[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Tests / Controller / WallabagRestControllerTest.php

<?php

namespace Wallabag\CoreBundle\Tests\Controller;

use Wallabag\CoreBundle\Tests\WallabagTestCase;

class WallabagRestControllerTest extends WallabagTestCase
{
    /**
     * Generate HTTP headers for authenticate user on API
     *
     * @param $username
     * @param $password
     * @param $salt
     *
     * @return array
     */
    private function generateHeaders($username, $password, $salt)
    {
        $encryptedPassword = sha1($password.$username.$salt);
        $nonce = substr(md5(uniqid('nonce_', true)), 0, 16);

        $now = new \DateTime('now', new \DateTimeZone('UTC'));
        $created = (string) $now->format('Y-m-d\TH:i:s\Z');
        $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true));

        return array(
            'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
            'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"',
        );
    }

    public function testGetSalt()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $this->assertEquals(200, $client->getResponse()->getStatusCode());
        $this->assertNotEmpty(json_decode($client->getResponse()->getContent()));

        $client->request('GET', '/api/salts/notfound.json');
        $this->assertEquals(404, $client->getResponse()->getStatusCode());
    }

    public function testWithBadHeaders()
    {
        $client = $this->createClient();

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByIsArchived(false);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $badHeaders = array(
            'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
            'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
        );

        $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
        $this->assertEquals(403, $client->getResponse()->getStatusCode());
    }

    public function testGetOneEntry()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByIsArchived(false);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
        $this->assertContains($entry->getTitle(), $client->getResponse()->getContent());

        $this->assertTrue(
            $client->getResponse()->headers->contains(
                'Content-Type',
                'application/json'
            )
        );
    }

    public function testGetEntries()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);

        $client->request('GET', '/api/entries', array(), array(), $headers);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent())));

        $this->assertContains('Mailjet', $client->getResponse()->getContent());

        $this->assertTrue(
            $client->getResponse()->headers->contains(
                'Content-Type',
                'application/json'
            )
        );
    }

    public function testDeleteEntry()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByUser(1);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        // We'll try to delete this entry again
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'test', $salt[0]);

        $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);

        $this->assertEquals(404, $client->getResponse()->getStatusCode());
    }

    public function testGetTagsEntry()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());
        $headers = $this->generateHeaders('admin', 'test', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneWithTags(1);

        $entry = $entry[0];

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $tags = array();
        foreach ($entry->getTags() as $tag) {
            $tags[] = array('id' => $tag->getId(), 'label' => $tag->getLabel());
        }

        $client->request('GET', '/api/entries/'.$entry->getId().'/tags', array(), array(), $headers);

        $this->assertEquals(json_encode($tags, JSON_HEX_QUOT), $client->getResponse()->getContent());
    }

    public function testPostTagsOnEntry()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());
        $headers = $this->generateHeaders('admin', 'test', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByUser(1);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $newTags = 'tag1,tag2,tag3';

        $client->request('POST', '/api/entries/'.$entry->getId().'/tags', array('tags' => $newTags), array(), $headers);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $entryDB = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->find($entry->getId());

        $tagsInDB = array();
        foreach ($entryDB->getTags()->toArray() as $tag) {
            $tagsInDB[$tag->getId()] = $tag->getLabel();
        }

