Commit | Line | Data |
---|---|---|
49626e3d CW |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
4 | | CiviCRM version 4.3 | | |
5 | +--------------------------------------------------------------------+ | |
6 | | Copyright CiviCRM LLC (c) 2004-2013 | | |
7 | +--------------------------------------------------------------------+ | |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License along with this program; if not, contact CiviCRM LLC | | |
21 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
22 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
23 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
24 | +--------------------------------------------------------------------+ | |
25 | */ | |
26 | ||
27 | require_once 'CiviTest/CiviSeleniumTestCase.php'; | |
28 | class WebTest_Utils_RestTest extends CiviSeleniumTestCase { | |
29 | protected $url; | |
30 | protected $api_key; | |
31 | protected $session_id; | |
32 | protected $nocms_contact_id; | |
33 | ||
66eec473 | 34 | protected function assertAPIErrorCode($apiResult, $cmpvar, $prefix = '') { |
49626e3d CW |
35 | if (!empty($prefix)) { |
36 | $prefix .= ': '; | |
37 | } | |
38 | $this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . (empty($apiResult['error_message']) ? '' : $apiResult['error_message'])); | |
668891f2 | 39 | //$this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . print_r($apiResult, TRUE)); |
49626e3d CW |
40 | } |
41 | ||
42 | protected function setUp() { | |
43 | parent::setUp(); | |
44 | //URL should eventually be adapted for multisite | |
45 | $this->url = "{$this->settings->sandboxURL}/{$this->sboxPath}sites/all/modules/civicrm/extern/rest.php"; | |
46 | ||
016157f0 | 47 | if (!property_exists($this->settings, 'siteKey') || empty($this->settings->siteKey)) { |
88be34fc TO |
48 | $this->markTestSkipped('CiviSeleniumSettings is missing siteKey'); |
49 | } | |
eb87411f TO |
50 | if (!property_exists($this->settings, 'adminApiKey') || empty($this->settings->adminApiKey)) { |
51 | $this->markTestSkipped('CiviSeleniumSettings is missing adminApiKey'); | |
52 | } | |
49626e3d CW |
53 | } |
54 | ||
55 | protected function tearDown() { | |
56 | parent::tearDown(); | |
016157f0 | 57 | if (isset($this->nocms_contact_id)) { |
49626e3d CW |
58 | $deleteParams = array( |
59 | "id" => $this->nocms_contact_id, | |
60 | "skip_undelete" => 1 | |
61 | ); | |
62 | $res = $this->webtest_civicrm_api("Contact", "delete", $deleteParams); | |
63 | unset($this->nocms_contact_id); | |
64 | } | |
65 | } | |
66 | ||
3cabb1aa | 67 | /** |
668891f2 TO |
68 | * Build a list of test cases. Each test case defines a set of REST query |
69 | * parameters and an expected outcome for the REST request (eg is_error=>1 or is_error=>0). | |
70 | * | |
3cabb1aa TO |
71 | * @return array; each item is a list of parameters for testAPICalls |
72 | */ | |
73 | function apiTestCases() { | |
74 | $cases = array(); | |
75 | ||
668891f2 TO |
76 | // entity,action: omit apiKey, valid entity+action |
77 | $cases[] = array( | |
78 | array( // query | |
79 | "entity" => "Contact", | |
80 | "action" => "get", | |
81 | "key" => $this->settings->siteKey, | |
82 | "json" => "1", | |
83 | ), | |
84 | 1, // is_error | |
85 | ); | |
86 | ||
3cabb1aa TO |
87 | // entity,action: valid apiKey, valid entity+action |
88 | $cases[] = array( | |
668891f2 | 89 | array( // query |
3cabb1aa TO |
90 | "entity" => "Contact", |
91 | "action" => "get", | |
92 | "key" => $this->settings->siteKey, | |
93 | "json" => "1", | |
94 | "api_key" => $this->settings->adminApiKey, | |
95 | ), | |
668891f2 | 96 | 0, // is_error |
016157f0 | 97 | ); |
3cabb1aa TO |
98 | |
99 | // entity,action: bad apiKey, valid entity+action | |
100 | $cases[] = array( | |
668891f2 | 101 | array( // query |
3cabb1aa TO |
102 | "entity" => "Contact", |
103 | "action" => "get", | |
104 | "key" => $this->settings->siteKey, | |
105 | "json" => "1", | |
106 | "api_key" => 'garbage_' . $this->settings->adminApiKey, | |
107 | ), | |
668891f2 | 108 | 1, // is_error |
3cabb1aa TO |
109 | ); |
110 | ||
111 | // entity,action: valid apiKey, invalid entity+action | |
112 | $cases[] = array( | |
668891f2 | 113 | array( // query |
3cabb1aa TO |
114 | "entity" => "Contactses", |
115 | "action" => "get", | |
116 | "key" => $this->settings->siteKey, | |
117 | "json" => "1", | |
118 | "api_key" => $this->settings->adminApiKey, | |
119 | ), | |
668891f2 TO |
120 | 1, // is_error |
121 | ); | |
122 | ||
123 | // q=civicrm/entity/action: omit apiKey, valid entity+action | |
124 | $cases[] = array( | |
125 | array( // query | |
126 | "q" => "civicrm/contact/get", | |
127 | "key" => $this->settings->siteKey, | |
128 | "json" => "1", | |
129 | ), | |
130 | 1, // is_error | |
3cabb1aa TO |
131 | ); |
132 | ||
133 | // q=civicrm/entity/action: valid apiKey, valid entity+action | |
