wallabag/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php

<?php

namespace Wallabag\CoreBundle\Tests\Controller;

use Wallabag\CoreBundle\Tests\WallabagTestCase;

class WallabagRestControllerTest extends WallabagTestCase
{
    /**
     * Generate HTTP headers for authenticate user on API
     *
     * @param $username
     * @param $password
     * @param $salt
     *
     * @return array
     */
    private function generateHeaders($username, $password, $salt)
    {
        $encryptedPassword = sha1($password.$username.$salt);
        $nonce = substr(md5(uniqid('nonce_', true)), 0, 16);

        $now = new \DateTime('now', new \DateTimeZone('UTC'));
        $created = (string) $now->format('Y-m-d\TH:i:s\Z');
        $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true));

        return array(
            'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
            'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"',
        );
    }

    public function testGetSalt()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $this->assertEquals(200, $client->getResponse()->getStatusCode());
        $this->assertNotEmpty(json_decode($client->getResponse()->getContent()));

        $client->request('GET', '/api/salts/notfound.json');
        $this->assertEquals(404, $client->getResponse()->getStatusCode());
    }

    public function testWithBadHeaders()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByIsArchived(false);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $badHeaders = array(
            'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
            'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
        );

        $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
        $this->assertEquals(403, $client->getResponse()->getStatusCode());
    }

    public function testGetOneEntry()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByIsArchived(false);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
        $this->assertContains($entry->getTitle(), $client->getResponse()->getContent());

        $this->assertTrue(
            $client->getResponse()->headers->contains(
                'Content-Type',
                'application/json'
            )
        );
    }

    public function testGetEntries()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);

        $client->request('GET', '/api/entries', array(), array(), $headers);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent())));

        $this->assertContains('Mailjet', $client->getResponse()->getContent());

        $this->assertTrue(
            $client->getResponse()->headers->contains(
                'Content-Type',
                'application/json'
            )
        );
    }

    public function testDeleteEntry()
    {
        $client = $this->createClient();
        $client->request('GET', '/api/salts/admin.json');
        $salt = json_decode($client->getResponse()->getContent());

        $headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);

        $entry = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneByIsDeleted(false);

        if (!$entry) {
            $this->markTestSkipped('No content found in db.');
        }

        $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);

        $this->assertEquals(200, $client->getResponse()->getStatusCode());

        $res = $client->getContainer()
            ->get('doctrine.orm.entity_manager')
            ->getRepository('WallabagCoreBundle:Entry')
            ->findOneById($entry->getId());
        $this->assertEquals($res->isDeleted(), true);
    }
}
Test for GET on empty database 2015-02-06 18:02:12 +01:00			`<?php`

			`namespace Wallabag\CoreBundle\Tests\Controller;`

phpdoc 2015-02-11 11:52:10 +01:00			`use Wallabag\CoreBundle\Tests\WallabagTestCase;`
Test for GET on empty database 2015-02-06 18:02:12 +01:00
phpdoc 2015-02-11 11:52:10 +01:00			`class WallabagRestControllerTest extends WallabagTestCase`
Test for GET on empty database 2015-02-06 18:02:12 +01:00			`{`
refactor and test one entry 2015-02-11 06:41:44 +01:00			`/**`
			`* Generate HTTP headers for authenticate user on API`
			`*`
			`* @param $username`
			`* @param $password`
			`* @param $salt`
			`*`
			`* @return array`
			`*/`
			`private function generateHeaders($username, $password, $salt)`
			`{`
			`$encryptedPassword = sha1($password.$username.$salt);`
			`$nonce = substr(md5(uniqid('nonce_', true)), 0, 16);`

			`$now = new \DateTime('now', new \DateTimeZone('UTC'));`
			`$created = (string) $now->format('Y-m-d\TH:i:s\Z');`
			`$digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true));`

			`return array(`
			`'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',`
			`'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"',`
			`);`
			`}`

add test for api/salts 2015-02-10 20:07:55 +01:00			`public function testGetSalt()`
			`{`
			`$client = $this->createClient();`
			`$client->request('GET', '/api/salts/admin.json');`
			`$this->assertEquals(200, $client->getResponse()->getStatusCode());`
add test for empty salt 2015-02-11 15:15:06 +01:00			`$this->assertNotEmpty(json_decode($client->getResponse()->getContent()));`
add test for api/salts 2015-02-10 20:07:55 +01:00
			`$client->request('GET', '/api/salts/notfound.json');`
			`$this->assertEquals(404, $client->getResponse()->getStatusCode());`
			`}`

create single test for bad headers 2015-02-11 16:08:13 +01:00			`public function testWithBadHeaders()`
			`{`
			`$client = $this->createClient();`
			`$client->request('GET', '/api/salts/admin.json');`
			`$salt = json_decode($client->getResponse()->getContent());`

