summaryrefslogtreecommitdiffstats
path: root/application/test/tests/api_v2
diff options
context:
space:
mode:
Diffstat (limited to 'application/test/tests/api_v2')
-rw-r--r--application/test/tests/api_v2/test_api.php418
-rw-r--r--application/test/tests/api_v2/test_api_permissions.php108
-rw-r--r--application/test/tests/api_v2/test_create_apikey.php66
-rw-r--r--application/test/tests/api_v2/test_file_create_multipaste.php125
-rw-r--r--application/test/tests/api_v2/test_file_delete.php67
-rw-r--r--application/test/tests/api_v2/test_file_upload.php67
-rw-r--r--application/test/tests/api_v2/test_history.php4
-rw-r--r--application/test/tests/api_v2/test_misc.php48
-rw-r--r--application/test/tests/api_v2/test_user_delete_apikey.php49
9 files changed, 532 insertions, 420 deletions
diff --git a/application/test/tests/api_v2/test_api.php b/application/test/tests/api_v2/test_api.php
deleted file mode 100644
index f266bf393..000000000
--- a/application/test/tests/api_v2/test_api.php
+++ /dev/null
@@ -1,418 +0,0 @@
-<?php
-/*
- * Copyright 2015 Florian "Bluewind" Pritz <bluewind@server-speed.net>
- *
- * Licensed under AGPLv3
- * (see COPYING for full license text)
- *
- */
-
-namespace test\tests\api_v2;
-
-class test_api extends common {
-
- public function __construct()
- {
- parent::__construct();
- $this->startServer(23116);
- $this->userCounter = 100;
- }
-
- public function test_callPrivateEndpointsWithoutApikey()
- {
- $endpoints = array(
- "file/upload",
- "file/history",
- "file/delete",
- "file/create_multipaste",
- "user/apikeys",
- "user/create_apikey",
- "user/delete_apikey",
- );
- foreach ($endpoints as $endpoint) {
- $ret = $this->CallEndpoint("POST", $endpoint, array(
- ));
- $this->expectError("call $endpoint without apikey", $ret);
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'api/not-authenticated',
- 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23116/ for more information.',
- ), $ret, "expected error");
- }
- }
-
- public function test_callPrivateEndpointsWithUnsupportedAuthentication()
- {
- $endpoints = array(
- "file/upload",
- "file/history",
- "file/delete",
- "file/create_multipaste",
- "user/apikeys",
- // create_apikey is the only one that supports username/pw
- //"user/create_apikey",
- "user/delete_apikey",
- );
- foreach ($endpoints as $endpoint) {
- $ret = $this->CallEndpoint("POST", $endpoint, array(
- "username" => "apiv2testuser1",
- "password" => "testpass1",
- ));
- $this->expectError("call $endpoint without apikey", $ret);
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'api/not-authenticated',
- 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23116/ for more information.',
- ), $ret, "expected error");
- }
- }
-
- public function test_callEndpointsWithoutEnoughPermissions()
- {
- $testconfig = array(
- array(
- "have_level" => "basic",
- "wanted_level" => "apikey",
- "apikey" => $this->createUserAndApikey('basic'),
- "endpoints" => array(
- "file/delete",
- "file/history",
- ),
- ),
- array(
- "have_level" => "apikey",
- "wanted_level" => "full",
- "apikey" => $this->createUserAndApikey(),
- "endpoints" => array(
- "user/apikeys",
- "user/create_apikey",
- "user/delete_apikey",
- ),
- ),
- );
- foreach ($testconfig as $test) {
- foreach ($test['endpoints'] as $endpoint) {
- $ret = $this->CallEndpoint("POST", $endpoint, array(
- "apikey" => $test['apikey'],
- ));
- $this->expectError("call $endpoint without enough permissions", $ret);
- $this->t->is_deeply(array(
- 'status' => "error",
- 'error_id' => "api/insufficient-permissions",
