diff options
Diffstat (limited to 'application')
-rw-r--r-- | application/test/tests/api_v2/test_api.php | 418 | ||||
-rw-r--r-- | application/test/tests/api_v2/test_api_permissions.php | 108 | ||||
-rw-r--r-- | application/test/tests/api_v2/test_create_apikey.php | 66 | ||||
-rw-r--r-- | application/test/tests/api_v2/test_file_create_multipaste.php | 125 | ||||
-rw-r--r-- | application/test/tests/api_v2/test_file_delete.php | 67 | ||||
-rw-r--r-- | application/test/tests/api_v2/test_file_upload.php | 67 | ||||
-rw-r--r-- | application/test/tests/api_v2/test_history.php | 4 | ||||
-rw-r--r-- | application/test/tests/api_v2/test_misc.php | 48 | ||||
-rw-r--r-- | application/test/tests/api_v2/test_user_delete_apikey.php | 49 |
9 files changed, 532 insertions, 420 deletions
diff --git a/application/test/tests/api_v2/test_api.php b/application/test/tests/api_v2/test_api.php deleted file mode 100644 index f266bf393..000000000 --- a/application/test/tests/api_v2/test_api.php +++ /dev/null @@ -1,418 +0,0 @@ -<?php -/* - * Copyright 2015 Florian "Bluewind" Pritz <bluewind@server-speed.net> - * - * Licensed under AGPLv3 - * (see COPYING for full license text) - * - */ - -namespace test\tests\api_v2; - -class test_api extends common { - - public function __construct() - { - parent::__construct(); - $this->startServer(23116); - $this->userCounter = 100; - } - - public function test_callPrivateEndpointsWithoutApikey() - { - $endpoints = array( - "file/upload", - "file/history", - "file/delete", - "file/create_multipaste", - "user/apikeys", - "user/create_apikey", - "user/delete_apikey", - ); - foreach ($endpoints as $endpoint) { - $ret = $this->CallEndpoint("POST", $endpoint, array( - )); - $this->expectError("call $endpoint without apikey", $ret); - $this->t->is_deeply(array( - 'status' => 'error', - 'error_id' => 'api/not-authenticated', - 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23116/ for more information.', - ), $ret, "expected error"); - } - } - - public function test_callPrivateEndpointsWithUnsupportedAuthentication() - { - $endpoints = array( - "file/upload", - "file/history", - "file/delete", - "file/create_multipaste", - "user/apikeys", - // create_apikey is the only one that supports username/pw - //"user/create_apikey", - "user/delete_apikey", - ); - foreach ($endpoints as $endpoint) { - $ret = $this->CallEndpoint("POST", $endpoint, array( - "username" => "apiv2testuser1", - "password" => "testpass1", - )); - $this->expectError("call $endpoint without apikey", $ret); - $this->t->is_deeply(array( - 'status' => 'error', - 'error_id' => 'api/not-authenticated', - 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23116/ for more information.', - ), $ret, "expected error"); - } - } - - public function test_callEndpointsWithoutEnoughPermissions() - { - $testconfig = array( - array( - "have_level" => "basic", - "wanted_level" => "apikey", - "apikey" => $this->createUserAndApikey('basic'), - "endpoints" => array( - "file/delete", - "file/history", - ), - ), - array( - "have_level" => "apikey", - "wanted_level" => "full", - "apikey" => $this->createUserAndApikey(), - "endpoints" => array( - "user/apikeys", - "user/create_apikey", - "user/delete_apikey", - ), - ), - ); - foreach ($testconfig as $test) { - foreach ($test['endpoints'] as $endpoint) { - $ret = $this->CallEndpoint("POST", $endpoint, array( - "apikey" => $test['apikey'], - )); - $this->expectError("call $endpoint without enough permissions", $ret); - $this->t->is_deeply(array( - 'status' => "error", - 'error_id' => "api/insufficient-permissions", - 'message' => "Access denied: Access level too low. Required: ${test['wanted_level']}; Have: ${test['have_level']}", - ), $ret, "expected permission error"); - } - } - } - - public function test_create_apikey_createNewKey() - { - $this->createUser(1); - $ret = $this->CallEndpoint("POST", "user/create_apikey", array( - "username" => "apiv2testuser1", - "password" => "testpass1", - "access_level" => "apikey", - "comment" => "main api key", - )); - $this->expectSuccess("create-apikey", $ret); - - $this->t->isnt($ret["data"]["new_key"], "", "apikey not empty"); - } - - public function test_apikeys_getApikey() - { - $userid = $this->createUser(2); - $apikey = $this->createApikey($userid); - $apikey_full = $this->createApikey($userid, "full"); - $ret = $this->CallEndpoint("POST", "user/apikeys", array( - "apikey" => $apikey_full, - )); - $this->expectSuccess("get apikeys", $ret); - - $this->t->is($ret["data"]["apikeys"][$apikey]["key"], $apikey, "expected key 1"); - $this->t->is($ret["data"]["apikeys"][$apikey]["access_level"], "apikey", "expected key 1 acces_level"); - $this->t->is($ret["data"]["apikeys"][$apikey]["comment"], "", "expected key 1 comment"); - $this->t->ok(is_int($ret["data"]["apikeys"][$apikey]["created"]) , "expected key 1 creation time is int"); - } - - public function test_delete_apikey_deleteOwnKey() - { - $apikey = $this->createUserAndApikey("full"); - $ret = $this->CallEndpoint("POST", "user/delete_apikey", array( - "apikey" => $apikey, - "delete_key" => $apikey, - )); - $this->expectSuccess("delete apikey", $ret); - - $this->t->is($ret["data"]["deleted_keys"][$apikey]["key"], $apikey, "expected key"); - } - - public function test_delete_apikey_errorDeleteOtherUserKey() - { - $apikey = $this->createUserAndApikey("full"); - $apikey2 = $this->createUserAndApikey("full"); - $ret = $this->CallEndpoint("POST", "user/delete_apikey", array( - "apikey" => $apikey, - "delete_key" => $apikey2, - )); - $this->expectError("delete apikey of other user", $ret); - $this->t->is_deeply(array( - 'status' => 'error', - 'error_id' => 'user/delete_apikey/failed', - 'message' => 'Apikey deletion failed. Possibly wrong owner.', - ), $ret, "expected error"); - } - - public function test_authentication_invalidPassword() - { - $userid = $this->createUser(3); - $ret = $this->CallEndpoint("POST", "user/create_apikey", array( - "username" => "apiv2testuser3", - "password" => "wrongpass", - )); - $this->expectError("invalid password", $ret); - - $this->t->is_deeply(array ( - 'status' => 'error', - 'error_id' => 'user/login-failed', - 'message' => 'Login failed', - ), $ret, "expected error"); - } - - public function test_authentication_invalidUser() - { - $userid = $this->createUser(4); - $ret = $this->CallEndpoint("POST", "user/create_apikey", array( - "username" => "apiv2testuserinvalid", - "password" => "testpass4", - )); - $this->expectError("invalid username", $ret); - - $this->t->is_deeply(array ( - 'status' => 'error', - 'error_id' => 'user/login-failed', - 'message' => 'Login failed', - ), $ret, "expected error"); - } - - public function test_history_empty() - { - $apikey = $this->createUserAndApikey(); - $ret = $this->CallEndpoint("POST", "file/history", array( - "apikey" => $apikey, - )); - $this->expectSuccess("get history", $ret); - - $this->t->ok(empty($ret["data"]["items"]), "items key exists and empty"); - $this->t->ok(empty($ret["data"]["multipaste_items"]), "multipaste_items key exists and empty"); - $this->t->is($ret["data"]["total_size"], 0, "total_size = 0 since no uploads"); - } - - public function test_get_config() - { - $ret = $this->CallEndpoint("GET", "file/get_config", array( - )); - $this->expectSuccess("get_config", $ret); - - $this->t->like($ret["data"]["upload_max_size"], '/[0-9]+/', "upload_max_size