]> git.immae.eu Git - github/wallabag/wallabag.git/blob - tests/Wallabag/ApiBundle/Controller/TagRestControllerTest.php
projects / github / wallabag / wallabag.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
TagRestController: add tests to ensure that other user's tags are unreachable
[github/wallabag/wallabag.git] / tests / Wallabag / ApiBundle / Controller / TagRestControllerTest.php
1 <?php
2
3 namespace Tests\Wallabag\ApiBundle\Controller;
4
5 use Tests\Wallabag\ApiBundle\WallabagApiTestCase;
6 use Wallabag\CoreBundle\Entity\Tag;
7
8 class TagRestControllerTest extends WallabagApiTestCase
9 {
10 private $otherUserTagLabel = 'bob';
11
12 public function testGetUserTags()
13 {
14 $this->client->request('GET', '/api/tags.json');
15
16 $this->assertSame(200, $this->client->getResponse()->getStatusCode());
17
18 $content = json_decode($this->client->getResponse()->getContent(), true);
19
20 $this->assertGreaterThan(0, $content);
21 $this->assertArrayHasKey('id', $content[0]);
22 $this->assertArrayHasKey('label', $content[0]);
23
24 $tagLabels = array_map(function ($i) {
25 return $i['label'];
26 }, $content);
27
28 $this->assertNotContains($this->otherUserTagLabel, $tagLabels, 'There is a possible tag leak');
29
30 return end($content);
31 }
32
33 public function testDeleteUserTag()
34 {
35 $tagLabel = 'tagtest';
36 $tag = new Tag();
37 $tag->setLabel($tagLabel);
38
39 $em = $this->client->getContainer()->get('doctrine.orm.entity_manager');
40 $em->persist($tag);
41 $em->flush();
42 $em->clear();
43
44 $this->client->request('DELETE', '/api/tags/' . $tag->getId() . '.json');
45
46 $this->assertSame(200, $this->client->getResponse()->getStatusCode());
47
48 $content = json_decode($this->client->getResponse()->getContent(), true);
49
50 $this->assertArrayHasKey('label', $content);
51 $this->assertSame($tag->getLabel(), $content['label']);
52 $this->assertSame($tag->getSlug(), $content['slug']);
53
54 $entries = $em->getRepository('WallabagCoreBundle:Entry')
55 ->findAllByTagId($this->user->getId(), $tag->getId());
56
57 $this->assertCount(0, $entries);
58
59 $tag = $em->getRepository('WallabagCoreBundle:Tag')->findOneByLabel($tagLabel);
60
61 $this->assertNull($tag, $tagLabel . ' was removed because it begun an orphan tag');
62 }
63
64 public function testDeleteOtherUserTag()
65 {
66 $em = $this->client->getContainer()->get('doctrine.orm.entity_manager');
67 $tag = $em->getRepository('WallabagCoreBundle:Tag')->findOneByLabel($this->otherUserTagLabel);
68
69 $this->client->request('DELETE', '/api/tags/' . $tag->getId() . '.json');
70
71 $this->assertSame(404, $this->client->getResponse()->getStatusCode());
72 }
73
74 public function dataForDeletingTagByLabel()
75 {
76 return [
77 'by_query' => [true],
78 'by_body' => [false],
79 ];
80 }
81
82 /**
83 * @dataProvider dataForDeletingTagByLabel
84 */
85 public function testDeleteTagByLabel($useQueryString)
86 {
87 $em = $this->client->getContainer()->get('doctrine.orm.entity_manager');
88 $entry = $this->client->getContainer()
89 ->get('doctrine.orm.entity_manager')
90 ->getRepository('WallabagCoreBundle:Entry')
91 ->findOneWithTags($this->user->getId());
92
93 $entry = $entry[0];
94
95 $tag = new Tag();
96 $tag->setLabel('Awesome tag for test');
97 $em->persist($tag);
98
99 $entry->addTag($tag);
100
101 $em->persist($entry);
102 $em->flush();
103
104 if ($useQueryString) {
105 $this->client->request('DELETE', '/api/tag/label.json?tag=' . $tag->getLabel());
106 } else {
107 $this->client->request('DELETE', '/api/tag/label.json', ['tag' => $tag->getLabel()]);
108 }
109
110 $this->assertSame(200, $this->client->getResponse()->getStatusCode());
