diff options
author | Jeremy Benoist <jeremy.benoist@gmail.com> | 2017-06-02 10:19:33 +0200 |
---|---|---|
committer | Jeremy Benoist <jeremy.benoist@gmail.com> | 2017-06-02 11:32:38 +0200 |
commit | 426bb453d295900fb3e35dce2f9081a42639cf27 (patch) | |
tree | 77fc6aedf17640a9d13a817e25fbd06ab89b471f /tests/Wallabag | |
parent | a687c8d915276eee0c0494156700f7d0c0606735 (diff) | |
download | wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.gz wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.zst wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.zip |
API user creation behing a toggle
I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled.
Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information.
I've moved all the internal settings definition to config to avoid duplicated place to define them.
I don't know why we didn't did that earlier.
Diffstat (limited to 'tests/Wallabag')
-rw-r--r-- | tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php | 96 | ||||
-rw-r--r-- | tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php | 10 |
2 files changed, 85 insertions, 21 deletions
diff --git a/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php b/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php index 3f4969a5..c1095da8 100644 --- a/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php +++ b/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php | |||
@@ -27,8 +27,25 @@ class UserRestControllerTest extends WallabagApiTestCase | |||
27 | $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); | 27 | $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); |
28 | } | 28 | } |
29 | 29 | ||
30 | public function testGetUserWithoutAuthentication() | ||
31 | { | ||
32 | $client = static::createClient(); | ||
33 | $client->request('GET', '/api/user.json'); | ||
34 | $this->assertEquals(401, $client->getResponse()->getStatusCode()); | ||
35 | |||
36 | $content = json_decode($client->getResponse()->getContent(), true); | ||
37 | |||
38 | $this->assertArrayHasKey('error', $content); | ||
39 | $this->assertArrayHasKey('error_description', $content); | ||
40 | |||
41 | $this->assertEquals('access_denied', $content['error']); | ||
42 | |||
43 | $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type')); | ||
44 | } | ||
45 | |||
30 | public function testCreateNewUser() | 46 | public function testCreateNewUser() |
31 | { | 47 | { |
48 | $this->client->getContainer()->get('craue_config')->set('api_user_registration', 1); | ||
32 | $this->client->request('PUT', '/api/user.json', [ | 49 | $this->client->request('PUT', '/api/user.json', [ |
33 | 'username' => 'google', | 50 | 'username' => 'google', |
34 | 'password' => 'googlegoogle', | 51 | 'password' => 'googlegoogle', |
@@ -50,30 +67,51 @@ class UserRestControllerTest extends WallabagApiTestCase | |||
50 | 67 | ||
51 | $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); | 68 | $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); |
52 | 69 | ||
53 | // remove the created user to avoid side effect on other tests | 70 | $this->client->getContainer()->get('craue_config')->set('api_user_registration', 0); |
54 | // @todo remove these lines when test will be isolated | 71 | } |
55 | $em = $this->client->getContainer()->get('doctrine.orm.entity_manager'); | 72 | |
73 | public function testCreateNewUserWithoutAuthentication() | ||
74 | { | ||
75 | // create a new client instead of using $this->client to be sure client isn't authenticated | ||
76 | $client = static::createClient(); | ||
77 | $client->getContainer()->get('craue_config')->set('api_user_registration', 1); | ||
78 | $client->request('PUT', '/api/user.json', [ | ||
79 | 'username' => 'google', | ||
80 | 'password' => 'googlegoogle', | ||
81 | 'email' => 'wallabag@google.com', | ||
82 | ]); | ||
83 | |||
84 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | ||
85 | |||
86 | $content = json_decode($client->getResponse()->getContent(), true); | ||
87 | |||
88 | $this->assertArrayHasKey('id', $content); | ||
89 | $this->assertArrayHasKey('email', $content); | ||
90 | $this->assertArrayHasKey('username', $content); | ||
91 | $this->assertArrayHasKey('created_at', $content); | ||
92 | $this->assertArrayHasKey('updated_at', $content); | ||
93 | |||
94 | $this->assertEquals('wallabag@google.com', $content['email']); | ||
95 | $this->assertEquals('google', $content['username']); | ||
56 | 96 | ||
57 | $query = $em->createQuery('DELETE FROM Wallabag\CoreBundle\Entity\Config c WHERE c.user = :user_id'); | 97 | $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type')); |
58 | $query->setParameter('user_id', $content['id']); | ||
59 | $query->execute(); | ||
60 | 98 | ||
61 | $query = $em->createQuery('DELETE FROM Wallabag\UserBundle\Entity\User u WHERE u.id = :id'); | 99 | $client->getContainer()->get('craue_config')->set('api_user_registration', 0); |
62 | $query->setParameter('id', $content['id']); | ||
63 | $query->execute(); | ||
64 | } | 100 | } |
65 | 101 | ||
66 | public function testCreateNewUserWithExistingEmail() | 102 | public function testCreateNewUserWithExistingEmail() |
67 | { | 103 | { |
68 | $this->client->request('PUT', '/api/user.json', [ | 104 | $client = static::createClient(); |
105 | $client->getContainer()->get('craue_config')->set('api_user_registration', 1); | ||
