One Hat Cyber Team

View File Name : 03-api-query.t

#!/usr/bin/perl

use strict;
use warnings;

use Test::More;    # last test to print

use cPanel::PublicAPI ();

my @getpwuid = getpwuid($>);
my $homedir  = $getpwuid[7];
my $user     = $getpwuid[0];

if ( !-d '/usr/local/cpanel' ) {
    plan skip_all => 'This test requires that cPanel and WHM are installed on a server';
}

if ( !-e $homedir . '/.accesshash' ) {
    plan skip_all => 'This test requires that an account hash is defined (see "Setup Remote Access Keys" in WHM)';
}

# SSL tests
my $pubapi = check_api_access();

isa_ok( $pubapi, 'cPanel::PublicAPI' );

my $res = $pubapi->api_request( 'whostmgr', '/xml-api/loadavg', 'GET', {} );
like( $$res, qr/<loadavg>\s*<one>\d+\.\d+<\/one>\s*<five>\d+\.\d+<\/five>\s*<fifteen>\d+\.\d+<\/fifteen>\s*<\/loadavg>*/, 'whm get no params' );

# Create the test regex for reuse
my $createacct_regex = qr/<statusmsg>.*is a reserved username.*<\/statusmsg>/;

$res = $pubapi->api_request( 'whostmgr', '/xml-api/createacct', 'GET', { 'username' => 'test', 'domain' => 'test.com' } );
like( $$res, $createacct_regex, 'ssl whm get hash params' );

$res = $pubapi->api_request( 'whostmgr', '/xml-api/createacct', 'GET', 'username=test&domain=test.com' );
like( $$res, $createacct_regex, 'ssl whm get string params' );

$res = $pubapi->api_request( 'whostmgr', '/xml-api/createacct', 'POST', { 'username' => 'test', 'domain' => 'test.com' } );
like( $$res, $createacct_regex, 'ssl whm post hash params' );

$res = $pubapi->api_request( 'whostmgr', '/xml-api/createacct', 'POST', 'username=test&domain=test.com' );
like( $$res, $createacct_regex, 'ssl whm post string params' );

# Create account for cpanel & reseller testing

if ( !-e '/var/cpanel/users/papiunit' ) {
    my $password = generate_password();
    $res = $pubapi->api_request(
        'whostmgr',
        '/xml-api/createacct',
        'POST',
        {
            'username' => 'papiunit',
            'password' => $password,
            'domain'   => 'cpanel-public-api-test.acct',
        }
    );

    like( $$res, qr/Account Creation Ok/, 'Test account created' );

    # skip is not used here due to the other code contained within this block.
    if ( $$res =~ /Account Creation Ok/ ) {
        my $cp_pubapi = cPanel::PublicAPI->new(
            'user'            => 'papiunit',
            'pass'            => $password,
            'ssl_verify_mode' => 0,
        );
        isa_ok( $cp_pubapi, 'cPanel::PublicAPI' );
        is( $cp_pubapi->{'operating_mode'}, 'session', 'Session operating mode is set properly when user/pass is used' );
        ok( !defined $cp_pubapi->{'cookie_jars'}->{'cpanel'},     'no cookies have been established for the cpanel service before the first query is made' );
        ok( !defined $cp_pubapi->{'security_tokens'}->{'cpanel'}, 'no security_token has been set for the cpanel service before the first query is made' );
        $res = $cp_pubapi->api_request( 'cpanel', '/xml-api/cpanel', 'GET', 'cpanel_xmlapi_module=StatsBar&cpanel_xmlapi_func=stat&display=diskusage' );
        like( $$res, qr/<module>StatsBar<\/module>/, 'ssl cpanel get string params' );

        my $security_token = $cp_pubapi->{'security_tokens'}->{'cpanel'};
        ok( $security_token, 'security token for cpanel has been set upon first request' );
        $res = $cp_pubapi->api_request( 'cpanel', '/xml-api/cpanel', 'GET', { 'cpanel_xmlapi_module' => 'StatsBar', 'cpanel_xmlapi_func' => 'stat', 'display' => 'diskusage' } );
        like( $$res, qr/<module>StatsBar<\/module>/, 'ssl cpanel post hash params' );
        is( $cp_pubapi->{'security_tokens'}->{'cpanel'}, $security_token, 'security_token was not changed when the second cpanel request was made' );