        foreach (explode(',', $newTags) as $tag) {
            $this->assertContains($tag, $tagsInDB);
        }
    }
}
Commit	Line	Data
68c6f1bd NL	1	<?php
	2
	3	namespace Wallabag\CoreBundle\Tests\Controller;
	4
874e3e10	5	use Wallabag\CoreBundle\Tests\WallabagTestCase;
68c6f1bd	6
874e3e10	7	class WallabagRestControllerTest extends WallabagTestCase
68c6f1bd	8	{
19aee7cd NL	9	/**
	10	* Generate HTTP headers for authenticate user on API
	11	*
	12	* @param $username
	13	* @param $password
	14	* @param $salt
	15	*
	16	* @return array
	17	*/
	18	private function generateHeaders($username, $password, $salt)
	19	{
	20	$encryptedPassword = sha1($password.$username.$salt);
	21	$nonce = substr(md5(uniqid('nonce_', true)), 0, 16);
	22
	23	$now = new \DateTime('now', new \DateTimeZone('UTC'));
	24	$created = (string) $now->format('Y-m-d\TH:i:s\Z');
	25	$digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true));
	26
	27	return array(
19aee7cd NL	28	'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
	29	'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"',
	30	);
	31	}
	32
f5deb024 NL	33	public function testGetSalt()
	34	{
	35	$client = $this->createClient();
	36	$client->request('GET', '/api/salts/admin.json');
	37	$this->assertEquals(200, $client->getResponse()->getStatusCode());
f170f315	38	$this->assertNotEmpty(json_decode($client->getResponse()->getContent()));
f5deb024 NL	39
	40	$client->request('GET', '/api/salts/notfound.json');
	41	$this->assertEquals(404, $client->getResponse()->getStatusCode());
	42	}
	43
59f18f9a NL	44	public function testWithBadHeaders()
	45	{
	46	$client = $this->createClient();
59f18f9a NL	47
	48	$entry = $client->getContainer()
	49	->get('doctrine.orm.entity_manager')
	50	->getRepository('WallabagCoreBundle:Entry')
	51	->findOneByIsArchived(false);
	52
	53	if (!$entry) {
	54	$this->markTestSkipped('No content found in db.');
	55	}
	56
	57	$badHeaders = array(
	58	'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
	59	'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
	60	);
	61
	62	$client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
	63	$this->assertEquals(403, $client->getResponse()->getStatusCode());
	64	}
	65
19aee7cd	66	public function testGetOneEntry()
f5deb024	67	{
68c6f1bd	68	$client = $this->createClient();
e1dd7f70	69	$client->request('GET', '/api/salts/admin.json');
c9fa9677	70	$salt = json_decode($client->getResponse()->getContent());
e1dd7f70	71
d9085c63	72	$headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);
e1dd7f70	73
c9fa9677 NL	74	$entry = $client->getContainer()
	75	->get('doctrine.orm.entity_manager')
	76	->getRepository('WallabagCoreBundle:Entry')
	77	->findOneByIsArchived(false);
	78
	79	if (!$entry) {
	80	$this->markTestSkipped('No content found in db.');
	81	}
	82
	83	$client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
	84	$this->assertContains($entry->getTitle(), $client->getResponse()->getContent());
e1dd7f70	85
19aee7cd NL	86	$this->assertTrue(
	87	$client->getResponse()->headers->contains(
	88	'Content-Type',
	89	'application/json'
	90	)
e1dd7f70	91	);
19aee7cd NL	92	}
	93
	94	public function testGetEntries()
	95	{
	96	$client = $this->createClient();
	97	$client->request('GET', '/api/salts/admin.json');
c9fa9677	98	$salt = json_decode($client->getResponse()->getContent());
19aee7cd	99
d9085c63	100	$headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);
e1dd7f70 NL	101
e1dd7f70 NL	102	$client->request('GET', '/api/entries', array(), array(), $headers);
d9b71755 NL	103
	104	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	105
d9b71755 NL	106	$this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent())));
d9b71755 NL	107
e1dd7f70	108	$this->assertContains('Mailjet', $client->getResponse()->getContent());
68c6f1bd NL	109
	110	$this->assertTrue(
	111	$client->getResponse()->headers->contains(
	112	'Content-Type',
	113	'application/json'
	114	)
	115	);
68c6f1bd	116	}
c9fa9677 NL	117
	118	public function testDeleteEntry()
	119	{
	120	$client = $this->createClient();
	121	$client->request('GET', '/api/salts/admin.json');
	122	$salt = json_decode($client->getResponse()->getContent());
	123
d9085c63	124	$headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);
c9fa9677 NL	125
	126	$entry = $client->getContainer()
	127	->get('doctrine.orm.entity_manager')
	128	->getRepository('WallabagCoreBundle:Entry')
1d147791	129	->findOneByUser(1);
c9fa9677 NL	130
	131	if (!$entry) {
	132	$this->markTestSkipped('No content found in db.');
	133	}
	134
	135	$client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
	136
	137	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	138
1d147791 NL	139	// We'll try to delete this entry again
	140	$client->request('GET', '/api/salts/admin.json');
	141	$salt = json_decode($client->getResponse()->getContent());
	142
	143	$headers = $this->generateHeaders('admin', 'test', $salt[0]);
	144
	145	$client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
	146
	147	$this->assertEquals(404, $client->getResponse()->getStatusCode());
c9fa9677	148	}
46bbd8d3 NL	149
	150	public function testGetTagsEntry()
	151	{
	152	$client = $this->createClient();
	153	$client->request('GET', '/api/salts/admin.json');
	154	$salt = json_decode($client->getResponse()->getContent());
	155	$headers = $this->generateHeaders('admin', 'test', $salt[0]);
	156
	157	$entry = $client->getContainer()
	158	->get('doctrine.orm.entity_manager')
	159	->getRepository('WallabagCoreBundle:Entry')
092ca707 NL	160	->findOneWithTags(1);
092ca707 NL	161
b0cce9e6 NL	162	$entry = $entry[0];
b0cce9e6 NL	163
46bbd8d3 NL	164	if (!$entry) {
	165	$this->markTestSkipped('No content found in db.');
	166	}
	167
	168	$tags = array();
	169	foreach ($entry->getTags() as $tag) {
	170	$tags[] = array('id' => $tag->getId(), 'label' => $tag->getLabel());
	171	}
	172
	173	$client->request('GET', '/api/entries/'.$entry->getId().'/tags', array(), array(), $headers);
	174
b0cce9e6	175	$this->assertEquals(json_encode($tags, JSON_HEX_QUOT), $client->getResponse()->getContent());
46bbd8d3	176	}
a36737f4 NL	177
	178	public function testPostTagsOnEntry()
	179	{
	180	$client = $this->createClient();
	181	$client->request('GET', '/api/salts/admin.json');
	182	$salt = json_decode($client->getResponse()->getContent());
	183	$headers = $this->generateHeaders('admin', 'test', $salt[0]);
	184
	185	$entry = $client->getContainer()
	186	->get('doctrine.orm.entity_manager')
	187	->getRepository('WallabagCoreBundle:Entry')
	188	->findOneByUser(1);
	189
	190	if (!$entry) {
	191	$this->markTestSkipped('No content found in db.');
	192	}
	193
	194	$newTags = 'tag1,tag2,tag3';
	195
	196	$client->request('POST', '/api/entries/'.$entry->getId().'/tags', array('tags' => $newTags), array(), $headers);
	197
	198	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	199
	200	$entryDB = $client->getContainer()
	201	->get('doctrine.orm.entity_manager')
	202	->getRepository('WallabagCoreBundle:Entry')
	203	->find($entry->getId());
	204
	205	$tagsInDB = array();
	206	foreach ($entryDB->getTags()->toArray() as $tag) {
	207	$tagsInDB[$tag->getId()] = $tag->getLabel();
	208	}
	209
	210	foreach (explode(',', $newTags) as $tag) {
	211	$this->assertContains($tag, $tagsInDB);
	212	}
	213	}
2734044a	214	}