- 'message' => "Access denied: Access level too low. Required: ${test['wanted_level']}; Have: ${test['have_level']}",
- ), $ret, "expected permission error");
- }
- }
- }
-
- public function test_create_apikey_createNewKey()
- {
- $this->createUser(1);
- $ret = $this->CallEndpoint("POST", "user/create_apikey", array(
- "username" => "apiv2testuser1",
- "password" => "testpass1",
- "access_level" => "apikey",
- "comment" => "main api key",
- ));
- $this->expectSuccess("create-apikey", $ret);
-
- $this->t->isnt($ret["data"]["new_key"], "", "apikey not empty");
- }
-
- public function test_apikeys_getApikey()
- {
- $userid = $this->createUser(2);
- $apikey = $this->createApikey($userid);
- $apikey_full = $this->createApikey($userid, "full");
- $ret = $this->CallEndpoint("POST", "user/apikeys", array(
- "apikey" => $apikey_full,
- ));
- $this->expectSuccess("get apikeys", $ret);
-
- $this->t->is($ret["data"]["apikeys"][$apikey]["key"], $apikey, "expected key 1");
- $this->t->is($ret["data"]["apikeys"][$apikey]["access_level"], "apikey", "expected key 1 acces_level");
- $this->t->is($ret["data"]["apikeys"][$apikey]["comment"], "", "expected key 1 comment");
- $this->t->ok(is_int($ret["data"]["apikeys"][$apikey]["created"]) , "expected key 1 creation time is int");
- }
-
- public function test_delete_apikey_deleteOwnKey()
- {
- $apikey = $this->createUserAndApikey("full");
- $ret = $this->CallEndpoint("POST", "user/delete_apikey", array(
- "apikey" => $apikey,
- "delete_key" => $apikey,
- ));
- $this->expectSuccess("delete apikey", $ret);
-
- $this->t->is($ret["data"]["deleted_keys"][$apikey]["key"], $apikey, "expected key");
- }
-
- public function test_delete_apikey_errorDeleteOtherUserKey()
- {
- $apikey = $this->createUserAndApikey("full");
- $apikey2 = $this->createUserAndApikey("full");
- $ret = $this->CallEndpoint("POST", "user/delete_apikey", array(
- "apikey" => $apikey,
- "delete_key" => $apikey2,
- ));
- $this->expectError("delete apikey of other user", $ret);
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'user/delete_apikey/failed',
- 'message' => 'Apikey deletion failed. Possibly wrong owner.',
- ), $ret, "expected error");
- }
-
- public function test_authentication_invalidPassword()
- {
- $userid = $this->createUser(3);
- $ret = $this->CallEndpoint("POST", "user/create_apikey", array(
- "username" => "apiv2testuser3",
- "password" => "wrongpass",
- ));
- $this->expectError("invalid password", $ret);
-
- $this->t->is_deeply(array (
- 'status' => 'error',
- 'error_id' => 'user/login-failed',
- 'message' => 'Login failed',
- ), $ret, "expected error");
- }
-
- public function test_authentication_invalidUser()
- {
- $userid = $this->createUser(4);
- $ret = $this->CallEndpoint("POST", "user/create_apikey", array(
- "username" => "apiv2testuserinvalid",
- "password" => "testpass4",
- ));
- $this->expectError("invalid username", $ret);
-
- $this->t->is_deeply(array (
- 'status' => 'error',
- 'error_id' => 'user/login-failed',
- 'message' => 'Login failed',
- ), $ret, "expected error");
- }
-
- public function test_history_empty()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->CallEndpoint("POST", "file/history", array(
- "apikey" => $apikey,
- ));
- $this->expectSuccess("get history", $ret);
-
- $this->t->ok(empty($ret["data"]["items"]), "items key exists and empty");
- $this->t->ok(empty($ret["data"]["multipaste_items"]), "multipaste_items key exists and empty");
- $this->t->is($ret["data"]["total_size"], 0, "total_size = 0 since no uploads");
- }
-
- public function test_get_config()
- {
- $ret = $this->CallEndpoint("GET", "file/get_config", array(