111
112 $content = json_decode($this->client->getResponse()->getContent(), true);
113
114 $this->assertArrayHasKey('label', $content);
115 $this->assertSame($tag->getLabel(), $content['label']);
116 $this->assertSame($tag->getSlug(), $content['slug']);
117
118 $entries = $this->client->getContainer()
119 ->get('doctrine.orm.entity_manager')
120 ->getRepository('WallabagCoreBundle:Entry')
121 ->findAllByTagId($this->user->getId(), $tag->getId());
122
123 $this->assertCount(0, $entries);
124 }
125
126 public function testDeleteTagByLabelNotFound()
127 {
128 $this->client->request('DELETE', '/api/tag/label.json', ['tag' => 'does not exist']);
129
130 $this->assertSame(404, $this->client->getResponse()->getStatusCode());
131 }
132
133 public function testDeleteTagByLabelOtherUser()
134 {
135 $this->client->request('DELETE', '/api/tag/label.json', ['tag' => $this->otherUserTagLabel]);
136
137 $this->assertSame(404, $this->client->getResponse()->getStatusCode());
138 }
139
140 /**
141 * @dataProvider dataForDeletingTagByLabel
142 */
143 public function testDeleteTagsByLabel($useQueryString)
144 {
145 $em = $this->client->getContainer()->get('doctrine.orm.entity_manager');
146 $entry = $this->client->getContainer()
147 ->get('doctrine.orm.entity_manager')
148 ->getRepository('WallabagCoreBundle:Entry')
149 ->findOneWithTags($this->user->getId());
150
151 $entry = $entry[0];
152
153 $tag = new Tag();
154 $tag->setLabel('Awesome tag for tagsLabel');
155 $em->persist($tag);
156
157 $tag2 = new Tag();
158 $tag2->setLabel('Awesome tag for tagsLabel 2');
159 $em->persist($tag2);
160
161 $entry->addTag($tag);
162 $entry->addTag($tag2);
163
164 $em->persist($entry);
165 $em->flush();
166
167 if ($useQueryString) {
168 $this->client->request('DELETE', '/api/tags/label.json?tags=' . $tag->getLabel() . ',' . $tag2->getLabel());
169 } else {
170 $this->client->request('DELETE', '/api/tags/label.json', ['tags' => $tag->getLabel() . ',' . $tag2->getLabel()]);
171 }
172
173 $this->assertSame(200, $this->client->getResponse()->getStatusCode());
174
175 $content = json_decode($this->client->getResponse()->getContent(), true);
176
177 $this->assertCount(2, $content);
178
179 $this->assertArrayHasKey('label', $content[0]);
180 $this->assertSame($tag->getLabel(), $content[0]['label']);
181 $this->assertSame($tag->getSlug(), $content[0]['slug']);
182
183 $this->assertArrayHasKey('label', $content[1]);
184 $this->assertSame($tag2->getLabel(), $content[1]['label']);
185 $this->assertSame($tag2->getSlug(), $content[1]['slug']);
186
187 $entries = $this->client->getContainer()
188 ->get('doctrine.orm.entity_manager')
189 ->getRepository('WallabagCoreBundle:Entry')
190 ->findAllByTagId($this->user->getId(), $tag->getId());
191
192 $this->assertCount(0, $entries);
193
194 $entries = $this->client->getContainer()
195 ->get('doctrine.orm.entity_manager')
196 ->getRepository('WallabagCoreBundle:Entry')
197 ->findAllByTagId($this->user->getId(), $tag2->getId());
198
199 $this->assertCount(0, $entries);
200 }
201
202 public function testDeleteTagsByLabelNotFound()
203 {
204 $this->client->request('DELETE', '/api/tags/label.json', ['tags' => 'does not exist']);
205
206 $this->assertSame(404, $this->client->getResponse()->getStatusCode());
207 }
208
209 public function testDeleteTagsByLabelOtherUser()
210 {
211 $this->client->request('DELETE', '/api/tags/label.json', ['tags' => $this->otherUserTagLabel]);
212
213 $this->assertSame(404, $this->client->getResponse()->getStatusCode());
214 }
215 }
A self hostable application for saving web pages: Save and classify articles. Read them later. Freely.