You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
101 lines
3.8 KiB
101 lines
3.8 KiB
10 months ago
|
<?php
|
||
|
namespace App\Tests;
|
||
|
|
||
|
use ApiPlatform\Symfony\Bundle\Test\ApiTestCase;
|
||
|
use App\Factory\CharacterFactory;
|
||
|
use App\Factory\DojoFactory;
|
||
|
use App\Factory\UserFactory;
|
||
|
use Zenstruck\Foundry\Test\Factories;
|
||
|
use Zenstruck\Foundry\Test\ResetDatabase;
|
||
|
use DateTimeZone;
|
||
|
|
||
|
class CharacterTest extends ApiTestCase
|
||
|
{
|
||
|
use ResetDatabase, Factories;
|
||
|
|
||
|
private function generateAuthToken(string $authName)
|
||
|
{
|
||
|
$sign_seed = sodium_base642bin($_ENV['AUTH_SEED'], SODIUM_BASE64_VARIANT_ORIGINAL);
|
||
|
$sign_pair = sodium_crypto_sign_seed_keypair($sign_seed);
|
||
|
$sign_secret = sodium_crypto_sign_secretkey($sign_pair);
|
||
|
$now = new \DateTimeImmutable("now", new DateTimeZone("UTC"));
|
||
|
$message = $authName . "|" . $now->format("c");
|
||
|
|
||
|
return sodium_bin2base64(sodium_crypto_sign($message, $sign_secret), SODIUM_BASE64_VARIANT_URLSAFE);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Requirement: A user should be able see all characters from a dojo, but only the public fields!
|
||
|
*/
|
||
|
public function testRetrieveCharactersFromDojoPublic(): void
|
||
|
{
|
||
|
$requestUser = UserFactory::createOne();
|
||
|
$dojo = DojoFactory::createOne();
|
||
|
CharacterFactory::createMany(4, [
|
||
|
'dojo' => $dojo
|
||
|
]);
|
||
|
CharacterFactory::createMany(10);
|
||
|
|
||
|
$response = static::createClient()->request('GET', '/api/dojo/' . $dojo->id . '/characters',
|
||
|
[
|
||
|
'headers' => [
|
||
|
'accept' => 'application/json',
|
||
|
'X-AUTH-TOKEN' => $this->generateAuthToken($requestUser->authName)
|
||
|
]
|
||
|
]);
|
||
|
|
||
|
$this->assertResponseStatusCodeSame(200);
|
||
|
|
||
|
// Because test fixtures are automatically loaded between each test, you can assert on them
|
||
|
$this->assertCount(4, $response->toArray());
|
||
|
|
||
|
$this->assertNotEquals("[[],[],[],[]]", $response->getContent());
|
||
|
|
||
|
$chars = $response->toArray();
|
||
|
$this->assertArrayHasKey('name', $chars[0]);
|
||
|
$this->assertArrayHasKey('dojo', $chars[0]);
|
||
|
$this->assertArrayNotHasKey('strength', $chars[0]); // not accessible via this route
|
||
|
$this->assertArrayNotHasKey('constitution', $chars[0]); // not accessible via this route
|
||
|
$this->assertArrayNotHasKey('agility', $chars[0]); // not accessible via this route
|
||
|
$this->assertArrayNotHasKey('techniques', $chars[0]); // not accessible via this route
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Requirement: A user should be able see all characters from a dojo, but only the public fields!
|
||
|
*/
|
||
|
public function testRetrieveCharactersFromOwnDojoDetail(): void
|
||
|
{
|
||
|
$dojo = DojoFactory::createOne([
|
||
|
'owner' => UserFactory::createOne()
|
||
|
]);
|
||
|
CharacterFactory::createMany(4, [
|
||
|
'dojo' => $dojo
|
||
|
]);
|
||
|
CharacterFactory::createMany(10);
|
||
|
|
||
|
$response = static::createClient()->request('GET', '/api/dojo/characters',
|
||
|
[
|
||
|
'headers' => [
|
||
|
'accept' => 'application/json',
|
||
|
'X-AUTH-TOKEN' => $this->generateAuthToken($dojo->getOwner()->authName)
|
||
|
]
|
||
|
]);
|
||
|
|
||
|
$this->assertResponseStatusCodeSame(200);
|
||
|
|
||
|
// Because test fixtures are automatically loaded between each test, you can assert on them
|
||
|
$this->assertCount(4, $response->toArray());
|
||
|
|
||
|
$this->assertNotEquals("[[],[],[],[]]", $response->getContent());
|
||
|
|
||
|
$chars = $response->toArray();
|
||
|
$this->assertArrayHasKey('name', $chars[0]);
|
||
|
$this->assertArrayHasKey('dojo', $chars[0]);
|
||
|
$this->assertArrayHasKey('strength', $chars[0]); // not accessible via this route
|
||
|
$this->assertArrayHasKey('constitution', $chars[0]); // not accessible via this route
|
||
|
$this->assertArrayHasKey('agility', $chars[0]); // not accessible via this route
|
||
|
$this->assertArrayHasKey('techniques', $chars[0]); // not accessible via this route
|
||
|
}
|
||
|
}
|
||
|
|