|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* test for RecordOriginConstraint |
|
4
|
|
|
*/ |
|
5
|
|
|
|
|
6
|
|
|
namespace Graviton\SchemaBundle\Tests\ConstraintBuilder; |
|
7
|
|
|
|
|
8
|
|
|
use Graviton\TestBundle\Test\RestTestCase; |
|
9
|
|
|
use Symfony\Component\HttpFoundation\Response; |
|
10
|
|
|
|
|
11
|
|
|
/** |
|
12
|
|
|
* @author List of contributors <https://github.com/libgraviton/graviton/graphs/contributors> |
|
13
|
|
|
* @license http://opensource.org/licenses/gpl-license.php GNU Public License |
|
14
|
|
|
* @link http://swisscom.ch |
|
15
|
|
|
*/ |
|
16
|
|
|
class RecordOriginConstraintTest extends RestTestCase |
|
17
|
|
|
{ |
|
18
|
|
|
|
|
19
|
|
|
/** |
|
20
|
|
|
* load fixtures |
|
21
|
|
|
* |
|
22
|
|
|
* @return void |
|
23
|
|
|
*/ |
|
24
|
|
|
public function setUp() |
|
25
|
|
|
{ |
|
26
|
|
|
$this->loadFixtures( |
|
27
|
|
|
array( |
|
28
|
|
|
'GravitonDyn\CustomerBundle\DataFixtures\MongoDB\LoadCustomerData', |
|
29
|
|
|
), |
|
30
|
|
|
null, |
|
31
|
|
|
'doctrine_mongodb' |
|
32
|
|
|
); |
|
33
|
|
|
} |
|
34
|
|
|
|
|
35
|
|
|
/** |
|
36
|
|
|
* test the validation of the RecordOriginConstraint |
|
37
|
|
|
* |
|
38
|
|
|
* @dataProvider createDataProvider |
|
39
|
|
|
* |
|
40
|
|
|
* @param object $entity The object to create |
|
41
|
|
|
* @param integer $expectedStatus Header status code |
|
42
|
|
|
* @param string $expectedResponse Post data result of post |
|
43
|
|
|
* |
|
44
|
|
|
* @return void |
|
45
|
|
|
*/ |
|
46
|
|
View Code Duplication |
public function testRecordOriginHandlingOnCreate($entity, $expectedStatus, $expectedResponse) |
|
|
|
|
|
|
47
|
|
|
{ |
|
48
|
|
|
$client = static::createRestClient(); |
|
49
|
|
|
$client->post('/person/customer/', $entity); |
|
50
|
|
|
|
|
51
|
|
|
$response = $client->getResponse(); |
|
52
|
|
|
$this->assertEquals($expectedStatus, $response->getStatusCode()); |
|
53
|
|
|
$this->assertEquals($expectedResponse, $client->getResults()); |
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
/** |
|
57
|
|
|
* Test the validation of the RecordOriginConstraint |
|
58
|
|
|
* |
|
59
|
|
|
* @param array $fieldsToSet Fields to be modified |
|
60
|
|
|
* @param integer $expectedStatus Header status code |
|
61
|
|
|
* @param string $expectedResponse Result to be returned |
|
62
|
|
|
* @param boolean $checkSavedEntry To check db for correct result |
|
63
|
|
|
* |
|
64
|
|
|
* @dataProvider updateDataProvider |
|
65
|
|
|
* |
|
66
|
|
|
* @return void |
|
67
|
|
|
*/ |
|
68
|
|
|
public function testRecordOriginHandlingOnUpdate( |
|
69
|
|
|
$fieldsToSet, |
|
70
|
|
|
$expectedStatus, |
|
71
|
|
|
$expectedResponse, |
|
72
|
|
|
$checkSavedEntry = true |
|
73
|
|
|
) { |
|
74
|
|
|
$client = static::createRestClient(); |
|
75
|
|
|
$client->request('GET', '/person/customer/100'); |
|
76
|
|
|
