[civicrm-core.git] / tests / phpunit / WebTest / Utils / RestTest.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 4.3                                                |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2013                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License along with this program; if not, contact CiviCRM LLC       |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
*/

require_once 'CiviTest/CiviSeleniumTestCase.php';
class WebTest_Utils_RestTest extends CiviSeleniumTestCase {
  protected $url;
  protected $api_key;
  protected $session_id;
  protected $nocms_contact_id;

  protected function assertAPIErrorCode($apiResult, $cmpvar, $prefix = '') {
    if (!empty($prefix)) {
      $prefix .= ': ';
    }
    $this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . (empty($apiResult['error_message']) ? '' : $apiResult['error_message']));
    //$this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . print_r($apiResult, TRUE));
  }

  protected function setUp() {
    parent::setUp();
    //URL should eventually be adapted for multisite
    $this->url = "{$this->settings->sandboxURL}/{$this->sboxPath}sites/all/modules/civicrm/extern/rest.php";

    if (!property_exists($this->settings, 'siteKey') || empty($this->settings->siteKey)) {
      $this->markTestSkipped('CiviSeleniumSettings is missing siteKey');
    }
    if (!property_exists($this->settings, 'adminApiKey') || empty($this->settings->adminApiKey)) {
      $this->markTestSkipped('CiviSeleniumSettings is missing adminApiKey');
    }
  }

  protected function tearDown() {
    parent::tearDown();
    if (isset($this->nocms_contact_id)) {
      $deleteParams = array(
        "id" => $this->nocms_contact_id,
        "skip_undelete" => 1
      );
      $res = $this->webtest_civicrm_api("Contact", "delete", $deleteParams);
      unset($this->nocms_contact_id);
    }
  }

  /**
   * Build a list of test cases. Each test case defines a set of REST query
   * parameters and an expected outcome for the REST request (eg is_error=>1 or is_error=>0).
   *
   * @return array; each item is a list of parameters for testAPICalls
   */
  function apiTestCases() {
    $cases = array();

    // entity,action: omit apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "entity" => "Contact",
        "action" => "get",
        "key" => $this->settings->siteKey,
        "json" => "1",
      ),
      1, // is_error
    );

    // entity,action: valid apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "entity" => "Contact",
        "action" => "get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => $this->settings->adminApiKey,
      ),
      0, // is_error
    );

    // entity,action: bad apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "entity" => "Contact",
        "action" => "get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => 'garbage_' . $this->settings->adminApiKey,
      ),
      1, // is_error
    );

    // entity,action: valid apiKey, invalid entity+action
    $cases[] = array(
      array( // query
        "entity" => "Contactses",
        "action" => "get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => $this->settings->adminApiKey,
      ),
      1, // is_error
    );

    // q=civicrm/entity/action: omit apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "q" => "civicrm/contact/get",
        "key" => $this->settings->siteKey,
        "json" => "1",
      ),
      1, // is_error
    );

    // q=civicrm/entity/action: valid apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "q" => "civicrm/contact/get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => $this->settings->adminApiKey,
      ),
      0, // is_error
    );

    // q=civicrm/entity/action: invalid apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "q" => "civicrm/contact/get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => 'garbage_' . $this->settings->adminApiKey,
      ),
      1, // is_error
    );

    // q=civicrm/entity/action: valid apiKey, invalid entity+action
    $cases[] = array(
      array( // query
        "q" => "civicrm/contactses/get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => $this->settings->adminApiKey,
      ),
      1, // is_error
    );

    // q=civicrm/entity/action: valid apiKey, invalid entity+action
    // XXX Actually Ping is valid, no?
    $cases[] = array(
      array( // query
        "q" => "civicrm/ping",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => $this->settings->adminApiKey,
      ),
      0, // is_error
    );

    return $cases;
  }

  /**
   * @dataProvider apiTestCases
   */
  function testAPICalls($query, $is_error) {
    $client = CRM_Utils_HttpClient::singleton();
    list($status, $data) = $client->post($this->url, $query);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    if ($result === NULL) {
      $msg = print_r(array('query' => $query, 'response data' => $data), TRUE);
      $this->assertNotNull($result, $msg);
    }
    $this->assertAPIErrorCode($result, $is_error);
  }