        $res = $cp_pubapi->api_request( 'cpanel', '/xml-api/cpanel', 'POST', 'cpanel_xmlapi_module=StatsBar&cpanel_xmlapi_func=stat&display=diskusage' );
        like( $$res, qr/<module>StatsBar<\/module>/, 'ssl cpanel get string params' );

        $res = $cp_pubapi->api_request( 'cpanel', '/xml-api/cpanel', 'POST', { 'cpanel_xmlapi_module' => 'StatsBar', 'cpanel_xmlapi_func' => 'stat', 'display' => 'diskusage' } );
        like( $$res, qr/<module>StatsBar<\/module>/, 'ssl cpanel post hash params' );

        $res = $pubapi->api_request( 'whostmgr', '/xml-api/removeacct', 'GET', { 'user' => 'papiunit' } );
        like( $$res, qr/papiunit account removed/, 'Test Account Removed' );
    }
}

my $cp_conf = load_cpanel_config();

my $nonssl_tests = 0;
if ( !$cp_conf->{'requiressl'} && !$cp_conf->{'alwaysredirecttossl'} ) {
    $nonssl_tests = 1;
}

SKIP: {
    skip 'nonssl querying is not supported on this server', 5, unless $nonssl_tests;

    my $unsecure = cPanel::PublicAPI->new( 'usessl' => 0 ) if $nonssl_tests;
    isa_ok( $unsecure, 'cPanel::PublicAPI' );

    $res = $unsecure->api_request( 'whostmgr', '/xml-api/loadavg', 'GET' ) if $nonssl_tests;
    like( $$res, qr/<loadavg>\s*<one>\d+\.\d+<\/one>\s*<five>\d+\.\d+<\/five>\s*<fifteen>\d+\.\d+<\/fifteen>\s*<\/loadavg>*/, 'nossl whm get no params' );

    $res = $unsecure->api_request( 'whostmgr', '/xml-api/createacct', 'GET', { 'username' => 'test', 'domain' => 'test.com' } );
    like( $$res, $createacct_regex, 'nossl whm get hash params' ) if $nonssl_tests;

    $res = $unsecure->api_request( 'whostmgr', '/xml-api/createacct', 'GET', 'username=test&domain=test.com' );
    like( $$res, $createacct_regex, 'nossl whm get string params' ) if $nonssl_tests;

    $res = $unsecure->api_request( 'whostmgr', '/xml-api/createacct', 'POST', { 'username' => 'test', 'domain' => 'test.com' } );
    like( $$res, $createacct_regex, 'nossl whm post hash params' ) if $nonssl_tests;

    $res = $unsecure->api_request( 'whostmgr', '/xml-api/createacct', 'POST', 'username=test&domain=test.com' );
    like( $$res, $createacct_regex, 'nossl whm post string params' ) if $nonssl_tests;

}

done_testing();

# used for generating the password of a test account
sub generate_password {
    my @chars = ( 'A' .. 'Z', 'a' .. 'z', '0' .. '9' );
    my $pass = '';
    foreach ( 1 .. 32 ) {
        $pass .= $chars[ int rand @chars ];
    }
    return $pass;
}

sub load_cpanel_config {
    my %cpanel_config;
    open( my $config_fh, '<', '/var/cpanel/cpanel.config' ) || BAIL_OUT('Could not load /var/cpanel/cpanel.config');
    foreach my $line ( readline($config_fh) ) {
        next if $line !~ /=/;
        chomp $line;
        my ( $key, $value ) = split( /=/, $line, 2 );
        $cpanel_config{$key} = $value;
    }
    return \%cpanel_config;
}

sub check_api_access {
    my $pubapi = cPanel::PublicAPI->new( 'ssl_verify_mode' => 0 );
    my $res = eval { $pubapi->whm_api('applist') };
    if ($@) {
        plan skip_all => "Failed to verify API access as current user: $@";
    }

    if ( exists $res->{'data'}->{'app'} && ref $res->{'data'}->{'app'} eq 'ARRAY' ) {
        return $pubapi if grep { $_ eq 'createacct' } @{ $res->{'data'}->{'app'} };
    }

    plan skip_all => "Current user doesn't appear to have proper privileges";
}