$result = $client->getResults(); |
|
77
|
|
|
|
|
78
|
|
|
// apply changes |
|
79
|
|
|
foreach ($fieldsToSet as $key => $val) { |
|
80
|
|
|
$result->{$key} = $val; |
|
81
|
|
|
} |
|
82
|
|
|
|
|
83
|
|
|
$expectedObject = $result; |
|
84
|
|
|
|
|
85
|
|
|
$client = static::createRestClient(); |
|
86
|
|
|
$client->put('/person/customer/100', $result); |
|
87
|
|
|
|
|
88
|
|
|
$response = $client->getResponse(); |
|
89
|
|
|
$this->assertEquals($expectedStatus, $response->getStatusCode()); |
|
90
|
|
|
$this->assertEquals($expectedResponse, $client->getResults()); |
|
91
|
|
|
|
|
92
|
|
|
if ($checkSavedEntry) { |
|
93
|
|
|
// fetch it again and compare |
|
94
|
|
|
$client = static::createRestClient(); |
|
95
|
|
|
$client->request('GET', '/person/customer/100'); |
|
96
|
|
|
$this->assertEquals($expectedObject, $client->getResults()); |
|
97
|
|
|
} |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
/** |
|
101
|
|
|
* Test the validation of the RecordOriginConstraint |
|
102
|
|
|
* |
|
103
|
|
|
* @param array $ops PATCH operations |
|
104
|
|
|
* @param integer $expectedStatus Header status code |
|
105
|
|
|
* @param string $expectedResponse Result to be returned |
|
106
|
|
|
* |
|
107
|
|
|
* @dataProvider patchDataProvider |
|
108
|
|
|
* |
|
109
|
|
|
* @return void |
|
110
|
|
|
*/ |
|
111
|
|
View Code Duplication |
public function testRecordOriginHandlingOnPatch( |
|
|
|
|
|
|
112
|
|
|
$ops, |
|
113
|
|
|
$expectedStatus, |
|
114
|
|
|
$expectedResponse |
|
115
|
|
|
) { |
|
116
|
|
|
$client = static::createRestClient(); |
|
117
|
|
|
|
|
118
|
|
|
$client->request('PATCH', '/person/customer/100', [], [], [], json_encode($ops)); |
|
119
|
|
|
|
|
120
|
|
|
$response = $client->getResponse(); |
|
121
|
|
|
$this->assertEquals($expectedStatus, $response->getStatusCode()); |
|
122
|
|
|
$this->assertEquals($expectedResponse, $client->getResults()); |
|
123
|
|
|
} |
|
124
|
|
|
|
|
125
|
|
|
/** |
|
126
|
|
|
* test to see if DELETE on a recordorigin: core is denied |
|
127
|
|
|
* |
|
128
|
|
|
* @return void |
|
129
|
|
|
*/ |
|
130
|
|
|
public function testDeleteHandling() |
|
131
|
|
|
{ |
|
132
|
|
|
$client = static::createRestClient(); |
|
133
|
|
|
$client->request('DELETE', '/person/customer/100'); |
|
134
|
|
|
$response = $client->getResponse(); |
|
135
|
|
|
|
|
136
|
|
|
$this->assertEquals(Response::HTTP_BAD_REQUEST, $response->getStatusCode()); |
|
137
|
|
|
$this->assertEquals( |
|
138
|
|
|
(object) [ |
|
139
|
|
|
'propertyPath' => 'recordOrigin', |
|
140
|
|
|
'message' => 'Must not be one of the following keywords: core' |
|
141
|
|
|
], |
|
142
|
|
|
$client->getResults() |
|
143
|
|
|
); |
|
144
|
|
|
} |
|
145
|
|
|
|
|
146
|
|
|
/** |
|
147
|
|
|
* Data provider for POST related stuff |
|
148
|
|
|
* |
|
149
|
|
|
* @return array |
|
|
|
|
|
|
150
|
|
|
*/ |
