,			'type' => Domain::TYPE_EXTERNAL,
	]);			]);

	// THe end-point exists on the users controller, but not reseller's			// THe end-point exists on the users controller, but not reseller's
	$response = $this->actingAs($reseller1)->get("api/v4/domains/{$domain->id}/confirm");			$response = $this->actingAs($reseller1)->get("api/v4/domains/{$domain->id}/confirm");
	$response->assertStatus(404);			$response->assertStatus(404);
	}			}

	/**			/**
	* Test domains searching (/api/v4/domains)			* Test domains searching (/api/v4/domains)
	*/			*/
	public function testIndex(): void			public function testIndex(): void
	{			{
	$user = $this->getTestUser('john@kolab.org');			$user = $this->getTestUser('john@kolab.org');
	$admin = $this->getTestUser('jeroen@jeroen.jeroen');			$admin = $this->getTestUser('jeroen@jeroen.jeroen');
	$reseller1 = $this->getTestUser('reseller@kolabnow.com');			$reseller1 = $this->getTestUser('reseller@' . \config('app.domain'));
	$reseller2 = $this->getTestUser('reseller@reseller.com');			$reseller2 = $this->getTestUser('reseller@sample-tenant.dev-local');

	// Non-admin user			// Non-admin user
	$response = $this->actingAs($user)->get("api/v4/domains");			$response = $this->actingAs($user)->get("api/v4/domains");
	$response->assertStatus(403);			$response->assertStatus(403);

	// Admin user			// Admin user
	$response = $this->actingAs($admin)->get("api/v4/domains");			$response = $this->actingAs($admin)->get("api/v4/domains");
	$response->assertStatus(403);			$response->assertStatus(403);

	// Reseller from a different tenant
	$response = $this->actingAs($reseller2)->get("api/v4/domains");
	$response->assertStatus(403);

	// Search with no matches expected			// Search with no matches expected
	$response = $this->actingAs($reseller1)->get("api/v4/domains?search=abcd12.org");			$response = $this->actingAs($reseller1)->get("api/v4/domains?search=abcd12.org");
	$response->assertStatus(200);			$response->assertStatus(200);

	$json = $response->json();			$json = $response->json();

	$this->assertSame(0, $json['count']);			$this->assertSame(0, $json['count']);
	$this->assertSame([], $json['list']);			$this->assertSame([], $json['list']);

	// Search by a domain name			// Search by a domain name
	$response = $this->actingAs($reseller1)->get("api/v4/domains?search=kolab.org");			$response = $this->actingAs($reseller1)->get("api/v4/domains?search=kolab.org");
	$response->assertStatus(200);			$response->assertStatus(200);

	$json = $response->json();			$json = $response->json();

	$this->assertSame(1, $json['count']);			$this->assertSame(1, $json['count']);
	$this->assertCount(1, $json['list']);			$this->assertCount(1, $json['list']);
	$this->assertSame('kolab.org', $json['list'][0]['namespace']);			$this->assertSame('kolab.org', $json['list'][0]['namespace']);

	// Search by owner			// Search by owner

	$response = $this->actingAs($reseller1)->get("api/v4/domains?owner={$user->id}");			$response = $this->actingAs($reseller1)->get("api/v4/domains?owner={$user->id}");
	$response->assertStatus(200);			$response->assertStatus(200);

	$json = $response->json();			$json = $response->json();

	$this->assertSame(1, $json['count']);			$this->assertSame(1, $json['count']);
	$this->assertCount(1, $json['list']);			$this->assertCount(1, $json['list']);
	$this->assertSame('kolab.org', $json['list'][0]['namespace']);			$this->assertSame('kolab.org', $json['list'][0]['namespace']);

	// Search by owner (Ned is a controller on John's wallets,			// Search by owner (Ned is a controller on John's wallets,
	// here we expect only domains assigned to Ned's wallet(s))			// here we expect only domains assigned to Ned's wallet(s))
	$ned = $this->getTestUser('ned@kolab.org');			$ned = $this->getTestUser('ned@kolab.org');

	$response = $this->actingAs($reseller1)->get("api/v4/domains?owner={$ned->id}");			$response = $this->actingAs($reseller1)->get("api/v4/domains?owner={$ned->id}");
	$response->assertStatus(200);			$response->assertStatus(200);

	$json = $response->json();			$json = $response->json();

	$this->assertSame(0, $json['count']);			$this->assertSame(0, $json['count']);
	$this->assertCount(0, $json['list']);			$this->assertCount(0, $json['list']);

