[civicrm-core.git] / tests / phpunit / WebTest / Utils / RestTest.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 4.3                                                |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2013                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License along with this program; if not, contact CiviCRM LLC       |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
*/

require_once 'CiviTest/CiviSeleniumTestCase.php';
class WebTest_Utils_RestTest extends CiviSeleniumTestCase {
  protected $url;
  protected $api_key;
  protected $session_id;
  protected $nocms_contact_id;

  protected function assertAPIErrorCode($apiResult, $cmpvar, $prefix = '') {
    if (!empty($prefix)) {
      $prefix .= ': ';
    }
    $this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . (empty($apiResult['error_message']) ? '' : $apiResult['error_message']));
    //$this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . print_r($apiResult, TRUE));
  }

  protected function setUp() {
    parent::setUp();
    //URL should eventually be adapted for multisite
    $this->url = "{$this->settings->sandboxURL}/{$this->sboxPath}sites/all/modules/civicrm/extern/rest.php";

    if (!property_exists($this->settings, 'siteKey') || empty($this->settings->siteKey)) {
      $this->markTestSkipped('CiviSeleniumSettings is missing siteKey');
    }
    if (!property_exists($this->settings, 'adminApiKey') || empty($this->settings->adminApiKey)) {
      $this->markTestSkipped('CiviSeleniumSettings is missing adminApiKey');
    }
  }

  protected function tearDown() {
    parent::tearDown();
    if (isset($this->nocms_contact_id)) {
      $deleteParams = array(
        "id" => $this->nocms_contact_id,
        "skip_undelete" => 1
      );
      $res = $this->webtest_civicrm_api("Contact", "delete", $deleteParams);
      unset($this->nocms_contact_id);
    }
  }

  /*
  function testValidLoginCMSUser() {
    $client = CRM_Utils_HttpClient::singleton();
    $params = array(
      "q" => "civicrm/login",
      "key" => $this->settings->siteKey,
      "json" => "1",
      "name" => $this->settings->adminUsername,
      "pass" => $this->settings->adminPassword
    );
    list($status, $data) = $client->post($this->url, $params);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    $this->assertNotNull($result);
    $this->assertAPIErrorCode($result, 0);
  }

  function testInvalidPasswordLogin() {
    $client = CRM_Utils_HttpClient::singleton();
    $badPassword = $this->settings->adminPassword . "badpass";
    $params = array(
      "q" => "civicrm/login",
      "key" => $this->settings->siteKey,
      "json" => "1",
      "name" => $this->settings->adminUsername,
      "pass" => $badPassword
    );
    list($status, $data) = $client->post($this->url, $params);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    $this->assertNotNull($result);
    $this->assertAPIErrorCode($result, 1);
  }

  function testValidCallPHPSessionID() {
    $this->_setUpAdminSessionIdAndApiKey();
    $client = CRM_Utils_HttpClient::singleton();
    $params = array(
      "entity" => "Contact",
      "action" => "get",
      "json" => "1",
      "PHPSESSID" => $this->session_id,
      "api_key" => $this->api_key,
    );
    list($status, $data) = $client->post($this->url, $params);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    $this->assertNotNull($result);
    $this->assertAPIErrorCode($result, 0);
  }
  */

  /**
   * Build a list of test cases. Each test case defines a set of REST query
   * parameters and an expected outcome for the REST request (eg is_error=>1 or is_error=>0).
   *
   * @return array; each item is a list of parameters for testAPICalls
   */
  function apiTestCases() {
    $cases = array();

    // entity,action: omit apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "entity" => "Contact",
        "action" => "get",
        "key" => $this->settings->siteKey,
        "json" => "1",
      ),
      1, // is_error
    );

    // entity,action: valid apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "entity" => "Contact",
        "action" => "get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => $this->settings->adminApiKey,
      ),
      0, // is_error
    );

    // entity,action: bad apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "entity" => "Contact",
        "action" => "get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => 'garbage_' . $this->settings->adminApiKey,
      ),
      1, // is_error
    );

