This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace OpenOrchestra\FunctionalTests\ApiBundle\Controller; |
||
4 | |||
5 | use Doctrine\Common\Collections\ArrayCollection; |
||
6 | use OpenOrchestra\FunctionalTests\Utils\AbstractAuthenticatedTest; |
||
7 | use OpenOrchestra\ModelInterface\Model\NodeInterface; |
||
8 | use OpenOrchestra\ModelInterface\Repository\BlockRepositoryInterface; |
||
9 | use OpenOrchestra\ModelInterface\Repository\NodeRepositoryInterface; |
||
10 | use OpenOrchestra\ModelInterface\Repository\StatusRepositoryInterface; |
||
11 | |||
12 | /** |
||
13 | * Class NodeControllerTest |
||
14 | * |
||
15 | * @group apiFunctional |
||
16 | */ |
||
17 | class NodeControllerTest extends AbstractAuthenticatedTest |
||
18 | { |
||
19 | /** |
||
20 | * @var StatusRepositoryInterface |
||
21 | */ |
||
22 | protected $statusRepository; |
||
23 | |||
24 | /** |
||
25 | * @var NodeRepositoryInterface |
||
26 | */ |
||
27 | protected $nodeRepository; |
||
28 | |||
29 | /** @var BlockRepositoryInterface */ |
||
30 | protected $blockRepository; |
||
31 | |||
32 | /** |
||
33 | * Set up the test |
||
34 | */ |
||
35 | public function setUp() |
||
36 | { |
||
37 | parent::setUp(); |
||
38 | $this->nodeRepository = static::$kernel->getContainer()->get('open_orchestra_model.repository.node'); |
||
39 | $this->statusRepository = static::$kernel->getContainer()->get('open_orchestra_model.repository.status'); |
||
40 | $this->blockRepository = static::$kernel->getContainer()->get('open_orchestra_model.repository.block'); |
||
41 | } |
||
42 | |||
43 | /** |
||
44 | * Reset removing node after test |
||
45 | */ |
||
46 | public function tearDown() |
||
47 | { |
||
48 | $nodes = $this->nodeRepository->findByNodeAndSite('fixture_page_contact', '2'); |
||
49 | $this->undeleteNodes($nodes); |
||
50 | $this->republishNodes($nodes); |
||
51 | static::$kernel->getContainer()->get('object_manager')->flush(); |
||
52 | parent::tearDown(); |
||
53 | } |
||
54 | |||
55 | /** |
||
56 | * Test delete action |
||
57 | */ |
||
58 | public function testDeleteAction() |
||
59 | { |
||
60 | $nodes = $this->nodeRepository->findByNodeId('fixture_page_contact'); |
||
0 ignored issues
–
show
|
|||
61 | $autoUnpublishTo = $this->statusRepository->findOnebyAutoUnpublishTo(); |
||
62 | $currentStatuses = array(); |
||
63 | |||
64 | foreach ($nodes as $node) { |
||
65 | $currentStatuses[$node->getId()] = $node->getStatus()->getName(); |
||
66 | $node->setStatus($autoUnpublishTo); |
||
67 | } |
||
68 | static::$kernel->getContainer()->get('object_manager')->flush(); |
||
69 | |||
70 | $nbNode = count($this->nodeRepository->findLastVersionByType('2')); |
||
71 | $this->client->request('DELETE', '/api/node/delete/fixture_page_contact'); |
||
72 | $nodesDelete = $this->nodeRepository->findLastVersionByType('2'); |
||
73 | |||
74 | $this->assertCount($nbNode - 1, $nodesDelete); |
||
75 | |||
76 | foreach ($nodes as $node) { |
||
77 | $status = $this->statusRepository->findOneByName($currentStatuses[$node->getId()]); |
||
0 ignored issues
–
show
The method
findOneByName() does not seem to exist on object<OpenOrchestra\Mod...tusRepositoryInterface> .
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed.
