X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=src%2FWallabag%2FCoreBundle%2FTests%2FController%2FWallabagRestControllerTest.php;h=fcfa8ccf9a233aa69eb310312f61d5c0805d6ad3;hb=0e7971d8354b0923d2e8f38690b9fe46e695dd93;hp=edbb62d2cbfe93945ddb2121acb0338d69be5229;hpb=2734044aca228c853147a8a944a2ebc7b2c7f23b;p=github%2Fwallabag%2Fwallabag.git diff --git a/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php index edbb62d2..fcfa8ccf 100644 --- a/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php +++ b/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php @@ -2,44 +2,113 @@ namespace Wallabag\CoreBundle\Tests\Controller; -use Symfony\Bundle\FrameworkBundle\Test\WebTestCase; +use Wallabag\CoreBundle\Tests\WallabagTestCase; -class WallabagRestControllerTest extends WebTestCase +class WallabagRestControllerTest extends WallabagTestCase { + /** + * Generate HTTP headers for authenticate user on API + * + * @param $username + * @param $password + * @param $salt + * + * @return array + */ + private function generateHeaders($username, $password, $salt) + { + $encryptedPassword = sha1($password.$username.$salt); + $nonce = substr(md5(uniqid('nonce_', true)), 0, 16); + + $now = new \DateTime('now', new \DateTimeZone('UTC')); + $created = (string) $now->format('Y-m-d\TH:i:s\Z'); + $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true)); + + return array( + 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', + 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"', + ); + } + public function testGetSalt() { $client = $this->createClient(); $client->request('GET', '/api/salts/admin.json'); $this->assertEquals(200, $client->getResponse()->getStatusCode()); + $this->assertNotEmpty(json_decode($client->getResponse()->getContent())); $client->request('GET', '/api/salts/notfound.json'); $this->assertEquals(404, $client->getResponse()->getStatusCode()); } - public function testGetEntries() + public function testWithBadHeaders() { $client = $this->createClient(); $client->request('GET', '/api/salts/admin.json'); - $content = json_decode($client->getResponse()->getContent()); - $salt = $content[0]; + $salt = json_decode($client->getResponse()->getContent()); - $username = 'admin'; - $password = 'test'; + $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]); - $encryptedPassword = sha1($password.$username.$salt); - $nonce = substr(md5(uniqid('nonce_', true)), 0, 16); + $entry = $client->getContainer() + ->get('doctrine.orm.entity_manager') + ->getRepository('WallabagCoreBundle:Entry') + ->findOneByIsArchived(false); - $now = new \DateTime('now', new \DateTimeZone('UTC')); - $created = (string)$now->format( 'Y-m-d\TH:i:s\Z' ); - $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true)); + if (!$entry) { + $this->markTestSkipped('No content found in db.'); + } - $headers = array( - 'PHP_AUTH_USER' => 'username', + $badHeaders = array( 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', - 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"' + 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"', + ); + + $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders); + $this->assertEquals(403, $client->getResponse()->getStatusCode()); + } + + public function testGetOneEntry() + { + $client = $this->createClient(); + $client->request('GET', '/api/salts/admin.json'); + $salt = json_decode($client->getResponse()->getContent()); + + $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]); + + $entry = $client->getContainer() + ->get('doctrine.orm.entity_manager') + ->getRepository('WallabagCoreBundle:Entry') + ->findOneByIsArchived(false); + + if (!$entry) { + $this->markTestSkipped('No content found in db.'); + } + + $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers); + $this->assertContains($entry->getTitle(), $client->getResponse()->getContent()); + + $this->assertTrue( + $client->getResponse()->headers->contains( + 'Content-Type', + 'application/json' + ) ); + } + + public function testGetEntries() + { + $client = $this->createClient(); + $client->request('GET', '/api/salts/admin.json'); + $salt = json_decode($client->getResponse()->getContent()); + + $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]); $client->request('GET', '/api/entries', array(), array(), $headers); + + $this->assertEquals(200, $client->getResponse()->getStatusCode()); + + $this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent()))); + $this->assertContains('Mailjet', $client->getResponse()->getContent()); $this->assertTrue( @@ -49,4 +118,32 @@ class WallabagRestControllerTest extends WebTestCase ) ); } + + public function testDeleteEntry() + { + $client = $this->createClient(); + $client->request('GET', '/api/salts/admin.json'); + $salt = json_decode($client->getResponse()->getContent()); + + $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]); + + $entry = $client->getContainer() + ->get('doctrine.orm.entity_manager') + ->getRepository('WallabagCoreBundle:Entry') + ->findOneByIsDeleted(false); + + if (!$entry) { + $this->markTestSkipped('No content found in db.'); + } + + $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers); + + $this->assertEquals(200, $client->getResponse()->getStatusCode()); + + $res = $client->getContainer() + ->get('doctrine.orm.entity_manager') + ->getRepository('WallabagCoreBundle:Entry') + ->findOneById($entry->getId()); + $this->assertEquals($res->isDeleted(), true); + } }