is int"); - $this->t->like($ret["data"]["max_files_per_request"], '/[0-9]+/', "max_files_per_request is int"); - } - - public function test_upload_uploadFile() - { - $apikey = $this->createUserAndApikey(); - $ret = $this->CallEndpoint("POST", "file/upload", array( - "apikey" => $apikey, - "file[1]" => curl_file_create("data/tests/small-file"), - )); - $this->expectSuccess("upload file", $ret); - - $this->t->ok(!empty($ret["data"]["ids"]), "got IDs"); - $this->t->ok(!empty($ret["data"]["urls"]), "got URLs"); - } - - public function test_upload_uploadFileSameMD5() - { - $apikey = $this->createUserAndApikey(); - $ret = $this->CallEndpoint("POST", "file/upload", array( - "apikey" => $apikey, - "file[1]" => curl_file_create("data/tests/message1.bin"), - "file[2]" => curl_file_create("data/tests/message2.bin"), - )); - $this->expectSuccess("upload file", $ret); - - $this->t->ok(!empty($ret["data"]["ids"]), "got IDs"); - $this->t->ok(!empty($ret["data"]["urls"]), "got URLs"); - - foreach ($ret["data"]["urls"] as $url) { - $data[] = $this->SendHTTPRequest("GET", $url, ''); - } - $this->t->ok($data[0] !== $data[1], 'Returned file contents should differ'); - } - - public function test_upload_uploadNothing() - { - $apikey = $this->createUserAndApikey(); - $ret = $this->CallEndpoint("POST", "file/upload", array( - "apikey" => $apikey, - )); - $this->expectError("upload no file", $ret); - $this->t->is_deeply(array( - 'status' => 'error', - 'error_id' => 'file/no-file', - 'message' => 'No file was uploaded or unknown error occurred.', - ), $ret, "expected reply"); - } - - public function test_delete_canDeleteUploaded() - { - $apikey = $this->createUserAndApikey(); - $ret = $this->uploadFile($apikey, "data/tests/small-file"); - $id = $ret["data"]["ids"][0]; - - $ret = $this->CallEndpoint("POST", "file/delete", array( - "apikey" => $apikey, - "ids[1]" => $id, - )); - $this->expectSuccess("delete uploaded file", $ret); - - $this->t->ok(empty($ret["data"]["errors"]), "no errors"); - $this->t->is_deeply(array( - $id => array( - "id" => $id - ) - ), $ret["data"]["deleted"], "deleted wanted ID"); - $this->t->is($ret["data"]["total_count"], 1, "total_count correct"); - $this->t->is($ret["data"]["deleted_count"], 1, "deleted_count correct"); - } - - public function test_delete_errorIfNotOwner() - { - $apikey = $this->createUserAndApikey(); - $apikey2 = $this->createUserAndApikey(); - $ret = $this->uploadFile($apikey, "data/tests/small-file"); - $id = $ret["data"]["ids"][0]; - - $ret = $this->CallEndpoint("POST", "file/delete", array( - "apikey" => $apikey2, - "ids[1]" => $id, - )); - $this->expectSuccess("delete file of someone else", $ret); - - $this->t->ok(empty($ret["data"]["deleted"]), "not deleted"); - $this->t->is_deeply(array( - $id => array( - "id" => $id, - "reason" => "wrong owner" - ) - ), $ret["data"]["errors"], "error wanted ID"); - $this->t->is($ret["data"]["total_count"], 1, "total_count correct"); - $this->t->is($ret["data"]["deleted_count"], 0, "deleted_count correct"); - } - - public function test_create_multipaste_canCreate() - { - $apikey = $this->createUserAndApikey("basic"); - $ret = $this->uploadFile($apikey, "data/tests/small-file"); - $id = $ret["data"]["ids"][0]; - - $ret = $this->uploadFile($apikey, "data/tests/small-file"); - $id2 = $ret["data"]["ids"][0]; - - $ret = $this->CallEndpoint("POST", "file/create_multipaste", array( - "apikey" => $apikey, - "ids[1]" => $id, - "ids[2]" => $id2, - )); - $this->expectSuccess("create multipaste", $ret); - - $this->t->isnt($ret["data"]["url_id"], "", "got a multipaste ID"); - $this->t->isnt($ret["data"]["url"], "", "got a multipaste URL"); - } - - public