	// Test unauth access to other tenant's domains			// Test unauth access to other tenant's domains
	\config(['app.tenant_id' => 2]);

	$response = $this->actingAs($reseller2)->get("api/v4/domains?search=kolab.org");			$response = $this->actingAs($reseller2)->get("api/v4/domains?search=kolab.org");
	$response->assertStatus(200);			$response->assertStatus(200);

	$json = $response->json();			$json = $response->json();

	$this->assertSame(0, $json['count']);			$this->assertSame(0, $json['count']);
	$this->assertSame([], $json['list']);			$this->assertSame([], $json['list']);

	$response = $this->actingAs($reseller2)->get("api/v4/domains?owner={$user->id}");			$response = $this->actingAs($reseller2)->get("api/v4/domains?owner={$user->id}");
	$response->assertStatus(200);			$response->assertStatus(200);

	$json = $response->json();			$json = $response->json();

	$this->assertSame(0, $json['count']);			$this->assertSame(0, $json['count']);
	$this->assertSame([], $json['list']);			$this->assertSame([], $json['list']);
	}			}

	/**			/**
	* Test fetching domain info			* Test fetching domain info
	*/			*/
	public function testShow(): void			public function testShow(): void
	{			{
	$sku_domain = Sku::where('title', 'domain-hosting')->first();			$sku_domain = Sku::withEnvTenantContext()->where('title', 'domain-hosting')->first();
	$admin = $this->getTestUser('jeroen@jeroen.jeroen');			$admin = $this->getTestUser('jeroen@jeroen.jeroen');
	$user = $this->getTestUser('test1@domainscontroller.com');			$user = $this->getTestUser('test1@domainscontroller.com');
	$reseller1 = $this->getTestUser('reseller@kolabnow.com');			$reseller1 = $this->getTestUser('reseller@' . \config('app.domain'));
	$reseller2 = $this->getTestUser('reseller@reseller.com');			$reseller2 = $this->getTestUser('reseller@sample-tenant.dev-local');
	$domain = $this->getTestDomain('domainscontroller.com', [			$domain = $this->getTestDomain('domainscontroller.com', [
	'status' => Domain::STATUS_NEW,			'status' => Domain::STATUS_NEW,
	'type' => Domain::TYPE_EXTERNAL,			'type' => Domain::TYPE_EXTERNAL,
	]);			]);

	Entitlement::create([			Entitlement::create([
	'wallet_id' => $user->wallets()->first()->id,			'wallet_id' => $user->wallets()->first()->id,
	'sku_id' => $sku_domain->id,			'sku_id' => $sku_domain->id,
	'entitleable_id' => $domain->id,			'entitleable_id' => $domain->id,
	'entitleable_type' => Domain::class			'entitleable_type' => Domain::class
	]);			]);

	// Unauthorized access (user)			// Unauthorized access (user)
	$response = $this->actingAs($user)->get("api/v4/domains/{$domain->id}");			$response = $this->actingAs($user)->get("api/v4/domains/{$domain->id}");
	$response->assertStatus(403);			$response->assertStatus(403);

	// Unauthorized access (admin)			// Unauthorized access (admin)
	$response = $this->actingAs($admin)->get("api/v4/domains/{$domain->id}");			$response = $this->actingAs($admin)->get("api/v4/domains/{$domain->id}");
	$response->assertStatus(403);			$response->assertStatus(403);

	// Unauthorized access (tenant != env-tenant)			// Unauthorized access (tenant != env-tenant)
	$response = $this->actingAs($reseller2)->get("api/v4/domains/{$domain->id}");			$response = $this->actingAs($reseller2)->get("api/v4/domains/{$domain->id}");
	$response->assertStatus(403);			$response->assertStatus(404);

	$response = $this->actingAs($reseller1)->get("api/v4/domains/{$domain->id}");			$response = $this->actingAs($reseller1)->get("api/v4/domains/{$domain->id}");
	$response->assertStatus(200);			$response->assertStatus(200);

	$json = $response->json();			$json = $response->json();

	$this->assertEquals($domain->id, $json['id']);			$this->assertEquals($domain->id, $json['id']);
	$this->assertEquals($domain->namespace, $json['namespace']);			$this->assertEquals($domain->namespace, $json['namespace']);
	$this->assertEquals($domain->status, $json['status']);			$this->assertEquals($domain->status, $json['status']);
	$this->assertEquals($domain->type, $json['type']);			$this->assertEquals($domain->type, $json['type']);
	// Note: Other properties are being tested in the user controller tests			// Note: Other properties are being tested in the user controller tests

