Handle password change

[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Tests / Controller / WallabagRestControllerTest.php

diff --git a/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php
index c7704aa8650cfa666dce677e23728bb3266f91c9..fcfa8ccf9a233aa69eb310312f61d5c0805d6ad3 100644 (file)
--- a/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php
+++ b/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php
@@ -2,9 +2,9 @@
 
 namespace Wallabag\CoreBundle\Tests\Controller;
 
-use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+use Wallabag\CoreBundle\Tests\WallabagTestCase;
 
-class WallabagRestControllerTest extends WebTestCase
+class WallabagRestControllerTest extends WallabagTestCase
 {
     /**
      * Generate HTTP headers for authenticate user on API
@@ -25,7 +25,6 @@ class WallabagRestControllerTest extends WebTestCase
         $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true));
 
         return array(
-            'PHP_AUTH_USER' => 'username',
             'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
             'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"',
         );
@@ -36,18 +35,45 @@ class WallabagRestControllerTest extends WebTestCase
         $client = $this->createClient();
         $client->request('GET', '/api/salts/admin.json');
         $this->assertEquals(200, $client->getResponse()->getStatusCode());
+        $this->assertNotEmpty(json_decode($client->getResponse()->getContent()));
 
         $client->request('GET', '/api/salts/notfound.json');
         $this->assertEquals(404, $client->getResponse()->getStatusCode());
     }
 
+    public function testWithBadHeaders()
+    {
+        $client = $this->createClient();
+        $client->request('GET', '/api/salts/admin.json');
+        $salt = json_decode($client->getResponse()->getContent());
+
+        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);
+
+        $entry = $client->getContainer()
+            ->get('doctrine.orm.entity_manager')
+            ->getRepository('WallabagCoreBundle:Entry')
+            ->findOneByIsArchived(false);
+
+        if (!$entry) {
+            $this->markTestSkipped('No content found in db.');
+        }
+
+        $badHeaders = array(
+            'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
+            'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
+        );
+
+        $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
+        $this->assertEquals(403, $client->getResponse()->getStatusCode());
+    }
+
     public function testGetOneEntry()
     {
         $client = $this->createClient();
         $client->request('GET', '/api/salts/admin.json');
         $salt = json_decode($client->getResponse()->getContent());
 
-        $headers = $this->generateHeaders('admin', 'test', $salt[0]);
+        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);
 
         $entry = $client->getContainer()
             ->get('doctrine.orm.entity_manager')
@@ -75,9 +101,14 @@ class WallabagRestControllerTest extends WebTestCase
         $client->request('GET', '/api/salts/admin.json');
         $salt = json_decode($client->getResponse()->getContent());
 
-        $headers = $this->generateHeaders('admin', 'test', $salt[0]);
+        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);
 
         $client->request('GET', '/api/entries', array(), array(), $headers);
+
+        $this->assertEquals(200, $client->getResponse()->getStatusCode());
+
+        $this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent())));
+
         $this->assertContains('Mailjet', $client->getResponse()->getContent());
 
         $this->assertTrue(
@@ -94,7 +125,7 @@ class WallabagRestControllerTest extends WebTestCase
         $client->request('GET', '/api/salts/admin.json');
         $salt = json_decode($client->getResponse()->getContent());
 
-        $headers = $this->generateHeaders('admin', 'test', $salt[0]);
+        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);
 
         $entry = $client->getContainer()
             ->get('doctrine.orm.entity_manager')