- ));
- $this->expectSuccess("get_config", $ret);
-
- $this->t->like($ret["data"]["upload_max_size"], '/[0-9]+/', "upload_max_size is int");
- $this->t->like($ret["data"]["max_files_per_request"], '/[0-9]+/', "max_files_per_request is int");
- }
-
- public function test_upload_uploadFile()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->CallEndpoint("POST", "file/upload", array(
- "apikey" => $apikey,
- "file[1]" => curl_file_create("data/tests/small-file"),
- ));
- $this->expectSuccess("upload file", $ret);
-
- $this->t->ok(!empty($ret["data"]["ids"]), "got IDs");
- $this->t->ok(!empty($ret["data"]["urls"]), "got URLs");
- }
-
- public function test_upload_uploadFileSameMD5()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->CallEndpoint("POST", "file/upload", array(
- "apikey" => $apikey,
- "file[1]" => curl_file_create("data/tests/message1.bin"),
- "file[2]" => curl_file_create("data/tests/message2.bin"),
- ));
- $this->expectSuccess("upload file", $ret);
-
- $this->t->ok(!empty($ret["data"]["ids"]), "got IDs");
- $this->t->ok(!empty($ret["data"]["urls"]), "got URLs");
-
- foreach ($ret["data"]["urls"] as $url) {
- $data[] = $this->SendHTTPRequest("GET", $url, '');
- }
- $this->t->ok($data[0] !== $data[1], 'Returned file contents should differ');
- }
-
- public function test_upload_uploadNothing()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->CallEndpoint("POST", "file/upload", array(
- "apikey" => $apikey,
- ));
- $this->expectError("upload no file", $ret);
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'file/no-file',
- 'message' => 'No file was uploaded or unknown error occurred.',
- ), $ret, "expected reply");
- }
-
- public function test_delete_canDeleteUploaded()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $ret = $this->CallEndpoint("POST", "file/delete", array(
- "apikey" => $apikey,
- "ids[1]" => $id,
- ));
- $this->expectSuccess("delete uploaded file", $ret);
-
- $this->t->ok(empty($ret["data"]["errors"]), "no errors");
- $this->t->is_deeply(array(
- $id => array(
- "id" => $id
- )
- ), $ret["data"]["deleted"], "deleted wanted ID");
- $this->t->is($ret["data"]["total_count"], 1, "total_count correct");
- $this->t->is($ret["data"]["deleted_count"], 1, "deleted_count correct");
- }
-
- public function test_delete_errorIfNotOwner()
- {
- $apikey = $this->createUserAndApikey();
- $apikey2 = $this->createUserAndApikey();
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $ret = $this->CallEndpoint("POST", "file/delete", array(
- "apikey" => $apikey2,
- "ids[1]" => $id,
- ));
- $this->expectSuccess("delete file of someone else", $ret);
-
- $this->t->ok(empty($ret["data"]["deleted"]), "not deleted");
- $this->t->is_deeply(array(
- $id => array(
- "id" => $id,
- "reason" => "wrong owner"
- )
- ), $ret["data"]["errors"], "error wanted ID");
- $this->t->is($ret["data"]["total_count"], 1, "total_count correct");
- $this->t->is($ret["data"]["deleted_count"], 0, "deleted_count correct");
- }
-
- public function test_create_multipaste_canCreate()
- {
- $apikey = $this->createUserAndApikey("basic");
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id2 = $ret["data"]["ids"][0];
-
- $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
- "apikey" => $apikey,
- "ids[1]" => $id,
- "ids[2]" => $id2,
- ));
- $this->expectSuccess("create multipaste", $ret);
-
- $this->t->isnt($ret["data"]["url_id"], "", "got a multipaste ID");
- $this->t->isnt($ret["data"]["url"], "", "got a multipaste URL");
- }
-
- public function test_create_multipaste_errorOnWrongID()
- {
- $apikey = $this->createUserAndApikey("basic");
