]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | ||
3 | namespace Wallabag\CoreBundle\Tests\Controller; | |
4 | ||
5 | use Wallabag\CoreBundle\Tests\WallabagTestCase; | |
6 | ||
7 | class WallabagRestControllerTest extends WallabagTestCase | |
8 | { | |
9 | /** | |
10 | * Generate HTTP headers for authenticate user on API | |
11 | * | |
12 | * @param $username | |
13 | * @param $password | |
14 | * @param $salt | |
15 | * | |
16 | * @return array | |
17 | */ | |
18 | private function generateHeaders($username, $password, $salt) | |
19 | { | |
20 | $encryptedPassword = sha1($password.$username.$salt); | |
21 | $nonce = substr(md5(uniqid('nonce_', true)), 0, 16); | |
22 | ||
23 | $now = new \DateTime('now', new \DateTimeZone('UTC')); | |
24 | $created = (string) $now->format('Y-m-d\TH:i:s\Z'); | |
25 | $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true)); | |
26 | ||
27 | return array( | |
28 | 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', | |
29 | 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"', | |
30 | ); | |
31 | } | |
32 | ||
33 | public function testGetSalt() | |
34 | { | |
35 | $client = $this->createClient(); | |
36 | $client->request('GET', '/api/salts/admin.json'); | |
37 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | |
38 | $this->assertNotEmpty(json_decode($client->getResponse()->getContent())); | |
39 | ||
40 | $client->request('GET', '/api/salts/notfound.json'); | |
41 | $this->assertEquals(404, $client->getResponse()->getStatusCode()); | |
42 | } | |
43 | ||
44 | public function testWithBadHeaders() | |
45 | { | |
46 | $client = $this->createClient(); | |
47 | ||
48 | $entry = $client->getContainer() | |
49 | ->get('doctrine.orm.entity_manager') | |
50 | ->getRepository('WallabagCoreBundle:Entry') | |
51 | ->findOneByIsArchived(false); | |
52 | ||
53 | if (!$entry) { | |
54 | $this->markTestSkipped('No content found in db.'); | |
55 | } | |
56 | ||
57 | $badHeaders = array( | |
58 | 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', | |
59 | 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"', | |
60 | ); | |
61 | ||
62 | $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders); | |
63 | $this->assertEquals(403, $client->getResponse()->getStatusCode()); | |
64 | } | |
65 | ||
66 | public function testGetOneEntry() | |
67 | { | |
68 | $client = $this->createClient(); | |
69 | $client->request('GET', '/api/salts/admin.json'); | |
70 | $salt = json_decode($client->getResponse()->getContent()); | |
71 | ||
72 | $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]); | |
73 | ||
74 | $entry = $client->getContainer() | |
75 | ->get('doctrine.orm.entity_manager') | |
76 | ->getRepository('WallabagCoreBundle:Entry') | |
77 | ->findOneByIsArchived(false); | |
78 | ||
79 | if (!$entry) { | |
80 | $this->markTestSkipped('No content found in db.'); | |
81 | } | |
82 | ||
83 | $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers); | |
84 | $this->assertContains($entry->getTitle(), $client->getResponse()->getContent()); | |
85 | ||
86 | $this->assertTrue( | |
87 | $client->getResponse()->headers->contains( | |
88 | 'Content-Type', | |
89 | 'application/json' | |
90 | ) | |
91 | ); | |
92 | } | |
93 | ||
94 | public function testGetEntries() | |
95 | { | |
96 | $client = $this->createClient(); | |
97 | $client->request('GET', '/api/salts/admin.json'); | |
98 | $salt = json_decode($client->getResponse()->getContent()); | |
99 | ||
100 | $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]); | |
101 | ||
102 | $client->request('GET', '/api/entries', array(), array(), $headers); | |
103 | ||
104 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | |
105 | ||
106 | $this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent()))); | |
107 | ||