    // entity,action: valid apiKey, invalid entity+action
    $cases[] = array(
      array( // query
        "entity" => "Contactses",
        "action" => "get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => $this->settings->adminApiKey,
      ),
      1, // is_error
    );

    // q=civicrm/entity/action: omit apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "q" => "civicrm/contact/get",
        "key" => $this->settings->siteKey,
        "json" => "1",
      ),
      1, // is_error
    );

    // q=civicrm/entity/action: valid apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "q" => "civicrm/contact/get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => $this->settings->adminApiKey,
      ),
      0, // is_error
    );

    // q=civicrm/entity/action: invalid apiKey, valid entity+action
    $cases[] = array(
      array( // query
        "q" => "civicrm/contact/get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => 'garbage_' . $this->settings->adminApiKey,
      ),
      1, // is_error
    );

    // q=civicrm/entity/action: valid apiKey, invalid entity+action
    $cases[] = array(
      array( // query
        "q" => "civicrm/contactses/get",
        "key" => $this->settings->siteKey,
        "json" => "1",
        "api_key" => $this->settings->adminApiKey,
      ),
      1, // is_error
    );

    return $cases;
  }

  /**
   * @dataProvider apiTestCases
   */
  function testAPICalls($query, $is_error) {
    $client = CRM_Utils_HttpClient::singleton();
    list($status, $data) = $client->post($this->url, $query);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    $this->assertNotNull($result);
    $this->assertAPIErrorCode($result, $is_error);
  }

  /**
   * Submit a request with an API key that exists but does not correspond to
   * a real user. Submit in "?entity=X&action=X" notation
   */
  function testNotCMSUser_entityAction() {
    $client = CRM_Utils_HttpClient::singleton();

    //Create contact with api_key
    $test_key = "testing1234";
    $contactParams = array(
      "api_key" => $test_key,
      "contact_type" => "Individual",
      "first_name" => "RestTester1"
    );
    $contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
    $this->nocms_contact_id = $contact["id"];

    // Use the malformed key
    $params = array(
      "entity" => "Contact",
      "action" => "get",
      "key" => $this->settings->siteKey,
      "json" => "1",
      "api_key" => $test_key
    );
    list($status, $data) = $client->post($this->url, $params);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    $this->assertNotNull($result);
    $this->assertAPIErrorCode($result, 1);
  }

  /**
   * Submit a request with an API key that exists but does not correspond to
   * a real user. Submit in "?q=civicrm/$entity/$action" notation
   */
  function testNotCMSUser_q() {
    $client = CRM_Utils_HttpClient::singleton();

    //Create contact with api_key
    $test_key = "testing1234";
    $contactParams = array(
      "api_key" => $test_key,
      "contact_type" => "Individual",
      "first_name" => "RestTester1"
    );
    $contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
    $this->nocms_contact_id = $contact["id"];

    // Use the malformed key
    $params = array(
      "q" => "civicrm/contact/get",
      "key" => $this->settings->siteKey,
      "json" => "1",
      "api_key" => $test_key
    );
    list($status, $data) = $client->post($this->url, $params);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    $this->assertNotNull($result);
    $this->assertAPIErrorCode($result, 1);
  }