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $id2 = $id."invalid";
- $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
- "apikey" => $apikey,
- "ids[1]" => $id,
- "ids[2]" => $id2,
- ));
- $this->expectError("create multipaste with wrong ID", $ret);
-
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'file/create_multipaste/verify-failed',
- 'message' => 'Failed to verify ID(s)',
- 'data' =>
- array (
- $id2 =>
- array (
- 'id' => $id2,
- 'reason' => 'doesn\'t exist',
- ),
- ),
- ), $ret, "expected error response");
- }
-
- public function test_create_multipaste_errorOnWrongOwner()
- {
- $apikey = $this->createUserAndApikey("basic");
- $apikey2 = $this->createUserAndApikey("basic");
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
-
- $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
- "apikey" => $apikey2,
- "ids[1]" => $id,
- ));
- $this->expectError("create multipaste with wrong owner", $ret);
-
- $this->t->is_deeply(array(
- 'status' => 'error',
- 'error_id' => 'file/create_multipaste/verify-failed',
- 'message' => 'Failed to verify ID(s)',
- 'data' =>
- array (
- $id =>
- array (
- 'id' => $id,
- 'reason' => 'not owned by you',
- ),
- ),
- ), $ret, "expected error response");
- }
-
- public function test_delete_canDeleteMultipaste()
- {
- $apikey = $this->createUserAndApikey();
- $ret = $this->uploadFile($apikey, "data/tests/small-file");
- $id = $ret["data"]["ids"][0];
- $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
- "apikey" => $apikey,
- "ids[1]" => $id,
- ));
- $this->expectSuccess("create multipaste", $ret);
-
- $mid = $ret['data']['url_id'];
- $ret = $this->CallEndpoint("POST", "file/delete", array(
- "apikey" => $apikey,
- "ids[1]" => $mid,
- ));
- $this->expectSuccess("delete uploaded file", $ret);
-
- $this->t->ok(empty($ret["data"]["errors"]), "no errors");
- $this->t->is_deeply(array(
- $mid => array(
- "id" => $mid
- )
- ), $ret["data"]["deleted"], "deleted wanted ID");
- $this->t->is($ret["data"]["total_count"], 1, "total_count correct");
- $this->t->is($ret["data"]["deleted_count"], 1, "deleted_count correct");
- }
-
-}
diff --git a/application/test/tests/api_v2/test_api_permissions.php b/application/test/tests/api_v2/test_api_permissions.php
new file mode 100644
index 000000000..6df612911
--- /dev/null
+++ b/application/test/tests/api_v2/test_api_permissions.php
@@ -0,0 +1,108 @@
+<?php
+/*
+ * Copyright 2015-2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+namespace test\tests\api_v2;
+
+class test_api_permissions extends common {
+
+ public function __construct()
+ {
+ parent::__construct();
+ $this->startServer(23200);
+ $this->userCounter = 100;
+ }
+
+ public function test_callPrivateEndpointsWithoutApikey()
+ {
+ $endpoints = array(
+ "file/upload",
+ "file/history",
+ "file/delete",
+ "file/create_multipaste",
+ "user/apikeys",
+ "user/create_apikey",
+ "user/delete_apikey",
+ );
+ foreach ($endpoints as $endpoint) {
+ $ret = $this->CallEndpoint("POST", $endpoint, array(
+ ));
+ $this->expectError("call $endpoint without apikey", $ret);
+ $this->t->is_deeply(array(
+ 'status' => 'error',
+ 'error_id' => 'api/not-authenticated',
+ 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23200/ for more information.',
+ ), $ret, "expected error");
+ }
+ }
+
+ public function test_callPrivateEndpointsWithUnsupportedAuthentication()
+ {
+ $endpoints = array(
+ "file/upload",
+ "file/history",
+ "file/delete",
+ "file/create_multipaste",
+ "user/apikeys",
+ // create_apikey is the only one that supports username/pw
+ //"user/create_apikey",
+ "user/delete_apikey",
