smueller/HexaHost-Panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
TheOnlyMace
2026-05-17 13:26:14 +02:00
commit 75299b723d
176 changed files with 20327 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
tests/Feature/Api/WhmcsApiTest.php Normal file
View File

@@ -0,0 +1,86 @@
<?php
namespace Tests\Feature\Api;
use App\Models\HostingPlan;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Queue;
use Tests\TestCase;
class WhmcsApiTest extends TestCase
{
use RefreshDatabase;
protected function setUp(): void
{
parent::setUp();
config([
'hosting.whmcs.enabled' => true,
'hosting.whmcs.api_secret' => 'test-secret',
'hosting.whmcs.allowed_ips' => [],
]);
HostingPlan::query()->create([
'slug' => 'small',
'name' => 'Small',
'cpu' => 2,
'ram' => 4096,
'disk' => 40,
'max_backups' => 4,
'is_active' => true,
]);
}
public function test_provision_requires_valid_signature(): void
{
$this->postJson('/api/whmcs/services', [])
->assertStatus(401);
}
public function test_provision_with_valid_signature(): void
{
Queue::fake();
Http::fake(['*' => Http::response(['data' => null], 200)]);
$body = [
'whmcs_service_id' => 1001,
'whmcs_client_id' => 42,
'client_email' => 'kunde@example.com',
'client_name' => 'Max Kunde',
'plan_slug' => 'small',
'hostname' => 'vm-test',
'subdomain' => 'vmtest',
'behind_traefik' => true,
'provision_mode' => 'template',
'template_slug' => 'debian-12',
];
$json = json_encode($body);
$timestamp = time();
$signature = hash_hmac('sha256', $timestamp.'.'.$json, 'test-secret');
$this->postJson('/api/whmcs/services', $body, [
'X-Whmcs-Timestamp' => $timestamp,
'X-Whmcs-Signature' => $signature,
])
->assertStatus(202)
->assertJsonPath('vmid', 2000);
$this->assertDatabaseHas('whmcs_services', ['whmcs_service_id' => 1001]);
$this->assertDatabaseHas('vmid_reservations', ['vmid' => 2000, 'status' => 'reserved']);
}
private function signedRequest(string $method, string $uri, array $body = []): \Illuminate\Testing\TestResponse
{
$json = json_encode($body);
$timestamp = time();
$signature = hash_hmac('sha256', $timestamp.'.'.$json, 'test-secret');
return $this->json($method, $uri, $body, [
'X-Whmcs-Timestamp' => $timestamp,
'X-Whmcs-Signature' => $signature,
]);
}
}

13
tests/Feature/ExampleTest.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
namespace Tests\Feature;
use Tests\TestCase;
class ExampleTest extends TestCase
{
public function test_home_redirects_to_login_for_guests(): void
{
$this->get('/')->assertRedirect(route('login'));
}
}

66
tests/Feature/Web/VmAuthorizationTest.php Normal file
View File

@@ -0,0 +1,66 @@
<?php
namespace Tests\Feature\Web;
use App\Enums\UserRole;
use App\Models\Customer;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
class VmAuthorizationTest extends TestCase
{
use RefreshDatabase;
public function test_customer_only_sees_own_vms(): void
{
$customerUser = User::factory()->create(['role' => UserRole::Customer]);
$otherUser = User::factory()->create(['role' => UserRole::Customer]);
$ownVm = Customer::query()->create([
'user_id' => $customerUser->id,
'name' => 'own-vm',
'domain' => 'own.hexahost.de',
'status' => 'active',
]);
Customer::query()->create([
'user_id' => $otherUser->id,
'name' => 'other-vm',
'domain' => 'other.hexahost.de',
'status' => 'active',
]);
$this->actingAs($customerUser)
->get(route('vms.index'))
->assertOk()
->assertSee('own-vm')
->assertDontSee('other-vm');
$this->actingAs($customerUser)
->get(route('vms.show', $ownVm))
->assertOk();
$otherVm = Customer::query()->where('name', 'other-vm')->first();
$this->actingAs($customerUser)
->get(route('vms.show', $otherVm))
->assertForbidden();
}
public function test_admin_sees_all_vms(): void
{
$admin = User::factory()->create(['role' => UserRole::Admin]);
Customer::query()->create([
'user_id' => User::factory()->create()->id,
'name' => 'vm-a',
'domain' => 'a.hexahost.de',
'status' => 'active',
]);
$this->actingAs($admin)
->get(route('vms.index'))
->assertOk()
->assertSee('vm-a');
}
}

