mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2026-07-08 13:46:08 +00:00
43500a5470
Catch the panel up to the mtg-multi README (v1.14.0): - Each client can now carry its own 32-hex advertising tag overriding the inbound-level one. The tag lives on the client (settings JSON is the source of truth, clients.ad_tag is the UI projection), is rendered into the fork's [secret-ad-tags] section for active secrets only (mtg rejects a config whose override names an unknown secret), is pushed per entry through PUT /secrets, and is part of the reload fingerprint so a tag edit hot-applies without dropping connections. - The loopback management API can replace the whole secret set, so every mtg process now gets a random per-process api-token; the manager sends it as a bearer token on PUT /secrets and GET /stats and reuses it across config rewrites, because mtg reads the token only at startup. - Malformed tags are rejected at every save path and additionally dropped in InstanceFromInbound: one bad tag would otherwise fail the whole generated config and take every client of the inbound down with it. - SyncInbound never copied a re-keyed mtproto secret into the canonical clients table, so the clients page and subscription links kept serving the old secret, which mtg then rejects. It is now guarded-copied like the other credentials.
71 lines
2.6 KiB
Go
71 lines
2.6 KiB
Go
package service
|
|
|
|
import (
|
|
"path/filepath"
|
|
"testing"
|
|
|
|
"github.com/mhsanaei/3x-ui/v3/internal/database"
|
|
"github.com/mhsanaei/3x-ui/v3/internal/database/model"
|
|
)
|
|
|
|
func TestSyncInbound_UpdatesMtprotoSecretAndAdTag(t *testing.T) {
|
|
dbDir := t.TempDir()
|
|
t.Setenv("XUI_DB_FOLDER", dbDir)
|
|
if err := database.InitDB(filepath.Join(dbDir, "x-ui.db")); err != nil {
|
|
t.Fatalf("InitDB: %v", err)
|
|
}
|
|
t.Cleanup(func() { _ = database.CloseDB() })
|
|
|
|
db := database.GetDB()
|
|
|
|
mtproto := &model.Inbound{Tag: "mtproto-in", Enable: true, Port: 10004, Protocol: model.MTProto}
|
|
if err := db.Create(mtproto).Error; err != nil {
|
|
t.Fatalf("create mtproto inbound: %v", err)
|
|
}
|
|
|
|
svc := ClientService{}
|
|
const email = "tg@example.com"
|
|
const firstSecret = "ee0123456789abcdef0123456789abcdef6578616d706c652e636f6d"
|
|
const rekeyedSecret = "eefedcba9876543210fedcba98765432106578616d706c652e636f6d"
|
|
const firstTag = "0123456789abcdef0123456789abcdef"
|
|
const retaggedTag = "fedcba9876543210fedcba9876543210"
|
|
|
|
first := model.Client{Email: email, Secret: firstSecret, AdTag: firstTag, Enable: true}
|
|
if err := svc.SyncInbound(nil, mtproto.Id, []model.Client{first}); err != nil {
|
|
t.Fatalf("SyncInbound (create): %v", err)
|
|
}
|
|
|
|
var row model.ClientRecord
|
|
if err := db.Where("email = ?", email).First(&row).Error; err != nil {
|
|
t.Fatalf("lookup client row: %v", err)
|
|
}
|
|
if row.Secret != firstSecret || row.AdTag != firstTag {
|
|
t.Fatalf("create must store secret and ad tag: got secret=%q adTag=%q", row.Secret, row.AdTag)
|
|
}
|
|
|
|
rekeyed := model.Client{Email: email, Secret: rekeyedSecret, AdTag: retaggedTag, Enable: true}
|
|
if err := svc.SyncInbound(nil, mtproto.Id, []model.Client{rekeyed}); err != nil {
|
|
t.Fatalf("SyncInbound (rekey): %v", err)
|
|
}
|
|
if err := db.Where("email = ?", email).First(&row).Error; err != nil {
|
|
t.Fatalf("lookup client row after rekey: %v", err)
|
|
}
|
|
if row.Secret != rekeyedSecret {
|
|
t.Errorf("a re-keyed secret must reach the client record (sub links and the clients page read it), got %q", row.Secret)
|
|
}
|
|
if row.AdTag != retaggedTag {
|
|
t.Errorf("a changed ad tag must reach the client record, got %q", row.AdTag)
|
|
}
|
|
|
|
secretless := model.Client{Email: email, Enable: true}
|
|
if err := svc.SyncInbound(nil, mtproto.Id, []model.Client{secretless}); err != nil {
|
|
t.Fatalf("SyncInbound (secretless): %v", err)
|
|
}
|
|
if err := db.Where("email = ?", email).First(&row).Error; err != nil {
|
|
t.Fatalf("lookup client row after secretless sync: %v", err)
|
|
}
|
|
if row.Secret != rekeyedSecret || row.AdTag != retaggedTag {
|
|
t.Errorf("a payload without mtproto fields must not wipe them: got secret=%q adTag=%q", row.Secret, row.AdTag)
|
|
}
|
|
}
|