aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2017-06-02 10:19:33 +0200
committerJeremy Benoist <jeremy.benoist@gmail.com>2017-06-02 11:32:38 +0200
commit426bb453d295900fb3e35dce2f9081a42639cf27 (patch)
tree77fc6aedf17640a9d13a817e25fbd06ab89b471f /tests
parenta687c8d915276eee0c0494156700f7d0c0606735 (diff)
downloadwallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.gz
wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.zst
wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.zip
API user creation behing a toggle
I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled. Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information. I've moved all the internal settings definition to config to avoid duplicated place to define them. I don't know why we didn't did that earlier.
Diffstat (limited to 'tests')
-rw-r--r--tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php96
-rw-r--r--tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php10
2 files changed, 85 insertions, 21 deletions
diff --git a/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php b/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php
index 3f4969a5..c1095da8 100644
--- a/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php
+++ b/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php
@@ -27,8 +27,25 @@ class UserRestControllerTest extends WallabagApiTestCase
27 $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); 27 $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type'));
28 } 28 }
29 29
30 public function testGetUserWithoutAuthentication()
31 {
32 $client = static::createClient();
33 $client->request('GET', '/api/user.json');
34 $this->assertEquals(401, $client->getResponse()->getStatusCode());
35
36 $content = json_decode($client->getResponse()->getContent(), true);
37
38 $this->assertArrayHasKey('error', $content);
39 $this->assertArrayHasKey('error_description', $content);
40
41 $this->assertEquals('access_denied', $content['error']);
42
43 $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
44 }
45
30 public function testCreateNewUser() 46 public function testCreateNewUser()
31 { 47 {
48 $this->client->getContainer()->get('craue_config')->set('api_user_registration', 1);
32 $this->client->request('PUT', '/api/user.json', [ 49 $this->client->request('PUT', '/api/user.json', [
33 'username' => 'google', 50 'username' => 'google',
34 'password' => 'googlegoogle', 51 'password' => 'googlegoogle',
@@ -50,30 +67,51 @@ class UserRestControllerTest extends WallabagApiTestCase
50 67
51 $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); 68 $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type'));
52 69
53 // remove the created user to avoid side effect on other tests 70 $this->client->getContainer()->get('craue_config')->set('api_user_registration', 0);
54 // @todo remove these lines when test will be isolated 71 }
55 $em = $this->client->getContainer()->get('doctrine.orm.entity_manager'); 72
73 public function testCreateNewUserWithoutAuthentication()
74 {
75 // create a new client instead of using $this->client to be sure client isn't authenticated
76 $client = static::createClient();
77 $client->getContainer()->get('craue_config')->set('api_user_registration', 1);
78 $client->request('PUT', '/api/user.json', [
79 'username' => 'google',
80 'password' => 'googlegoogle',
81 'email' => 'wallabag@google.com',
82 ]);
83
84 $this->assertEquals(200, $client->getResponse()->getStatusCode());
85
86 $content = json_decode($client->getResponse()->getContent(), true);
87
88 $this->assertArrayHasKey('id', $content);
89 $this->assertArrayHasKey('email', $content);
90 $this->assertArrayHasKey('username', $content);
91 $this->assertArrayHasKey('created_at', $content);
92 $this->assertArrayHasKey('updated_at', $content);
93
94 $this->assertEquals('wallabag@google.com', $content['email']);
95 $this->assertEquals('google', $content['username']);
56 96
57 $query = $em->createQuery('DELETE FROM Wallabag\CoreBundle\Entity\Config c WHERE c.user = :user_id'); 97 $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
58 $query->setParameter('user_id', $content['id']);
59 $query->execute();
60 98
61 $query = $em->createQuery('DELETE FROM Wallabag\UserBundle\Entity\User u WHERE u.id = :id'); 99 $client->getContainer()->get('craue_config')->set('api_user_registration', 0);
62 $query->setParameter('id', $content['id']);
63 $query->execute();
64 } 100 }
65 101
66 public function testCreateNewUserWithExistingEmail() 102 public function testCreateNewUserWithExistingEmail()
67 { 103 {
68 $this->client->request('PUT', '/api/user.json', [ 104 $client = static::createClient();
105 $client->getContainer()->get('craue_config')->set('api_user_registration', 1);
