From 8dd9fbe3912d74ab37d6654e83af8dd8fdf9d320 Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Wed, 25 Mar 2015 11:38:33 +0100
Subject: API 1.2.0: Add user/delete_apikeys endpoint

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 application/tests/test_api_v1.php | 37 +++++++++++++++++++++++++++++++++----
 1 file changed, 33 insertions(+), 4 deletions(-)

(limited to 'application/tests')

diff --git a/application/tests/test_api_v1.php b/application/tests/test_api_v1.php
index 3dcca0728..8277f14d5 100644
--- a/application/tests/test_api_v1.php
+++ b/application/tests/test_api_v1.php
@@ -44,17 +44,17 @@ class test_api_v1 extends Test {
 		return $CI->db->insert_id();
 	}
 
-	private function createApikey($userid)
+	private function createApikey($userid, $access_level = "apikey")
 	{
-		return \service\user::create_apikey($userid, "", "apikey");
+		return \service\user::create_apikey($userid, "", $access_level);
 	}
 
-	private function createUserAndApikey()
+	private function createUserAndApikey($access_level = "apikey")
 	{
 		static $counter = 100;
 		$counter++;
 		$userid = $this->createUser($counter);
-		return $this->createApikey($userid);
+		return $this->createApikey($userid, $access_level);
 	}
 
 	private function callEndpoint($verb, $endpoint, $data)
@@ -90,6 +90,7 @@ class test_api_v1 extends Test {
 		$endpoints = array(
 			"user/apikeys",
 			"user/create_apikey",
+			"user/delete_apikey",
 		);
 		foreach ($endpoints as $endpoint) {
 			$ret = $this->CallEndpoint("POST", $endpoint, array(
@@ -134,6 +135,34 @@ class test_api_v1 extends Test {
 		$this->t->ok(is_int($ret["data"]["apikeys"][$apikey]["created"]) , "expected key 1 creation time is int");
 	}
 
+	public function test_delete_apikey_deleteOwnKey()
+	{
+		$apikey = $this->createUserAndApikey("full");
+		$ret = $this->CallEndpoint("POST", "user/delete_apikey", array(
+			"apikey" => $apikey,
+			"delete_key" => $apikey,
+		));
+		$this->expectSuccess("delete apikey", $ret);
+
+		$this->t->is($ret["data"]["deleted_keys"][$apikey]["key"], $apikey, "expected key");
+	}
+
+	public function test_delete_apikey_errorDeleteOtherUserKey()
+	{
+		$apikey = $this->createUserAndApikey("full");
+		$apikey2 = $this->createUserAndApikey("full");
+		$ret = $this->CallEndpoint("POST", "user/delete_apikey", array(
+			"apikey" => $apikey,
+			"delete_key" => $apikey2,
+		));
+		$this->expectError("delete apikey of other user", $ret);
+		$this->t->is_deeply(array(
+			'status' => 'error',
+			'error_id' => 'user/delete_apikey/failed',
+			'message' => 'Apikey deletion failed. Possibly wrong owner.',
+		), $ret, "expected error");
+	}
+
 	public function test_authentication_invalidPassword()
 	{
 		$userid = $this->createUser(3);
-- 
cgit v1.2.3-24-g4f1b