code reduction; added unit-tests for Certificates-Command; minor fixes here and there

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

tests/Certificates/CertificatesTest.php

@@ -0,0 +1,194 @@
+<?php
+use PHPUnit\Framework\TestCase;
+
+/**
+ * @covers ApiCommand
+ * @covers Certificates
+ */
+class CertificatesTest extends TestCase
+{
+
+	public function testAdminCertificatesAdd()
+	{
+		global $admin_userdata;
+		
+		$certdata = $this->generateKey();
+		$json_result = Certificates::getLocal($admin_userdata, array(
+			'domainname' => 'test2.local',
+			'ssl_cert_file' => $certdata['cert'],
+			'ssl_key_file' => $certdata['key']
+		))->add();
+		$result = json_decode($json_result, true)['data'];
+		$this->assertEquals(3, $result['domainid']);
+	}
+
+	public function testResellerCertificatesAddAgain()
+	{
+		global $admin_userdata;
+		// get reseller
+		$json_result = Admins::getLocal($admin_userdata, array(
+			'loginname' => 'reseller'
+		))->get();
+		$reseller_userdata = json_decode($json_result, true)['data'];
+		$reseller_userdata['adminsession'] = 1;
+		
+		$certdata = $this->generateKey();
+		$this->expectExceptionCode(406);
+		$this->expectExceptionMessage("Domain 'test2.local' already has a certificate. Did you mean to call update?");
+		$json_result = Certificates::getLocal($reseller_userdata, array(
+			'domainname' => 'test2.local',
+			'ssl_cert_file' => $certdata['cert'],
+			'ssl_key_file' => $certdata['key']
+		))->add();
+	}
+
+	public function testCustomerCertificatesAdd()
+	{
+		global $admin_userdata;
+		// get customer
+		$json_result = Customers::getLocal($admin_userdata, array(
+			'loginname' => 'test1'
+		))->get();
+		$customer_userdata = json_decode($json_result, true)['data'];
+		
+		$certdata = $this->generateKey();
+		$json_result = Certificates::getLocal($customer_userdata, array(
+			'domainname' => 'mysub2.test2.local',
+			'ssl_cert_file' => $certdata['cert'],
+			'ssl_key_file' => $certdata['key']
+		))->add();
+		$result = json_decode($json_result, true)['data'];
+		$this->assertEquals(5, $result['domainid']);
+	}
+
+	public function testAdminCertificatesList()
+	{
+		global $admin_userdata;
+		
+		$json_result = Certificates::getLocal($admin_userdata)->listing();
+		$result = json_decode($json_result, true)['data'];
+		$this->assertEquals(2, $result['count']);
+	}
+
+	public function testResellerCertificatesList()
+	{
+		global $admin_userdata;
+		// get reseller
+		$json_result = Admins::getLocal($admin_userdata, array(
+			'loginname' => 'reseller'
+		))->get();
+		$reseller_userdata = json_decode($json_result, true)['data'];
+		$reseller_userdata['adminsession'] = 1;
+		
+		$json_result = Certificates::getLocal($reseller_userdata)->listing();
+		$result = json_decode($json_result, true)['data'];
+		$this->assertEquals(2, $result['count']);
+	}
+
+	public function testCustomerCertificatesList()
+	{
+		global $admin_userdata;
+		
+		// get customer
+		$json_result = Customers::getLocal($admin_userdata, array(
+			'loginname' => 'test1'
+		))->get();
+		$customer_userdata = json_decode($json_result, true)['data'];
+		$json_result = Certificates::getLocal($customer_userdata)->listing();
+		$result = json_decode($json_result, true)['data'];
+		$this->assertEquals(2, $result['count']);
+	}
+
+	public function testAdminCertificatesUpdate()
+	{
+		global $admin_userdata;
+		
+		$certdata = $this->generateKey();
+		$json_result = Certificates::getLocal($admin_userdata, array(
+			'domainname' => 'test2.local',
+			'ssl_cert_file' => $certdata['cert'],
+			'ssl_key_file' => $certdata['key']
+		))->update();
+		$result = json_decode($json_result, true)['data'];
+		$this->assertEquals(3, $result['domainid']);
+		$this->assertEquals(str_replace("\n", "", $certdata['cert']), str_replace("\n", "", $result['ssl_cert_file']));
+	}
+
+	public function testCustomerCertificatesUpdate()
+	{
+		global $admin_userdata;
+		// get customer
+		$json_result = Customers::getLocal($admin_userdata, array(
+			'loginname' => 'test1'
+		))->get();
+		$customer_userdata = json_decode($json_result, true)['data'];
+		
+		$certdata = $this->generateKey();
+		$json_result = Certificates::getLocal($customer_userdata, array(
+			'domainname' => 'mysub2.test2.local',
+			'ssl_cert_file' => $certdata['cert'],
+			'ssl_key_file' => $certdata['key']
+		))->update();
+		$result = json_decode($json_result, true)['data'];
+		$this->assertEquals(5, $result['domainid']);
+		$this->assertEquals(str_replace("\n", "", $certdata['cert']), str_replace("\n", "", $result['ssl_cert_file']));
+	}
+
+	/**
+	 * @depends testAdminCertificatesUpdate
+	 */
+	public function testCustomerCertificatesDelete()
+	{
+		global $admin_userdata;
+		
+		// get customer
+		$json_result = Customers::getLocal($admin_userdata, array(
+			'loginname' => 'test1'
+		))->get();
+		$customer_userdata = json_decode($json_result, true)['data'];
+		$json_result = Certificates::getLocal($customer_userdata, array(
+			'id' => 1
+		))->delete();
+		$result = json_decode($json_result, true)['data'];
+		$this->assertEquals(3, $result['domainid']);
+	}
+
+	private function generateKey()
+	{
+		$dn = array(
+			"countryName" => "DE",
+			"stateOrProvinceName" => "Hessen",
+			"localityName" => "Frankfurt",
+			"organizationName" => "Froxlor",
+			"organizationalUnitName" => "Testing",
+			"commonName" => "test2.local",
+			"emailAddress" => "team@froxlor.org"
+		);
+		
+		// generate key pair
+		$privkey = openssl_pkey_new(array(
+			"private_key_bits" => 2048,
+			"private_key_type" => OPENSSL_KEYTYPE_RSA
+		));
+		
+		// generate csr
+		$csr = openssl_csr_new($dn, $privkey, array(
+			'digest_alg' => 'sha256'
+		));
+		
+		// generate self-signed certificate
+		$sscert = openssl_csr_sign($csr, null, $privkey, 365, array(
+			'digest_alg' => 'sha256'
+		));
+		
+		// export
+		openssl_csr_export($csr, $csrout);
+		openssl_x509_export($sscert, $certout);
+		openssl_pkey_export($privkey, $pkeyout, null);
+		
+		return array(
+			'cert' => $certout,
+			'key' => $pkeyout
+		);
+	}
+}

