summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2016-10-07 12:50:18 +0200
committerFlorian Pritz <bluewind@xinu.at>2016-11-05 19:44:15 +0100
commit13bb81e04c1116fae955dc39bbfe5fcb8b17313f (patch)
treed4f620004c1473a29a61c4a6615c06e9b513bf7c /application
parentb42cce9521b142453bb8b9a228c166f2b407de77 (diff)
API: Drop v1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r--application/controllers/api/v1/api_info.php16
-rw-r--r--application/controllers/api/v1/file.php91
-rw-r--r--application/controllers/api/v1/user.php75
-rw-r--r--application/test/tests/test_api_v1.php484
4 files changed, 0 insertions, 666 deletions
diff --git a/application/controllers/api/v1/api_info.php b/application/controllers/api/v1/api_info.php
deleted file mode 100644
index cd94869f8..000000000
--- a/application/controllers/api/v1/api_info.php
+++ /dev/null
@@ -1,16 +0,0 @@
-<?php
-/*
- * Copyright 2014 Florian "Bluewind" Pritz <bluewind@server-speed.net>
- *
- * Licensed under AGPLv3
- * (see COPYING for full license text)
- *
- */
-namespace controllers\api\v1;
-
-class api_info extends \controllers\api\api_controller {
- static public function get_version()
- {
- return "1.4.0";
- }
-}
diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php
deleted file mode 100644
index 6536335cb..000000000
--- a/application/controllers/api/v1/file.php
+++ /dev/null
@@ -1,91 +0,0 @@
-<?php
-/*
- * Copyright 2014 Florian "Bluewind" Pritz <bluewind@server-speed.net>
- *
- * Licensed under AGPLv3
- * (see COPYING for full license text)
- *
- */
-namespace controllers\api\v1;
-
-class file extends \controllers\api\api_controller {
- public function __construct()
- {
- parent::__construct();
-
- $this->load->model('mfile');
- $this->load->model('mmultipaste');
- }
-
- public function upload()
- {
- $this->muser->require_access("basic");
-
- $files = getNormalizedFILES();
-
- if (empty($files)) {
- throw new \exceptions\PublicApiException("file/no-file", "No file was uploaded or unknown error occurred.");
- }
-
- \service\files::verify_uploaded_files($files);
-
- $limits = $this->muser->get_upload_id_limits();
- $userid = $this->muser->get_userid();
- $urls = array();
-
- foreach ($files as $file) {
- $id = $this->mfile->new_id($limits[0], $limits[1]);
- \service\files::add_uploaded_file($userid, $id, $file["tmp_name"], $file["name"]);
- $ids[] = $id;
- $urls[] = site_url($id).'/';
- }
-
- return array(
- "ids" => $ids,
- "urls" => $urls,
- );
- }
-
- public function get_config()
- {
- return array(
- "upload_max_size" => $this->config->item("upload_max_size"),
- "max_files_per_request" => intval(ini_get("max_file_uploads")),
- "max_input_vars" => intval(ini_get("max_input_vars")),
- "request_max_size" => return_bytes(ini_get("post_max_size")),
- );
- }
-
- public function history()
- {
- $this->muser->require_access("apikey");
- $history = \service\files::history($this->muser->get_userid());
- foreach ($history['items'] as $key => $item) {
- unset($history['items'][$key]['thumbnail']);
- }
- foreach ($history['multipaste_items'] as $key => $multipaste_item) {
- foreach ($multipaste_item['items'] as $inner_key => $item) {
- unset($history['multipaste_items'][$key]['items'][$inner_key]['sort_order']);
- }
- }
- return $history;
- }
-
- public function delete()
- {
- $this->muser->require_access("apikey");
- $ids = $this->input->post("ids");
- return \service\files::delete($ids);
- }
-
- public function create_multipaste()
- {
- $this->muser->require_access("basic");
- $ids = $this->input->post("ids");
- $userid = $this->muser->get_userid();
- $limits = $this->muser->get_upload_id_limits();
-
- return \service\files::create_multipaste($ids, $userid, $limits);
- }
-}
-# vim: set noet:
diff --git a/application/controllers/api/v1/user.php b/application/controllers/api/v1/user.php
deleted file mode 100644
index 38247d02c..000000000
--- a/application/controllers/api/v1/user.php
+++ /dev/null
@@ -1,75 +0,0 @@
-<?php
-/*
- * Copyright 2014 Florian "Bluewind" Pritz <bluewind@server-speed.net>
- *
- * Licensed under AGPLv3
- * (see COPYING for full license text)
- *
- */
-namespace controllers\api\v1;
-
-class user extends \controllers\api\api_controller {