Loading history...
|
|||
78 | $node->setStatus($status); |
||
79 | } |
||
80 | $this->undeleteNodes($nodes); |
||
81 | static::$kernel->getContainer()->get('object_manager')->flush(); |
||
82 | } |
||
83 | |||
84 | /** |
||
85 | * @param array $nodes |
||
86 | */ |
||
87 | protected function undeleteNodes($nodes) |
||
88 | { |
||
89 | foreach ($nodes as $node) { |
||
90 | $node->setDeleted(false); |
||
91 | } |
||
92 | } |
||
93 | |||
94 | /** |
||
95 | * @param array $nodes |
||
96 | */ |
||
97 | protected function republishNodes($nodes) |
||
98 | { |
||
99 | foreach ($nodes as $node) { |
||
100 | $node->getStatus()->setPublishedState(true); |
||
101 | } |
||
102 | } |
||
103 | |||
104 | /** |
||
105 | * Test node new version and references |
||
106 | */ |
||
107 | public function testNewVersionNode() |
||
108 | { |
||
109 | $countVersion = count($this->nodeRepository->findByNodeId('fixture_page_community')); |
||
0 ignored issues
–
show
The method
findByNodeId() does not exist on OpenOrchestra\ModelInter...NodeRepositoryInterface . Did you maybe mean findByNodeIdAndSiteIdWithBlocksInArea() ?
This check marks calls to methods that do not seem to exist on an object. This is most likely the result of a method being renamed without all references to it being renamed likewise.
Loading history...
|
|||
110 | $this->client->request('POST', '/api/node/new-version/fixture_page_community/fr/1'); |
||
111 | |||
112 | $this->assertSame($countVersion + 1, count($this->nodeRepository->findByNodeId('fixture_page_community'))); |
||
0 ignored issues
–
show
The method
findByNodeId() does not exist on OpenOrchestra\ModelInter...NodeRepositoryInterface . Did you maybe mean findByNodeIdAndSiteIdWithBlocksInArea() ?
This check marks calls to methods that do not seem to exist on an object. This is most likely the result of a method being renamed without all references to it being renamed likewise.
Loading history...
|
|||
113 | } |
||
114 | |||
115 | /** |
||
116 | * @param NodeInterface $node |
||
117 | * |
||
118 | * @return int |
||
119 | */ |
||
120 | public function countAreaRef(NodeInterface $node) |
||
121 | { |
||
122 | $areaRef = 0; |
||
123 | foreach ($node->getBlocks() as $block) { |
||
0 ignored issues
–
show
The method
getBlocks() does not seem to exist on object<OpenOrchestra\Mod...ce\Model\NodeInterface> .
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed.
Loading history...
|
|||
124 | $areaRef = $areaRef + count($block->getAreas()); |
||
125 | } |
||
126 | |||
127 | return $areaRef; |
||
128 | } |
||
129 | |||
130 | /** |
||
131 | * @param string $name |
||
132 | * |
||
133 | * @dataProvider provideStatusName |
||
134 | */ |
||
135 | View Code Duplication | public function testChangeNodeStatus($name) |
|
136 | { |
||
137 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
138 | $newStatus = $this->statusRepository->findOneByName($name); |
||
0 ignored issues
–
show
The method
findOneByName() does not seem to exist on object<OpenOrchestra\Mod...tusRepositoryInterface> .
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed.
Loading history...