106 | $client->request('PUT', '/api/user.json', [ | ||
69 | 'username' => 'admin', | 107 | 'username' => 'admin', |
70 | 'password' => 'googlegoogle', | 108 | 'password' => 'googlegoogle', |
71 | 'email' => 'bigboss@wallabag.org', | 109 | 'email' => 'bigboss@wallabag.org', |
72 | ]); | 110 | ]); |
73 | 111 | ||
74 | $this->assertEquals(400, $this->client->getResponse()->getStatusCode()); | 112 | $this->assertEquals(400, $client->getResponse()->getStatusCode()); |
75 | 113 | ||
76 | $content = json_decode($this->client->getResponse()->getContent(), true); | 114 | $content = json_decode($client->getResponse()->getContent(), true); |
77 | 115 | ||
78 | $this->assertArrayHasKey('error', $content); | 116 | $this->assertArrayHasKey('error', $content); |
79 | $this->assertArrayHasKey('username', $content['error']); | 117 | $this->assertArrayHasKey('username', $content['error']); |
@@ -85,26 +123,50 @@ class UserRestControllerTest extends WallabagApiTestCase | |||
85 | $this->assertEquals('This value is already used.', $content['error']['username'][0]); | 123 | $this->assertEquals('This value is already used.', $content['error']['username'][0]); |
86 | $this->assertEquals('This value is already used.', $content['error']['email'][0]); | 124 | $this->assertEquals('This value is already used.', $content['error']['email'][0]); |
87 | 125 | ||
88 | $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); | 126 | $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type')); |
127 | |||
128 | $client->getContainer()->get('craue_config')->set('api_user_registration', 0); | ||
89 | } | 129 | } |
90 | 130 | ||
91 | public function testCreateNewUserWithTooShortPassword() | 131 | public function testCreateNewUserWithTooShortPassword() |
92 | { | 132 | { |
93 | $this->client->request('PUT', '/api/user.json', [ | 133 | $client = static::createClient(); |
134 | $client->getContainer()->get('craue_config')->set('api_user_registration', 1); | ||
135 | $client->request('PUT', '/api/user.json', [ | ||
94 | 'username' => 'facebook', | 136 | 'username' => 'facebook', |
95 | 'password' => 'face', | 137 | 'password' => 'face', |
96 | 'email' => 'facebook@wallabag.org', | 138 | 'email' => 'facebook@wallabag.org', |
97 | ]); | 139 | ]); |
98 | 140 | ||
99 | $this->assertEquals(400, $this->client->getResponse()->getStatusCode()); | 141 | $this->assertEquals(400, $client->getResponse()->getStatusCode()); |
100 | 142 | ||
101 | $content = json_decode($this->client->getResponse()->getContent(), true); | 143 | $content = json_decode($client->getResponse()->getContent(), true); |
102 | 144 | ||
103 | $this->assertArrayHasKey('error', $content); | 145 | $this->assertArrayHasKey('error', $content); |
104 | $this->assertArrayHasKey('password', $content['error']); | 146 | $this->assertArrayHasKey('password', $content['error']); |
105 | 147 | ||
106 | $this->assertEquals('validator.password_too_short', $content['error']['password'][0]); | 148 | $this->assertEquals('validator.password_too_short', $content['error']['password'][0]); |
107 | 149 | ||
108 | $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); | 150 | $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type')); |
151 | |||
152 | $client->getContainer()->get('craue_config')->set('api_user_registration', 0); | ||
153 | } | ||
154 | |||
155 | public function testCreateNewUserWhenRegistrationIsDisabled() | ||
156 | { | ||
157 | $client = static::createClient(); | ||
158 | $client->request('PUT', '/api/user.json', [ | ||
159 | 'username' => 'facebook', | ||
160 | 'password' => 'face', | ||
161 | 'email' => 'facebook@wallabag.org', | ||
162 | ]); | ||
163 | |||
164 | $this->assertEquals(403, $client->getResponse()->getStatusCode()); | ||
165 | |||
166 | $content = json_decode($client->getResponse()->getContent(), true); | ||
167 | |||
168 | $this->assertArrayHasKey('error', $content); | ||
169 | |||
170 | $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type')); | ||
109 | } | 171 | } |
110 | } | 172 | } |
diff --git a/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php b/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php index c87e58de..df638e8f 100644 --- a/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php +++ b/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php | |||
@@ -8,12 +8,14 @@ class WallabagRestControllerTest extends WallabagApiTestCase | |||
8 | { | 8 | { |
9 | public function testGetVersion() | 9 | public function testGetVersion() |
10 | { | 10 | { |
11 | $this->client->request('GET', '/api/version'); | 11 | // create a new client instead of using $this->client to be sure client isn't authenticated |
12 | $client = static::createClient(); | ||
13 | $client->request('GET', '/api/version'); | ||
12 | 14 | ||
13 | $this->assertEquals(200, $this->client->getResponse()->getStatusCode()); | 15 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); |
14 | 16 | ||
15 | $content = json_decode($this->client->getResponse()->getContent(), true); | 17 | $content = json_decode($client->getResponse()->getContent(), true); |
16 | 18 | ||
17 | $this->assertEquals($this->client->getContainer()->getParameter('wallabag_core.version'), $content); | 19 | $this->assertEquals($client->getContainer()->getParameter('wallabag_core.version'), $content); |
18 | } | 20 | } |
19 | } | 21 | } |