PageRenderTime 50ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/tests/TestOfTestAuthAPIController.php

https://github.com/derekrogerson/ThinkUp
PHP | 160 lines | 96 code | 22 blank | 42 comment | 0 complexity | 7d73df06a056defd7bcd96d6579419df MD5 | raw file
Possible License(s): GPL-3.0, LGPL-2.1
  1. <?php
  2. /**
  3. *
  4. * ThinkUp/tests/TestOfTestAuthAPIController.php
  5. *
  6. * Copyright (c) 2009-2010 Gina Trapani, Guillaume Boudreau
  7. *
  8. * LICENSE:
  9. *
  10. * This file is part of ThinkUp (http://thinkupapp.com).
  11. *
  12. * ThinkUp is free software: you can redistribute it and/or modify it under the terms of the GNU General Public
  13. * License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any
  14. * later version.
  15. *
  16. * ThinkUp is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
  17. * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
  18. * details.
  19. *
  20. * You should have received a copy of the GNU General Public License along with ThinkUp. If not, see
  21. * <http://www.gnu.org/licenses/>.
  22. */
  23. require_once dirname(__FILE__).'/init.tests.php';
  24. require_once THINKUP_ROOT_PATH.'webapp/_lib/extlib/simpletest/autorun.php';
  25. require_once THINKUP_ROOT_PATH.'webapp/config.inc.php';
  26. /**
  27. * Test of TestAuthAPIController
  28. *
  29. * @license http://www.gnu.org/licenses/gpl.html
  30. * @copyright 2009-2010 Gina Trapani, Guillaume Boudreau
  31. * @author Guillaume Boudreau <gboudreau@pommepause.com>
  32. *
  33. */
  34. class TestOfTestAuthAPIController extends ThinkUpUnitTestCase {
  35. public function __construct() {
  36. $this->UnitTestCase('TestAuthAPIController class test');
  37. }
  38. public function setUp() {
  39. parent::setUp();
  40. $_SERVER['HTTP_HOST'] = 'http://localhost';
  41. }
  42. public function testConstructor() {
  43. $controller = new TestAuthAPIController(true);
  44. $this->assertTrue(isset($controller));
  45. }
  46. public function testControl() {
  47. $builders = $this->buildData();
  48. $config = Config::getInstance();
  49. $escaped_site_root_path = str_replace('/', '\/', $config->getValue('site_root_path'));
  50. $controller = new TestAuthAPIController(true);
  51. // No username, no API secret provided
  52. // This isn't an API call, so present HTML error output
  53. $results = $controller->go();
  54. $this->assertPattern('/You must <a href="'.$escaped_site_root_path.
  55. 'session\/login.php">log in<\/a> to do this./', $results);
  56. // No API secret provided
  57. // This isn't an API call, so present HTML error output
  58. $_GET['un'] = 'me@example.com';
  59. $results = $controller->go();
  60. $this->assertPattern('/You must <a href="'.$escaped_site_root_path.
  61. 'session\/login.php">log in<\/a> to do this./', $results);
  62. // Wrong API secret provided
  63. $_GET['as'] = 'fail_me';
  64. $results = $controller->go();
  65. $this->assertPattern("/UnauthorizedUserException: Unauthorized API call/", $results);
  66. // Wrong username provided
  67. $_GET['as'] = Session::getAPISecretFromPassword('XXX');
  68. $_GET['un'] = 'fail_me';
  69. $results = $controller->go();
  70. $this->assertPattern("/UnauthorizedUserException: Unauthorized API call/", $results);
  71. // Working request
  72. $_GET['un'] = 'me@example.com';
  73. $_GET['as'] = Session::getAPISecretFromPassword('XXX');
  74. $results = $controller->go();
  75. $this->assertPattern('/{"result":"success"}/', $results);
  76. $config = Config::getInstance();
  77. $this->assertEqual($_SESSION[$config->getValue('source_root_path')]['user'], 'me@example.com');
  78. // Now that _SESSION['user'] is set, we shouldn't need to provide un/as to use this controller
  79. // Also, the result will be returned as HTML, not JSON
  80. unset($_GET['as']);
  81. $results = $controller->go();
  82. $this->assertPattern('/<html/', $results);
  83. // And just to make sure, if we 'logout', we should be denied access now
  84. Session::logout();
  85. $results = $controller->go();
  86. $this->assertPattern('/You must <a href="'.$escaped_site_root_path.
  87. 'session\/login.php">log in<\/a> to do this./', $results);
  88. }
  89. public function testGetLoggedInUser() {
  90. // Using _POST
  91. $builders = $this->buildData();
  92. $controller = new TestAuthAPIController(true);
  93. $_POST['un'] = 'me@example.com';
  94. $_POST['as'] = Session::getAPISecretFromPassword('XXX');
  95. $results = $controller->go();
  96. $this->assertPattern('/{"result":"success"}/', $results);
  97. }
  98. public function testGetAuthParameters() {
  99. $builders = $this->buildData();
  100. $this->assertEqual(ThinkUpAuthAPIController::getAuthParameters('me@example.com'),
  101. 'un=me%40example.com&as=1829cc1b13f920a05fb201e8d2a9e4dc58b669b1');
  102. }
  103. public function testIsAPICall() {
  104. $builders = $this->buildData();
  105. $controller = new TestAuthAPIController(true);
  106. // API call (JSON)
  107. $_GET['un'] = 'me@example.com';
  108. $_GET['as'] = Session::getAPISecretFromPassword('XXX');
  109. $results = $controller->go();
  110. $this->assertPattern('/{"result":"success"}/', $results);
  111. $this->assertFalse(strpos($results, '<html'));
  112. unset($_GET['as']);
  113. unset($_GET['un']);
  114. // HTML
  115. $this->simulateLogin('me@example.com');
  116. $results = $controller->go();
  117. $this->assertFalse(strpos($results, '{"result":"success"}'));
  118. $this->assertPattern('/<html/', $results);
  119. }
  120. private function buildData() {
  121. $owner_builder = FixtureBuilder::build('owners', array(
  122. 'id' => 1,
  123. 'email' => 'me@example.com',
  124. 'pwd' => 'XXX',
  125. 'is_activated' => 1
  126. ));
  127. $instance_builder = FixtureBuilder::build('instances', array(
  128. 'id' => 1,
  129. 'network_username' => 'jack',
  130. 'network' => 'twitter'
  131. ));
  132. $owner_instance_builder = FixtureBuilder::build('owner_instances', array(
  133. 'owner_id' => 1,
  134. 'instance_id' => 1
  135. ));
  136. return array($owner_builder, $instance_builder, $owner_instance_builder);
  137. }
  138. }