create(); $provider = Provider::factory()->forOrganisation($organisation)->create(); $network = $organisation->networks()->create([ 'name' => 'keystone', 'provider_id' => $provider->id, 'ip_range' => '10.0.0.0/24', ]); return Server::factory() ->forOrganisation($organisation->id) ->forProvider($provider->id) ->forNetwork((string) $network->id) ->create([ 'ipv4' => '203.0.113.4', 'ipv6' => '2001:db8::1', 'status' => ServerStatus::PROVISIONING, ]); } it('rejects callbacks from an unknown source ip', function () { Event::fake([ServerProvisioned::class]); $server = provisioningServer(); $response = $this->postJson(route('provision.callback'), [ 'server_id' => $server->id, ], ['REMOTE_ADDR' => '198.51.100.9']); $response->assertUnauthorized(); Event::assertNotDispatched(ServerProvisioned::class); expect($server->fresh()->status)->toBe(ServerStatus::PROVISIONING); }); it('marks the server active and dispatches an event when the source ip matches ipv4', function () { Event::fake([ServerProvisioned::class]); $server = provisioningServer(); $response = $this->call( 'POST', route('provision.callback'), ['server_id' => $server->id], [], [], ['REMOTE_ADDR' => '203.0.113.4'], ); $response->assertOk(); Event::assertDispatched(ServerProvisioned::class); expect($server->fresh()->status)->toBe(ServerStatus::ACTIVE); }); it('marks the server active when the source ip matches ipv6', function () { Event::fake([ServerProvisioned::class]); $server = provisioningServer(); $response = $this->call( 'POST', route('provision.callback'), ['server_id' => $server->id], [], [], ['REMOTE_ADDR' => '2001:db8::1'], ); $response->assertOk(); expect($server->fresh()->status)->toBe(ServerStatus::ACTIVE); }); it('validates that the server id exists', function () { $response = $this->postJson(route('provision.callback'), [ 'server_id' => 999999, ]); $response->assertUnprocessable(); });