function test_create_multipaste_errorOnWrongID() - { - $apikey = $this->createUserAndApikey("basic"); - $ret = $this->uploadFile($apikey, "data/tests/small-file"); - $id = $ret["data"]["ids"][0]; - - $id2 = $id."invalid"; - $ret = $this->CallEndpoint("POST", "file/create_multipaste", array( - "apikey" => $apikey, - "ids[1]" => $id, - "ids[2]" => $id2, - )); - $this->expectError("create multipaste with wrong ID", $ret); - - $this->t->is_deeply(array( - 'status' => 'error', - 'error_id' => 'file/create_multipaste/verify-failed', - 'message' => 'Failed to verify ID(s)', - 'data' => - array ( - $id2 => - array ( - 'id' => $id2, - 'reason' => 'doesn\'t exist', - ), - ), - ), $ret, "expected error response"); - } - - public function test_create_multipaste_errorOnWrongOwner() - { - $apikey = $this->createUserAndApikey("basic"); - $apikey2 = $this->createUserAndApikey("basic"); - $ret = $this->uploadFile($apikey, "data/tests/small-file"); - $id = $ret["data"]["ids"][0]; - - $ret = $this->CallEndpoint("POST", "file/create_multipaste", array( - "apikey" => $apikey2, - "ids[1]" => $id, - )); - $this->expectError("create multipaste with wrong owner", $ret); - - $this->t->is_deeply(array( - 'status' => 'error', - 'error_id' => 'file/create_multipaste/verify-failed', - 'message' => 'Failed to verify ID(s)', - 'data' => - array ( - $id => - array ( - 'id' => $id, - 'reason' => 'not owned by you', - ), - ), - ), $ret, "expected error response"); - } - - public function test_delete_canDeleteMultipaste() - { - $apikey = $this->createUserAndApikey(); - $ret = $this->uploadFile($apikey, "data/tests/small-file"); - $id = $ret["data"]["ids"][0]; - $ret = $this->CallEndpoint("POST", "file/create_multipaste", array( - "apikey" => $apikey, - "ids[1]" => $id, - )); - $this->expectSuccess("create multipaste", $ret); - - $mid = $ret['data']['url_id']; - $ret = $this->CallEndpoint("POST", "file/delete", array( - "apikey" => $apikey, - "ids[1]" => $mid, - )); - $this->expectSuccess("delete uploaded file", $ret); - - $this->t->ok(empty($ret["data"]["errors"]), "no errors"); - $this->t->is_deeply(array( - $mid => array( - "id" => $mid - ) - ), $ret["data"]["deleted"], "deleted wanted ID"); - $this->t->is($ret["data"]["total_count"], 1, "total_count correct"); - $this->t->is($ret["data"]["deleted_count"], 1, "deleted_count correct"); - } - -} diff --git a/application/test/tests/api_v2/test_api_permissions.php b/application/test/tests/api_v2/test_api_permissions.php new file mode 100644 index 000000000..6df612911 --- /dev/null +++ b/application/test/tests/api_v2/test_api_permissions.php @@ -0,0 +1,108 @@ +<?php +/* + * Copyright 2015-2016 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +namespace test\tests\api_v2; + +class test_api_permissions extends common { + + public function __construct() + { + parent::__construct(); + $this->startServer(23200); + $this->userCounter = 100; + } + + public function test_callPrivateEndpointsWithoutApikey() + { + $endpoints = array( + "file/upload", + "file/history", + "file/delete", + "file/create_multipaste", + "user/apikeys", + "user/create_apikey", + "user/delete_apikey", + ); + foreach ($endpoints as $endpoint) { + $ret = $this->CallEndpoint("POST", $endpoint, array( + )); + $this->expectError("call $endpoint without apikey", $ret); + $this->t->is_deeply(array( + 'status' => 'error', + 'error_id' => 'api/not-authenticated', + 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23200/ for more information.', + ), $ret, "expected error"); + } + } + + public function test_callPrivateEndpointsWithUnsupportedAuthentication() + { + $endpoints = array( + "file/upload", + "file/history", + "file/delete", + "file/create_multipaste", + "user/apikeys", + // create_apikey is the only one that supports username/pw + //"user/create_apikey", + "user/delete_apikey", + ); + foreach ($endpoints as $endpoint) { + $ret = $this->CallEndpoint("POST", $endpoint, array( + "username" => "apiv2testuser1", + "password" => "testpass1", + )); + $this->expectError("call $endpoint without apikey", $ret); + $this->t->is_deeply(array( + 'status' => 'error', + 'error_id' => 'api/not-authenticated', + 'message' => 'Not authenticated. FileBin requires you to have an account, please go to the homepage at http://127.0.0.1:23200/ for more information.', + ), $ret, "expected error"); + } + } + + public function test_callEndpointsWithoutEnoughPermissions() + { + $testconfig = array( + array( + "have_level" => "basic", + "wanted_level" => "apikey", + "apikey" => $this->createUserAndApikey('basic'), + "endpoints" => array( + "file/delete", + "file/history", + ), + ), + array( + "have_level" => "apikey", + "wanted_level" => "full", + "apikey" => $this->createUserAndApikey(), + "endpoints" => array( + "user/apikeys", + "user/create_apikey", + "user/delete_apikey", + ), + ), + ); + foreach ($testconfig as $test) { + foreach ($test['endpoints'] as $endpoint) { + $ret = $this->CallEndpoint("POST", $endpoint, array( + "apikey" => $test['apikey'], + )); + $this->expectError("call $endpoint without enough permissions", $ret); + $this->t->is_deeply(array( + 'status' => "error", + 'error_id' => "api/insufficient-permissions", + 'message' => "Access denied: Access level too low. Required: ${test['wanted_level']}; Have: ${test['have_level']}", + ), $ret, "expected permission error"); + } + } + } + +} diff --git a/application/test/tests/api_v2/test_create_apikey.php b/application/test/tests/api_v2/test_create_apikey.php new file mode 100644 index 000000000..203eb5531 --- /dev/null +++ b/application/test/tests/api_v2/test_create_apikey.php @@ -0,0 +1,66 @@ +<?php +/* + * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +namespace test\tests\api_v2; + +class test_create_apikey extends common { + + public function __construct() + { + parent::__construct(); + $this->startServer(23202); + $this->userCounter = 2100; + } + + public function test_create_apikey_createNewKey() + { + $this->createUser(1); + $ret = $this->CallEndpoint("POST", "user/create_apikey", array( + "username" => "apiv2testuser1", + "password" => "testpass1", + "access_level" => "apikey", + "comment" => "main api key", + )); + $this->expectSuccess("create-apikey", $ret); + + $this->t->isnt($ret["data"]["new_key"], "", "apikey not empty"); + } + + public function test_authentication_invalidPassword() + { + $userid = $this->createUser(3); + $ret = $this->CallEndpoint("POST", "user/create_apikey", array( + "username" => "apiv2testuser3", + "password" => "wrongpass", + )); + $this->expectError("invalid password", $ret); + + $this->t->is_deeply(array ( + 'status' => 'error', + 'error_id' => 'user/login-failed', + 'message' => 'Login failed', + ), $ret, "expected error"); + } + + public function test_authentication_invalidUser() + { + $userid = $this->createUser(4); + $ret = $this->CallEndpoint("POST", "user/create_apikey", array( + "username" => "apiv2testuserinvalid", + "password" => "testpass4", + )); + $this->expectError("invalid username", $ret); + + $this->t->is_deeply(array ( + 'status' => 'error', + 'error_id' => 'user/login-failed', + 'message' => 'Login failed', + ), $ret, "expected error"); + } +} diff --git a/application/test/tests/api_v2/test_file_create_multipaste.php b/application/test/tests/api_v2/test_file_create_multipaste.php new file mode 100644 index 000000000..8556616d1 --- /dev/null +++ b/application/test/tests/api_v2/test_file_create_multipaste.php @@ -0,0 +1,125 @@ +<?php +/* + * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +namespace test\tests\api_v2; + +class test_file_create_multipaste extends common { + + public function __construct() + { + parent::__construct(); + $this->startServer(23204); + $this->userCounter = 4100; + } + + public function test_create_multipaste_canCreate() + { + $apikey = $this->createUserAndApikey("basic"); + $ret = $this->uploadFile($apikey, "data/tests/small-file"); + $id = $ret["data"]["ids"][0]; + + $ret = $this->uploadFile($apikey, "data/tests/small-file"); + $id2 = $ret["data"]["ids"][0]; + + $ret = $this->CallEndpoint("POST", "file/create_multipaste", array( + "apikey" => $apikey, + "ids[1]" => $id, + "ids[2]" => $id2, + )); + $this->expectSuccess("create multipaste", $ret); + + $this->t->isnt($ret["data"]["url_id"], "", "got a multipaste ID"); + $this->t->isnt($ret["data"]["url"], "", "got a multipaste URL"); + } + + public function test_create_multipaste_errorOnWrongID() + { + $apikey = $this->createUserAndApikey("basic"); + $ret = $this->uploadFile($apikey, "data/tests/small-file"); + $id = $ret["data"]["ids"][0]; + + $id2 = $id."invalid"; + $ret = $this->CallEndpoint("POST", "file/create_multipaste", array( + "apikey" => $apikey, + "ids[1]" => $id, + "ids[2]" => $id2, + )); + $this->expectError("create multipaste with wrong ID", $ret); + + $this->t->is_deeply(array( + 'status' => 'error', + 'error_id' => 'file/create_multipaste/verify-failed', + 'message' => 'Failed to verify ID(s)', + 'data' => + array ( + $id2 => + array ( + 'id' => $id2, + 'reason' => 'doesn\'t exist', + ), + ), + ), $ret, "expected error response"); + } + + public function test_create_multipaste_errorOnWrongOwner() + { + $apikey = $this->createUserAndApikey("basic"); + $apikey2 = $this->createUserAndApikey("basic"); + $ret = $this->uploadFile($apikey, "data/tests/small-file"); + $id = $ret["data"]["ids"][0]; + + $ret = $this->CallEndpoint("POST", "file/create_multipaste", array( + "apikey" => $apikey2, + "ids[1]" => $id, + )); + $this->expectError("create multipaste with wrong owner", $ret); + + $this->t->is_deeply(array( + 'status' => 'error', + 'error_id' => 'file/create_multipaste/verify-failed', + 'message' => 'Failed to verify ID(s)', + 'data' => + array ( + $id => + array ( + 'id' => $id, + 'reason' => 'not owned by you', + ), + ), + ), $ret, "expected error response"); + } + + public function test_delete_canDeleteMultipaste() + { + $apikey = $this->createUserAndApikey(); + $ret = $this->uploadFile($apikey, "data/tests/small-file"); + $id = $ret["data"]["ids"][0]; + $ret = $this->CallEndpoint("POST", "file/create_multipaste", array( + "apikey" => $apikey, + "ids[1]" => $id, + )); + $this->expectSuccess("create multipaste", $ret); + + $mid = $ret['data']['url_id']; + $ret = $this->CallEndpoint("POST", "file/delete", array( + "apikey" => $apikey, + "ids[1]" => $mid, + )); + $this->expectSuccess("delete uploaded file", $ret); + + $this->t->ok(empty($ret["data"]["errors"]), "no errors"); + $this->t->is_deeply(array( + $mid => array( + "id" => $mid + ) + ), $ret["data"]["deleted"], "deleted wanted ID"); + $this->t->is($ret["data"]["total_count"], 1, "total_count correct"); + $this->t->is($ret["data"]["deleted_count"], 1, "deleted_count correct"); + } +} diff --git a/application/test/tests/api_v2/test_file_delete.php b/application/test/tests/api_v2/test_file_delete.php new file mode 100644 index 000000000..b4d63409d --- /dev/null +++ b/application/test/tests/api_v2/test_file_delete.php @@ -0,0 +1,67 @@ +<?php +/* + * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +namespace