  /**
   * Submit a request with an API key that exists but does not correspond to
   * a real user. Submit in "?entity=X&action=X" notation
   */
  function testNotCMSUser_entityAction() {
    $client = CRM_Utils_HttpClient::singleton();

    //Create contact with api_key
    $test_key = "testing1234";
    $contactParams = array(
      "api_key" => $test_key,
      "contact_type" => "Individual",
      "first_name" => "RestTester1"
    );
    $contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
    $this->nocms_contact_id = $contact["id"];

    // Use the malformed key
    $params = array(
      "entity" => "Contact",
      "action" => "get",
      "key" => $this->settings->siteKey,
      "json" => "1",
      "api_key" => $test_key
    );
    list($status, $data) = $client->post($this->url, $params);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    $this->assertNotNull($result);
    $this->assertAPIErrorCode($result, 1);
  }

  /**
   * Submit a request with an API key that exists but does not correspond to
   * a real user. Submit in "?q=civicrm/$entity/$action" notation
   */
  function testNotCMSUser_q() {
    $client = CRM_Utils_HttpClient::singleton();

    //Create contact with api_key
    $test_key = "testing1234";
    $contactParams = array(
      "api_key" => $test_key,
      "contact_type" => "Individual",
      "first_name" => "RestTester1"
    );
    $contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
    $this->nocms_contact_id = $contact["id"];

    // Use the malformed key
    $params = array(
      "q" => "civicrm/contact/get",
      "key" => $this->settings->siteKey,
      "json" => "1",
      "api_key" => $test_key
    );
    list($status, $data) = $client->post($this->url, $params);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    $this->assertNotNull($result);
    $this->assertAPIErrorCode($result, 1);
  }