- public function __construct()
- {
- parent::__construct();
-
- $this->load->model('muser');
- }
-
- public function apikeys()
- {
- $this->muser->require_access("full");
- return \service\user::apikeys($this->muser->get_userid());
- }
-
- public function create_apikey()
- {
- $username = $this->input->post("username");
- $password = $this->input->post("password");
- if ($username && $password) {
- if (!$this->muser->login($username, $password)) {
- throw new \exceptions\NotAuthenticatedException("user/login-failed", "Login failed");
- }
- }
-
- $this->muser->require_access("full");
-
- $userid = $this->muser->get_userid();
- $comment = $this->input->post("comment");
- $comment = $comment === false ? "" : $comment;
- $access_level = $this->input->post("access_level");
-
- $key = \service\user::create_apikey($userid, $comment, $access_level);
-
- return array(
- "new_key" => $key,
- );
- }
-
- public function delete_apikey()
- {
- $this->muser->require_access("full");
-
- $userid = $this->muser->get_userid();
- $key = $this->input->post("delete_key");
-
- $this->db->where('user', $userid)
- ->where('key', $key)
- ->delete('apikeys');
-
- $affected = $this->db->affected_rows();
-
- assert($affected >= 0 && $affected <= 1);
- if ($affected == 1) {
- return array(
- "deleted_keys" => array(
- $key => array (
- "key" => $key,
- ),
- ),
- );
- } else {
- throw new \exceptions\PublicApiException('user/delete_apikey/failed', 'Apikey deletion failed. Possibly wrong owner.');
- }
- }
-}
diff --git a/application/test/tests/test_api_v1.php b/application/test/tests/test_api_v1.php
deleted file mode 100644
index d78b189f2..000000000
--- a/application/test/tests/test_api_v1.php
+++ /dev/null
@@ -1,484 +0,0 @@
-<?php
-/*
- * Copyright 2015 Florian "Bluewind" Pritz <bluewind@server-speed.net>
- *
- * Licensed under AGPLv3
- * (see COPYING for full license text)
- *
- */
-
-namespace test\tests;
-
-class test_api_v1 extends \test\Test {
-
- public function __construct()
- {
- parent::__construct();
-
- $CI =& get_instance();
- $CI->load->model("muser");
- $CI->load->model("mfile");
-
- $this->startServer(23115);
- }
-
- private function uploadFile($apikey, $file)
- {
- $ret = $this->CallAPI("POST", "$this->server_url/api/v1.1.0/file/upload", array(
- "apikey" => $apikey,
- "file[1]" => curl_file_create($file),
- ));
- $this->expectSuccess("upload file", $ret);
- return $ret;
- }
-
- private function createUser($counter)
- {
- $CI =& get_instance();
- $CI->muser->add_user("apiv1testuser$counter", "testpass$counter",
- "testuser$counter@testsuite.local", NULL);
- return $CI->db->insert_id();
- }
-
- private function createApikey($userid, $access_level = "apikey")
- {
- return \service\user::create_apikey($userid, "", $access_level);
- }
-
- private function createUserAndApikey($access_level = "apikey")
- {
- static $counter = 100;
- $counter++;
- $userid = $this->createUser($counter);
- return $this->createApikey($userid, $access_level);
- }
-
- private function callEndpoint($verb, $endpoint, $data)
- {
- return $this->CallAPI($verb, "$this->server_url/api/v1.0.0/$endpoint", $data);
- }
-
- public function test_callPrivateEndpointsWithoutApikey()
- {
- $endpoints = array(
- "file/upload",
- "file/history",
- "file/delete",
- "file/create_multipaste",
- "user/apikeys",
- "user/create_apikey",
- "user/delete_apikey",
- );
- foreach ($endpoints as $endpoint) {
- $ret = $this->CallEndpoint("POST", $endpoint, array(
- ));
- $this->expectError("call $endpoint without apikey", $ret);
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'api/not-authenticated',
- 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23115/ for more information.',
- ), $ret, "expected error");
- }
- }
-
- public function test_callEndpointsWithoutEnoughPermissions()
- {
- $testconfig = array(
- array(
- "have_level" => "basic",
- "wanted_level" => "apikey",
- "apikey" => $this->createUserAndApikey('basic'),
- "endpoints" => array(
- "file/delete",
- "file/history",
- ),
- ),
- array(
- "have_level" => "apikey",
- "wanted_level" => "full",
- "apikey" => $this->createUserAndApikey(),
- "endpoints" => array(
- "user/apikeys",
