logauth
/
SMMP
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
SMMP/spec/build/api/core/RequestSpec.php

498 lines
12 KiB
PHP
Raw Blame History

<?php
use Kahlan\Plugin\Stub;
use Kahlan\Plugin\Monkey;
use api\core\Request;
use api\core\AuthSystem;
use api\core\AuthSystemDefault;
use error\core\Error;
use error\core\Err;
describe('api', function(){
describe('core', function(){
describe('Request', function(){
beforeEach(function(){
$_SERVER = [
'REQUEST_METHOD' => 'POST'
];
});
describe('[check] config file', function(){
it('pass when config file exists', function(){
expect( file_exists(Request::config_path()) )->toBeTruthy();
});
it('pass when we can read the config file', function(){
expect( @file_get_contents(Request::config_path()) )->not->toBe(false);
});
it('pass when the config file is valid json', function(){
$read = @file_get_contents(Request::config_path());
expect($read)->not->toBe(false);
expect( json_decode($read, true) )->not->toBeNull();
expect( json_decode($read, true) )->toBeA('array');
});
});
describe('setAuthSystem(@instance)', function(){
it('pass when instance of AuthSystem', function(){
$instance = new AuthSystemDefault();
expect($instance)->toBeAnInstanceOf('api\core\AuthSystem');
expect(Request::setAuthSystem($instance))->toBeTruthy();
});
it('fail when not instance of AuthSystem', function(){
$instance = new Error(Err::Success);
expect($instance)->not->toBeAnInstanceOf('api\core\AuthSystem');
expect(Request::setAuthSystem($instance))->toBeFalsy();
});
});
describe('__construct(@path, @params)', function(){
context('with argument combinations', function(){
it('fail if @path is missing', function(){
$req = new Request();
expect($req->error->get())->toBe(Err::MissingPath);
});
it('fail if @path is not a string', function(){
expect('is_string')->toBeCalled();
$req = new Request(1);
expect($req->error->get())->toBe(Err::WrongPathModule);
});
it('pass if @params is an array', function(){
unset($_SERVER);
expect('is_array')->toBeCalled();
$req = new Request('someString', ['a', 'b']);
expect($req->error->get())->toBe(Err::UnknownHttpMethod);
});
it('pass if @params is not an array (default: [])', function(){
unset($_SERVER);
expect('is_array')->toBeCalled();
$types = [true, false, null, 1, 2.3, -1.2, 0, 'blabla'];
foreach($types as $type){
$req = new Request('someString', true);
expect($req->error->get())->toBe(Err::UnknownHttpMethod);
}
});
});
context('with config errors', function(){
it('fail if the config file exists', function(){
// Request::config_path -> 'aa'
allow(Request::class)->toReceive('::config_path')->andReturn('invalid_fname');
expect(Request::config_path())->toBe('invalid_fname');
// file_exists -> false
allow('file_exists')->toBeCalled()->andReturn(false);
expect('file_exists')->toBeCalled();
$req = new Request('a/b');
expect($req->error->get())->toBe(Err::UnreachableResource);
});
it('fail if the config file cannot be read', function(){
// file_get_contents -> false
allow('file_get_contents')->toBeCalled()->andReturn(false);
expect('file_get_contents')->toBeCalled();
$req = new Request('a/b');
expect($req->error->get())->toBe(Err::UnreachableResource);
});
it('fail if the json format is not valid', function(){
// file_exists -> true
allow('file_exists')->toBeCalled()->andReturn(true);
expect('file_exists')->toBeCalled();
// file_get_contents -> false
allow('file_get_contents')->toBeCalled()->andReturn('{incorrect_json');
expect('file_get_contents')->toBeCalled();
// json_decode -> called
expect('json_decode')->toBeCalled();
$req = new Request('a/b');
expect($req->error->get())->toBe(Err::ParsingFailed);
});
});
context('with checks errors', function(){
it('fail with checkPath() fails', function(){
allow(Request::class)->toReceive('checkPath')->andRun(function(){
$this->error->set(Err::UnknownError);
return false;
});
$req = new Request('a/b');
expect($req->error->get())->toBe(Err::UnknownError);
});
it('fail with checkPermission() fails', function(){
// bypass checkPath();
allow(Request::class)->toReceive('checkPath')->andReturn(true);
allow(Request::class)->toReceive('checkPermission')->andRun(function(){
$this->error->set(Err::UnknownError);
return false;
});
$req = new Request('a/b');
expect($req->error->get())->toBe(Err::UnknownError);
});
it('fail with checkParams() fails', function(){
// bypass checkPath(); + checkPermission();
allow(Request::class)->toReceive('checkPath')->andReturn(true);