107
tests/Feature/Web/VmManagementTest.php Normal file
View File

@@ -0,0 +1,107 @@
<?php
namespace Tests\Feature\Web;
use App\Enums\UserRole;
use App\Enums\VmPowerAction;
use App\Models\Customer;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Http;
use Tests\TestCase;
class VmManagementTest extends TestCase
{
use RefreshDatabase;
private function activeVm(User $owner): Customer
{
return Customer::query()->create([
'user_id' => $owner->id,
'name' => 'test-vm',
'domain' => 'test.hexahost.de',
'vmid' => 200,
'ip_address' => '10.12.10.50',
'cpu' => 2,
'ram' => 2048,
'disk' => 32,
'status' => 'active',
'provisioning_step' => 'completed',
]);
}
public function test_customer_can_trigger_power_action(): void
{
Http::fake([
'*' => Http::sequence()
->push(['data' => ['status' => 'running', 'uptime' => 100, 'cpu' => 0.1, 'mem' => 1, 'maxmem' => 2, 'disk' => 0, 'maxdisk' => 0]], 200)
->push(['data' => null], 200)
->push(['data' => ['status' => 'running', 'uptime' => 100, 'cpu' => 0.1, 'mem' => 1, 'maxmem' => 2, 'disk' => 0, 'maxdisk' => 0]], 200),
]);
$user = User::factory()->create(['role' => UserRole::Customer]);
$vm = $this->activeVm($user);
$this->actingAs($user)
->post(route('vms.power', $vm), ['action' => VmPowerAction::Shutdown->value])
->assertRedirect()
->assertSessionHas('success');
$this->assertDatabaseHas('vm_activity_logs', [
'customer_id' => $vm->id,
'action' => 'power.shutdown',
'status' => 'success',
]);
}
public function test_other_customer_cannot_manage_vm(): void
{
$owner = User::factory()->create(['role' => UserRole::Customer]);
$other = User::factory()->create(['role' => UserRole::Customer]);
$vm = $this->activeVm($owner);
$this->actingAs($other)
->post(route('vms.power', $vm), ['action' => VmPowerAction::Start->value])
->assertForbidden();
}
public function test_live_status_json(): void
{
Http::fake([
'*' => Http::response([
'data' => ['status' => 'running', 'uptime' => 3600, 'cpu' => 0.05, 'mem' => 512000000, 'maxmem' => 2147483648, 'disk' => 0, 'maxdisk' => 0],
], 200),
]);
$user = User::factory()->create(['role' => UserRole::Customer]);
$vm = $this->activeVm($user);
$this->actingAs($user)
->getJson(route('vms.status', $vm))
->assertOk()
->assertJsonPath('proxmox.status', 'running');
}
public function test_mount_iso(): void
{
Http::fake([
'*/storage/*/content*' => Http::response([
'data' => [['volid' => 'local:iso/debian.iso', 'content' => 'iso', 'size' => 500000000]],
], 200),
'*' => Http::response(['data' => null], 200),
]);
$user = User::factory()->create(['role' => UserRole::Customer]);
$vm = $this->activeVm($user);
$this->actingAs($user)
->post(route('vms.iso.mount', $vm), ['iso_volid' => 'local:iso/debian.iso'])
->assertRedirect()
->assertSessionHas('success');
$this->assertDatabaseHas('customers', [
'id' => $vm->id,
'attached_iso' => 'local:iso/debian.iso',
]);
}
}