- "user/create_apikey",
- "user/delete_apikey",
- ),
- ),
- );
- foreach ($testconfig as $test) {
- foreach ($test['endpoints'] as $endpoint) {
- $ret = $this->CallEndpoint("POST", $endpoint, array(
- "apikey" => $test['apikey'],
- ));
- $this->expectError("call $endpoint without enough permissions", $ret);
- $this->t->is_deeply(array(
- 'status' => "error",
- 'error_id' => "api/insufficient-permissions",
- 'message' => "Access denied: Access level too low. Required: ${test['wanted_level']}; Have: ${test['have_level']}",
- ), $ret, "expected permission error");
- }
- }
- }
-
- public function test_create_apikey_createNewKey()
- {
- $this->createUser(1);
- $ret = $this->CallEndpoint("POST", "user/create_apikey", array(
- "username" => "apiv1testuser1",
- "password" => "testpass1",
- "access_level" => "apikey",
- "comment" => "main api key",
- ));
- $this->expectSuccess("create-apikey", $ret);
-
- $this->t->isnt($ret["data"]["new_key"], "", "apikey not empty");
- }
-
- public function test_apikeys_getApikey()
- {
- $userid = $this->createUser(2);
- $apikey = $this->createApikey($userid);
- $apikey_full = $this->createApikey($userid, "full");
- $ret = $this->CallEndpoint("POST", "user/apikeys", array(
- "apikey" => $apikey_full,
- ));
- $this->expectSuccess("get apikeys", $ret);
-
- $this->t->is($ret["data"]["apikeys"][$apikey]["key"], $apikey, "expected key 1");
- $this->t->is($ret["data"]["apikeys"][$apikey]["access_level"], "apikey", "expected key 1 acces_level");
- $this->t->is($ret["data"]["apikeys"][$apikey]["comment"], "", "expected key 1 comment");
- $this->t->ok(is_int($ret["data"]["apikeys"][$apikey]["created"]) , "expected key 1 creation time is int");
- }
-
- public function test_delete_apikey_deleteOwnKey()
- {
- $apikey = $this->createUserAndApikey("full");
- $ret = $this->CallEndpoint("POST", "user/delete_apikey", array(
- "apikey" => $apikey,
- "delete_key" => $apikey,
- ));
- $this->expectSuccess("delete apikey", $ret);
-
- $this->t->is($ret["data"]["deleted_keys"][$apikey]["key"], $apikey, "expected key");
- }
-
- public function test_delete_apikey_errorDeleteOtherUserKey()
- {
- $apikey = $this->createUserAndApikey("full");
- $apikey2 = $this->createUserAndApikey("full");
- $ret = $this->CallEndpoint("POST", "user/delete_apikey", array(
- "apikey" => $apikey,
- "delete_key" => $apikey2,
- ));
- $this->expectError("delete apikey of other user", $ret);
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'user/delete_apikey/failed',
- 'message' => 'Apikey deletion failed. Possibly wrong owner.',
- ), $ret, "expected error");
- }
-
- public function test_authentication_invalidPassword()
- {
- $userid = $this->createUser(3);
- $ret = $this->CallEndpoint("POST", "user/create_apikey", array(
- "username" => "apiv1testuser3",
- "password" => "wrongpass",
- ));
- $this->expectError("invalid password", $ret);
-
- $this->t->is_deeply(array (
- 'status' => 'error',
- 'error_id' => 'user/login-failed',
- 'message' => 'Login failed',
- ), $ret, "expected error");
- }
-
- public function test_authentication_invalidUser()
- {
- $userid = $this->createUser(4);
- $ret = $this->CallEndpoint("POST", "user/create_apikey", array(
- "username" => "apiv1testuserinvalid",
- "password" => "testpass4",
- ));
- $this->expectError("invalid username", $ret);
-
- $this->t->is_deeply(array (
- 'status' => 'error',
- 'error_id' => 'user/login-failed',
- 'message' => 'Login failed',
- ), $ret, "expected error");
- }
-
- public function test_history_empty()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->CallEndpoint("POST", "file/history", array(
- "apikey" => $apikey,
- ));
- $this->expectSuccess("get history", $ret);
-
- $this->t->ok(empty($ret["data"]["items"]), "items key exists and empty");
- $this->t->ok(empty($ret["data"]["multipaste_items"]), "multipaste_items key exists and empty");
- $this->t->is($ret["data"]["total_size"], 0, "total_size = 0 since no uploads");
- }
-
- public function test_get_config()
- {
- $ret = $this->CallEndpoint("GET", "file/get_config", array(
- ));
- $this->expectSuccess("get_config", $ret);
-
- $this->t->like($ret["data"]["upload_max_size"], '/[0-9]+/', "upload_max_size is int");