134 | $cases[] = array( | |
668891f2 | 135 | array( // query |
3cabb1aa TO |
136 | "q" => "civicrm/contact/get", |
137 | "key" => $this->settings->siteKey, | |
138 | "json" => "1", | |
139 | "api_key" => $this->settings->adminApiKey, | |
140 | ), | |
668891f2 | 141 | 0, // is_error |
3cabb1aa TO |
142 | ); |
143 | ||
144 | // q=civicrm/entity/action: invalid apiKey, valid entity+action | |
145 | $cases[] = array( | |
668891f2 | 146 | array( // query |
3cabb1aa TO |
147 | "q" => "civicrm/contact/get", |
148 | "key" => $this->settings->siteKey, | |
149 | "json" => "1", | |
150 | "api_key" => 'garbage_' . $this->settings->adminApiKey, | |
151 | ), | |
668891f2 | 152 | 1, // is_error |
3cabb1aa TO |
153 | ); |
154 | ||
155 | // q=civicrm/entity/action: valid apiKey, invalid entity+action | |
156 | $cases[] = array( | |
668891f2 | 157 | array( // query |
3cabb1aa TO |
158 | "q" => "civicrm/contactses/get", |
159 | "key" => $this->settings->siteKey, | |
160 | "json" => "1", | |
161 | "api_key" => $this->settings->adminApiKey, | |
162 | ), | |
668891f2 | 163 | 1, // is_error |
3cabb1aa TO |
164 | ); |
165 | ||
308e0075 | 166 | // q=civicrm/entity/action: valid apiKey, invalid entity+action |
cf739ea4 | 167 | // XXX Actually Ping is valid, no? |
308e0075 TO |
168 | $cases[] = array( |
169 | array( // query | |
170 | "q" => "civicrm/ping", | |
171 | "key" => $this->settings->siteKey, | |
172 | "json" => "1", | |
173 | "api_key" => $this->settings->adminApiKey, | |
174 | ), | |
175 | 0, // is_error | |
176 | ); | |
177 | ||
3cabb1aa | 178 | return $cases; |
49626e3d CW |
179 | } |
180 | ||
3cabb1aa TO |
181 | /** |
182 | * @dataProvider apiTestCases | |
183 | */ | |
184 | function testAPICalls($query, $is_error) { | |
016157f0 | 185 | $client = CRM_Utils_HttpClient::singleton(); |
3cabb1aa | 186 | list($status, $data) = $client->post($this->url, $query); |
016157f0 TO |
187 | $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status); |
188 | $result = json_decode($data, TRUE); | |
d56bbdb3 TO |
189 | if ($result === NULL) { |
190 | $msg = print_r(array('query' => $query, 'response data' => $data), TRUE); | |
191 | $this->assertNotNull($result, $msg); | |
192 | } | |
3cabb1aa | 193 | $this->assertAPIErrorCode($result, $is_error); |
49626e3d CW |
194 | } |
195 | ||
0f051868 TO |
196 | /** |
197 | * Submit a request with an API key that exists but does not correspond to | |
198 | * a real user. Submit in "?entity=X&action=X" notation | |
199 | */ | |
200 | function testNotCMSUser_entityAction() { | |
016157f0 | 201 | $client = CRM_Utils_HttpClient::singleton(); |
0f051868 | 202 | |
016157f0 TO |
203 | //Create contact with api_key |
204 | $test_key = "testing1234"; | |
205 | $contactParams = array( | |
206 | "api_key" => $test_key, | |
207 | "contact_type" => "Individual", | |
208 | "first_name" => "RestTester1" | |
209 | ); | |
210 | $contact = $this->webtest_civicrm_api("Contact", "create", $contactParams); | |
211 | $this->nocms_contact_id = $contact["id"]; | |
49626e3d | 212 | |
0f051868 | 213 | // Use the malformed key |
016157f0 TO |
214 | $params = array( |
215 | "entity" => "Contact", | |
216 | "action" => "get", | |
217 | "key" => $this->settings->siteKey, | |
218 | "json" => "1", | |
0f051868 TO |
219 | "api_key" => $test_key |
220 | ); | |
221 | list($status, $data) = $client->post($this->url, $params); | |
222 | $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status); | |
223 | $result = json_decode($data, TRUE); | |
224 | $this->assertNotNull($result); | |
225 | $this->assertAPIErrorCode($result, 1); | |
226 | } | |
227 | ||
228 | /** | |
229 | * Submit a request with an API key that exists but does not correspond to | |
230 | * a real user. Submit in "?q=civicrm/$entity/$action" notation | |
231 | */ | |
232 | function testNotCMSUser_q() { | |
233 | $client = CRM_Utils_HttpClient::singleton(); | |
234 | ||
235 | //Create contact with api_key | |
236 | $test_key = "testing1234"; | |
237 | $contactParams = array( | |
238 | "api_key" => $test_key, | |
239 | "contact_type" => "Individual", | |
240 | "first_name" => "RestTester1" | |
241 | ); | |
242 | $contact = $this->webtest_civicrm_api("Contact", "create", $contactParams); | |
243 | $this->nocms_contact_id = $contact["id"]; | |
244 | ||
245 | // Use the malformed key | |
246 | $params = array( | |
247 | "q" => "civicrm/contact/get", | |
248 | "key" => $this->settings->siteKey, | |
249 | "json" => "1", | |
016157f0 TO |
250 | "api_key" => $test_key |
251 | ); | |
252 | list($status, $data) = $client->post($this->url, $params); | |
253 | $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status); | |
254 | $result = json_decode($data, TRUE); | |
255 | $this->assertNotNull($result); | |
256 | $this->assertAPIErrorCode($result, 1); | |
49626e3d CW |
257 | } |
258 | ||
259 | } |