aboutsummaryrefslogtreecommitdiffhomepage
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php35
1 files changed, 26 insertions, 9 deletions
diff --git a/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php
index b4831167..50b61234 100644
--- a/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php
+++ b/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php
@@ -41,6 +41,32 @@ class WallabagRestControllerTest extends WallabagTestCase
41 $this->assertEquals(404, $client->getResponse()->getStatusCode()); 41 $this->assertEquals(404, $client->getResponse()->getStatusCode());
42 } 42 }
43 43
44 public function testWithBadHeaders()
45 {
46 $client = $this->createClient();
47 $client->request('GET', '/api/salts/admin.json');
48 $salt = json_decode($client->getResponse()->getContent());
49
50 $headers = $this->generateHeaders('admin', 'test', $salt[0]);
51
52 $entry = $client->getContainer()
53 ->get('doctrine.orm.entity_manager')
54 ->getRepository('WallabagCoreBundle:Entry')
55 ->findOneByIsArchived(false);
56
57 if (!$entry) {
58 $this->markTestSkipped('No content found in db.');
59 }
60
61 $badHeaders = array(
62 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
63 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
64 );
65
66 $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
67 $this->assertEquals(403, $client->getResponse()->getStatusCode());
68 }
69
44 public function testGetOneEntry() 70 public function testGetOneEntry()
45 { 71 {
46 $client = $this->createClient(); 72 $client = $this->createClient();
@@ -67,15 +93,6 @@ class WallabagRestControllerTest extends WallabagTestCase
67 'application/json' 93 'application/json'
68 ) 94 )
69 ); 95 );
70
71 // Now testing with bad headers
72 $badHeaders = array(
73 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
74 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
75 );
76
77 $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
78 $this->assertEquals(403, $client->getResponse()->getStatusCode());
79 } 96 }
80 97
81 public function testGetEntries() 98 public function testGetEntries()