}
Commit	Line	Data
49626e3d CW	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
	4	\| CiviCRM version 4.3 \|
	5	+--------------------------------------------------------------------+
	6	\| Copyright CiviCRM LLC (c) 2004-2013 \|
	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License along with this program; if not, contact CiviCRM LLC \|
	21	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	22	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	23	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	24	+--------------------------------------------------------------------+
	25	*/
	26
	27	require_once 'CiviTest/CiviSeleniumTestCase.php';
	28	class WebTest_Utils_RestTest extends CiviSeleniumTestCase {
	29	protected $url;
	30	protected $api_key;
	31	protected $session_id;
	32	protected $nocms_contact_id;
	33
66eec473	34	protected function assertAPIErrorCode($apiResult, $cmpvar, $prefix = '') {
49626e3d CW	35	if (!empty($prefix)) {
	36	$prefix .= ': ';
	37	}
	38	$this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . (empty($apiResult['error_message']) ? '' : $apiResult['error_message']));
668891f2	39	//$this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . print_r($apiResult, TRUE));
49626e3d CW	40	}
	41
	42	protected function setUp() {
	43	parent::setUp();
	44	//URL should eventually be adapted for multisite
	45	$this->url = "{$this->settings->sandboxURL}/{$this->sboxPath}sites/all/modules/civicrm/extern/rest.php";
	46
016157f0	47	if (!property_exists($this->settings, 'siteKey') \|\| empty($this->settings->siteKey)) {
88be34fc TO	48	$this->markTestSkipped('CiviSeleniumSettings is missing siteKey');
88be34fc TO	49	}
eb87411f TO	50	if (!property_exists($this->settings, 'adminApiKey') \|\| empty($this->settings->adminApiKey)) {
	51	$this->markTestSkipped('CiviSeleniumSettings is missing adminApiKey');
	52	}
49626e3d CW	53	}
	54
	55	protected function tearDown() {
	56	parent::tearDown();
016157f0	57	if (isset($this->nocms_contact_id)) {
49626e3d CW	58	$deleteParams = array(
	59	"id" => $this->nocms_contact_id,
	60	"skip_undelete" => 1
	61	);
	62	$res = $this->webtest_civicrm_api("Contact", "delete", $deleteParams);
	63	unset($this->nocms_contact_id);
	64	}
	65	}
	66
3cabb1aa	67	/**
668891f2 TO	68	* Build a list of test cases. Each test case defines a set of REST query
	69	* parameters and an expected outcome for the REST request (eg is_error=>1 or is_error=>0).
	70	*
3cabb1aa TO	71	* @return array; each item is a list of parameters for testAPICalls
	72	*/
	73	function apiTestCases() {
	74	$cases = array();
	75
668891f2 TO	76	// entity,action: omit apiKey, valid entity+action
	77	$cases[] = array(
	78	array( // query
	79	"entity" => "Contact",
	80	"action" => "get",
	81	"key" => $this->settings->siteKey,
	82	"json" => "1",
	83	),
	84	1, // is_error
	85	);
	86
3cabb1aa TO	87	// entity,action: valid apiKey, valid entity+action
3cabb1aa TO	88	$cases[] = array(
668891f2	89	array( // query
3cabb1aa TO	90	"entity" => "Contact",
	91	"action" => "get",
	92	"key" => $this->settings->siteKey,
	93	"json" => "1",
	94	"api_key" => $this->settings->adminApiKey,
	95	),
668891f2	96	0, // is_error
016157f0	97	);
3cabb1aa TO	98
	99	// entity,action: bad apiKey, valid entity+action
	100	$cases[] = array(
668891f2	101	array( // query
3cabb1aa TO	102	"entity" => "Contact",
	103	"action" => "get",
	104	"key" => $this->settings->siteKey,
	105	"json" => "1",
	106	"api_key" => 'garbage_' . $this->settings->adminApiKey,
	107	),
668891f2	108	1, // is_error
3cabb1aa TO	109	);
	110
	111	// entity,action: valid apiKey, invalid entity+action
	112	$cases[] = array(
668891f2	113	array( // query
3cabb1aa TO	114	"entity" => "Contactses",
	115	"action" => "get",
	116	"key" => $this->settings->siteKey,
	117	"json" => "1",
	118	"api_key" => $this->settings->adminApiKey,
	119	),
668891f2 TO	120	1, // is_error
	121	);
	122
	123	// q=civicrm/entity/action: omit apiKey, valid entity+action
	124	$cases[] = array(
	125	array( // query
	126	"q" => "civicrm/contact/get",
	127	"key" => $this->settings->siteKey,
	128	"json" => "1",
	129	),
	130	1, // is_error
3cabb1aa TO	131	);
	132
	133	// q=civicrm/entity/action: valid apiKey, valid entity+action
