php-admin

core/php-admin

Fork 0

Commit graph

Author	SHA1	Message	Date
Claude	2e50e4e25e	test: add unit tests for Model methods Add comprehensive Pest tests for HoneypotHit and Service model methods: HoneypotHitModelTest (50 tests): - Bot detection (detectBot) for 15+ user agents incl. case-insensitive matching - Severity classification (severityForPath, constants, configurable paths) - Query scopes (recent, fromIp, bots, critical, warning) with chaining - Model configuration (fillable, casts, constants) - Mass assignment and persistence round-trips - getStats aggregation (totals, unique IPs, top IPs/bots) ServiceModelTest (45 tests): - Query scopes (enabled, public, featured, ordered, withMarketingDomain) with chaining - findByCode lookup and case sensitivity - getDomainMappings filtering (disabled, missing domain/class) - Marketing URL accessor fallback logic - Metadata helpers (hasMeta, getMeta, setMeta) incl. key validation - Model configuration (table, fillable, casts, constants) - Mass assignment and persistence round-trips Also adds tests/Pest.php to bootstrap Orchestra Testbench and register the Core\Mod\Hub\ PSR-4 namespace for package module autoloading. Fixes #8 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-24 16:55:49 +00:00
Clotho	8922683bcf	security: validate JSON metadata fields to prevent mass assignment Some checks failed CI / PHP 8.2 (pull_request) Failing after 1s Details CI / PHP 8.3 (pull_request) Failing after 1s Details CI / PHP 8.4 (pull_request) Failing after 1s Details CI / Assets (pull_request) Failing after 1s Details Add mutators to Service and HoneypotHit models that enforce size and structure limits on JSON fields (metadata, headers). Service.setMeta() now validates key format. TeapotController pre-filters header count before passing to the model. Fixes #14 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-21 01:25:47 +00:00

Author

SHA1

Message

Date

Claude

2e50e4e25e

test: add unit tests for Model methods

Add comprehensive Pest tests for HoneypotHit and Service model methods:

HoneypotHitModelTest (50 tests):
- Bot detection (detectBot) for 15+ user agents incl. case-insensitive matching
- Severity classification (severityForPath, constants, configurable paths)
- Query scopes (recent, fromIp, bots, critical, warning) with chaining
- Model configuration (fillable, casts, constants)
- Mass assignment and persistence round-trips
- getStats aggregation (totals, unique IPs, top IPs/bots)

ServiceModelTest (45 tests):
- Query scopes (enabled, public, featured, ordered, withMarketingDomain) with chaining
- findByCode lookup and case sensitivity
- getDomainMappings filtering (disabled, missing domain/class)
- Marketing URL accessor fallback logic
- Metadata helpers (hasMeta, getMeta, setMeta) incl. key validation
- Model configuration (table, fillable, casts, constants)
- Mass assignment and persistence round-trips

Also adds tests/Pest.php to bootstrap Orchestra Testbench and register
the Core\Mod\Hub\ PSR-4 namespace for package module autoloading.

Fixes #8

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-24 16:55:49 +00:00

Clotho

8922683bcf

security: validate JSON metadata fields to prevent mass assignment

CI / PHP 8.2 (pull_request) Failing after 1s

Details

CI / PHP 8.3 (pull_request) Failing after 1s

Details

CI / PHP 8.4 (pull_request) Failing after 1s

Details

CI / Assets (pull_request) Failing after 1s

Details

Add mutators to Service and HoneypotHit models that enforce size and
structure limits on JSON fields (metadata, headers). Service.setMeta()
now validates key format. TeapotController pre-filters header count
before passing to the model.

Fixes #14

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-21 01:25:47 +00:00

2 commits