- $this->t->like($ret["data"]["max_files_per_request"], '/[0-9]+/', "max_files_per_request is int");
- }
-
- public function test_upload_uploadFile()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->CallEndpoint("POST", "file/upload", array(
- "apikey" => $apikey,
- "file[1]" => curl_file_create("data/tests/small-file"),
- ));
- $this->expectSuccess("upload file", $ret);
-
- $this->t->ok(!empty($ret["data"]["ids"]), "got IDs");
- $this->t->ok(!empty($ret["data"]["urls"]), "got URLs");
- }
-
- public function test_upload_uploadFileSameMD5()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->CallEndpoint("POST", "file/upload", array(
- "apikey" => $apikey,
- "file[1]" => curl_file_create("data/tests/message1.bin"),
- "file[2]" => curl_file_create("data/tests/message2.bin"),
- ));
- $this->expectSuccess("upload file", $ret);
-
- $this->t->ok(!empty($ret["data"]["ids"]), "got IDs");
- $this->t->ok(!empty($ret["data"]["urls"]), "got URLs");
-
- foreach ($ret["data"]["urls"] as $url) {
- $data[] = $this->SendHTTPRequest("GET", $url, '');
- }
- $this->t->ok($data[0] !== $data[1], 'Returned file contents should differ');
- }
-
- public function test_upload_uploadNothing()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->CallEndpoint("POST", "file/upload", array(
- "apikey" => $apikey,
- ));
- $this->expectError("upload no file", $ret);
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'file/no-file',
- 'message' => 'No file was uploaded or unknown error occurred.',
- ), $ret, "expected reply");
- }
-
- public function test_history_notEmptyAfterUploadSameMD5()
- {
- $apikey = $this->createUserAndApikey();
- $this->CallEndpoint("POST", "file/upload", array(
- "apikey" => $apikey,
- "file[1]" => curl_file_create("data/tests/message1.bin"),
- "file[2]" => curl_file_create("data/tests/message2.bin"),
- ));
- $expected_filesize = filesize("data/tests/message1.bin") + filesize("data/tests/message2.bin");
-
- $ret = $this->CallEndpoint("POST", "file/history", array(
- "apikey" => $apikey,
- ));
- $this->expectSuccess("history not empty after upload", $ret);
-
- $this->t->ok(!empty($ret["data"]["items"]), "history not empty after upload (items)");
- $this->t->ok(empty($ret["data"]["multipaste_items"]), "didn't upload multipaste");
- $this->t->is($ret["data"]["total_size"], $expected_filesize, "total_size == uploaded files");
- }
-
- public function test_history_notEmptyAfterMultipaste()
- {
- $apikey = $this->createUserAndApikey();
- $uploadid = $this->uploadFile($apikey, "data/tests/small-file")['data']['ids'][0];
- $multipasteid = $this->CallEndpoint("POST", "file/create_multipaste", array(
- "apikey" => $apikey,
- 'ids[1]' => $uploadid,
- ))['data']['url_id'];
-
- $ret = $this->CallEndpoint("POST", "file/history", array(
- "apikey" => $apikey,
- ));
- $this->expectSuccess("history not empty after multipaste", $ret);
-
- $this->t->ok(!empty($ret["data"]["items"]), "history not empty after multipaste (items)");
- $this->t->is($ret['data']["multipaste_items"][$multipasteid]['items'][$uploadid]['id'], $uploadid, "multipaste contains correct id");
- $this->t->is_deeply(array(
- 'url_id', 'multipaste_id', 'user_id', 'date', 'items'
- ), array_keys($ret['data']["multipaste_items"][$multipasteid]), "multipaste info only lists correct keys");
- $this->t->is_deeply(array('id'), array_keys($ret['data']["multipaste_items"][$multipasteid]['items'][$uploadid]), "multipaste item info only lists correct keys");
- }
-
- public function test_history_notEmptyAfterUpload()
- {
- $apikey = $this->createUserAndApikey();
- $uploadid = $this->uploadFile($apikey, "data/tests/small-file")['data']['ids'][0];
- $uploadid_image = $this->uploadFile($apikey, "data/tests/black_white.png")['data']['ids'][0];
- $expected_size = filesize("data/tests/small-file") + filesize("data/tests/black_white.png");
-
- $ret = $this->CallEndpoint("POST", "file/history", array(
- "apikey" => $apikey,
- ));
- $this->expectSuccess("history not empty after upload", $ret);
-
- $this->t->ok(!empty($ret["data"]["items"]), "history not empty after upload (items)");
- $this->t->is_deeply(array(
- 'id', 'filename', 'mimetype', 'date', 'hash', 'filesize'