+ );
+ foreach ($endpoints as $endpoint) {
+ $ret = $this->CallEndpoint("POST", $endpoint, array(
+ "username" => "apiv2testuser1",
+ "password" => "testpass1",
+ ));
+ $this->expectError("call $endpoint without apikey", $ret);
+ $this->t->is_deeply(array(
+ 'status' => 'error',
+ 'error_id' => 'api/not-authenticated',
+ 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23200/ for more information.',
+ ), $ret, "expected error");
+ }
+ }
+
+ public function test_callEndpointsWithoutEnoughPermissions()
+ {
+ $testconfig = array(
+ array(
+ "have_level" => "basic",
+ "wanted_level" => "apikey",
+ "apikey" => $this->createUserAndApikey('basic'),
+ "endpoints" => array(
+ "file/delete",
+ "file/history",
+ ),
+ ),
+ array(
+ "have_level" => "apikey",
+ "wanted_level" => "full",
+ "apikey" => $this->createUserAndApikey(),
+ "endpoints" => array(
+ "user/apikeys",
+ "user/create_apikey",
+ "user/delete_apikey",
+ ),
+ ),
+ );
+ foreach ($testconfig as $test) {
+ foreach ($test['endpoints'] as $endpoint) {
+ $ret = $this->CallEndpoint("POST", $endpoint, array(
+ "apikey" => $test['apikey'],
+ ));
+ $this->expectError("call $endpoint without enough permissions", $ret);
+ $this->t->is_deeply(array(
+ 'status' => "error",
+ 'error_id' => "api/insufficient-permissions",
+ 'message' => "Access denied: Access level too low. Required: ${test['wanted_level']}; Have: ${test['have_level']}",
+ ), $ret, "expected permission error");
+ }
+ }
+ }
+
+}
diff --git a/application/test/tests/api_v2/test_create_apikey.php b/application/test/tests/api_v2/test_create_apikey.php
new file mode 100644
index 000000000..203eb5531
--- /dev/null
+++ b/application/test/tests/api_v2/test_create_apikey.php
@@ -0,0 +1,66 @@
+<?php
+/*
+ * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+namespace test\tests\api_v2;
+
+class test_create_apikey extends common {
+
+ public function __construct()
+ {
+ parent::__construct();
+ $this->startServer(23202);
+ $this->userCounter = 2100;
+ }
+
+ public function test_create_apikey_createNewKey()
+ {
+ $this->createUser(1);
+ $ret = $this->CallEndpoint("POST", "user/create_apikey", array(
+ "username" => "apiv2testuser1",
+ "password" => "testpass1",
+ "access_level" => "apikey",
+ "comment" => "main api key",
+ ));
+ $this->expectSuccess("create-apikey", $ret);
+
+ $this->t->isnt($ret["data"]["new_key"], "", "apikey not empty");
+ }
+
+ public function test_authentication_invalidPassword()
+ {
+ $userid = $this->createUser(3);
+ $ret = $this->CallEndpoint("POST", "user/create_apikey", array(
+ "username" => "apiv2testuser3",
+ "password" => "wrongpass",
+ ));
+ $this->expectError("invalid password", $ret);
+
+ $this->t->is_deeply(array (
+ 'status' => 'error',
+ 'error_id' => 'user/login-failed',
+ 'message' => 'Login failed',
+ ), $ret, "expected error");
+ }
+
+ public function test_authentication_invalidUser()
+ {
+ $userid = $this->createUser(4);
+ $ret = $this->CallEndpoint("POST", "user/create_apikey", array(
+ "username" => "apiv2testuserinvalid",
+ "password" => "testpass4",
+ ));
+ $this->expectError("invalid username", $ret);
+
+ $this->t->is_deeply(array (
+ 'status' => 'error',
+ 'error_id' => 'user/login-failed',
+ 'message' => 'Login failed',
+ ), $ret, "expected error");
+ }
+}
diff --git a/application/test/tests/api_v2/test_file_create_multipaste.php b/application/test/tests/api_v2/test_file_create_multipaste.php
new file mode 100644
index 000000000..8556616d1
--- /dev/null
+++ b/application/test/tests/api_v2/test_file_create_multipaste.php
@@ -0,0 +1,125 @@
+<?php
+/*
+ * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+namespace test\tests\api_v2;
+
+class test_file_create_multipaste extends common {
+
+ public function __construct()
+ {
+ parent::__construct();
+ $this->startServer(23204);
+ $this->userCounter = 4100;
+ }
+
+ public function test_create_multipaste_canCreate()
+ {
+ $apikey = $this->createUserAndApikey("basic");
+ $ret = $this->uploadFile($apikey, "data/tests/small-file");
+ $id = $ret["data"]["ids"][0];
+
+ $ret = $this->uploadFile($apikey, "data/tests/small-file");
+ $id2 = $ret["data"]["ids"][0];
+
+ $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
+ "apikey" => $apikey,
+ "ids[1]" => $id,
+ "ids[2]" => $id2,
+ ));
+ $this->expectSuccess("create multipaste", $ret);
+
+ $this->t->isnt($ret["data"]["url_id"], "", "got a multipaste ID");
+ $this->t->isnt($ret["data"]["url"], "", "got a multipaste URL");
+ }
+
+ public function test_create_multipaste_errorOnWrongID()
+ {
+ $apikey = $this->createUserAndApikey("basic");
+ $ret = $this->uploadFile($apikey, "data/tests/small-file");
+ $id = $ret["data"]["ids"][0];
+
+ $id2 = $id."invalid";
+ $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
+ "apikey" => $apikey,
+ "ids[1]" => $id,
+ "ids[2]" => $id2,
+ ));
+ $this->expectError("create multipaste with wrong ID", $ret);
+
+ $this->t->is_deeply(array(
+ 'status' => 'error',
+ 'error_id' => 'file/create_multipaste/verify-failed',
+ 'message' => 'Failed to verify ID(s)',
+ 'data' =>
+ array (
+ $id2 =>
+ array (
+ 'id' => $id2,
+ 'reason' => 'doesn\'t exist',
+ ),
+ ),
+ ), $ret, "expected error response");
+ }
+
+ public function test_create_multipaste_errorOnWrongOwner()
+ {
+ $apikey = $this->createUserAndApikey("basic");
+ $apikey2 = $this->createUserAndApikey("basic");
+ $ret = $this->uploadFile($apikey, "data/tests/small-file");
+ $id = $ret["data"]["ids"][0];
+
+ $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
+ "apikey" => $apikey2,
+ "ids[1]" => $id,
+ ));
+ $this->expectError("create multipaste with wrong owner", $ret);
+
+ $this->t->is_deeply(array(
+ 'status' => 'error',
+ 'error_id' => 'file/create_multipaste/verify-failed',
+ 'message' => 'Failed to verify ID(s)',
+ 'data' =>
+ array (
+ $id =>
+ array (
+ 'id' => $id,
+ 'reason' => 'not owned by you',
+ ),
+ ),
+ ), $ret, "expected error response");
+ }
+
+ public function test_delete_canDeleteMultipaste()
+ {
+ $apikey = $this->createUserAndApikey();
+ $ret = $this->uploadFile($apikey, "data/tests/small-file");
+ $id = $ret["data"]["ids"][0];
+ $ret = $this->CallEndpoint("POST", "file/create_multipaste", array(
+ "apikey" => $apikey,
+ "ids[1]" => $id,
+ ));
+ $this->expectSuccess("create multipaste", $ret);
+
+ $mid = $ret['data']['url_id'];
+ $ret = $this->CallEndpoint("POST", "file/delete", array(
+ "apikey" => $apikey,
+ "ids[1]" => $mid,
+ ));
+ $this->expectSuccess("delete uploaded file", $ret);
+
+ $this->t->ok(empty($ret["data"]["errors"]), "no errors");
+ $this->t->is_deeply(array(
+ $mid => array(
+ "id" => $mid
+ )
+ ), $ret["data"]["deleted"], "deleted wanted ID");
+ $this->t->is($ret["data"]["total_count"], 1, "total_count correct");
+ $this->t->is($ret["data"]["deleted_count"], 1, "deleted_count correct");
+ }
+}
diff --git a/application/test/tests/api_v2/test_file_delete.php b/application/test/tests/api_v2/test_file_delete.php
new file mode 100644
index 000000000..b4d63409d
--- /dev/null
+++ b/application/test/tests/api_v2/test_file_delete.php
@@ -0,0 +1,67 @@
+<?php
+/*
+ * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+namespace test\tests\api_v2;
+
+class test_file_delete extends common {
+