tests/Domains/DomainsTest.php

@@ -77,10 +77,10 @@ class DomainsTest extends TestCase
 	public function testResellerDomainsAddWithCanEditPhpSettingsAllowedIp()
 	{
 		global $admin_userdata;
-		// first, allow reseller access to ip #3
+		// first, allow reseller access to ip #4
 		Admins::getLocal($admin_userdata, array(
 			'loginname' => 'reseller',
-			'ipaddress' => 3
+			'ipaddress' => 4
 		))->update();
 		// get reseller
 		$json_result = Admins::getLocal($admin_userdata, array(
@@ -91,7 +91,7 @@ class DomainsTest extends TestCase
 		$data = [
 			'domain' => 'test2.local',
 			'customerid' => 1,
-			'ipandport' => 3,
+			'ipandport' => 4,
 			'isemaildomain' => 1,
 			'subcanemaildomain' => 2 
 		];

tests/IpsAndPorts/IpsAndPortsTest.php

@@ -13,7 +13,7 @@ class IpsAndPortsTest extends TestCase
 		global $admin_userdata;
 		$json_result = IpsAndPorts::getLocal($admin_userdata)->listing();
 		$result = json_decode($json_result, true)['data'];
-		$this->assertEquals(1, $result['count']);
+		$this->assertEquals(2, $result['count']);
 		$this->assertEquals('82.149.225.46', $result['list'][0]['ip']);
 	}
 