	// Unauthorized access (other domain's tenant)
	\config(['app.tenant_id' => 2]);
	$response = $this->actingAs($reseller2)->get("api/v4/domains/{$domain->id}");
	$response->assertStatus(404);
	}			}

	/**			/**
	* Test fetching domain status (GET /api/v4/domains/<domain-id>/status)			* Test fetching domain status (GET /api/v4/domains/<domain-id>/status)
	*/			*/
	public function testStatus(): void			public function testStatus(): void
	{			{
	$reseller1 = $this->getTestUser('reseller@kolabnow.com');			$reseller1 = $this->getTestUser('reseller@' . \config('app.domain'));
	$domain = $this->getTestDomain('kolab.org');			$domain = $this->getTestDomain('kolab.org');

	// This end-point does not exist for resellers			// This end-point does not exist for resellers
	$response = $this->actingAs($reseller1)->get("/api/v4/domains/{$domain->id}/status");			$response = $this->actingAs($reseller1)->get("/api/v4/domains/{$domain->id}/status");
	$response->assertStatus(404);			$response->assertStatus(404);
	}			}

	/**			/**
	* Test domain suspending (POST /api/v4/domains/<domain-id>/suspend)			* Test domain suspending (POST /api/v4/domains/<domain-id>/suspend)
	*/			*/
	public function testSuspend(): void			public function testSuspend(): void
	{			{
	Queue::fake(); // disable jobs			Queue::fake(); // disable jobs

	$admin = $this->getTestUser('jeroen@jeroen.jeroen');			$admin = $this->getTestUser('jeroen@jeroen.jeroen');
	$reseller1 = $this->getTestUser('reseller@kolabnow.com');			$reseller1 = $this->getTestUser('reseller@' . \config('app.domain'));
	$reseller2 = $this->getTestUser('reseller@reseller.com');			$reseller2 = $this->getTestUser('reseller@sample-tenant.dev-local');

	\config(['app.tenant_id' => 2]);			\config(['app.tenant_id' => 2]);

	$domain = $this->getTestDomain('domainscontroller.com', [			$domain = $this->getTestDomain('domainscontroller.com', [
	'status' => Domain::STATUS_NEW,			'status' => Domain::STATUS_NEW,
	'type' => Domain::TYPE_EXTERNAL,			'type' => Domain::TYPE_EXTERNAL,
	]);			]);
	$user = $this->getTestUser('test@domainscontroller.com');			$user = $this->getTestUser('test@domainscontroller.com');

	// Test unauthorized access to the reseller API (user)			// Test unauthorized access to the reseller API (user)
	$response = $this->actingAs($user)->post("/api/v4/domains/{$domain->id}/suspend", []);			$response = $this->actingAs($user)->post("/api/v4/domains/{$domain->id}/suspend", []);
	$response->assertStatus(403);			$response->assertStatus(403);

	$this->assertFalse($domain->fresh()->isSuspended());			$this->assertFalse($domain->fresh()->isSuspended());

	// Test unauthorized access to the reseller API (admin)			// Test unauthorized access to the reseller API (admin)
	$response = $this->actingAs($admin)->post("/api/v4/domains/{$domain->id}/suspend", []);			$response = $this->actingAs($admin)->post("/api/v4/domains/{$domain->id}/suspend", []);
	$response->assertStatus(403);			$response->assertStatus(403);

	$this->assertFalse($domain->fresh()->isSuspended());			$this->assertFalse($domain->fresh()->isSuspended());

	// Test unauthorized access to the reseller API (reseller in another tenant)			// Test unauthorized access to the reseller API (reseller in another tenant)
	$response = $this->actingAs($reseller1)->post("/api/v4/domains/{$domain->id}/suspend", []);			$response = $this->actingAs($reseller1)->post("/api/v4/domains/{$domain->id}/suspend", []);
	$response->assertStatus(403);			$response->assertStatus(404);

	$this->assertFalse($domain->fresh()->isSuspended());			$this->assertFalse($domain->fresh()->isSuspended());

	// Test suspending the domain			// Test suspending the domain
	$response = $this->actingAs($reseller2)->post("/api/v4/domains/{$domain->id}/suspend", []);			$response = $this->actingAs($reseller2)->post("/api/v4/domains/{$domain->id}/suspend", []);
	$response->assertStatus(200);			$response->assertStatus(200);

	$json = $response->json();			$json = $response->json();

	$this->assertSame('success', $json['status']);			$this->assertSame('success', $json['status']);
	$this->assertSame("Domain suspended successfully.", $json['message']);			$this->assertSame("Domain suspended successfully.", $json['message']);
	$this->assertCount(2, $json);			$this->assertCount(2, $json);