	134	$cases[] = array(
668891f2	135	array( // query
3cabb1aa TO	136	"q" => "civicrm/contact/get",
	137	"key" => $this->settings->siteKey,
	138	"json" => "1",
	139	"api_key" => $this->settings->adminApiKey,
	140	),
668891f2	141	0, // is_error
3cabb1aa TO	142	);
	143
	144	// q=civicrm/entity/action: invalid apiKey, valid entity+action
	145	$cases[] = array(
668891f2	146	array( // query
3cabb1aa TO	147	"q" => "civicrm/contact/get",
	148	"key" => $this->settings->siteKey,
	149	"json" => "1",
	150	"api_key" => 'garbage_' . $this->settings->adminApiKey,
	151	),
668891f2	152	1, // is_error
3cabb1aa TO	153	);
	154
	155	// q=civicrm/entity/action: valid apiKey, invalid entity+action
	156	$cases[] = array(
668891f2	157	array( // query
3cabb1aa TO	158	"q" => "civicrm/contactses/get",
	159	"key" => $this->settings->siteKey,
	160	"json" => "1",
	161	"api_key" => $this->settings->adminApiKey,
	162	),
668891f2	163	1, // is_error
3cabb1aa TO	164	);
3cabb1aa TO	165
308e0075	166	// q=civicrm/entity/action: valid apiKey, invalid entity+action
cf739ea4	167	// XXX Actually Ping is valid, no?
308e0075 TO	168	$cases[] = array(
	169	array( // query
	170	"q" => "civicrm/ping",
	171	"key" => $this->settings->siteKey,
	172	"json" => "1",
	173	"api_key" => $this->settings->adminApiKey,
	174	),
	175	0, // is_error
	176	);
	177
3cabb1aa	178	return $cases;
49626e3d CW	179	}
49626e3d CW	180
3cabb1aa TO	181	/**
	182	* @dataProvider apiTestCases
	183	*/
	184	function testAPICalls($query, $is_error) {
016157f0	185	$client = CRM_Utils_HttpClient::singleton();
3cabb1aa	186	list($status, $data) = $client->post($this->url, $query);
016157f0 TO	187	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
016157f0 TO	188	$result = json_decode($data, TRUE);
d56bbdb3 TO	189	if ($result === NULL) {
	190	$msg = print_r(array('query' => $query, 'response data' => $data), TRUE);
	191	$this->assertNotNull($result, $msg);
	192	}
3cabb1aa	193	$this->assertAPIErrorCode($result, $is_error);
49626e3d CW	194	}
49626e3d CW	195
0f051868 TO	196	/**
	197	* Submit a request with an API key that exists but does not correspond to
	198	* a real user. Submit in "?entity=X&action=X" notation
	199	*/
	200	function testNotCMSUser_entityAction() {
016157f0	201	$client = CRM_Utils_HttpClient::singleton();
0f051868	202
016157f0 TO	203	//Create contact with api_key
	204	$test_key = "testing1234";
	205	$contactParams = array(
	206	"api_key" => $test_key,
	207	"contact_type" => "Individual",
	208	"first_name" => "RestTester1"
	209	);
	210	$contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
	211	$this->nocms_contact_id = $contact["id"];
49626e3d	212
0f051868	213	// Use the malformed key
016157f0 TO	214	$params = array(
	215	"entity" => "Contact",
	216	"action" => "get",
	217	"key" => $this->settings->siteKey,
	218	"json" => "1",
0f051868 TO	219	"api_key" => $test_key
	220	);
	221	list($status, $data) = $client->post($this->url, $params);
	222	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
	223	$result = json_decode($data, TRUE);
	224	$this->assertNotNull($result);
	225	$this->assertAPIErrorCode($result, 1);
	226	}
	227
	228	/**
	229	* Submit a request with an API key that exists but does not correspond to
	230	* a real user. Submit in "?q=civicrm/$entity/$action" notation
	231	*/
	232	function testNotCMSUser_q() {
	233	$client = CRM_Utils_HttpClient::singleton();
	234
	235	//Create contact with api_key
	236	$test_key = "testing1234";
	237	$contactParams = array(
	238	"api_key" => $test_key,
	239	"contact_type" => "Individual",
	240	"first_name" => "RestTester1"
	241	);
	242	$contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
	243	$this->nocms_contact_id = $contact["id"];
	244
	245	// Use the malformed key
	246	$params = array(
	247	"q" => "civicrm/contact/get",
	248	"key" => $this->settings->siteKey,
	249	"json" => "1",
016157f0 TO	250	"api_key" => $test_key
	251	);
	252	list($status, $data) = $client->post($this->url, $params);
	253	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
	254	$result = json_decode($data, TRUE);
	255	$this->assertNotNull($result);
	256	$this->assertAPIErrorCode($result, 1);
49626e3d CW	257	}
	258
	259	}