|
151
|
|
|
public function createDataProvider() |
|
152
|
|
|
{ |
|
153
|
|
|
$baseObj = [ |
|
154
|
|
|
'customerNumber' => 888, |
|
155
|
|
|
'name' => 'Muster Hans' |
|
156
|
|
|
]; |
|
157
|
|
|
|
|
158
|
|
|
return [ |
|
159
|
|
|
|
|
160
|
|
|
/*** STUFF THAT SHOULD BE ALLOWED ***/ |
|
161
|
|
|
|
|
162
|
|
|
'create-allowed-object' => [ |
|
163
|
|
|
'entity' => (object) array_merge( |
|
164
|
|
|
$baseObj, |
|
165
|
|
|
[ |
|
166
|
|
|
'recordOrigin' => 'hans' |
|
167
|
|
|
] |
|
168
|
|
|
), |
|
169
|
|
|
'httpStatusExpected' => Response::HTTP_CREATED, |
|
170
|
|
|
'expectedResponse' => null |
|
171
|
|
|
], |
|
172
|
|
|
|
|
173
|
|
|
/*** STUFF THAT SHOULD BE DENIED ***/ |
|
174
|
|
|
|
|
175
|
|
|
'create-recordorigin-core' => [ |
|
176
|
|
|
'entity' => (object) array_merge( |
|
177
|
|
|
$baseObj, |
|
178
|
|
|
[ |
|
179
|
|
|
'recordOrigin' => 'core' |
|
180
|
|
|
] |
|
181
|
|
|
), |
|
182
|
|
|
'httpStatusExpected' => Response::HTTP_BAD_REQUEST, |
|
183
|
|
|
'expectedResponse' => [ |
|
184
|
|
|
(object) [ |
|
185
|
|
|
'propertyPath' => 'recordOrigin', |
|
186
|
|
|
'message' => 'Creating documents with the recordOrigin field having a '. |
|
187
|
|
|
'value of core is not permitted.' |
|
188
|
|
|
] |
|
189
|
|
|
] |
|
190
|
|
|
] |
|
191
|
|
|
]; |
|
192
|
|
|
} |
|
193
|
|
|
|
|
194
|
|
|
/** |
|
195
|
|
|
* Data provider for PUT related stuff |
|
196
|
|
|
* |
|
197
|
|
|
* @return array |
|
|
|
|
|
|
198
|
|
|
*/ |
|
199
|
|
|
public function updateDataProvider() |
|
200
|
|
|
{ |
|
201
|
|
|
$expectedErrorOutput = [ |
|
202
|
|
|
(object) [ |
|
203
|
|
|
'propertyPath' => 'recordOrigin', |
|
204
|
|
|
'message' => 'Prohibited modification attempt on record with recordOrigin of core' |
|
205
|
|
|
] |
|
206
|
|
|
]; |
|
207
|
|
|
|
|
208
|
|
|
return [ |
|
209
|
|
|
|
|
210
|
|
|
/*** STUFF THAT SHOULD BE ALLOWED ***/ |
|
211
|
|
|
'create-allowed-object' => [ |
|
212
|
|
|
'fieldsToSet' => [ |
|
213
|
|
|
'addedField' => (object) [ |
|
214
|
|
|
'some' => 'property', |
|
215
|
|
|
'another' => 'one' |
|
216
|
|
|
] |
|
217
|
|
|
], |
|
218
|
|
|
'httpStatusExpected' => Response::HTTP_NO_CONTENT, |
|
219
|
|
|
'expectedResponse' => null |
|
220
|
|
|
], |
|
221
|
|
|
'subproperty-modification' => [ |
|
222
|
|
|
'fieldsToSet' => [ |
|
223
|
|
|
'someObject' => (object) [ |
|
224
|
|
|
'oneField' => 'value', |
|
225
|
|
|
'twoField' => 'twofield' |
|
226
|
|
|
] |
|
227
|
|
|
], |
|
228
|
|
|
'httpStatusExpected' => Response::HTTP_NO_CONTENT, |
|
229
|
|
|
'expectedResponse' => null |
|
230
|
|
|
], |
|
231
|
|
|
|
|
232
|
|
|
/*** STUFF THAT NEEDS TO BE DENIED ***/ |
|
233
|
|
|
'denied-subproperty-modification' => [ |
|
234
|
|
|
'fieldsToSet' => [ |
|
235
|
|
|
'someObject' => (object) [ |
|
236
|
|
|
'oneField' => 'changed-value' |
|
237
|
|
|
] |
|
238
|
|
|
], |
|
239
|
|
