initial commit

2026-05-17 13:26:14 +02:00
commit 75299b723d
176 changed files with 20327 additions and 0 deletions
--- a/tests/Feature/Web/VmAuthorizationTest.php
+++ b/tests/Feature/Web/VmAuthorizationTest.php
@@ -0,0 +1,66 @@
+<?php
+
+namespace Tests\Feature\Web;
+
+use App\Enums\UserRole;
+use App\Models\Customer;
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Tests\TestCase;
+
+class VmAuthorizationTest extends TestCase
+{
+    use RefreshDatabase;
+
+    public function test_customer_only_sees_own_vms(): void
+    {
+        $customerUser = User::factory()->create(['role' => UserRole::Customer]);
+        $otherUser = User::factory()->create(['role' => UserRole::Customer]);
+
+        $ownVm = Customer::query()->create([
+            'user_id' => $customerUser->id,
+            'name' => 'own-vm',
+            'domain' => 'own.hexahost.de',
+            'status' => 'active',
+        ]);
+
+        Customer::query()->create([
+            'user_id' => $otherUser->id,
+            'name' => 'other-vm',
+            'domain' => 'other.hexahost.de',
+            'status' => 'active',
+        ]);
+
+        $this->actingAs($customerUser)
+            ->get(route('vms.index'))
+            ->assertOk()
+            ->assertSee('own-vm')
+            ->assertDontSee('other-vm');
+
+        $this->actingAs($customerUser)
+            ->get(route('vms.show', $ownVm))
+            ->assertOk();
+
+        $otherVm = Customer::query()->where('name', 'other-vm')->first();
+        $this->actingAs($customerUser)
+            ->get(route('vms.show', $otherVm))
+            ->assertForbidden();
+    }
+
+    public function test_admin_sees_all_vms(): void
+    {
+        $admin = User::factory()->create(['role' => UserRole::Admin]);
+
+        Customer::query()->create([
+            'user_id' => User::factory()->create()->id,
+            'name' => 'vm-a',
+            'domain' => 'a.hexahost.de',
+            'status' => 'active',
+        ]);
+
+        $this->actingAs($admin)
+            ->get(route('vms.index'))
+            ->assertOk()
+            ->assertSee('vm-a');
+    }
+}
--- a/tests/Feature/Web/VmManagementTest.php
+++ b/tests/Feature/Web/VmManagementTest.php
@@ -0,0 +1,107 @@
+<?php
+
+namespace Tests\Feature\Web;
+
+use App\Enums\UserRole;
+use App\Enums\VmPowerAction;
+use App\Models\Customer;
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Illuminate\Support\Facades\Http;
+use Tests\TestCase;
+
+class VmManagementTest extends TestCase
+{
+    use RefreshDatabase;
+
+    private function activeVm(User $owner): Customer
+    {
+        return Customer::query()->create([
+            'user_id' => $owner->id,
+            'name' => 'test-vm',
+            'domain' => 'test.hexahost.de',
+            'vmid' => 200,
+            'ip_address' => '10.12.10.50',
+            'cpu' => 2,
+            'ram' => 2048,
+            'disk' => 32,
+            'status' => 'active',
+            'provisioning_step' => 'completed',
+        ]);
+    }
+
+    public function test_customer_can_trigger_power_action(): void
+    {
+        Http::fake([
+            '*' => Http::sequence()
+                ->push(['data' => ['status' => 'running', 'uptime' => 100, 'cpu' => 0.1, 'mem' => 1, 'maxmem' => 2, 'disk' => 0, 'maxdisk' => 0]], 200)
+                ->push(['data' => null], 200)
+                ->push(['data' => ['status' => 'running', 'uptime' => 100, 'cpu' => 0.1, 'mem' => 1, 'maxmem' => 2, 'disk' => 0, 'maxdisk' => 0]], 200),
+        ]);
+
+        $user = User::factory()->create(['role' => UserRole::Customer]);
+        $vm = $this->activeVm($user);
+
+        $this->actingAs($user)
+            ->post(route('vms.power', $vm), ['action' => VmPowerAction::Shutdown->value])
+            ->assertRedirect()
+            ->assertSessionHas('success');
+
+        $this->assertDatabaseHas('vm_activity_logs', [
+            'customer_id' => $vm->id,
+            'action' => 'power.shutdown',
+            'status' => 'success',
+        ]);
+    }
+
+    public function test_other_customer_cannot_manage_vm(): void
+    {
+        $owner = User::factory()->create(['role' => UserRole::Customer]);
+        $other = User::factory()->create(['role' => UserRole::Customer]);
+        $vm = $this->activeVm($owner);
+
+        $this->actingAs($other)
+            ->post(route('vms.power', $vm), ['action' => VmPowerAction::Start->value])
+            ->assertForbidden();
+    }
+
+    public function test_live_status_json(): void
+    {
+        Http::fake([
+            '*' => Http::response([
+                'data' => ['status' => 'running', 'uptime' => 3600, 'cpu' => 0.05, 'mem' => 512000000, 'maxmem' => 2147483648, 'disk' => 0, 'maxdisk' => 0],
+            ], 200),
+        ]);
+
+        $user = User::factory()->create(['role' => UserRole::Customer]);
+        $vm = $this->activeVm($user);
+
+        $this->actingAs($user)
+            ->getJson(route('vms.status', $vm))
+            ->assertOk()
+            ->assertJsonPath('proxmox.status', 'running');
+    }
+
+    public function test_mount_iso(): void
+    {
+        Http::fake([
+            '*/storage/*/content*' => Http::response([
+                'data' => [['volid' => 'local:iso/debian.iso', 'content' => 'iso', 'size' => 500000000]],
+            ], 200),
+            '*' => Http::response(['data' => null], 200),
+        ]);
+
+        $user = User::factory()->create(['role' => UserRole::Customer]);
+        $vm = $this->activeVm($user);
+
+        $this->actingAs($user)
+            ->post(route('vms.iso.mount', $vm), ['iso_volid' => 'local:iso/debian.iso'])
+            ->assertRedirect()
+            ->assertSessionHas('success');
+
+        $this->assertDatabaseHas('customers', [
+            'id' => $vm->id,
+            'attached_iso' => 'local:iso/debian.iso',
+        ]);
+    }
+}