- ), array_keys($ret['data']["items"][$uploadid]), "item info only lists correct keys");
- $this->t->is_deeply(array(
- 'id', 'filename', 'mimetype', 'date', 'hash', 'filesize'
- ), array_keys($ret['data']["items"][$uploadid_image]), "item info for image does not list thumbnail in v1");
- $this->t->ok(empty($ret["data"]["multipaste_items"]), "didn't upload multipaste");
- $this->t->is($ret["data"]["total_size"], $expected_size, "total_size == uploaded files");
- }
-
- public function test_history_notSharedBetweenUsers()
- {
- $apikey = $this->createUserAndApikey();
- $apikey2 = $this->createUserAndApikey();
- $this->uploadFile($apikey, "data/tests/small-file");
-
- $ret = $this->CallEndpoint("POST", "file/history", array(
- "apikey" => $apikey2,
- ));
- $this->expectSuccess("get history", $ret);
-
- $this->t->ok(empty($ret["data"]["items"]), "items key exists and empty");
- $this->t->ok(empty($ret["data"]["multipaste_items"]), "multipaste_items key exists and empty");
- $this->t->is($ret["data"]["total_size"], 0, "total_size = 0 since no uploads");
- }
-
- public function test_delete_canDeleteUploaded()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $ret = $this->CallEndpoint("POST", "file/delete", array(
- "apikey" => $apikey,
- "ids[1]" => $id,
- ));
- $this->expectSuccess("delete uploaded file", $ret);
-
- $this->t->ok(empty($ret["data"]["errors"]), "no errors");
- $this->t->is_deeply(array(
- $id => array(
- "id" => $id
- )
- ), $ret["data"]["deleted"], "deleted wanted ID");
- $this->t->is($ret["data"]["total_count"], 1, "total_count correct");
- $this->t->is($ret["data"]["deleted_count"], 1, "deleted_count correct");
- }
-
- public function test_delete_errorIfNotOwner()
- {
- $apikey = $this->createUserAndApikey();
- $apikey2 = $this->createUserAndApikey();
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $ret = $this->CallEndpoint("POST", "file/delete", array(
- "apikey" => $apikey2,
- "ids[1]" => $id,
- ));
- $this->expectSuccess("delete file of someone else", $ret);
-
- $this->t->ok(empty($ret["data"]["deleted"]), "not deleted");
- $this->t->is_deeply(array(
- $id => array(
- "id" => $id,
- "reason" => "wrong owner"
- )
- ), $ret["data"]["errors"], "error wanted ID");
- $this->t->is($ret["data"]["total_count"], 1, "total_count correct");
- $this->t->is($ret["data"]["deleted_count"], 0, "deleted_count correct");
- }
-
- public function test_create_multipaste_canCreate()
- {
- $apikey = $this->createUserAndApikey("basic");
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id2 = $ret["data"]["ids"][0];
-
- $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
- "apikey" => $apikey,
- "ids[1]" => $id,
- "ids[2]" => $id2,
- ));
- $this->expectSuccess("create multipaste", $ret);
-
- $this->t->isnt($ret["data"]["url_id"], "", "got a multipaste ID");
- $this->t->isnt($ret["data"]["url"], "", "got a multipaste URL");
- }
-
- public function test_create_multipaste_errorOnWrongID()
- {
- $apikey = $this->createUserAndApikey("basic");
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $id2 = $id."invalid";
- $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
- "apikey" => $apikey,
- "ids[1]" => $id,
- "ids[2]" => $id2,
- ));
- $this->expectError("create multipaste with wrong ID", $ret);
-
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'file/create_multipaste/verify-failed',
- 'message' => 'Failed to verify ID(s)',
- 'data' =>
- array (
- $id2 =>
- array (
- 'id' => $id2,
- 'reason' => 'doesn\'t exist',
- ),
- ),
- ), $ret, "expected error response");
- }
-
- public function test_create_multipaste_errorOnWrongOwner()
- {
- $apikey = $this->createUserAndApikey("basic");
- $apikey2 = $this->createUserAndApikey("basic");
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
- "apikey" => $apikey2,
- "ids[1]" => $id,
- ));
- $this->expectError("create multipaste with wrong owner", $ret);
-
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'file/create_multipaste/verify-failed',
- 'message' => 'Failed to verify ID(s)',
- 'data' =>
- array (
- $id =>
- array (
- 'id' => $id,
- 'reason' => 'not owned by you',
- ),
- ),
- ), $ret, "expected error response");
- }
-}