keystone/tests/Feature/ProvisionCallbackTest.php

<?php

use App\Enums\ServerStatus;
use App\Events\Servers\ServerProvisioned;
use App\Models\Organisation;
use App\Models\Provider;
use App\Models\Server;
use Illuminate\Support\Facades\Event;

function provisioningServer(): Server
{
    $organisation = Organisation::factory()->create();
    $provider = Provider::factory()->forOrganisation($organisation)->create();
    $network = $organisation->networks()->create([
        'name' => 'keystone',
        'provider_id' => $provider->id,
        'ip_range' => '10.0.0.0/24',
    ]);

    return Server::factory()
        ->forOrganisation($organisation->id)
        ->forProvider($provider->id)
        ->forNetwork((string) $network->id)
        ->create([
            'ipv4' => '203.0.113.4',
            'ipv6' => '2001:db8::1',
            'status' => ServerStatus::PROVISIONING,
        ]);
}

it('rejects callbacks from an unknown source ip', function () {
    Event::fake([ServerProvisioned::class]);

    $server = provisioningServer();

    $response = $this->postJson(route('provision.callback'), [
        'server_id' => $server->id,
    ], ['REMOTE_ADDR' => '198.51.100.9']);

    $response->assertUnauthorized();
    Event::assertNotDispatched(ServerProvisioned::class);

    expect($server->fresh()->status)->toBe(ServerStatus::PROVISIONING);
});

it('marks the server active and dispatches an event when the source ip matches ipv4', function () {
    Event::fake([ServerProvisioned::class]);

    $server = provisioningServer();

    $response = $this->call(
        'POST',
        route('provision.callback'),
        ['server_id' => $server->id],
        [],
        [],
        ['REMOTE_ADDR' => '203.0.113.4'],
    );

    $response->assertOk();
    Event::assertDispatched(ServerProvisioned::class);

    expect($server->fresh()->status)->toBe(ServerStatus::ACTIVE);
});

it('marks the server active when the source ip matches ipv6', function () {
    Event::fake([ServerProvisioned::class]);

    $server = provisioningServer();

    $response = $this->call(
        'POST',
        route('provision.callback'),
        ['server_id' => $server->id],
        [],
        [],
        ['REMOTE_ADDR' => '2001:db8::1'],
    );

    $response->assertOk();
    expect($server->fresh()->status)->toBe(ServerStatus::ACTIVE);
});

it('validates that the server id exists', function () {
    $response = $this->postJson(route('provision.callback'), [
        'server_id' => 999999,
    ]);

    $response->assertUnprocessable();
});