|
|||
139 | $node->setStatus($newStatus); |
||
140 | $this->client->request( |
||
141 | 'PUT', |
||
142 | '/api/node/update-status', |
||
143 | array(), |
||
144 | array(), |
||
145 | array(), |
||
146 | static::$kernel->getContainer()->get('jms_serializer')->serialize($node, 'json') |
||
147 | ); |
||
148 | |||
149 | $this->assertSame(200, $this->client->getResponse()->getStatusCode()); |
||
150 | $newNode = $this->nodeRepository->findOnePublished('root', 'fr', '2'); |
||
151 | $this->assertEquals($name, $newNode->getStatus()->getName()); |
||
152 | } |
||
153 | |||
154 | /** |
||
155 | * @return array |
||
156 | */ |
||
157 | public function provideStatusName() |
||
158 | { |
||
159 | return array( |
||
160 | array('published'), |
||
161 | array('draft'), |
||
162 | ); |
||
163 | } |
||
164 | |||
165 | /** |
||
166 | * Test update not granted |
||
167 | */ |
||
168 | public function testUpdateNotGranted() |
||
169 | { |
||
170 | $this->username = 'userNoAccess'; |
||
171 | $this->password = 'userNoAccess'; |
||
172 | $this->logIn(); |
||
173 | |||
174 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
175 | $requestContent = json_encode(array( |
||
176 | 'id' => $node->getId() |
||
177 | )); |
||
178 | $this->client->request( |
||
179 | 'PUT', |
||
180 | '/api/node/update-status', |
||
181 | array(), |
||
182 | array(), |
||
183 | array(), |
||
184 | $requestContent |
||
185 | ); |
||
186 | |||
187 | $this->assertSame(403, $this->client->getResponse()->getStatusCode()); |
||
188 | } |
||
189 | |||
190 | /** |
||
191 | * Test update block position |
||
192 | */ |
||
193 | public function testUpdateBlockPosition() |
||
194 | { |
||
195 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
196 | $block0 = $node->getArea('main')->getBlocks()[0]; |
||
197 | $block1 = $node->getArea('main')->getBlocks()[1]; |
||
198 | |||
199 | $blocksMainJson = array(); |
||
200 | $blocksMainJson[] = array('id' => $block1->getId()); |
||
201 | $blocksMainJson[] = array('id' => $block0->getId()); |
||
202 | |||
203 | $requestContent = json_encode(array( |
||
204 | 'areas' => array( |
||
205 | 'main' => array( |
||
206 | 'blocks' => $blocksMainJson |
||
207 | ) |
||
208 | ) |
||
209 | )); |
||
210 | |||
211 | $this->client->request( |
||
212 | 'PUT', |
||
213 | "/api/node/update-block-position/".$node->getSiteId()."/".$node->getNodeId()."/".$node->getVersion()."/".$node->getLanguage(), |
||
214 | array(), |
||
215 | array(), |
||
216 | array(), |
||
217 | $requestContent |
||
218 | ); |
||
219 | |||
220 | $this->assertSame(200, $this->client->getResponse()->getStatusCode()); |
||
221 | $dm = static::$kernel->getContainer()->get('object_manager'); |
||
222 | |||
223 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
224 | $blocksMain = $node->getArea('main')->getBlocks(); |
||
225 | $this->assertCount(2, $blocksMain); |
||
226 | $this->assertSame($node->getArea('main')->getBlocks()[0], $block1); |
||
227 | $this->assertSame($node->getArea('main')->getBlocks()[1], $block0); |
||
228 | |||
229 | $node->getArea('main')->setBlocks(new ArrayCollection(array($block0, $block1))); |
||
230 | $dm->persist($node); |
||
231 | $dm->flush(); |
||
232 | } |
||
233 | |||
234 | /** |
||
235 | * Test update block position not granted |
||
236 | */ |
||
237 | public function testUpdateBlockPositionNotGranted() |
||
238 | { |
||
239 | $this->username = 'userNoAccess'; |
||
240 | $this->password = 'userNoAccess'; |
||
241 | $this->logIn(); |
||
242 | |||
243 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
244 | |||
245 | $this->client->request( |
||
246 | 'PUT', |
||
247 | "/api/node/update-block-position/".$node->getSiteId()."/".$node->getNodeId()."/".$node->getVersion()."/".$node->getLanguage() |
||
248 | ); |
||
249 | |||
250 | $this->assertSame(403, $this->client->getResponse()->getStatusCode()); |
||
251 | } |
||
252 | |||
253 | /** |
||
254 | * Test delete block not granted |
||
255 | */ |
||
256 | public function testDeleteBlockInAreaNotGranted() |
||
257 | { |
||
258 | $this->username = 'userNoAccess'; |
||
259 | $this->password = 'userNoAccess'; |
||
260 | $this->logIn(); |
||
261 | |||
262 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
263 | $block = $node->getArea('main')->getBlocks()[0]; |
||
264 | |||
265 | $this->client->request( |
||
266 | 'DELETE', |
||
267 | "/api/node/delete-block/".$node->getNodeId()."/".$node->getSiteId()."/".$node->getLanguage()."/".$node->getVersion()."/main/".$block->getId() |
||
268 | ); |
||
269 | $this->assertSame(403, $this->client->getResponse()->getStatusCode()); |
||
270 | } |
||
271 | |||
272 | /** |
||
273 | * Test add block in area action |
||
274 | */ |
||
275 | public function testAddBlockInAreaAction() |
||
276 | { |
||
277 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
278 | $blocks = $this->blockRepository->findBy( |
||
0 ignored issues
–
show
The method
findBy() does not exist on OpenOrchestra\ModelInter...lockRepositoryInterface . Did you maybe mean findById() ?