+ public function __construct()
+ {
+ parent::__construct();
+ $this->startServer(23203);
+ $this->userCounter = 3100;
+ }
+
+ public function test_delete_canDeleteUploaded()
+ {
+ $apikey = $this->createUserAndApikey();
+ $ret = $this->uploadFile($apikey, "data/tests/small-file");
+ $id = $ret["data"]["ids"][0];
+
+ $ret = $this->CallEndpoint("POST", "file/delete", array(
+ "apikey" => $apikey,
+ "ids[1]" => $id,
+ ));
+ $this->expectSuccess("delete uploaded file", $ret);
+
+ $this->t->ok(empty($ret["data"]["errors"]), "no errors");
+ $this->t->is_deeply(array(
+ $id => array(
+ "id" => $id
+ )
+ ), $ret["data"]["deleted"], "deleted wanted ID");
+ $this->t->is($ret["data"]["total_count"], 1, "total_count correct");
+ $this->t->is($ret["data"]["deleted_count"], 1, "deleted_count correct");
+ }
+
+ public function test_delete_errorIfNotOwner()
+ {
+ $apikey = $this->createUserAndApikey();
+ $apikey2 = $this->createUserAndApikey();
+ $ret = $this->uploadFile($apikey, "data/tests/small-file");
+ $id = $ret["data"]["ids"][0];
+
+ $ret = $this->CallEndpoint("POST", "file/delete", array(
+ "apikey" => $apikey2,
+ "ids[1]" => $id,
+ ));
+ $this->expectSuccess("delete file of someone else", $ret);
+
+ $this->t->ok(empty($ret["data"]["deleted"]), "not deleted");
+ $this->t->is_deeply(array(
+ $id => array(
+ "id" => $id,
+ "reason" => "wrong owner"
+ )
+ ), $ret["data"]["errors"], "error wanted ID");
+ $this->t->is($ret["data"]["total_count"], 1, "total_count correct");
+ $this->t->is($ret["data"]["deleted_count"], 0, "deleted_count correct");
+ }
+
+}
diff --git a/application/test/tests/api_v2/test_file_upload.php b/application/test/tests/api_v2/test_file_upload.php
new file mode 100644
index 000000000..5cc73a0ac
--- /dev/null
+++ b/application/test/tests/api_v2/test_file_upload.php
@@ -0,0 +1,67 @@
+<?php
+/*
+ * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+namespace test\tests\api_v2;
+
+class test_file_upload extends common {
+
+ public function __construct()
+ {
+ parent::__construct();
+ $this->startServer(23205);
+ $this->userCounter = 5100;
+ }
+
+ public function test_upload_uploadFile()
+ {
+ $apikey = $this->createUserAndApikey();
+ $ret = $this->CallEndpoint("POST", "file/upload", array(
+ "apikey" => $apikey,
+ "file[1]" => curl_file_create("data/tests/small-file"),
+ ));
+ $this->expectSuccess("upload file", $ret);
+
+ $this->t->ok(!empty($ret["data"]["ids"]), "got IDs");
+ $this->t->ok(!empty($ret["data"]["urls"]), "got URLs");
+ }
+
+ public function test_upload_uploadFileSameMD5()
+ {
+ $apikey = $this->createUserAndApikey();
+ $ret = $this->CallEndpoint("POST", "file/upload", array(
+ "apikey" => $apikey,
+ "file[1]" => curl_file_create("data/tests/message1.bin"),
+ "file[2]" => curl_file_create("data/tests/message2.bin"),
+ ));
+ $this->expectSuccess("upload file", $ret);
+
+ $this->t->ok(!empty($ret["data"]["ids"]), "got IDs");
+ $this->t->ok(!empty($ret["data"]["urls"]), "got URLs");
+
+ foreach ($ret["data"]["urls"] as $url) {
+ $data[] = $this->SendHTTPRequest("GET", $url, '');
+ }
+ $this->t->ok($data[0] !== $data[1], 'Returned file contents should differ');
+ }
+
+ public function test_upload_uploadNothing()
+ {
+ $apikey = $this->createUserAndApikey();
+ $ret = $this->CallEndpoint("POST", "file/upload", array(
+ "apikey" => $apikey,
+ ));
+ $this->expectError("upload no file", $ret);
+ $this->t->is_deeply(array(
+ 'status' => 'error',
+ 'error_id' => 'file/no-file',
+ 'message' => 'No file was uploaded or unknown error occurred.',
+ ), $ret, "expected reply");
+ }
+
+}