  /*
  protected function _setUpAdminSessionIdAndApiKey() {
    $client = CRM_Utils_HttpClient::singleton();
    $params = array(
      "q" => "civicrm/login",
      "key" => $this->settings->siteKey,
      "json" => "1",
      "name" => $this->settings->adminUsername,
      "pass" => $this->settings->adminPassword
    );
    list($status, $data) = $client->post($this->url, $params);
    $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
    $result = json_decode($data, TRUE);
    $this->assertAPIErrorCode($result, 0);
    $this->api_key = $result["api_key"];
    $this->session_id = $result["PHPSESSID"];
    $this->assertTrue(isset($this->api_key), 'Failed to find admin API key');
    return $result;
  } // */
}
Commit	Line	Data
49626e3d CW	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
	4	\| CiviCRM version 4.3 \|
	5	+--------------------------------------------------------------------+
	6	\| Copyright CiviCRM LLC (c) 2004-2013 \|
	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License along with this program; if not, contact CiviCRM LLC \|
	21	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	22	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	23	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	24	+--------------------------------------------------------------------+
	25	*/
	26
	27	require_once 'CiviTest/CiviSeleniumTestCase.php';
	28	class WebTest_Utils_RestTest extends CiviSeleniumTestCase {
	29	protected $url;
	30	protected $api_key;
	31	protected $session_id;
	32	protected $nocms_contact_id;
	33
66eec473	34	protected function assertAPIErrorCode($apiResult, $cmpvar, $prefix = '') {
49626e3d CW	35	if (!empty($prefix)) {
	36	$prefix .= ': ';
	37	}
	38	$this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . (empty($apiResult['error_message']) ? '' : $apiResult['error_message']));
668891f2	39	//$this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . print_r($apiResult, TRUE));
49626e3d CW	40	}
	41
	42	protected function setUp() {
	43	parent::setUp();
	44	//URL should eventually be adapted for multisite
	45	$this->url = "{$this->settings->sandboxURL}/{$this->sboxPath}sites/all/modules/civicrm/extern/rest.php";
	46
016157f0	47	if (!property_exists($this->settings, 'siteKey') \|\| empty($this->settings->siteKey)) {
88be34fc TO	48	$this->markTestSkipped('CiviSeleniumSettings is missing siteKey');
88be34fc TO	49	}
eb87411f TO	50	if (!property_exists($this->settings, 'adminApiKey') \|\| empty($this->settings->adminApiKey)) {
	51	$this->markTestSkipped('CiviSeleniumSettings is missing adminApiKey');
	52	}
49626e3d CW	53	}
	54
	55	protected function tearDown() {
	56	parent::tearDown();
016157f0	57	if (isset($this->nocms_contact_id)) {
49626e3d CW	58	$deleteParams = array(
	59	"id" => $this->nocms_contact_id,
	60	"skip_undelete" => 1
	61	);
	62	$res = $this->webtest_civicrm_api("Contact", "delete", $deleteParams);
	63	unset($this->nocms_contact_id);
	64	}
	65	}
	66
eb87411f	67	/*
49626e3d	68	function testValidLoginCMSUser() {
016157f0 TO	69	$client = CRM_Utils_HttpClient::singleton();
	70	$params = array(
	71	"q" => "civicrm/login",
	72	"key" => $this->settings->siteKey,
	73	"json" => "1",
	74	"name" => $this->settings->adminUsername,
	75	"pass" => $this->settings->adminPassword
	76	);
	77	list($status, $data) = $client->post($this->url, $params);
	78	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
	79	$result = json_decode($data, TRUE);
	80	$this->assertNotNull($result);
	81	$this->assertAPIErrorCode($result, 0);
49626e3d CW	82	}
	83
	84	function testInvalidPasswordLogin() {
016157f0 TO	85	$client = CRM_Utils_HttpClient::singleton();
	86	$badPassword = $this->settings->adminPassword . "badpass";
	87	$params = array(
	88	"q" => "civicrm/login",
