bitinflow/expose
1
0
Fork 0
mirror of https://github.com/bitinflow/expose.git synced 2026-03-14 05:55:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
Marcel Pociot
2021-06-14 13:14:20 +02:00
parent 7c78f7e2b1
commit 6ffd5274b3
4 changed files with 69 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Contracts/SubdomainRepository.php
View File

@@ -14,6 +14,8 @@ interface SubdomainRepository
public function getSubdomainByNameAndDomain(string $name, string $domain): PromiseInterface;
public function getSubdomainsByNameAndDomain(string $name, string $domain): PromiseInterface;
public function getSubdomainsByUserId($id): PromiseInterface;
public function getSubdomainsByUserIdAndName($id, $name): PromiseInterface;

10
app/Server/Http/Controllers/ControlMessageController.php
View File

@@ -323,9 +323,13 @@ class ControlMessageController implements MessageComponentInterface
* Check if the given subdomain is reserved for a different user.
*/
if (! is_null($subdomain)) {
return $this->subdomainRepository->getSubdomainByNameAndDomain($subdomain, $serverHost)
->then(function ($foundSubdomain) use ($connection, $subdomain, $user, $serverHost) {
if (! is_null($foundSubdomain) && ! is_null($user) && $foundSubdomain['user_id'] !== $user['id']) {
return $this->subdomainRepository->getSubdomainsByNameAndDomain($subdomain, $serverHost)
->then(function ($foundSubdomains) use ($connection, $subdomain, $user, $serverHost) {
$ownSubdomain = collect($foundSubdomains)->first(function ($subdomain) use ($user) {
return $subdomain['user_id'] === $user['id'];
});
if (count($foundSubdomains) > 0 && ! is_null($user) && is_null($ownSubdomain)) {
$message = config('expose.admin.messages.subdomain_reserved');
$message = str_replace(':subdomain', $subdomain, $message);

16
app/Server/SubdomainRepository/DatabaseSubdomainRepository.php
View File

@@ -73,6 +73,22 @@ class DatabaseSubdomainRepository implements SubdomainRepository
return $deferred->promise();
}
public function getSubdomainsByNameAndDomain(string $name, string $domain): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains WHERE subdomain = :name AND domain = :domain', [
'name' => $name,
'domain' => $domain,
])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows);
});
return $deferred->promise();
}
public function getSubdomainsByUserId($id): PromiseInterface
{
$deferred = new Deferred();

44
tests/Feature/Server/TunnelTest.php
View File

@@ -315,6 +315,50 @@ class TunnelTest extends TestCase
$this->assertSame('reserved', $response->subdomain);
}
/** @test */
public function it_allows_users_that_both_have_the_same_reserved_subdomain()
{
$this->app['config']['expose.admin.validate_auth_tokens'] = true;
$user = $this->createUser([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
]);
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$user = $this->createUser([
'name' => 'Test-User',
'can_specify_subdomains' => 1,
]);
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$this->createTestHttpServer();
/**
* We create an expose client that connects to our server and shares
* the created test HTTP server.
*/
$client = $this->createClient();
$response = $this->await($client->connectToServer('127.0.0.1:8085', 'reserved', null, $user->auth_token));
$this->assertSame('reserved', $response->subdomain);
}
/** @test */
public function it_rejects_users_that_want_to_use_a_reserved_subdomain_on_a_custom_domain()
{