projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5550 from civicrm/4.5
[civicrm-core.git] / tests / phpunit / WebTest / Utils / RestTest.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.6 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2015 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License along with this program; if not, contact CiviCRM LLC |
21 | at info[AT]civicrm[DOT]org. If you have questions about the |
22 | GNU Affero General Public License or the licensing of CiviCRM, |
23 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
24 +--------------------------------------------------------------------+
25 */
26
27 require_once 'CiviTest/CiviSeleniumTestCase.php';
28
29 /**
30 * Verify that the REST API bindings correctly parse and authenticate requests.
31 */
32 class WebTest_Utils_RestTest extends CiviSeleniumTestCase {
33 protected $url;
34 protected $api_key;
35 protected $session_id;
36 protected $nocms_contact_id;
37 protected $old_api_keys;
38
39 /**
40 * @param $apiResult
41 * @param $cmpvar
42 * @param string $prefix
43 */
44 protected function assertAPIErrorCode($apiResult, $cmpvar, $prefix = '') {
45 if (!empty($prefix)) {
46 $prefix .= ': ';
47 }
48 $this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . (empty($apiResult['error_message']) ? '' : $apiResult['error_message']));
49 //$this->assertEquals($cmpvar, $apiResult['is_error'], $prefix . print_r($apiResult, TRUE));
50 }
51
52 protected function setUp() {
53 parent::setUp();
54 //URL should eventually be adapted for multisite
55 $this->url = "{$this->settings->sandboxURL}/{$this->sboxPath}sites/all/modules/civicrm/extern/rest.php";
56
57 if (!property_exists($this->settings, 'siteKey') || empty($this->settings->siteKey)) {
58 $this->markTestSkipped('CiviSeleniumSettings is missing siteKey');
59 }
60 if (!property_exists($this->settings, 'adminApiKey') || empty($this->settings->adminApiKey)) {
61 $this->markTestSkipped('CiviSeleniumSettings is missing adminApiKey');
62 }
63
64 $this->old_api_keys = array();
65 }
66
67 protected function tearDown() {
68 if (!empty($this->old_api_keys)) {
69 foreach ($this->old_api_keys as $cid => $apiKey) {
70 $this->webtest_civicrm_api('Contact', 'create', array(
71 'id' => $cid,
72 'api_key' => $apiKey,
73 ));
74 }
75 }
76 parent::tearDown();
77 if (isset($this->nocms_contact_id)) {
78 $deleteParams = array(
79 "id" => $this->nocms_contact_id,
80 "skip_undelete" => 1,
81 );
82 $res = $this->webtest_civicrm_api("Contact", "delete", $deleteParams);
83 unset($this->nocms_contact_id);
84 }
85 }
86
87 /**
88 * Build a list of test cases. Each test case defines a set of REST query
89 * parameters and an expected outcome for the REST request (eg is_error=>1 or is_error=>0).
90 *
91 * @return array; each item is a list of parameters for testAPICalls
92 */
93 public function apiTestCases() {
94 $cases = array();
95
96 // entity,action: omit apiKey, valid entity+action
97 $cases[] = array(
98 array(// query
99 "entity" => "Contact",
100 "action" => "get",
101 "key" => $this->settings->siteKey,
102 "json" => "1",
103 ),
104 1, // is_error
105 );
106
107 // entity,action: valid apiKey, valid entity+action
108 $cases[] = array(
109 array(// query
110 "entity" => "Contact",
111 "action" => "get",
112 "key" => $this->settings->siteKey,
113 "json" => "1",
114 "api_key" => $this->settings->adminApiKey,
115 ),
116 0, // is_error
117 );
118
119 // entity,action: bad apiKey, valid entity+action
120 $cases[] = array(
121 array(// query
122 "entity" => "Contact",
123 "action" => "get",
124 "key" => $this->settings->siteKey,
125 "json" => "1",
126 "api_key" => 'garbage_' . $this->settings->adminApiKey,
127 ),
128 1, // is_error
129 );
130
131 // entity,action: valid apiKey, invalid entity+action
132 $cases[] = array(
133 array(// query
134 "entity" => "Contactses",
135 "action" => "get",
136 "key" => $this->settings->siteKey,
137 "json" => "1",
138 "api_key" => $this->settings->adminApiKey,
139 ),
140 1, // is_error
141 );
142
143 // q=civicrm/entity/action: omit apiKey, valid entity+action
144 $cases[] = array(
145 array(// query
146 "q" => "civicrm/contact/get",
147 "key" => $this->settings->siteKey,
148 "json" => "1",
149 ),
150 1, // is_error
151 );
152
153 // q=civicrm/entity/action: valid apiKey, valid entity+action
154 $cases[] = array(
155 array(// query
156 "q" => "civicrm/contact/get",
157 "key" => $this->settings->siteKey,
158 "json" => "1",
159 "api_key" => $this->settings->adminApiKey,
160 ),
161 0, // is_error
162 );
163
164 // q=civicrm/entity/action: invalid apiKey, valid entity+action
165 $cases[] = array(
166 array(// query
167 "q" => "civicrm/contact/get",
168 "key" => $this->settings->siteKey,
169 "json" => "1",
170 "api_key" => 'garbage_' . $this->settings->adminApiKey,
171 ),
172 1, // is_error
173 );
174
175 // q=civicrm/entity/action: valid apiKey, invalid entity+action
176 $cases[] = array(
177 array(// query
178 "q" => "civicrm/contactses/get",
179 "key" => $this->settings->siteKey,
180 "json" => "1",
181 "api_key" => $this->settings->adminApiKey,
182 ),
183 1, // is_error
184 );
185
186 // q=civicrm/entity/action: valid apiKey, invalid entity+action
187 // XXX Actually Ping is valid, no?