diff --git a/application/test/tests/api_v2/test_history.php b/application/test/tests/api_v2/test_history.php
index abc6f1d65..988807c77 100644
--- a/application/test/tests/api_v2/test_history.php
+++ b/application/test/tests/api_v2/test_history.php
@@ -1,6 +1,6 @@
<?php
/*
- * Copyright 2015 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
*
* Licensed under AGPLv3
* (see COPYING for full license text)
@@ -14,7 +14,7 @@ class test_history extends common {
public function __construct()
{
parent::__construct();
- $this->startServer(23116);
+ $this->startServer(23201);
$this->userCounter = 1100;
}
diff --git a/application/test/tests/api_v2/test_misc.php b/application/test/tests/api_v2/test_misc.php
new file mode 100644
index 000000000..e7c249054
--- /dev/null
+++ b/application/test/tests/api_v2/test_misc.php
@@ -0,0 +1,48 @@
+<?php
+/*
+ * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+namespace test\tests\api_v2;
+
+class test_misc extends common {
+
+ public function __construct()
+ {
+ parent::__construct();
+ $this->startServer(23207);
+ $this->userCounter = 7100;
+ }
+
+ public function test_apikeys_getApikey()
+ {
+ $userid = $this->createUser(2);
+ $apikey = $this->createApikey($userid);
+ $apikey_full = $this->createApikey($userid, "full");
+ $ret = $this->CallEndpoint("POST", "user/apikeys", array(
+ "apikey" => $apikey_full,
+ ));
+ $this->expectSuccess("get apikeys", $ret);
+
+ $this->t->is($ret["data"]["apikeys"][$apikey]["key"], $apikey, "expected key 1");
+ $this->t->is($ret["data"]["apikeys"][$apikey]["access_level"], "apikey", "expected key 1 acces_level");
+ $this->t->is($ret["data"]["apikeys"][$apikey]["comment"], "", "expected key 1 comment");
+ $this->t->ok(is_int($ret["data"]["apikeys"][$apikey]["created"]) , "expected key 1 creation time is int");
+ }
+
+ public function test_get_config()
+ {
+ $ret = $this->CallEndpoint("GET", "file/get_config", array(
+ ));
+ $this->expectSuccess("get_config", $ret);
+
+ $this->t->like($ret["data"]["upload_max_size"], '/[0-9]+/', "upload_max_size is int");
+ $this->t->like($ret["data"]["max_files_per_request"], '/[0-9]+/', "max_files_per_request is int");
+ }
+
+
+}
diff --git a/application/test/tests/api_v2/test_user_delete_apikey.php b/application/test/tests/api_v2/test_user_delete_apikey.php
new file mode 100644
index 000000000..062b0d6c1
--- /dev/null
+++ b/application/test/tests/api_v2/test_user_delete_apikey.php
@@ -0,0 +1,49 @@
+<?php
+/*
+ * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+namespace test\tests\api_v2;
+
+class test_user_delete_apikey extends common {
+
+ public function __construct()
+ {
+ parent::__construct();
+ $this->startServer(23206);
+ $this->userCounter = 6100;
+ }
+
+ public function test_delete_apikey_deleteOwnKey()
+ {
+ $apikey = $this->createUserAndApikey("full");
+ $ret = $this->CallEndpoint("POST", "user/delete_apikey", array(
+ "apikey" => $apikey,
+ "delete_key" => $apikey,
+ ));
+ $this->expectSuccess("delete apikey", $ret);
+
+ $this->t->is($ret["data"]["deleted_keys"][$apikey]["key"], $apikey, "expected key");
+ }
+
+ public function test_delete_apikey_errorDeleteOtherUserKey()
+ {
+ $apikey = $this->createUserAndApikey("full");
+ $apikey2 = $this->createUserAndApikey("full");
+ $ret = $this->CallEndpoint("POST", "user/delete_apikey", array(
+ "apikey" => $apikey,
+ "delete_key" => $apikey2,
+ ));
+ $this->expectError("delete apikey of other user", $ret);
+ $this->t->is_deeply(array(
+ 'status' => 'error',
+ 'error_id' => 'user/delete_apikey/failed',
+ 'message' => 'Apikey deletion failed. Possibly wrong owner.',
+ ), $ret, "expected error");
+ }
+
+}