X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=tests%2FWallabag%2FApiBundle%2FController%2FDeveloperControllerTest.php;h=53aed12b6c170dd4086c75980a27a22a03b13c99;hb=822c877949aff8ae57677671115f8f4fc69588d5;hp=95befa9cab2f4fe2502b7776a784c8d022d62905;hpb=e4cf672ccf61689ba28c2e89fc55f83167800b18;p=github%2Fwallabag%2Fwallabag.git

diff --git a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
index 95befa9c..53aed12b 100644
--- a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
+++ b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
@@ -3,6 +3,7 @@
 namespace Tests\Wallabag\ApiBundle\Controller;
 
 use Tests\Wallabag\CoreBundle\WallabagCoreTestCase;
+use Wallabag\ApiBundle\Entity\Client;
 
 class DeveloperControllerTest extends WallabagCoreTestCase
 {
@@ -33,14 +34,10 @@ class DeveloperControllerTest extends WallabagCoreTestCase
         $this->assertContains('My app', $alert[0]);
     }
 
-    /**
-     * @depends testCreateClient
-     */
-    public function testCreateToken()
+    public function testCreateTokenFromPasswords()
     {
         $client = $this->getClient();
-        $em = $client->getContainer()->get('doctrine.orm.entity_manager');
-        $apiClient = $em->getRepository('WallabagApiBundle:Client')->findOneByName('My app');
+        $apiClient = $this->createApiClientForUser('admin');
 
         $client->request('POST', '/oauth/v2/token', [
             'grant_type' => 'password',
@@ -59,6 +56,26 @@ class DeveloperControllerTest extends WallabagCoreTestCase
         $this->assertArrayHasKey('refresh_token', $data);
     }
 
+    public function testCreateTokenFromClientCredentialsOnly()
+    {
+        $client = $this->getClient();
+        $apiClient = $this->createApiClientForUser('admin', ['client_credentials']);
+
+        $client->request('POST', '/oauth/v2/token', [
+            'grant_type' => 'client_credentials',
+            'client_id' => $apiClient->getPublicId(),
+            'client_secret' => $apiClient->getSecret(),
+        ]);
+
+        $this->assertEquals(200, $client->getResponse()->getStatusCode());
+
+        $data = json_decode($client->getResponse()->getContent(), true);
+        $this->assertArrayHasKey('access_token', $data);
+        $this->assertArrayHasKey('expires_in', $data);
+        $this->assertArrayHasKey('token_type', $data);
+        // Client Credentials created-clients have no refresh tokens
+    }
+
     public function testListingClient()
     {
         $this->logInAs('admin');
@@ -82,11 +99,21 @@ class DeveloperControllerTest extends WallabagCoreTestCase
 
     public function testRemoveClient()
     {
-        $this->logInAs('admin');
         $client = $this->getClient();
+        $adminApiClient = $this->createApiClientForUser('admin');
         $em = $client->getContainer()->get('doctrine.orm.entity_manager');
-        $nbClients = $em->getRepository('WallabagApiBundle:Client')->findAll();
 
+        // Try to remove an admin's client with a wrong user
+        $this->logInAs('bob');
+        $client->request('GET', '/developer');
+        $this->assertContains('no_client', $client->getResponse()->getContent());
+
+        $this->logInAs('bob');
+        $client->request('GET', '/developer/client/delete/'.$adminApiClient->getId());
+        $this->assertEquals(403, $client->getResponse()->getStatusCode());
+
+        // Try to remove the admin's client with the good user
+        $this->logInAs('admin');
         $crawler = $client->request('GET', '/developer');
 
         $link = $crawler
@@ -98,7 +125,30 @@ class DeveloperControllerTest extends WallabagCoreTestCase
         $client->click($link);
         $this->assertEquals(302, $client->getResponse()->getStatusCode());
 
-        $newNbClients = $em->getRepository('WallabagApiBundle:Client')->findAll();
-        $this->assertGreaterThan(count($newNbClients), count($nbClients));
+        $this->assertNull(
+            $em->getRepository('WallabagApiBundle:Client')->find($adminApiClient->getId()),
+            'The client should have been removed'
+        );
+    }
+
+    /**
+     * @param string $username
+     *
+     * @param array $grantTypes
+     * @return Client
+     */
+    private function createApiClientForUser($username, $grantTypes = ['password'])
+    {
+        $client = $this->getClient();
+        $em = $client->getContainer()->get('doctrine.orm.entity_manager');
+        $userManager = $client->getContainer()->get('fos_user.user_manager');
+        $user = $userManager->findUserBy(array('username' => $username));
+        $apiClient = new Client($user);
+        $apiClient->setName('My app');
+        $apiClient->setAllowedGrantTypes($grantTypes);
+        $em->persist($apiClient);
+        $em->flush();
+
+        return $apiClient;
     }
 }