188 $cases[] = array(
189 array(// query
190 "q" => "civicrm/ping",
191 "key" => $this->settings->siteKey,
192 "json" => "1",
193 "api_key" => $this->settings->adminApiKey,
194 ),
195 0, // is_error
196 );
197
198 return $cases;
199 }
200
201 /**
202 * @dataProvider apiTestCases
203 * @param $query
204 * @param $is_error
205 */
206 public function testAPICalls($query, $is_error) {
207 $this->updateAdminApiKey();
208
209 $client = CRM_Utils_HttpClient::singleton();
210 list($status, $data) = $client->post($this->url, $query);
211 $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
212 $result = json_decode($data, TRUE);
213 if ($result === NULL) {
214 $msg = print_r(array('query' => $query, 'response data' => $data), TRUE);
215 $this->assertNotNull($result, $msg);
216 }
217 $this->assertAPIErrorCode($result, $is_error);
218 }
219
220 /**
221 * Submit a request with an API key that exists but does not correspond to.
222 * a real user. Submit in "?entity=X&action=X" notation
223 */
224 public function testNotCMSUser_entityAction() {
225 $client = CRM_Utils_HttpClient::singleton();
226
227 //Create contact with api_key
228 $test_key = "testing1234";
229 $contactParams = array(
230 "api_key" => $test_key,
231 "contact_type" => "Individual",
232 "first_name" => "RestTester1",
233 );
234 $contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
235 $this->nocms_contact_id = $contact["id"];
236
237 // The key associates with a real contact but not a real user
238 $params = array(
239 "entity" => "Contact",
240 "action" => "get",
241 "key" => $this->settings->siteKey,
242 "json" => "1",
243 "api_key" => $test_key,
244 );
245 list($status, $data) = $client->post($this->url, $params);
246 $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
247 $result = json_decode($data, TRUE);
248 $this->assertNotNull($result);
249 $this->assertAPIErrorCode($result, 1);
250 }
251
252 /**
253 * Submit a request with an API key that exists but does not correspond to
254 * a real user. Submit in "?q=civicrm/$entity/$action" notation
255 */
256 public function testNotCMSUser_q() {
257 $client = CRM_Utils_HttpClient::singleton();
258
259 //Create contact with api_key
260 $test_key = "testing1234";
261 $contactParams = array(
262 "api_key" => $test_key,
263 "contact_type" => "Individual",
264 "first_name" => "RestTester1",
265 );
266 $contact = $this->webtest_civicrm_api("Contact", "create", $contactParams);
267 $this->nocms_contact_id = $contact["id"];
268
269 // The key associates with a real contact but not a real user
270 $params = array(
271 "q" => "civicrm/contact/get",
272 "key" => $this->settings->siteKey,
273 "json" => "1",
274 "api_key" => $test_key,
275 );
276 list($status, $data) = $client->post($this->url, $params);
277 $this->assertEquals(CRM_Utils_HttpClient::STATUS_OK, $status);
278 $result = json_decode($data, TRUE);
279 $this->assertNotNull($result);
280 $this->assertAPIErrorCode($result, 1);
281 }
282
283 protected function updateAdminApiKey() {
284 $this->webtestLogin($this->settings->adminUsername, $this->settings->adminPassword);
285 $adminContact = $this->webtestGetLoggedInContact();
286 $this->webtestLogout();
287
288 $this->old_api_keys[$adminContact['id']] = CRM_Core_DAO::singleValueQuery('SELECT api_key FROM civicrm_contact WHERE id = %1', array(
289 1 => array($adminContact['id'], 'Positive'),
290 ));
291
292 //$this->old_admin_api_key = $this->webtest_civicrm_api('Contact', 'get', array(
293 // 'id' => $adminContact['id'],
294 // 'return' => 'api_key',
295 //));
296
297 $this->webtest_civicrm_api('Contact', 'create', array(
298 'id' => $adminContact['id'],
299 'api_key' => $this->settings->adminApiKey,
300 ));
301 }
302
303 }