108 | $this->assertContains('Mailjet', $client->getResponse()->getContent()); | |
109 | ||
110 | $this->assertTrue( | |
111 | $client->getResponse()->headers->contains( | |
112 | 'Content-Type', | |
113 | 'application/json' | |
114 | ) | |
115 | ); | |
116 | } | |
117 | ||
118 | public function testDeleteEntry() | |
119 | { | |
120 | $client = $this->createClient(); | |
121 | $client->request('GET', '/api/salts/admin.json'); | |
122 | $salt = json_decode($client->getResponse()->getContent()); | |
123 | ||
124 | $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]); | |
125 | ||
126 | $entry = $client->getContainer() | |
127 | ->get('doctrine.orm.entity_manager') | |
128 | ->getRepository('WallabagCoreBundle:Entry') | |
129 | ->findOneByUser(1); | |
130 | ||
131 | if (!$entry) { | |
132 | $this->markTestSkipped('No content found in db.'); | |
133 | } | |
134 | ||
135 | $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers); | |
136 | ||
137 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | |
138 | ||
139 | // We'll try to delete this entry again | |
140 | $client->request('GET', '/api/salts/admin.json'); | |
141 | $salt = json_decode($client->getResponse()->getContent()); | |
142 | ||
143 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); | |
144 | ||
145 | $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers); | |
146 | ||
147 | $this->assertEquals(404, $client->getResponse()->getStatusCode()); | |
148 | } | |
149 | ||
150 | public function testGetTagsEntry() | |
151 | { | |
152 | $client = $this->createClient(); | |
153 | $client->request('GET', '/api/salts/admin.json'); | |
154 | $salt = json_decode($client->getResponse()->getContent()); | |
155 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); | |
156 | ||
157 | $entry = $client->getContainer() | |
158 | ->get('doctrine.orm.entity_manager') | |
159 | ->getRepository('WallabagCoreBundle:Entry') | |
160 | ->findOneWithTags(1); | |
161 | ||
162 | $entry = $entry[0]; | |
163 | ||
164 | if (!$entry) { | |
165 | $this->markTestSkipped('No content found in db.'); | |
166 | } | |
167 | ||
168 | $tags = array(); | |
169 | foreach ($entry->getTags() as $tag) { | |
170 | $tags[] = array('id' => $tag->getId(), 'label' => $tag->getLabel()); | |
171 | } | |
172 | ||
173 | $client->request('GET', '/api/entries/'.$entry->getId().'/tags', array(), array(), $headers); | |
174 | ||
175 | $this->assertEquals(json_encode($tags, JSON_HEX_QUOT), $client->getResponse()->getContent()); | |
176 | } | |
177 | ||
178 | public function testPostTagsOnEntry() | |
179 | { | |
180 | $client = $this->createClient(); | |
181 | $client->request('GET', '/api/salts/admin.json'); | |
182 | $salt = json_decode($client->getResponse()->getContent()); | |
183 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); | |
184 | ||
185 | $entry = $client->getContainer() | |
186 | ->get('doctrine.orm.entity_manager') | |
187 | ->getRepository('WallabagCoreBundle:Entry') | |
188 | ->findOneByUser(1); | |
189 | ||
190 | if (!$entry) { | |
191 | $this->markTestSkipped('No content found in db.'); | |
192 | } | |
193 | ||
194 | $newTags = 'tag1,tag2,tag3'; | |
195 | ||
196 | $client->request('POST', '/api/entries/'.$entry->getId().'/tags', array('tags' => $newTags), array(), $headers); | |
197 | ||
198 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | |
199 | ||
200 | $entryDB = $client->getContainer() | |
201 | ->get('doctrine.orm.entity_manager') | |
202 | ->getRepository('WallabagCoreBundle:Entry') | |
203 | ->find($entry->getId()); | |
204 | ||
205 | $tagsInDB = array(); | |
206 | foreach ($entryDB->getTags()->toArray() as $tag) { | |
207 | $tagsInDB[$tag->getId()] = $tag->getLabel(); | |
208 | } | |
209 | ||
210 | foreach (explode(',', $newTags) as $tag) { | |
211 | $this->assertContains($tag, $tagsInDB); | |
212 | } | |
213 | } | |
214 | } |