diff options
| -rw-r--r-- | application/tests/test_api_v1.php | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/application/tests/test_api_v1.php b/application/tests/test_api_v1.php index 18f2a37f6..faf0d9af7 100644 --- a/application/tests/test_api_v1.php +++ b/application/tests/test_api_v1.php @@ -84,6 +84,26 @@ class test_api_v1 extends Test { } } + public function test_callEndpointsWithoutEnoughPermissions() + { + $apikey = $this->createUserAndApikey(); + $endpoints = array( + "user/apikeys", + "user/create_apikey", + ); + foreach ($endpoints as $endpoint) { + $ret = $this->CallEndpoint("POST", $endpoint, array( + "apikey" => $apikey, + )); + $this->expectError("call $endpoint without enough permissions", $ret); + $this->t->is_deeply(array( + 'status' => "error", + 'error_id' => "api/insufficient-permissions", + 'message' => "Access denied: Access level too low", + ), $ret, "expected error"); + } + } + public function test_create_apikey_createNewKey() { $this->createUser(1); @@ -98,6 +118,22 @@ class test_api_v1 extends Test { $this->t->isnt($ret["data"]["new_key"], "", "apikey not empty"); } + public function test_apikeys_getApikey() + { + $userid = $this->createUser(2); + $apikey = $this->createApikey($userid); + $ret = $this->CallEndpoint("POST", "user/apikeys", array( + "username" => "testuser-api_v1-2", + "password" => "testpass2", + )); + $this->expectSuccess("get apikeys", $ret); + + $this->t->is($ret["data"][0]["key"], $apikey, "expected key 1"); + $this->t->is($ret["data"][0]["access_level"], "apikey", "expected key 1 acces_level"); + $this->t->is($ret["data"][0]["comment"], "", "expected key 1 comment"); + $this->t->ok(is_int($ret["data"][0]["created"]) , "expected key 1 creation time is int"); + } + public function test_history_empty() { $apikey = $this->createUserAndApikey(); |