allow(Request::class)->toReceive('checkPermission')->andReturn(true);
allow(Request::class)->toReceive('checkParams')->andRun(function(){
$this->error->set(Err::UnknownError);
return false;
});
$req = new Request('a/b');
expect($req->error->get())->toBe(Err::UnknownError);
});
it('pass with all checks ok', function(){
// bypass all checks
allow(Request::class)->toReceive('checkPath')->andReturn(true);
allow(Request::class)->toReceive('checkPermission')->andReturn(true);
allow(Request::class)->toReceive('checkParams')->andReturn(true);
// bypass buildOptions();
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
$req = new Request('a/b');
expect($req->error->get())->toBe(Err::Success);
});
});
});
describe('checkPath(@path)', function(){
it('fail when wrong path format: \'module/method\'', function(){
$values = ['a-b', 'a /b', 'a/b '];
foreach($values as $value){
$req = new Request($value);
expect($req->error->get())->toBe(Err::WrongPathModule);
}
});
it('pass when valid path format: letter/number/-/_', function(){
$values = ['a_b-c/d-e_f', 'abc/def', '_a_/_b_'];
foreach($values as $value){
$req = new Request($value);
expect($req->error->get())->not->toBe(Err::WrongPathModule);
}
});
it('fail when unknown module', function(){
allow('json_decode')->toBeCalled()->andReturn([
'mo-du_leA' => [],
'moduleB' => []
]);
$values = ['modulea/method', 'MODULEA/method', 'moduleC/method'];
foreach($values as $value){
$req = new Request($value);
expect($req->error->get())->toBe(Err::UnknownModule);
}
});
it('fail when unknown method', function(){
allow('json_decode')->toBeCalled()->andReturn([
'mo-du_leA' => [ 'POST::me-th_odA' => [] ],
'moduleB' => []
]);
$values = ['mo-du_leA/me-thodA', 'mo-du_leA/meth_odA', 'mo-du_leA/me-th_oda'];
foreach($values as $value){
$req = new Request($value);
expect($req->error->get())->toBe(Err::UnknownMethod);
}
});
it('pass all right', function(){
// bypass all checks
allow(Request::class)->toReceive('checkPermission')->andReturn(true);
allow(Request::class)->toReceive('checkParams')->andReturn(true);
// bypass buildOptions();
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'mo-du_leA' => [ 'POST::me-th_odA' => [] ],
'moduleB' => []
]);
$req = new Request('mo-du_leA/me-th_odA');
expect($req->error->get())->toBe(Err::Success);
});
});
describe('checkPermission()', function(){
it('pass when no permission', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => []
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::Success);
});
it('pass when permission is not an array', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => 23.2
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::Success);
});
it('fail if no AuthSystem and no api/core/AuthSystemDefault.php', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('file_exists')->toBeCalled()->andReturn(false);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => []
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::UnreachableResource);
});
it('pass if no AuthSystem and the api/core/AuthSystemDefault.php', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => []
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::Success);
});
it('fail if incorrect format', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => ['a']
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::FormatError);
});
it('fail when not \'warehouse\' granted', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => [['warehouse']]
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::PermissionError);
});
it('fail when not \'admin\' granted', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => [['admin']]
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::PermissionError);
});
it('fail when not \'sats\' granted', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => [['sats']]
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::TokenError);
});
it('fail when not \'unknown permission\' granted', function(){
// bypass checkers
allow(Request::class)->toReceive('checkParams')->andReturn(true);
allow(Request::class)->toReceive('buildOptions')->andReturn(true);
allow('json_decode')->toBeCalled()->andReturn([
'moduleA' => [
'POST::methodA' => [
'permissions' => [['unk']]
]
]
]);
$req = new Request('moduleA/methodA');
expect($req->error->get())->toBe(Err::PermissionError);
});
});
});
});
});
Reference in New Issue View Git Blame Copy Permalink