[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Tests / Controller / WallabagRestControllerTest.php

<?php

namespace Wallabag\CoreBundle\Tests\Controller;

use Wallabag\CoreBundle\Tests\WallabagTestCase;

class WallabagRestControllerTest extends WallabagTestCase
{
    /**
     * Generate HTTP headers for authenticate user on API
     *
     * @param $username
     * @param $password
     * @param $salt
     *
     * @return array
     */
    private function generateHeaders($username, $password, $salt)
    {
        $encryptedPassword = sha1($password.$username.$salt);
        $nonce = substr(md5(uniqid('nonce_', true)), 0, 16);

        $now = new \DateTime('now', new \DateTimeZone('UTC'));
        $created = (string) $now->format('Y-m-d\TH:i:s\Z');
        $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true));

        return array(
            'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
            'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"',
        );
    }

    public function testGetSalt()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $this->assertEquals(200, $client->getResponse()->getStatusCode());
        $this->assertNotEmpty(json_decode($client->getResponse()->getContent()));

        $client->request('GET', '/api/salts/notfound.json');
        $this->assertEquals(404, $client->getResponse()->getStatusCode());
    }

    public function testWithBadHeaders()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'test', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByIsArchived(false);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $badHeaders = array(
            'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
            'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
        );

        $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
        $this->assertEquals(403, $client->getResponse()->getStatusCode());
    }

    public function testGetOneEntry()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'test', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByIsArchived(false);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
        $this->assertContains($entry->getTitle(), $client->getResponse()->getContent());

        $this->assertTrue(
            $client->getResponse()->headers->contains(
                'Content-Type',
                'application/json'
            )
        );
    }

    public function testGetEntries()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'test', $salt[0]);

        $client->request('GET', '/api/entries', array(), array(), $headers);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

  /*      var_dump(count(json_decode($client->getResponse()->getContent())));
        var_dump($client->getResponse()->getContent());
        die;
*/
        $this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent())));

        $this->assertContains('Mailjet', $client->getResponse()->getContent());

        $this->assertTrue(
            $client->getResponse()->headers->contains(
                'Content-Type',
                'application/json'
            )
        );
    }