|
'httpStatusExpected' => Response::HTTP_BAD_REQUEST, |
|
240
|
|
|
'expectedResponse' => $expectedErrorOutput, |
|
241
|
|
|
'checkSavedEntry' => false |
|
242
|
|
|
], |
|
243
|
|
|
'denied-try-change-recordorigin' => [ |
|
244
|
|
|
'fieldsToSet' => [ |
|
245
|
|
|
'recordOrigin' => 'hans' |
|
246
|
|
|
], |
|
247
|
|
|
'httpStatusExpected' => Response::HTTP_BAD_REQUEST, |
|
248
|
|
|
'expectedResponse' => $expectedErrorOutput, |
|
249
|
|
|
'checkSavedEntry' => false |
|
250
|
|
|
], |
|
251
|
|
|
]; |
|
252
|
|
|
} |
|
253
|
|
|
|
|
254
|
|
|
/** |
|
255
|
|
|
* Data provider for PATCH related stuff |
|
256
|
|
|
* |
|
257
|
|
|
* @return array |
|
|
|
|
|
|
258
|
|
|
*/ |
|
259
|
|
|
public function patchDataProvider() |
|
260
|
|
|
{ |
|
261
|
|
|
$expectedErrorOutput = [ |
|
262
|
|
|
(object) [ |
|
263
|
|
|
'propertyPath' => 'recordOrigin', |
|
264
|
|
|
'message' => 'Prohibited modification attempt on record with recordOrigin of core' |
|
265
|
|
|
] |
|
266
|
|
|
]; |
|
267
|
|
|
|
|
268
|
|
|
return [ |
|
269
|
|
|
|
|
270
|
|
|
/*** STUFF THAT SHOULD BE ALLOWED ***/ |
|
271
|
|
|
|
|
272
|
|
|
'patch-allowed-attribute' => [ |
|
273
|
|
|
'ops' => [ |
|
274
|
|
|
[ |
|
275
|
|
|
'op' => 'add', |
|
276
|
|
|
'path' => '/someObject/twoField', |
|
277
|
|
|
'value' => 'myValue' |
|
278
|
|
|
] |
|
279
|
|
|
], |
|
280
|
|
|
'httpStatusExpected' => Response::HTTP_OK, |
|
281
|
|
|
'expectedResponse' => null |
|
282
|
|
|
], |
|
283
|
|
|
'patch-add-object-data' => [ |
|
284
|
|
|
'ops' => [ |
|
285
|
|
|
[ |
|
286
|
|
|
'op' => 'add', |
|
287
|
|
|
'path' => '/addedField', |
|
288
|
|
|
'value' => [ |
|
289
|
|
|
'someProperty' => 'someValue', |
|
290
|
|
|
'anotherOne' => 'oneMore' |
|
291
|
|
|
] |
|
292
|
|
|
] |
|
293
|
|
|
], |
|
294
|
|
|
'httpStatusExpected' => Response::HTTP_OK, |
|
295
|
|
|
'expectedResponse' => null |
|
296
|
|
|
], |
|
297
|
|
|
|
|
298
|
|
|
/*** STUFF THAT NEEDS TO BE DENIED ***/ |
|
299
|
|
|
'patch-denied-subproperty' => [ |
|
300
|
|
|
'ops' => [ |
|
301
|
|
|
[ |
|
302
|
|
|
'op' => 'add', |
|
303
|
|
|
'path' => '/someObject/oneField', |
|
304
|
|
|
'value' => 'myValue' |
|
305
|
|
|
] |
|
306
|
|
|
], |
|
307
|
|
|
'httpStatusExpected' => Response::HTTP_BAD_REQUEST, |
|
308
|
|
|
'expectedResponse' => $expectedErrorOutput |
|
309
|
|
|
], |
|
310
|
|
|
'patch-denied-recordorigin-change' => [ |
|
311
|
|
|
'ops' => [ |
|
312
|
|
|
[ |
|
313
|
|
|
'op' => 'replace', |
|
314
|
|
|
'path' => '/recordOrigin', |
|
315
|
|
|
'value' => 'hans' |
|
316
|
|
|
] |
|
317
|
|
|
], |
|
318
|
|
|
'httpStatusExpected' => Response::HTTP_BAD_REQUEST, |
|
319
|
|
|
'expectedResponse' => $expectedErrorOutput |
|
320
|
|
|
], |
|
321
|
|
|
|
|
322
|
|
|
]; |
|
323
|
|
|
} |
|
324
|
|
|
} |
|
325
|
|
|
|
libgraviton /
graviton
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.