path: root/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php

<?php

namespace Tests\Wallabag\ApiBundle\Controller;

use Tests\Wallabag\CoreBundle\WallabagCoreTestCase;
use Wallabag\ApiBundle\Entity\Client;

class DeveloperControllerTest extends WallabagCoreTestCase
{
    public function testCreateClient()
    {
        $this->logInAs('admin');
        $client = $this->getClient();
        $em = $client->getContainer()->get('doctrine.orm.entity_manager');
        $nbClients = $em->getRepository('WallabagApiBundle:Client')->findAll();

        $crawler = $client->request('GET', '/developer/client/create');
        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $form = $crawler->filter('button[type=submit]')->form();

        $data = [
            'client[name]' => 'My app',
        ];

        $crawler = $client->submit($form, $data);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $newNbClients = $em->getRepository('WallabagApiBundle:Client')->findAll();
        $this->assertGreaterThan(count($nbClients), count($newNbClients));

        $this->assertGreaterThan(1, $alert = $crawler->filter('.settings ul li strong')->extract(['_text']));
        $this->assertContains('My app', $alert[0]);
    }

    public function testCreateTokenFromPasswords()
    {
        $client = $this->getClient();
        $apiClient = $this->createApiClientForUser('admin');

        $client->request('POST', '/oauth/v2/token', [
            'grant_type' => 'password',
            'client_id' => $apiClient->getPublicId(),
            'client_secret' => $apiClient->getSecret(),
            'username' => 'admin',
            'password' => 'mypassword',
        ]);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $data = json_decode($client->getResponse()->getContent(), true);
        $this->assertArrayHasKey('access_token', $data);
        $this->assertArrayHasKey('expires_in', $data);
        $this->assertArrayHasKey('token_type', $data);
        $this->assertArrayHasKey('refresh_token', $data);
    }

    public function testCreateTokenFromClientCredentialsOnly()
    {
        $client = $this->getClient();
        $apiClient = $this->createApiClientForUser('admin', ['client_credentials']);

        $client->request('POST', '/oauth/v2/token', [
            'grant_type' => 'client_credentials',
            'client_id' => $apiClient->getPublicId(),
            'client_secret' => $apiClient->getSecret(),
        ]);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $data = json_decode($client->getResponse()->getContent(), true);
        $this->assertArrayHasKey('access_token', $data);
        $this->assertArrayHasKey('expires_in', $data);
        $this->assertArrayHasKey('token_type', $data);
        // Client Credentials created-clients have no refresh tokens
    }

    public function testListingClient()
    {
        $this->logInAs('admin');
        $client = $this->getClient();
        $em = $client->getContainer()->get('doctrine.orm.entity_manager');
        $nbClients = $em->getRepository('WallabagApiBundle:Client')->findAll();

        $crawler = $client->request('GET', '/developer');
        $this->assertEquals(200, $client->getResponse()->getStatusCode());
        $this->assertEquals(count($nbClients), $crawler->filter('ul[class=collapsible] li')->count());
    }

    public function testDeveloperHowto()
    {
        $this->logInAs('admin');
        $client = $this->getClient();

        $crawler = $client->request('GET', '/developer/howto/first-app');
        $this->assertEquals(200, $client->getResponse()->getStatusCode());
    }

    public function testRemoveClient()
    {
        $client = $this->getClient();
        $adminApiClient = $this->createApiClientForUser('admin');
        $em = $client->getContainer()->get('doctrine.orm.entity_manager');

        // Try to remove an admin's client with a wrong user
        $this->logInAs('bob');
        $client->request('GET', '/developer');
        $this->assertContains('no_client', $client->getResponse()->getContent());

        $this->logInAs('bob');
        $client->request('GET', '/developer/client/delete/'.$adminApiClient->getId());
        $this->assertEquals(403, $client->getResponse()->getStatusCode());

        // Try to remove the admin's client with the good user
        $this->logInAs('admin');
        $crawler = $client->request('GET', '/developer');

        $link = $crawler
            ->filter('div[class=collapsible-body] p a')
            ->eq(0)
            ->link()
        ;

        $client->click($link);
        $this->assertEquals(302, $client->getResponse()->getStatusCode());

        $this->assertNull(
            $em->getRepository('WallabagApiBundle:Client')->find($adminApiClient->getId()),
            'The client should have been removed'
        );
    }

    /**
     * @param string $username
     *
     * @param array $grantTypes
     * @return Client
     */
    private function createApiClientForUser($username, $grantTypes = ['password'])
    {
        $client = $this->getClient();
        $em = $client->getContainer()->get('doctrine.orm.entity_manager');
        $userManager = $client->getContainer()->get('fos_user.user_manager');
        $user = $userManager->findUserBy(array('username' => $username));
        $apiClient = new Client($user);
        $apiClient->setName('My app');
        $apiClient->setAllowedGrantTypes($grantTypes);
        $em->persist($apiClient);
        $em->flush();

        return $apiClient;
    }
}