	89	"key" => $this->settings->siteKey,
	90	"json" => "1",
	91	"name" => $this->settings->adminUsername,
	92	"pass" => $badPassword
	93	);
	94	list($status, $data) = $client->post($this->url, $params);
	95	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
	96	$result = json_decode($data, TRUE);
	97	$this->assertNotNull($result);
	98	$this->assertAPIErrorCode($result, 1);
49626e3d CW	99	}
49626e3d CW	100
eb87411f	101	function testValidCallPHPSessionID() {
5700921b	102	$this->_setUpAdminSessionIdAndApiKey();
016157f0 TO	103	$client = CRM_Utils_HttpClient::singleton();
	104	$params = array(
	105	"entity" => "Contact",
	106	"action" => "get",
016157f0	107	"json" => "1",
eb87411f TO	108	"PHPSESSID" => $this->session_id,
eb87411f TO	109	"api_key" => $this->api_key,
016157f0 TO	110	);
	111	list($status, $data) = $client->post($this->url, $params);
	112	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
	113	$result = json_decode($data, TRUE);
	114	$this->assertNotNull($result);
	115	$this->assertAPIErrorCode($result, 0);
49626e3d	116	}
eb87411f	117	*/
49626e3d	118
3cabb1aa	119	/**
668891f2 TO	120	* Build a list of test cases. Each test case defines a set of REST query
	121	* parameters and an expected outcome for the REST request (eg is_error=>1 or is_error=>0).
	122	*
3cabb1aa TO	123	* @return array; each item is a list of parameters for testAPICalls
	124	*/
	125	function apiTestCases() {
	126	$cases = array();
	127
668891f2 TO	128	// entity,action: omit apiKey, valid entity+action
	129	$cases[] = array(
	130	array( // query
	131	"entity" => "Contact",
	132	"action" => "get",
	133	"key" => $this->settings->siteKey,
	134	"json" => "1",
	135	),
	136	1, // is_error
	137	);
	138
3cabb1aa TO	139	// entity,action: valid apiKey, valid entity+action
3cabb1aa TO	140	$cases[] = array(
668891f2	141	array( // query
3cabb1aa TO	142	"entity" => "Contact",
	143	"action" => "get",
	144	"key" => $this->settings->siteKey,
	145	"json" => "1",
	146	"api_key" => $this->settings->adminApiKey,
	147	),
668891f2	148	0, // is_error
016157f0	149	);
3cabb1aa TO	150
	151	// entity,action: bad apiKey, valid entity+action
	152	$cases[] = array(
668891f2	153	array( // query
3cabb1aa TO	154	"entity" => "Contact",
	155	"action" => "get",
	156	"key" => $this->settings->siteKey,
	157	"json" => "1",
	158	"api_key" => 'garbage_' . $this->settings->adminApiKey,
	159	),
668891f2	160	1, // is_error
3cabb1aa TO	161	);
	162
	163	// entity,action: valid apiKey, invalid entity+action
	164	$cases[] = array(
668891f2	165	array( // query
3cabb1aa TO	166	"entity" => "Contactses",
	167	"action" => "get",
	168	"key" => $this->settings->siteKey,
	169	"json" => "1",
	170	"api_key" => $this->settings->adminApiKey,
	171	),
668891f2 TO	172	1, // is_error
	173	);
	174
	175	// q=civicrm/entity/action: omit apiKey, valid entity+action
	176	$cases[] = array(
	177	array( // query
	178	"q" => "civicrm/contact/get",
	179	"key" => $this->settings->siteKey,
	180	"json" => "1",
	181	),
	182	1, // is_error
3cabb1aa TO	183	);
	184
	185	// q=civicrm/entity/action: valid apiKey, valid entity+action
	186	$cases[] = array(
668891f2	187	array( // query
3cabb1aa TO	188	"q" => "civicrm/contact/get",
	189	"key" => $this->settings->siteKey,
	190	"json" => "1",
	191	"api_key" => $this->settings->adminApiKey,
	192	),
668891f2	193	0, // is_error
3cabb1aa TO	194	);
	195
	196	// q=civicrm/entity/action: invalid apiKey, valid entity+action
	197	$cases[] = array(
668891f2	198	array( // query
3cabb1aa TO	199	"q" => "civicrm/contact/get",
	200	"key" => $this->settings->siteKey,
	201	"json" => "1",
	202	"api_key" => 'garbage_' . $this->settings->adminApiKey,
	203	),
668891f2	204	1, // is_error
3cabb1aa TO	205	);
	206
	207	// q=civicrm/entity/action: valid apiKey, invalid entity+action
