CrossDomainMiddlewareTest - Code Metrics - shlinkio/shlink - Measure and Improve Code Quality continuously with Scrutinizer

CrossDomainMiddlewareTest A
last analyzed 2020-12-13 17:12 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	144
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	8
eloc	79
c	1
b	0
f	0
dl	0
loc	144
rs	10

8 Methods

Rating	Name	Size	Complexity
A	setUp()	4	1
A	provideMethods()	17	1
A	expectedStatusCodeIsReturnDependingOnRequestMethod()	13	1
A	optionsRequestParsesRouteMatchToDetermineAllowedMethods()	14	1
A	provideRouteResults()	10	1
A	nonCrossDomainRequestsAreNotAffected()	15	1
A	anyRequestIncludesTheAllowAccessHeader()	18	1
A	optionsRequestIncludesMoreHeaders()	20	1

<?php

declare(strict_types=1);

namespace ShlinkioTest\Shlink\Rest\Middleware;

use Laminas\Diactoros\Response;
use Laminas\Diactoros\ServerRequest;
use Mezzio\Router\Route;
use Mezzio\Router\RouteResult;
use PHPUnit\Framework\TestCase;
use Prophecy\Argument;
use Prophecy\PhpUnit\ProphecyTrait;
use Prophecy\Prophecy\ObjectProphecy;
use Psr\Http\Server\RequestHandlerInterface;
use Shlinkio\Shlink\Rest\Middleware\CrossDomainMiddleware;

use function Laminas\Stratigility\middleware;

class CrossDomainMiddlewareTest extends TestCase
{
    use ProphecyTrait;

    private CrossDomainMiddleware $middleware;
    private ObjectProphecy $handler;

    public function setUp(): void
    {
        $this->middleware = new CrossDomainMiddleware();
        $this->handler = $this->prophesize(RequestHandlerInterface::class);
    }

    /** @test */
    public function nonCrossDomainRequestsAreNotAffected(): void
    {
        $originalResponse = (new Response())->withStatus(404);
        $this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();

        $response = $this->middleware->process(new ServerRequest(), $this->handler->reveal());
        $headers = $response->getHeaders();

        self::assertSame($originalResponse, $response);
        self::assertEquals(404, $response->getStatusCode());
        self::assertArrayNotHasKey('Access-Control-Allow-Origin', $headers);
        self::assertArrayNotHasKey('Access-Control-Expose-Headers', $headers);
        self::assertArrayNotHasKey('Access-Control-Allow-Methods', $headers);
        self::assertArrayNotHasKey('Access-Control-Max-Age', $headers);
        self::assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
    }

    /** @test */
    public function anyRequestIncludesTheAllowAccessHeader(): void
    {
        $originalResponse = new Response();
        $this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();

        $response = $this->middleware->process(
            (new ServerRequest())->withHeader('Origin', 'local'),
            $this->handler->reveal(),
        );
        self::assertNotSame($originalResponse, $response);

        $headers = $response->getHeaders();

        self::assertEquals('local', $response->getHeaderLine('Access-Control-Allow-Origin'));
        self::assertEquals('X-Api-Key', $response->getHeaderLine('Access-Control-Expose-Headers'));
        self::assertArrayNotHasKey('Access-Control-Allow-Methods', $headers);
        self::assertArrayNotHasKey('Access-Control-Max-Age', $headers);
        self::assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
    }

    /** @test */
    public function optionsRequestIncludesMoreHeaders(): void
    {
        $originalResponse = new Response();
        $request = (new ServerRequest())
            ->withMethod('OPTIONS')
            ->withHeader('Origin', 'local')
            ->withHeader('Access-Control-Request-Headers', 'foo, bar, baz');
        $this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();

        $response = $this->middleware->process($request, $this->handler->reveal());
        self::assertNotSame($originalResponse, $response);

        $headers = $response->getHeaders();

        self::assertEquals('local', $response->getHeaderLine('Access-Control-Allow-Origin'));
        self::assertEquals('X-Api-Key', $response->getHeaderLine('Access-Control-Expose-Headers'));
        self::assertArrayHasKey('Access-Control-Allow-Methods', $headers);
        self::assertEquals('1000', $response->getHeaderLine('Access-Control-Max-Age'));
        self::assertEquals('foo, bar, baz', $response->getHeaderLine('Access-Control-Allow-Headers'));
        self::assertEquals(204, $response->getStatusCode());
    }

    /**
     * @test
     * @dataProvider provideRouteResults
     */
    public function optionsRequestParsesRouteMatchToDetermineAllowedMethods(
        ?RouteResult $result,
        string $expectedAllowedMethods
    ): void {
        $originalResponse = new Response();
        $request = (new ServerRequest())->withAttribute(RouteResult::class, $result)
                                        ->withMethod('OPTIONS')
                                        ->withHeader('Origin', 'local');
        $this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();