	$this->assertTrue($domain->fresh()->isSuspended());			$this->assertTrue($domain->fresh()->isSuspended());

	// Test authenticated reseller, but domain belongs to another tenant
	\config(['app.tenant_id' => 1]);
	$response = $this->actingAs($reseller1)->post("/api/v4/domains/{$domain->id}/suspend", []);
	$response->assertStatus(404);
	}			}

	/**			/**
	* Test user un-suspending (POST /api/v4/users/<user-id>/unsuspend)			* Test user un-suspending (POST /api/v4/users/<user-id>/unsuspend)
	*/			*/
	public function testUnsuspend(): void			public function testUnsuspend(): void
	{			{
	Queue::fake(); // disable jobs			Queue::fake(); // disable jobs

	$admin = $this->getTestUser('jeroen@jeroen.jeroen');			$admin = $this->getTestUser('jeroen@jeroen.jeroen');
	$reseller1 = $this->getTestUser('reseller@kolabnow.com');			$reseller1 = $this->getTestUser('reseller@' . \config('app.domain'));
	$reseller2 = $this->getTestUser('reseller@reseller.com');			$reseller2 = $this->getTestUser('reseller@sample-tenant.dev-local');

	\config(['app.tenant_id' => 2]);			\config(['app.tenant_id' => 2]);

	$domain = $this->getTestDomain('domainscontroller.com', [			$domain = $this->getTestDomain('domainscontroller.com', [
	'status' => Domain::STATUS_NEW \| Domain::STATUS_SUSPENDED,			'status' => Domain::STATUS_NEW \| Domain::STATUS_SUSPENDED,
	'type' => Domain::TYPE_EXTERNAL,			'type' => Domain::TYPE_EXTERNAL,
	]);			]);
	$user = $this->getTestUser('test@domainscontroller.com');			$user = $this->getTestUser('test@domainscontroller.com');

	// Test unauthorized access to reseller API (user)			// Test unauthorized access to reseller API (user)
	$response = $this->actingAs($user)->post("/api/v4/domains/{$domain->id}/unsuspend", []);			$response = $this->actingAs($user)->post("/api/v4/domains/{$domain->id}/unsuspend", []);
	$response->assertStatus(403);			$response->assertStatus(403);

	$this->assertTrue($domain->fresh()->isSuspended());			$this->assertTrue($domain->fresh()->isSuspended());

	// Test unauthorized access to reseller API (admin)			// Test unauthorized access to reseller API (admin)
	$response = $this->actingAs($admin)->post("/api/v4/domains/{$domain->id}/unsuspend", []);			$response = $this->actingAs($admin)->post("/api/v4/domains/{$domain->id}/unsuspend", []);
	$response->assertStatus(403);			$response->assertStatus(403);

	$this->assertTrue($domain->fresh()->isSuspended());			$this->assertTrue($domain->fresh()->isSuspended());

	// Test unauthorized access to reseller API (another tenant)			// Test unauthorized access to reseller API (another tenant)
	$response = $this->actingAs($reseller1)->post("/api/v4/domains/{$domain->id}/unsuspend", []);			$response = $this->actingAs($reseller1)->post("/api/v4/domains/{$domain->id}/unsuspend", []);
	$response->assertStatus(403);			$response->assertStatus(404);

	$this->assertTrue($domain->fresh()->isSuspended());			$this->assertTrue($domain->fresh()->isSuspended());

	// Test suspending the user			// Test suspending the user
	$response = $this->actingAs($reseller2)->post("/api/v4/domains/{$domain->id}/unsuspend", []);			$response = $this->actingAs($reseller2)->post("/api/v4/domains/{$domain->id}/unsuspend", []);
	$response->assertStatus(200);			$response->assertStatus(200);

	$json = $response->json();			$json = $response->json();

	$this->assertSame('success', $json['status']);			$this->assertSame('success', $json['status']);
	$this->assertSame("Domain unsuspended successfully.", $json['message']);			$this->assertSame("Domain unsuspended successfully.", $json['message']);
	$this->assertCount(2, $json);			$this->assertCount(2, $json);

	$this->assertFalse($domain->fresh()->isSuspended());			$this->assertFalse($domain->fresh()->isSuspended());

	// Test unauthorized access to reseller API (another tenant)
	\config(['app.tenant_id' => 1]);
	$response = $this->actingAs($reseller1)->post("/api/v4/domains/{$domain->id}/unsuspend", []);
	$response->assertStatus(404);
	}			}
	}			}