Handle password change 2015-02-17 21:03:23 +01:00			`$headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);`
create single test for bad headers 2015-02-11 16:08:13 +01:00
			`$entry = $client->getContainer()`
			`->get('doctrine.orm.entity_manager')`
			`->getRepository('WallabagCoreBundle:Entry')`
			`->findOneByIsArchived(false);`

			`if (!$entry) {`
			`$this->markTestSkipped('No content found in db.');`
			`}`

			`$badHeaders = array(`
			`'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',`
			`'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',`
			`);`

			`$client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);`
			`$this->assertEquals(403, $client->getResponse()->getStatusCode());`
			`}`

refactor and test one entry 2015-02-11 06:41:44 +01:00			`public function testGetOneEntry()`
add test for api/salts 2015-02-10 20:07:55 +01:00			`{`
Test for GET on empty database 2015-02-06 18:02:12 +01:00			`$client = $this->createClient();`
first test for API, need refactor 2015-02-10 23:13:34 +01:00			`$client->request('GET', '/api/salts/admin.json');`
DELETE entry and use of query for fetch entries 2015-02-11 07:43:43 +01:00			`$salt = json_decode($client->getResponse()->getContent());`
first test for API, need refactor 2015-02-10 23:13:34 +01:00
Handle password change 2015-02-17 21:03:23 +01:00			`$headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);`
first test for API, need refactor 2015-02-10 23:13:34 +01:00
DELETE entry and use of query for fetch entries 2015-02-11 07:43:43 +01:00			`$entry = $client->getContainer()`
			`->get('doctrine.orm.entity_manager')`
			`->getRepository('WallabagCoreBundle:Entry')`
			`->findOneByIsArchived(false);`

			`if (!$entry) {`
			`$this->markTestSkipped('No content found in db.');`
			`}`

			`$client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);`
			`$this->assertContains($entry->getTitle(), $client->getResponse()->getContent());`
first test for API, need refactor 2015-02-10 23:13:34 +01:00
refactor and test one entry 2015-02-11 06:41:44 +01:00			`$this->assertTrue(`
			`$client->getResponse()->headers->contains(`
			`'Content-Type',`
			`'application/json'`
			`)`
first test for API, need refactor 2015-02-10 23:13:34 +01:00			`);`
refactor and test one entry 2015-02-11 06:41:44 +01:00			`}`

			`public function testGetEntries()`
			`{`
			`$client = $this->createClient();`
			`$client->request('GET', '/api/salts/admin.json');`
DELETE entry and use of query for fetch entries 2015-02-11 07:43:43 +01:00			`$salt = json_decode($client->getResponse()->getContent());`
refactor and test one entry 2015-02-11 06:41:44 +01:00
Handle password change 2015-02-17 21:03:23 +01:00			`$headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);`
first test for API, need refactor 2015-02-10 23:13:34 +01:00
			`$client->request('GET', '/api/entries', array(), array(), $headers);`
test if GET /api/entries returns 1 or more results 2015-02-11 18:22:59 +01:00
			`$this->assertEquals(200, $client->getResponse()->getStatusCode());`

			`$this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent())));`

first test for API, need refactor 2015-02-10 23:13:34 +01:00			`$this->assertContains('Mailjet', $client->getResponse()->getContent());`
Test for GET on empty database 2015-02-06 18:02:12 +01:00
			`$this->assertTrue(`
			`$client->getResponse()->headers->contains(`
			`'Content-Type',`
			`'application/json'`
			`)`
			`);`
			`}`
DELETE entry and use of query for fetch entries 2015-02-11 07:43:43 +01:00
			`public function testDeleteEntry()`
			`{`
			`$client = $this->createClient();`
			`$client->request('GET', '/api/salts/admin.json');`
			`$salt = json_decode($client->getResponse()->getContent());`

Handle password change 2015-02-17 21:03:23 +01:00			`$headers = $this->generateHeaders('admin', 'mypassword', $salt[0]);`
DELETE entry and use of query for fetch entries 2015-02-11 07:43:43 +01:00
			`$entry = $client->getContainer()`
			`->get('doctrine.orm.entity_manager')`
			`->getRepository('WallabagCoreBundle:Entry')`
			`->findOneByIsDeleted(false);`

			`if (!$entry) {`
			`$this->markTestSkipped('No content found in db.');`
			`}`

			`$client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);`

			`$this->assertEquals(200, $client->getResponse()->getStatusCode());`

			`$res = $client->getContainer()`
			`->get('doctrine.orm.entity_manager')`
			`->getRepository('WallabagCoreBundle:Entry')`
			`->findOneById($entry->getId());`
			`$this->assertEquals($res->isDeleted(), true);`
			`}`
add test for api/salts 2015-02-10 20:07:55 +01:00			`}`