        $response = $this->middleware->process($request, $this->handler->reveal());

        self::assertEquals($response->getHeaderLine('Access-Control-Allow-Methods'), $expectedAllowedMethods);
        self::assertEquals(204, $response->getStatusCode());
    }

    public function provideRouteResults(): iterable
    {
        yield 'with no route result' => [null, 'GET,POST,PUT,PATCH,DELETE,OPTIONS'];
        yield 'with failed route result' => [RouteResult::fromRouteFailure(['POST', 'GET']), 'POST,GET'];
        yield 'with success route result' => [
            RouteResult::fromRoute(
                new Route('/', middleware(function (): void {
                }), ['DELETE', 'PATCH', 'PUT']),
            ),
            'DELETE,PATCH,PUT',
        ];
    }

    /**
     * @test
     * @dataProvider provideMethods
     */
    public function expectedStatusCodeIsReturnDependingOnRequestMethod(
        string $method,
        int $status,
        int $expectedStatus
    ): void {
        $originalResponse = (new Response())->withStatus($status);
        $request = (new ServerRequest())->withMethod($method)
                                        ->withHeader('Origin', 'local');
        $this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();

        $response = $this->middleware->process($request, $this->handler->reveal());

        self::assertEquals($expectedStatus, $response->getStatusCode());
    }

    public function provideMethods(): iterable
    {
        yield 'POST 200' => ['POST', 200, 200];
        yield 'POST 400' => ['POST', 400, 400];
        yield 'POST 500' => ['POST', 500, 500];
        yield 'GET 200' => ['GET', 200, 200];
        yield 'GET 400' => ['GET', 400, 400];
        yield 'GET 500' => ['GET', 500, 500];
        yield 'PATCH 200' => ['PATCH', 200, 200];
        yield 'PATCH 400' => ['PATCH', 400, 400];
        yield 'PATCH 500' => ['PATCH', 500, 500];
        yield 'DELETE 200' => ['DELETE', 200, 200];
        yield 'DELETE 400' => ['DELETE', 400, 400];
        yield 'DELETE 500' => ['DELETE', 500, 500];
        yield 'OPTIONS 200' => ['OPTIONS', 200, 204];
        yield 'OPTIONS 400' => ['OPTIONS', 400, 204];
        yield 'OPTIONS 500' => ['OPTIONS', 500, 204];
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace ShlinkioTest\Shlink\Rest\Middleware;
6
7			use Laminas\Diactoros\Response;
8			use Laminas\Diactoros\ServerRequest;
9			use Mezzio\Router\Route;
10			use Mezzio\Router\RouteResult;
11			use PHPUnit\Framework\TestCase;
12			use Prophecy\Argument;
13			use Prophecy\PhpUnit\ProphecyTrait;
14			use Prophecy\Prophecy\ObjectProphecy;
15			use Psr\Http\Server\RequestHandlerInterface;
16			use Shlinkio\Shlink\Rest\Middleware\CrossDomainMiddleware;
17
18			use function Laminas\Stratigility\middleware;
19
20			class CrossDomainMiddlewareTest extends TestCase
21			{
22			use ProphecyTrait;
23
24			private CrossDomainMiddleware $middleware;
25			private ObjectProphecy $handler;
26
27			public function setUp(): void
28			{
29			$this->middleware = new CrossDomainMiddleware();
30			$this->handler = $this->prophesize(RequestHandlerInterface::class);
31			}
32
33			/** @test */
34			public function nonCrossDomainRequestsAreNotAffected(): void
35			{
36			$originalResponse = (new Response())->withStatus(404);
37			$this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();
38
39			$response = $this->middleware->process(new ServerRequest(), $this->handler->reveal());
40			$headers = $response->getHeaders();
41
42			self::assertSame($originalResponse, $response);
43			self::assertEquals(404, $response->getStatusCode());
44			self::assertArrayNotHasKey('Access-Control-Allow-Origin', $headers);
45			self::assertArrayNotHasKey('Access-Control-Expose-Headers', $headers);
46			self::assertArrayNotHasKey('Access-Control-Allow-Methods', $headers);
47			self::assertArrayNotHasKey('Access-Control-Max-Age', $headers);
48			self::assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
49			}
50
51			/** @test */
52			public function anyRequestIncludesTheAllowAccessHeader(): void
53			{
54			$originalResponse = new Response();
55			$this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();
56
57			$response = $this->middleware->process(
58			(new ServerRequest())->withHeader('Origin', 'local'),
59			$this->handler->reveal(),
60			);
61			self::assertNotSame($originalResponse, $response);
62
