diff options
author | Florian Pritz <bluewind@xinu.at> | 2016-10-07 12:24:10 +0200 |
---|---|---|
committer | Florian Pritz <bluewind@xinu.at> | 2016-11-05 19:44:15 +0100 |
commit | b42cce9521b142453bb8b9a228c166f2b407de77 (patch) | |
tree | 983d6c22fa2a9ae926b6b472b651bf7d73c7ea91 /application | |
parent | b654dfa1385ea30827e714add1b3d6944e1ff340 (diff) |
Test calling endpoints with unsupported authentication method
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r-- | application/test/tests/test_api_v2.php | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/application/test/tests/test_api_v2.php b/application/test/tests/test_api_v2.php index 05d7952c6..8bc07db97 100644 --- a/application/test/tests/test_api_v2.php +++ b/application/test/tests/test_api_v2.php @@ -81,6 +81,32 @@ class test_api_v2 extends \test\Test { } } + public function test_callPrivateEndpointsWithUnsupportedAuthentication() + { + $endpoints = array( + "file/upload", + "file/history", + "file/delete", + "file/create_multipaste", + "user/apikeys", + // create_apikey is the only one that supports username/pw + //"user/create_apikey", + "user/delete_apikey", + ); + foreach ($endpoints as $endpoint) { + $ret = $this->CallEndpoint("POST", $endpoint, array( + "username" => "apiv2testuser1", + "password" => "testpass1", + )); + $this->expectError("call $endpoint without apikey", $ret); + $this->t->is_deeply(array( + 'status' => 'error', + 'error_id' => 'api/not-authenticated', + 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23116/ for more information.', + ), $ret, "expected error"); + } + } + public function test_callEndpointsWithoutEnoughPermissions() { $testconfig = array( |