    public function testDeleteEntry()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'test', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByIsDeleted(false);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $res = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneById($entry->getId());
        $this->assertEquals($res->isDeleted(), true);
    }
}
Commit	Line	Data
68c6f1bd NL	1	<?php
	2
	3	namespace Wallabag\CoreBundle\Tests\Controller;
	4
874e3e10	5	use Wallabag\CoreBundle\Tests\WallabagTestCase;
68c6f1bd	6
874e3e10	7	class WallabagRestControllerTest extends WallabagTestCase
68c6f1bd	8	{
19aee7cd NL	9	/**
	10	* Generate HTTP headers for authenticate user on API
	11	*
	12	* @param $username
	13	* @param $password
	14	* @param $salt
	15	*
	16	* @return array
	17	*/
	18	private function generateHeaders($username, $password, $salt)
	19	{
	20	$encryptedPassword = sha1($password.$username.$salt);
	21	$nonce = substr(md5(uniqid('nonce_', true)), 0, 16);
	22
	23	$now = new \DateTime('now', new \DateTimeZone('UTC'));
	24	$created = (string) $now->format('Y-m-d\TH:i:s\Z');
	25	$digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true));
	26
	27	return array(
19aee7cd NL	28	'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
	29	'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"',
	30	);
	31	}
	32
f5deb024 NL	33	public function testGetSalt()
	34	{
	35	$client = $this->createClient();
	36	$client->request('GET', '/api/salts/admin.json');
	37	$this->assertEquals(200, $client->getResponse()->getStatusCode());
f170f315	38	$this->assertNotEmpty(json_decode($client->getResponse()->getContent()));
f5deb024 NL	39
	40	$client->request('GET', '/api/salts/notfound.json');
	41	$this->assertEquals(404, $client->getResponse()->getStatusCode());
	42	}
	43
59f18f9a NL	44	public function testWithBadHeaders()
	45	{
	46	$client = $this->createClient();
	47	$client->request('GET', '/api/salts/admin.json');
	48	$salt = json_decode($client->getResponse()->getContent());
	49
	50	$headers = $this->generateHeaders('admin', 'test', $salt[0]);
	51
	52	$entry = $client->getContainer()
	53	->get('doctrine.orm.entity_manager')
	54	->getRepository('WallabagCoreBundle:Entry')
	55	->findOneByIsArchived(false);
	56
	57	if (!$entry) {
	58	$this->markTestSkipped('No content found in db.');
	59	}
	60
	61	$badHeaders = array(
	62	'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
	63	'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
	64	);
	65
	66	$client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
	67	$this->assertEquals(403, $client->getResponse()->getStatusCode());
	68	}
	69
19aee7cd	70	public function testGetOneEntry()
f5deb024	71	{
68c6f1bd	72	$client = $this->createClient();
e1dd7f70	73	$client->request('GET', '/api/salts/admin.json');
c9fa9677	74	$salt = json_decode($client->getResponse()->getContent());
e1dd7f70	75
c9fa9677	76	$headers = $this->generateHeaders('admin', 'test', $salt[0]);
e1dd7f70	77
c9fa9677 NL	78	$entry = $client->getContainer()
	79	->get('doctrine.orm.entity_manager')
	80	->getRepository('WallabagCoreBundle:Entry')
	81	->findOneByIsArchived(false);
	82
	83	if (!$entry) {
	84	$this->markTestSkipped('No content found in db.');
	85	}
	86
	87	$client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
	88	$this->assertContains($entry->getTitle(), $client->getResponse()->getContent());
e1dd7f70	89
19aee7cd NL	90	$this->assertTrue(
	91	$client->getResponse()->headers->contains(
	92	'Content-Type',
	93	'application/json'
	94	)
e1dd7f70	95	);
19aee7cd NL	96	}
	97
	98	public function testGetEntries()
	99	{
	100	$client = $this->createClient();
	101	$client->request('GET', '/api/salts/admin.json');
c9fa9677	102	$salt = json_decode($client->getResponse()->getContent());
19aee7cd	103
c9fa9677	104	$headers = $this->generateHeaders('admin', 'test', $salt[0]);
e1dd7f70 NL	105
e1dd7f70 NL	106	$client->request('GET', '/api/entries', array(), array(), $headers);
d9b71755 NL	107
	108	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	109
	110	/* var_dump(count(json_decode($client->getResponse()->getContent())));
	111	var_dump($client->getResponse()->getContent());
	112	die;
	113	*/
	114	$this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent())));
	115
e1dd7f70	116	$this->assertContains('Mailjet', $client->getResponse()->getContent());
68c6f1bd NL	117
	118	$this->assertTrue(
	119	$client->getResponse()->headers->contains(
	120	'Content-Type',
	121	'application/json'
	122	)
	123	);
68c6f1bd	124	}
c9fa9677 NL	125
	126	public function testDeleteEntry()
	127	{
	128	$client = $this->createClient();
	129	$client->request('GET', '/api/salts/admin.json');
	130	$salt = json_decode($client->getResponse()->getContent());
	131
	132	$headers = $this->generateHeaders('admin', 'test', $salt[0]);
	133
	134	$entry = $client->getContainer()
	135	->get('doctrine.orm.entity_manager')
	136	->getRepository('WallabagCoreBundle:Entry')
	137	->findOneByIsDeleted(false);
	138
	139	if (!$entry) {
	140	$this->markTestSkipped('No content found in db.');
	141	}
	142
	143	$client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
	144
	145	$this->assertEquals(200, $client->getResponse()->getStatusCode());
	146
	147	$res = $client->getContainer()
	148	->get('doctrine.orm.entity_manager')
	149	->getRepository('WallabagCoreBundle:Entry')
	150	->findOneById($entry->getId());
	151	$this->assertEquals($res->isDeleted(), true);
	152	}
2734044a	153	}