Test calling endpoints with unsupported authentication method

Signed-off-by: Florian Pritz <bluewind@xinu.at>
author: Florian Pritz <bluewind@xinu.at> 2016-10-07 12:24:10 +0200
committer: Florian Pritz <bluewind@xinu.at> 2016-11-05 19:44:15 +0100
commit: b42cce9521b142453bb8b9a228c166f2b407de77 (patch)
tree: 983d6c22fa2a9ae926b6b472b651bf7d73c7ea91 /application/test
parent: b654dfa1385ea30827e714add1b3d6944e1ff340 (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/application/test/tests/test_api_v2.php b/application/test/tests/test_api_v2.php
index 05d7952c6..8bc07db97 100644
--- a/application/test/tests/test_api_v2.php
+++ b/application/test/tests/test_api_v2.php
@@ -81,6 +81,32 @@ class test_api_v2 extends \test\Test {
 		}
 	}
 
+	public function test_callPrivateEndpointsWithUnsupportedAuthentication()
+	{
+		$endpoints = array(
+			"file/upload",
+			"file/history",
+			"file/delete",
+			"file/create_multipaste",
+			"user/apikeys",
+			// create_apikey is the only one that supports username/pw
+			//"user/create_apikey",
+			"user/delete_apikey",
+		);
+		foreach ($endpoints as $endpoint) {
+			$ret = $this->CallEndpoint("POST", $endpoint, array(
+				"username" => "apiv2testuser1",
+				"password" => "testpass1",
+			));
+			$this->expectError("call $endpoint without apikey", $ret);
+			$this->t->is_deeply(array(
+				'status' => 'error',
+				'error_id' => 'api/not-authenticated',
+				'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23116/ for more information.',
+			   ), $ret, "expected error");
+		}
+	}
+
 	public function test_callEndpointsWithoutEnoughPermissions()
 	{
 		$testconfig = array(
author	Florian Pritz <bluewind@xinu.at>	2016-10-07 12:24:10 +0200
committer	Florian Pritz <bluewind@xinu.at>	2016-11-05 19:44:15 +0100
commit	b42cce9521b142453bb8b9a228c166f2b407de77 (patch)
tree	983d6c22fa2a9ae926b6b472b651bf7d73c7ea91 /application/test
parent	b654dfa1385ea30827e714add1b3d6944e1ff340 (diff)