From b0da721a5238ece3056ae7af760e9455f7af3e11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 3 Oct 2016 21:39:01 +0200 Subject: Changed relation between API client and refresh token Fix #2350 --- src/Wallabag/ApiBundle/Entity/Client.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/Wallabag/ApiBundle/Entity/Client.php b/src/Wallabag/ApiBundle/Entity/Client.php index 3e2f491c..92b2f762 100644 --- a/src/Wallabag/ApiBundle/Entity/Client.php +++ b/src/Wallabag/ApiBundle/Entity/Client.php @@ -25,6 +25,11 @@ class Client extends BaseClient */ protected $name; + /** + * @ORM\OneToMany(targetEntity="RefreshToken", mappedBy="client", cascade={"remove"}) + */ + protected $refreshTokens; + public function __construct() { parent::__construct(); -- cgit v1.2.3 From ee32248f43baef7e995c9e420cd00a137e626cf0 Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Sat, 8 Oct 2016 00:02:22 +0200 Subject: Ensure access_token are removed MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When we remove the client, we should ensure that access_token are also removed. To ensure that, I created a test that generated an access_token. So when we remove the client, this association should be cascaded and shouldn’t generate an error. Also I moved some Api related stuff to the ApiBundle (like the developer controler and ClientType form) --- app/config/routing.yml | 5 + .../ApiBundle/Controller/DeveloperController.php | 101 ++++++++++++++++++++ src/Wallabag/ApiBundle/Entity/Client.php | 5 + src/Wallabag/ApiBundle/Form/Type/ClientType.php | 46 +++++++++ .../CoreBundle/Controller/DeveloperController.php | 101 -------------------- src/Wallabag/CoreBundle/Form/Type/ClientType.php | 46 --------- .../Controller/DeveloperControllerTest.php | 104 +++++++++++++++++++++ .../Controller/DeveloperControllerTest.php | 78 ---------------- 8 files changed, 261 insertions(+), 225 deletions(-) create mode 100644 src/Wallabag/ApiBundle/Controller/DeveloperController.php create mode 100644 src/Wallabag/ApiBundle/Form/Type/ClientType.php delete mode 100644 src/Wallabag/CoreBundle/Controller/DeveloperController.php delete mode 100644 src/Wallabag/CoreBundle/Form/Type/ClientType.php create mode 100644 tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php delete mode 100644 tests/Wallabag/CoreBundle/Controller/DeveloperControllerTest.php diff --git a/app/config/routing.yml b/app/config/routing.yml index 2be74d7f..750ed435 100644 --- a/app/config/routing.yml +++ b/app/config/routing.yml @@ -12,6 +12,11 @@ wallabag_user: type: annotation prefix: /users +wallabag_api: + resource: "@WallabagApiBundle/Controller/" + type: annotation + prefix: / + wallabag_api: resource: "@WallabagApiBundle/Resources/config/routing.yml" prefix: / diff --git a/src/Wallabag/ApiBundle/Controller/DeveloperController.php b/src/Wallabag/ApiBundle/Controller/DeveloperController.php new file mode 100644 index 00000000..5a36a260 --- /dev/null +++ b/src/Wallabag/ApiBundle/Controller/DeveloperController.php @@ -0,0 +1,101 @@ +getDoctrine()->getRepository('WallabagApiBundle:Client')->findAll(); + + return $this->render('@WallabagCore/themes/common/Developer/index.html.twig', [ + 'clients' => $clients, + ]); + } + + /** + * Create a client (an app). + * + * @param Request $request + * + * @Route("/developer/client/create", name="developer_create_client") + * + * @return \Symfony\Component\HttpFoundation\Response + */ + public function createClientAction(Request $request) + { + $em = $this->getDoctrine()->getManager(); + $client = new Client(); + $clientForm = $this->createForm(ClientType::class, $client); + $clientForm->handleRequest($request); + + if ($clientForm->isValid()) { + $client->setAllowedGrantTypes(['token', 'authorization_code', 'password', 'refresh_token']); + $em->persist($client); + $em->flush(); + + $this->get('session')->getFlashBag()->add( + 'notice', + $this->get('translator')->trans('flashes.developer.notice.client_created', ['%name%' => $client->getName()]) + ); + + return $this->render('@WallabagCore/themes/common/Developer/client_parameters.html.twig', [ + 'client_id' => $client->getPublicId(), + 'client_secret' => $client->getSecret(), + 'client_name' => $client->getName(), + ]); + } + + return $this->render('@WallabagCore/themes/common/Developer/client.html.twig', [ + 'form' => $clientForm->createView(), + ]); + } + + /** + * Remove a client. + * + * @param Client $client + * + * @Route("/developer/client/delete/{id}", requirements={"id" = "\d+"}, name="developer_delete_client") + * + * @return \Symfony\Component\HttpFoundation\RedirectResponse + */ + public function deleteClientAction(Client $client) + { + $em = $this->getDoctrine()->getManager(); + $em->remove($client); + $em->flush(); + + $this->get('session')->getFlashBag()->add( + 'notice', + $this->get('translator')->trans('flashes.developer.notice.client_deleted', ['%name%' => $client->getName()]) + ); + + return $this->redirect($this->generateUrl('developer')); + } + + /** + * Display developer how to use an existing app. + * + * @Route("/developer/howto/first-app", name="developer_howto_firstapp") + * + * @return \Symfony\Component\HttpFoundation\Response + */ + public function howtoFirstAppAction() + { + return $this->render('@WallabagCore/themes/common/Developer/howto_app.html.twig'); + } +} diff --git a/src/Wallabag/ApiBundle/Entity/Client.php b/src/Wallabag/ApiBundle/Entity/Client.php index 92b2f762..f7898ac8 100644 --- a/src/Wallabag/ApiBundle/Entity/Client.php +++ b/src/Wallabag/ApiBundle/Entity/Client.php @@ -30,6 +30,11 @@ class Client extends BaseClient */ protected $refreshTokens; + /** + * @ORM\OneToMany(targetEntity="AccessToken", mappedBy="client", cascade={"remove"}) + */ + protected $accessTokens; + public function __construct() { parent::__construct(); diff --git a/src/Wallabag/ApiBundle/Form/Type/ClientType.php b/src/Wallabag/ApiBundle/Form/Type/ClientType.php new file mode 100644 index 00000000..0ea1a9c5 --- /dev/null +++ b/src/Wallabag/ApiBundle/Form/Type/ClientType.php @@ -0,0 +1,46 @@ +add('name', TextType::class, ['label' => 'developer.client.form.name_label']) + ->add('redirect_uris', UrlType::class, ['required' => false, 'label' => 'developer.client.form.redirect_uris_label']) + ->add('save', SubmitType::class, ['label' => 'developer.client.form.save_label']) + ; + + $builder->get('redirect_uris') + ->addModelTransformer(new CallbackTransformer( + function ($originalUri) { + return $originalUri; + }, + function ($submittedUri) { + return [$submittedUri]; + } + )) + ; + } + + public function configureOptions(OptionsResolver $resolver) + { + $resolver->setDefaults([ + 'data_class' => 'Wallabag\ApiBundle\Entity\Client', + ]); + } + + public function getBlockPrefix() + { + return 'client'; + } +} diff --git a/src/Wallabag/CoreBundle/Controller/DeveloperController.php b/src/Wallabag/CoreBundle/Controller/DeveloperController.php deleted file mode 100644 index f3492b74..00000000 --- a/src/Wallabag/CoreBundle/Controller/DeveloperController.php +++ /dev/null @@ -1,101 +0,0 @@ -getDoctrine()->getRepository('WallabagApiBundle:Client')->findAll(); - - return $this->render('@WallabagCore/themes/common/Developer/index.html.twig', [ - 'clients' => $clients, - ]); - } - - /** - * Create a client (an app). - * - * @param Request $request - * - * @Route("/developer/client/create", name="developer_create_client") - * - * @return \Symfony\Component\HttpFoundation\Response - */ - public function createClientAction(Request $request) - { - $em = $this->getDoctrine()->getManager(); - $client = new Client(); - $clientForm = $this->createForm(ClientType::class, $client); - $clientForm->handleRequest($request); - - if ($clientForm->isValid()) { - $client->setAllowedGrantTypes(['token', 'authorization_code', 'password', 'refresh_token']); - $em->persist($client); - $em->flush(); - - $this->get('session')->getFlashBag()->add( - 'notice', - $this->get('translator')->trans('flashes.developer.notice.client_created', ['%name%' => $client->getName()]) - ); - - return $this->render('@WallabagCore/themes/common/Developer/client_parameters.html.twig', [ - 'client_id' => $client->getPublicId(), - 'client_secret' => $client->getSecret(), - 'client_name' => $client->getName(), - ]); - } - - return $this->render('@WallabagCore/themes/common/Developer/client.html.twig', [ - 'form' => $clientForm->createView(), - ]); - } - - /** - * Remove a client. - * - * @param Client $client - * - * @Route("/developer/client/delete/{id}", requirements={"id" = "\d+"}, name="developer_delete_client") - * - * @return \Symfony\Component\HttpFoundation\RedirectResponse - */ - public function deleteClientAction(Client $client) - { - $em = $this->getDoctrine()->getManager(); - $em->remove($client); - $em->flush(); - - $this->get('session')->getFlashBag()->add( - 'notice', - $this->get('translator')->trans('flashes.developer.notice.client_deleted', ['%name%' => $client->getName()]) - ); - - return $this->redirect($this->generateUrl('developer')); - } - - /** - * Display developer how to use an existing app. - * - * @Route("/developer/howto/first-app", name="developer_howto_firstapp") - * - * @return \Symfony\Component\HttpFoundation\Response - */ - public function howtoFirstAppAction() - { - return $this->render('@WallabagCore/themes/common/Developer/howto_app.html.twig'); - } -} diff --git a/src/Wallabag/CoreBundle/Form/Type/ClientType.php b/src/Wallabag/CoreBundle/Form/Type/ClientType.php deleted file mode 100644 index d1fa94e6..00000000 --- a/src/Wallabag/CoreBundle/Form/Type/ClientType.php +++ /dev/null @@ -1,46 +0,0 @@ -add('name', TextType::class, ['label' => 'developer.client.form.name_label']) - ->add('redirect_uris', UrlType::class, ['required' => false, 'label' => 'developer.client.form.redirect_uris_label']) - ->add('save', SubmitType::class, ['label' => 'developer.client.form.save_label']) - ; - - $builder->get('redirect_uris') - ->addModelTransformer(new CallbackTransformer( - function ($originalUri) { - return $originalUri; - }, - function ($submittedUri) { - return [$submittedUri]; - } - )) - ; - } - - public function configureOptions(OptionsResolver $resolver) - { - $resolver->setDefaults([ - 'data_class' => 'Wallabag\ApiBundle\Entity\Client', - ]); - } - - public function getBlockPrefix() - { - return 'client'; - } -} diff --git a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php new file mode 100644 index 00000000..95befa9c --- /dev/null +++ b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php @@ -0,0 +1,104 @@ +logInAs('admin'); + $client = $this->getClient(); + $em = $client->getContainer()->get('doctrine.orm.entity_manager'); + $nbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); + + $crawler = $client->request('GET', '/developer/client/create'); + $this->assertEquals(200, $client->getResponse()->getStatusCode()); + + $form = $crawler->filter('button[type=submit]')->form(); + + $data = [ + 'client[name]' => 'My app', + ]; + + $crawler = $client->submit($form, $data); + + $this->assertEquals(200, $client->getResponse()->getStatusCode()); + + $newNbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); + $this->assertGreaterThan(count($nbClients), count($newNbClients)); + + $this->assertGreaterThan(1, $alert = $crawler->filter('.settings ul li strong')->extract(['_text'])); + $this->assertContains('My app', $alert[0]); + } + + /** + * @depends testCreateClient + */ + public function testCreateToken() + { + $client = $this->getClient(); + $em = $client->getContainer()->get('doctrine.orm.entity_manager'); + $apiClient = $em->getRepository('WallabagApiBundle:Client')->findOneByName('My app'); + + $client->request('POST', '/oauth/v2/token', [ + 'grant_type' => 'password', + 'client_id' => $apiClient->getPublicId(), + 'client_secret' => $apiClient->getSecret(), + 'username' => 'admin', + 'password' => 'mypassword', + ]); + + $this->assertEquals(200, $client->getResponse()->getStatusCode()); + + $data = json_decode($client->getResponse()->getContent(), true); + $this->assertArrayHasKey('access_token', $data); + $this->assertArrayHasKey('expires_in', $data); + $this->assertArrayHasKey('token_type', $data); + $this->assertArrayHasKey('refresh_token', $data); + } + + public function testListingClient() + { + $this->logInAs('admin'); + $client = $this->getClient(); + $em = $client->getContainer()->get('doctrine.orm.entity_manager'); + $nbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); + + $crawler = $client->request('GET', '/developer'); + $this->assertEquals(200, $client->getResponse()->getStatusCode()); + $this->assertEquals(count($nbClients), $crawler->filter('ul[class=collapsible] li')->count()); + } + + public function testDeveloperHowto() + { + $this->logInAs('admin'); + $client = $this->getClient(); + + $crawler = $client->request('GET', '/developer/howto/first-app'); + $this->assertEquals(200, $client->getResponse()->getStatusCode()); + } + + public function testRemoveClient() + { + $this->logInAs('admin'); + $client = $this->getClient(); + $em = $client->getContainer()->get('doctrine.orm.entity_manager'); + $nbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); + + $crawler = $client->request('GET', '/developer'); + + $link = $crawler + ->filter('div[class=collapsible-body] p a') + ->eq(0) + ->link() + ; + + $client->click($link); + $this->assertEquals(302, $client->getResponse()->getStatusCode()); + + $newNbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); + $this->assertGreaterThan(count($newNbClients), count($nbClients)); + } +} diff --git a/tests/Wallabag/CoreBundle/Controller/DeveloperControllerTest.php b/tests/Wallabag/CoreBundle/Controller/DeveloperControllerTest.php deleted file mode 100644 index 97ed0d58..00000000 --- a/tests/Wallabag/CoreBundle/Controller/DeveloperControllerTest.php +++ /dev/null @@ -1,78 +0,0 @@ -logInAs('admin'); - $client = $this->getClient(); - $em = $client->getContainer()->get('doctrine.orm.entity_manager'); - $nbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); - - $crawler = $client->request('GET', '/developer/client/create'); - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - - $form = $crawler->filter('button[type=submit]')->form(); - - $data = [ - 'client[name]' => 'My app', - ]; - - $crawler = $client->submit($form, $data); - - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - - $newNbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); - $this->assertGreaterThan(count($nbClients), count($newNbClients)); - - $this->assertGreaterThan(1, $alert = $crawler->filter('.settings ul li strong')->extract(['_text'])); - $this->assertContains('My app', $alert[0]); - } - - public function testListingClient() - { - $this->logInAs('admin'); - $client = $this->getClient(); - $em = $client->getContainer()->get('doctrine.orm.entity_manager'); - $nbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); - - $crawler = $client->request('GET', '/developer'); - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - $this->assertEquals(count($nbClients), $crawler->filter('ul[class=collapsible] li')->count()); - } - - public function testDeveloperHowto() - { - $this->logInAs('admin'); - $client = $this->getClient(); - - $crawler = $client->request('GET', '/developer/howto/first-app'); - $this->assertEquals(200, $client->getResponse()->getStatusCode()); - } - - public function testRemoveClient() - { - $this->logInAs('admin'); - $client = $this->getClient(); - $em = $client->getContainer()->get('doctrine.orm.entity_manager'); - $nbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); - - $crawler = $client->request('GET', '/developer'); - - $link = $crawler - ->filter('div[class=collapsible-body] p a') - ->eq(0) - ->link() - ; - - $client->click($link); - $this->assertEquals(302, $client->getResponse()->getStatusCode()); - - $newNbClients = $em->getRepository('WallabagApiBundle:Client')->findAll(); - $this->assertGreaterThan(count($newNbClients), count($nbClients)); - } -} -- cgit v1.2.3