test\tests\api_v2; + +class test_file_delete extends common { + + public function __construct() + { + parent::__construct(); + $this->startServer(23203); + $this->userCounter = 3100; + } + + public function test_delete_canDeleteUploaded() + { + $apikey = $this->createUserAndApikey(); + $ret = $this->uploadFile($apikey, "data/tests/small-file"); + $id = $ret["data"]["ids"][0]; + + $ret = $this->CallEndpoint("POST", "file/delete", array( + "apikey" => $apikey, + "ids[1]" => $id, + )); + $this->expectSuccess("delete uploaded file", $ret); + + $this->t->ok(empty($ret["data"]["errors"]), "no errors"); + $this->t->is_deeply(array( + $id => array( + "id" => $id + ) + ), $ret["data"]["deleted"], "deleted wanted ID"); + $this->t->is($ret["data"]["total_count"], 1, "total_count correct"); + $this->t->is($ret["data"]["deleted_count"], 1, "deleted_count correct"); + } + + public function test_delete_errorIfNotOwner() + { + $apikey = $this->createUserAndApikey(); + $apikey2 = $this->createUserAndApikey(); + $ret = $this->uploadFile($apikey, "data/tests/small-file"); + $id = $ret["data"]["ids"][0]; + + $ret = $this->CallEndpoint("POST", "file/delete", array( + "apikey" => $apikey2, + "ids[1]" => $id, + )); + $this->expectSuccess("delete file of someone else", $ret); + + $this->t->ok(empty($ret["data"]["deleted"]), "not deleted"); + $this->t->is_deeply(array( + $id => array( + "id" => $id, + "reason" => "wrong owner" + ) + ), $ret["data"]["errors"], "error wanted ID"); + $this->t->is($ret["data"]["total_count"], 1, "total_count correct"); + $this->t->is($ret["data"]["deleted_count"], 0, "deleted_count correct"); + } + +} diff --git a/application/test/tests/api_v2/test_file_upload.php b/application/test/tests/api_v2/test_file_upload.php new file mode 100644 index 000000000..5cc73a0ac --- /dev/null +++ b/application/test/tests/api_v2/test_file_upload.php @@ -0,0 +1,67 @@ +<?php +/* + * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +namespace test\tests\api_v2; + +class test_file_upload extends common { + + public function __construct() + { + parent::__construct(); + $this->startServer(23205); + $this->userCounter = 5100; + } + + public function test_upload_uploadFile() + { + $apikey = $this->createUserAndApikey(); + $ret = $this->CallEndpoint("POST", "file/upload", array( + "apikey" => $apikey, + "file[1]" => curl_file_create("data/tests/small-file"), + )); + $this->expectSuccess("upload file", $ret); + + $this->t->ok(!empty($ret["data"]["ids"]), "got IDs"); + $this->t->ok(!empty($ret["data"]["urls"]), "got URLs"); + } + + public function test_upload_uploadFileSameMD5() + { + $apikey = $this->createUserAndApikey(); + $ret = $this->CallEndpoint("POST", "file/upload", array( + "apikey" => $apikey, + "file[1]" => curl_file_create("data/tests/message1.bin"), + "file[2]" => curl_file_create("data/tests/message2.bin"), + )); + $this->expectSuccess("upload file", $ret); + + $this->t->ok(!empty($ret["data"]["ids"]), "got IDs"); + $this->t->ok(!empty($ret["data"]["urls"]), "got URLs"); + + foreach ($ret["data"]["urls"] as $url) { + $data[] = $this->SendHTTPRequest("GET", $url, ''); + } + $this->t->ok($data[0] !