This check marks calls to methods that do not seem to exist on an object. This is most likely the result of a method being renamed without all references to it being renamed likewise.
Loading history...
|
|||
279 | array('component' => 'tiny_mce_wysiwyg'), |
||
280 | array('siteId' => '2'), |
||
281 | array('language' => 'fr'), |
||
282 | array('transverse' => true) |
||
283 | ); |
||
284 | $block = $blocks[0]; |
||
285 | |||
286 | $this->client->request( |
||
287 | 'PUT', |
||
288 | "/api/node/add-block-in-area/".$node->getNodeId()."/".$node->getLanguage()."/".$node->getVersion()."/".$block->getId()."/main/1" |
||
289 | ); |
||
290 | |||
291 | $dm = static::$kernel->getContainer()->get('object_manager'); |
||
292 | $dm->detach($node); |
||
293 | $dm->clear(); |
||
294 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
295 | $mainAreaBlocks = $node->getArea('main')->getBlocks(); |
||
296 | $addedBlock = $mainAreaBlocks[1]; |
||
297 | |||
298 | $this->assertSame($block->getId(), $addedBlock->getId()); |
||
299 | } |
||
300 | |||
301 | /** |
||
302 | * Test delete block |
||
303 | */ |
||
304 | View Code Duplication | public function testDeleteBlockInArea() |
|
305 | { |
||
306 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
307 | $block = $node->getArea('main')->getBlocks()[0]; |
||
308 | |||
309 | $this->client->request( |
||
310 | 'DELETE', |
||
311 | "/api/node/delete-block/".$node->getNodeId()."/".$node->getSiteId()."/".$node->getLanguage()."/".$node->getVersion()."/main/".$block->getId() |
||
312 | ); |
||
313 | $this->assertSame(200, $this->client->getResponse()->getStatusCode()); |
||
314 | $this->assertNull($this->blockRepository->findById($block->getId())); |
||
315 | |||
316 | $dm = static::$kernel->getContainer()->get('object_manager'); |
||
317 | $dm->detach($node); |
||
318 | $dm->detach($block); |
||
319 | |||
320 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
321 | $blocks = $node->getArea('main')->getBlocks(); |
||
322 | $this->assertCount(1, $blocks); |
||
323 | $node->getArea('main')->addBlock($block); |
||
324 | $dm->persist($node); |
||
325 | $dm->persist($block); |
||
326 | |||
327 | $dm->flush(); |
||
328 | } |
||
329 | |||
330 | /** |
||
331 | * Test delete transverse block |
||
332 | */ |
||
333 | View Code Duplication | public function testDeleteTransverseBlockInArea() |
|
334 | { |
||
335 | |||
336 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
337 | $block = $node->getArea('main')->getBlocks()[0]; |
||
338 | |||
339 | $this->client->request( |
||
340 | 'DELETE', |
||
341 | "/api/node/delete-block/".$node->getNodeId()."/".$node->getSiteId()."/".$node->getLanguage()."/".$node->getVersion()."/main/".$block->getId() |
||
342 | ); |
||
343 | $this->assertSame(200, $this->client->getResponse()->getStatusCode()); |
||
344 | $this->assertEquals($block, $this->blockRepository->findById($block->getId())); |
||
345 | |||
346 | $dm = static::$kernel->getContainer()->get('object_manager'); |
||
347 | $dm->detach($node); |
||
348 | $dm->detach($block); |
||
349 | |||
350 | $node = $this->nodeRepository->findInLastVersion('root', 'fr', '2'); |
||
351 | $blocks = $node->getArea('main')->getBlocks(); |
||
352 | $this->assertCount(1, $blocks); |
||
353 | |||
354 | $node->getArea('main')->addBlock($block); |
||
355 | $dm->persist($block); |
||
356 | $dm->persist($node); |
||
357 | $dm->flush(); |
||
358 | } |
||
359 | } |
||
360 |
This check marks calls to methods that do not seem to exist on an object.
This is most likely the result of a method being renamed without all references to it being renamed likewise.