106 $client->request('PUT', '/api/user.json', [
69 'username' => 'admin', 107 'username' => 'admin',
70 'password' => 'googlegoogle', 108 'password' => 'googlegoogle',
71 'email' => 'bigboss@wallabag.org', 109 'email' => 'bigboss@wallabag.org',
72 ]); 110 ]);
73 111
74 $this->assertEquals(400, $this->client->getResponse()->getStatusCode()); 112 $this->assertEquals(400, $client->getResponse()->getStatusCode());
75 113
76 $content = json_decode($this->client->getResponse()->getContent(), true); 114 $content = json_decode($client->getResponse()->getContent(), true);
77 115
78 $this->assertArrayHasKey('error', $content); 116 $this->assertArrayHasKey('error', $content);
79 $this->assertArrayHasKey('username', $content['error']); 117 $this->assertArrayHasKey('username', $content['error']);
@@ -85,26 +123,50 @@ class UserRestControllerTest extends WallabagApiTestCase
85 $this->assertEquals('This value is already used.', $content['error']['username'][0]); 123 $this->assertEquals('This value is already used.', $content['error']['username'][0]);
86 $this->assertEquals('This value is already used.', $content['error']['email'][0]); 124 $this->assertEquals('This value is already used.', $content['error']['email'][0]);
87 125
88 $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); 126 $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
127
128 $client->getContainer()->get('craue_config')->set('api_user_registration', 0);
89 } 129 }
90 130
91 public function testCreateNewUserWithTooShortPassword() 131 public function testCreateNewUserWithTooShortPassword()
92 { 132 {
93 $this->client->request('PUT', '/api/user.json', [ 133 $client = static::createClient();
134 $client->getContainer()->get('craue_config')->set('api_user_registration', 1);
135 $client->request('PUT', '/api/user.json', [
94 'username' => 'facebook', 136 'username' => 'facebook',
95 'password' => 'face', 137 'password' => 'face',
96 'email' => 'facebook@wallabag.org', 138 'email' => 'facebook@wallabag.org',
97 ]); 139 ]);
98 140
99 $this->assertEquals(400, $this->client->getResponse()->getStatusCode()); 141 $this->assertEquals(400, $client->getResponse()->getStatusCode());
100 142
101 $content = json_decode($this->client->getResponse()->getContent(), true); 143 $content = json_decode($client->getResponse()->getContent(), true);
102 144
103 $this->assertArrayHasKey('error', $content); 145 $this->assertArrayHasKey('error', $content);
104 $this->assertArrayHasKey('password', $content['error']); 146 $this->assertArrayHasKey('password', $content['error']);
105 147
106 $this->assertEquals('validator.password_too_short', $content['error']['password'][0]); 148 $this->assertEquals('validator.password_too_short', $content['error']['password'][0]);
107 149
108 $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type')); 150 $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
151
152 $client->getContainer()->get('craue_config')->set('api_user_registration', 0);
153 }
154
155 public function testCreateNewUserWhenRegistrationIsDisabled()
156 {
157 $client = static::createClient();
158 $client->request('PUT', '/api/user.json', [
159 'username' => 'facebook',
160 'password' => 'face',
161 'email' => 'facebook@wallabag.org',
162 ]);
163
164 $this->assertEquals(403, $client->getResponse()->getStatusCode());
165
166 $content = json_decode($client->getResponse()->getContent(), true);
167
168 $this->assertArrayHasKey('error', $content);
169
170 $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
109 } 171 }
110} 172}
diff --git a/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php b/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php
index c87e58de..df638e8f 100644
--- a/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php
+++ b/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php
@@ -8,12 +8,14 @@ class WallabagRestControllerTest extends WallabagApiTestCase
8{ 8{
9 public function testGetVersion() 9 public function testGetVersion()
10 { 10 {
11 $this->client->request('GET', '/api/version'); 11 // create a new client instead of using $this->client to be sure client isn't authenticated
12 $client = static::createClient();
13 $client->request('GET', '/api/version');
12 14
13 $this->assertEquals(200, $this->client->getResponse()->getStatusCode()); 15 $this->assertEquals(200, $client->getResponse()->getStatusCode());
14 16
15 $content = json_decode($this->client->getResponse()->getContent(), true); 17 $content = json_decode($client->getResponse()->getContent(), true);
16 18
17 $this->assertEquals($this->client->getContainer()->getParameter('wallabag_core.version'), $content); 19 $this->assertEquals($client->getContainer()->getParameter('wallabag_core.version'), $content);
18 } 20 }
19} 21}