	208	$cases[] = array(
668891f2	209	array( // query
3cabb1aa TO	210	"q" => "civicrm/contactses/get",
	211	"key" => $this->settings->siteKey,
	212	"json" => "1",
	213	"api_key" => $this->settings->adminApiKey,
	214	),
668891f2	215	1, // is_error
3cabb1aa TO	216	);
	217
	218	return $cases;
49626e3d CW	219	}
49626e3d CW	220
3cabb1aa TO	221	/**
	222	* @dataProvider apiTestCases
	223	*/
	224	function testAPICalls($query, $is_error) {
016157f0	225	$client = CRM_Utils_HttpClient::singleton();
3cabb1aa	226	list($status, $data) = $client->post($this->url, $query);
016157f0 TO	227	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
	228	$result = json_decode($data, TRUE);
	229	$this->assertNotNull($result);
3cabb1aa	230	$this->assertAPIErrorCode($result, $is_error);
49626e3d CW	231	}
49626e3d CW	232
0f051868 TO	233	/**
	234	* Submit a request with an API key that exists but does not correspond to
	235	* a real user. Submit in "?entity=X&action=X" notation
	236	*/
	237	function testNotCMSUser_entityAction() {
016157f0	238	$client = CRM_Utils_HttpClient::singleton();
0f051868	239
016157f0 TO	240	//Create contact with api_key
	241	$test_key = "testing1234";
	242	$contactParams = array(
	243	"api_key" => $test_key,
	244	"contact_type" => "Individual",
	245	"first_name" => "RestTester1"
	246	);
	247	$contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
	248	$this->nocms_contact_id = $contact["id"];
49626e3d	249
0f051868	250	// Use the malformed key
016157f0 TO	251	$params = array(
	252	"entity" => "Contact",
	253	"action" => "get",
	254	"key" => $this->settings->siteKey,
	255	"json" => "1",
0f051868 TO	256	"api_key" => $test_key
	257	);
	258	list($status, $data) = $client->post($this->url, $params);
	259	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
	260	$result = json_decode($data, TRUE);
	261	$this->assertNotNull($result);
	262	$this->assertAPIErrorCode($result, 1);
	263	}
	264
	265	/**
	266	* Submit a request with an API key that exists but does not correspond to
	267	* a real user. Submit in "?q=civicrm/$entity/$action" notation
	268	*/
	269	function testNotCMSUser_q() {
	270	$client = CRM_Utils_HttpClient::singleton();
	271
	272	//Create contact with api_key
	273	$test_key = "testing1234";
	274	$contactParams = array(
	275	"api_key" => $test_key,
	276	"contact_type" => "Individual",
	277	"first_name" => "RestTester1"
	278	);
	279	$contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
	280	$this->nocms_contact_id = $contact["id"];
	281
	282	// Use the malformed key
	283	$params = array(
	284	"q" => "civicrm/contact/get",
	285	"key" => $this->settings->siteKey,
	286	"json" => "1",
016157f0 TO	287	"api_key" => $test_key
	288	);
	289	list($status, $data) = $client->post($this->url, $params);
	290	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
	291	$result = json_decode($data, TRUE);
	292	$this->assertNotNull($result);
	293	$this->assertAPIErrorCode($result, 1);
49626e3d CW	294	}
49626e3d CW	295
eb87411f	296	/*
5700921b TO	297	protected function _setUpAdminSessionIdAndApiKey() {
	298	$client = CRM_Utils_HttpClient::singleton();
	299	$params = array(
	300	"q" => "civicrm/login",
	301	"key" => $this->settings->siteKey,
	302	"json" => "1",
	303	"name" => $this->settings->adminUsername,
	304	"pass" => $this->settings->adminPassword
	305	);
	306	list($status, $data) = $client->post($this->url, $params);
	307	$this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
	308	$result = json_decode($data, TRUE);
	309	$this->assertAPIErrorCode($result, 0);
	310	$this->api_key = $result["api_key"];
	311	$this->session_id = $result["PHPSESSID"];
eb87411f	312	$this->assertTrue(isset($this->api_key), 'Failed to find admin API key');
5700921b	313	return $result;
eb87411f	314	} // */
49626e3d	315	}