@@ -40,7 +40,7 @@ class IpsAndPortsTest extends TestCase
 		];
 		$json_result = IpsAndPorts::getLocal($admin_userdata, $data)->add();
 		$result = json_decode($json_result, true)['data'];
-		$this->assertEquals(2, $result['id']);
+		$this->assertEquals(3, $result['id']);
 		$this->assertEquals(80, $result['port']);
 	}
 	
@@ -66,7 +66,7 @@ class IpsAndPortsTest extends TestCase
 		];
 		$json_result = IpsAndPorts::getLocal($admin_userdata, $data)->add();
 		$result = json_decode($json_result, true)['data'];
-		$this->assertEquals(3, $result['id']);
+		$this->assertEquals(4, $result['id']);
 		$this->assertEquals('/var/www/html/', $result['docroot']);
 	}
 	
@@ -84,10 +84,10 @@ class IpsAndPortsTest extends TestCase
 	public function testResellerIpsAndPortsList()
 	{
 		global $admin_userdata;
-		// update reseller to allow ip access to ip id #2
+		// update reseller to allow ip access to ip id #3
 		$json_result = Admins::getLocal($admin_userdata, array(
 			'loginname' => 'reseller',
-			'ipaddress' => array(2)
+			'ipaddress' => array(3)
 		))->update();
 		$reseller_userdata = json_decode($json_result, true)['data'];
 		$reseller_userdata['adminsession'] = 1;
@@ -109,7 +109,7 @@ class IpsAndPortsTest extends TestCase
 		))->get();
 		$reseller_userdata = json_decode($json_result, true)['data'];
 		$reseller_userdata['adminsession'] = 1;
-		$json_result = IpsAndPorts::getLocal($reseller_userdata, array('id' => 2))->get();
+		$json_result = IpsAndPorts::getLocal($reseller_userdata, array('id' => 3))->get();
 		$result = json_decode($json_result, true)['data'];
 		$this->assertEquals('82.149.225.47', $result['ip']);
 	}
@@ -120,7 +120,7 @@ class IpsAndPortsTest extends TestCase
 	public function testResellerIpsAndPortsGetRestrictedNotOwned()
 	{
 		global $admin_userdata;
-		// update reseller to allow ip access to ip id #2
+		// get reseller
 		$json_result = Admins::getLocal($admin_userdata, array(
 			'loginname' => 'reseller'
 		))->get();
@@ -134,7 +134,7 @@ class IpsAndPortsTest extends TestCase
 	public function testResellerIpsAndPortsAdd()
 	{
 		global $admin_userdata;
-		// update reseller to allow ip access to ip id #2
+		// get reseller
 		$json_result = Admins::getLocal($admin_userdata, array(
 			'loginname' => 'reseller'
 		))->get();
@@ -230,7 +230,7 @@ class IpsAndPortsTest extends TestCase
 		$reseller_userdata = json_decode($json_result, true)['data'];
 		$reseller_userdata['adminsession'] = 1;
 		$data = [
-			'id' => 2,
+			'id' => 3,
 			'ip' => '82.149.225.46'
 		];
 		$this->expectExceptionMessage("This IP/Port combination already exists.");
@@ -251,7 +251,7 @@ class IpsAndPortsTest extends TestCase
 	{
 		global $admin_userdata;
 		$data = [
-			'id' => 2
+			'id' => 3
 		];
 		$json_result = IpsAndPorts::getLocal($admin_userdata, $data)->delete();
 		$result = json_decode($json_result, true)['data'];

tests/bootstrap.php

@@ -103,6 +103,20 @@ Database::query("INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "` SET
 $defaultip = Database::lastInsertId();
 Settings::Set('system.defaultip', $defaultip, true);
 
+// add ssl ip (system default)
+Database::query("INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "` SET
+	`ip` = '82.149.225.56',
+	`port` = '443',
+	`listen_statement` = '0',
+	`namevirtualhost_statement` = '0',
+	`vhostcontainer` = '1',
+	`vhostcontainer_servername_statement` = '1',
+	`specialsettings` = '',
+	`ssl` = '1'
+");
+$defaultip = Database::lastInsertId();
+Settings::Set('system.defaultsslip', $defaultip, true);
+
 // get userdata of admin 'admin'
 $sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = '1'");
 $admin_userdata = Database::pexecute_first($sel_stmt);