63			$headers = $response->getHeaders();
64
65			self::assertEquals('local', $response->getHeaderLine('Access-Control-Allow-Origin'));
66			self::assertEquals('X-Api-Key', $response->getHeaderLine('Access-Control-Expose-Headers'));
67			self::assertArrayNotHasKey('Access-Control-Allow-Methods', $headers);
68			self::assertArrayNotHasKey('Access-Control-Max-Age', $headers);
69			self::assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
70			}
71
72			/** @test */
73			public function optionsRequestIncludesMoreHeaders(): void
74			{
75			$originalResponse = new Response();
76			$request = (new ServerRequest())
77			->withMethod('OPTIONS')
78			->withHeader('Origin', 'local')
79			->withHeader('Access-Control-Request-Headers', 'foo, bar, baz');
80			$this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();
81
82			$response = $this->middleware->process($request, $this->handler->reveal());
83			self::assertNotSame($originalResponse, $response);
84
85			$headers = $response->getHeaders();
86
87			self::assertEquals('local', $response->getHeaderLine('Access-Control-Allow-Origin'));
88			self::assertEquals('X-Api-Key', $response->getHeaderLine('Access-Control-Expose-Headers'));
89			self::assertArrayHasKey('Access-Control-Allow-Methods', $headers);
90			self::assertEquals('1000', $response->getHeaderLine('Access-Control-Max-Age'));
91			self::assertEquals('foo, bar, baz', $response->getHeaderLine('Access-Control-Allow-Headers'));
92			self::assertEquals(204, $response->getStatusCode());
93			}
94
95			/**
96			* @test
97			* @dataProvider provideRouteResults
98			*/
99			public function optionsRequestParsesRouteMatchToDetermineAllowedMethods(
100			?RouteResult $result,
101			string $expectedAllowedMethods
102			): void {
103			$originalResponse = new Response();
104			$request = (new ServerRequest())->withAttribute(RouteResult::class, $result)
105			->withMethod('OPTIONS')
106			->withHeader('Origin', 'local');
107			$this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();
108
109			$response = $this->middleware->process($request, $this->handler->reveal());
110
111			self::assertEquals($response->getHeaderLine('Access-Control-Allow-Methods'), $expectedAllowedMethods);
112			self::assertEquals(204, $response->getStatusCode());
113			}
114
115			public function provideRouteResults(): iterable
116			{
117			yield 'with no route result' => [null, 'GET,POST,PUT,PATCH,DELETE,OPTIONS'];
118			yield 'with failed route result' => [RouteResult::fromRouteFailure(['POST', 'GET']), 'POST,GET'];
119			yield 'with success route result' => [
120			RouteResult::fromRoute(
121			new Route('/', middleware(function (): void {
122			}), ['DELETE', 'PATCH', 'PUT']),
123			),
124			'DELETE,PATCH,PUT',
125			];
126			}
127
128			/**
129			* @test
130			* @dataProvider provideMethods
131			*/
132			public function expectedStatusCodeIsReturnDependingOnRequestMethod(
133			string $method,
134			int $status,
135			int $expectedStatus
136			): void {
137			$originalResponse = (new Response())->withStatus($status);
138			$request = (new ServerRequest())->withMethod($method)
139			->withHeader('Origin', 'local');
140			$this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();
141
142			$response = $this->middleware->process($request, $this->handler->reveal());
143
144			self::assertEquals($expectedStatus, $response->getStatusCode());
145			}
146
147			public function provideMethods(): iterable
148			{
149			yield 'POST 200' => ['POST', 200, 200];
150			yield 'POST 400' => ['POST', 400, 400];
151			yield 'POST 500' => ['POST', 500, 500];
152			yield 'GET 200' => ['GET', 200, 200];
153			yield 'GET 400' => ['GET', 400, 400];
154			yield 'GET 500' => ['GET', 500, 500];
155			yield 'PATCH 200' => ['PATCH', 200, 200];
156			yield 'PATCH 400' => ['PATCH', 400, 400];
157			yield 'PATCH 500' => ['PATCH', 500, 500];
158			yield 'DELETE 200' => ['DELETE', 200, 200];
159			yield 'DELETE 400' => ['DELETE', 400, 400];
160			yield 'DELETE 500' => ['DELETE', 500, 500];
161			yield 'OPTIONS 200' => ['OPTIONS', 200, 204];
162			yield 'OPTIONS 400' => ['OPTIONS', 400, 204];
163			yield 'OPTIONS 500' => ['OPTIONS', 500, 204];
164			}
165			}
166

shlinkio / shlink

CrossDomainMiddlewareTest A last analyzed 2020-12-13 17:12 UTC

Complexity

Size/Duplication

Importance

8 Methods

Duplication Side-by-Side

Filter issues like

CrossDomainMiddlewareTest A
last analyzed 2020-12-13 17:12 UTC