== $data[1], 'Returned file contents should differ'); + } + + public function test_upload_uploadNothing() + { + $apikey = $this->createUserAndApikey(); + $ret = $this->CallEndpoint("POST", "file/upload", array( + "apikey" => $apikey, + )); + $this->expectError("upload no file", $ret); + $this->t->is_deeply(array( + 'status' => 'error', + 'error_id' => 'file/no-file', + 'message' => 'No file was uploaded or unknown error occurred.', + ), $ret, "expected reply"); + } + +} diff --git a/application/test/tests/api_v2/test_history.php b/application/test/tests/api_v2/test_history.php index abc6f1d65..988807c77 100644 --- a/application/test/tests/api_v2/test_history.php +++ b/application/test/tests/api_v2/test_history.php @@ -1,6 +1,6 @@ <?php /* - * Copyright 2015 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net> * * Licensed under AGPLv3 * (see COPYING for full license text) @@ -14,7 +14,7 @@ class test_history extends common { public function __construct() { parent::__construct(); - $this->startServer(23116); + $this->startServer(23201); $this->userCounter = 1100; } diff --git a/application/test/tests/api_v2/test_misc.php b/application/test/tests/api_v2/test_misc.php new file mode 100644 index 000000000..e7c249054 --- /dev/null +++ b/application/test/tests/api_v2/test_misc.php @@ -0,0 +1,48 @@ +<?php +/* + * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +namespace test\tests\api_v2; + +class test_misc extends common { + + public function __construct() + { + parent::__construct(); + $this->startServer(23207); + $this->userCounter = 7100; + } + + public function test_apikeys_getApikey() + { + $userid = $this->createUser(2); + $apikey = $this->createApikey($userid); + $apikey_full = $this->createApikey($userid, "full"); + $ret = $this->CallEndpoint("POST", "user/apikeys", array( + "apikey" => $apikey_full, + )); + $this->expectSuccess("get apikeys", $ret); + + $this->t->is($ret["data"]["apikeys"][$apikey]["key"], $apikey, "expected key 1"); + $this->t->is($ret["data"]["apikeys"][$apikey]["access_level"], "apikey", "expected key 1 acces_level"); + $this->t->is($ret["data"]["apikeys"][$apikey]["comment"], "", "expected key 1 comment"); + $this->t->ok(is_int($ret["data"]["apikeys"][$apikey]["created"]) , "expected key 1 creation time is int"); + } + + public function test_get_config() + { + $ret = $this->CallEndpoint("GET", "file/get_config", array( + )); + $this->expectSuccess("get_config", $ret); + + $this->t->like($ret["data"]["upload_max_size"], '/[0-9]+/', "upload_max_size is int"); + $this->t->like($ret["data"]["max_files_per_request"], '/[0-9]+/', "max_files_per_request is int"); + } + + +} diff --git a/application/test/tests/api_v2/test_user_delete_apikey.php b/application/test/tests/api_v2/test_user_delete_apikey.php new file mode 100644 index 000000000..062b0d6c1 --- /dev/null +++ b/application/test/tests/api_v2/test_user_delete_apikey.php @@ -0,0 +1,49 @@ +<?php +/* + * Copyright 2016 Florian "Bluewind" Pritz <bluewind@server-speed.net> + * + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ + +namespace test\tests\api_v2; + +class test_user_delete_apikey extends common { + + public function __construct() + { + parent::__construct(); + $this->startServer(23206); + $this->userCounter = 6100; + } + + public function test_delete_apikey_deleteOwnKey() + { + $apikey = $this->createUserAndApikey("full"); + $ret = $this->CallEndpoint("POST", "user/delete_apikey", array( + "apikey" => $apikey, + "delete_key" => $apikey, + )); + $this->expectSuccess("delete apikey", $ret); + + $this->t->is($ret["data"]["deleted_keys"][$apikey]["key"], $apikey, "expected key"); + } + + public function test_delete_apikey_errorDeleteOtherUserKey() + { + $apikey = $this->createUserAndApikey("full"); + $apikey2 = $this->createUserAndApikey("full"); + $ret = $this->CallEndpoint("POST", "user/delete_apikey", array( + "apikey" => $apikey, + "delete_key" => $apikey2, + )); + $this->expectError("delete apikey of other user", $ret); + $this->t->is_deeply(array( + 'status' => 'error', + 'error_id' => 'user/delete_apikey/failed', + 'message' => 'Apikey deletion failed. Possibly wrong owner.', + ), $ret, "expected error"); + } + +} |