2018-04-09 15:23:41 -04:00
|
|
|
<?php
|
|
|
|
/**
|
2022-01-06 18:30:59 -05:00
|
|
|
* @copyright Copyright (C) 2010-2022, the Friendica project
|
|
|
|
*
|
|
|
|
* @license GNU AGPL version 3 or any later version
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* ApiTest class.
|
|
|
|
*/
|
|
|
|
|
2020-09-11 13:38:41 -04:00
|
|
|
namespace Friendica\Test\legacy;
|
2018-04-09 15:23:41 -04:00
|
|
|
|
2019-02-05 16:03:07 -05:00
|
|
|
use Friendica\App;
|
2021-10-26 15:44:29 -04:00
|
|
|
use Friendica\Core\Config\Capability\IManageConfigValues;
|
2019-12-15 16:34:11 -05:00
|
|
|
use Friendica\DI;
|
2021-11-08 16:35:41 -05:00
|
|
|
use Friendica\Module\BaseApi;
|
|
|
|
use Friendica\Security\BasicAuth;
|
2020-09-11 13:38:41 -04:00
|
|
|
use Friendica\Test\FixtureTest;
|
2021-11-08 17:10:07 -05:00
|
|
|
use Friendica\Util\Arrays;
|
2021-09-18 01:08:29 -04:00
|
|
|
use Friendica\Util\DateTimeFormat;
|
2018-12-30 15:42:56 -05:00
|
|
|
use Monolog\Handler\TestHandler;
|
2018-04-09 15:23:41 -04:00
|
|
|
|
2018-11-01 08:45:21 -04:00
|
|
|
require_once __DIR__ . '/../../include/api.php';
|
2018-10-22 14:59:51 -04:00
|
|
|
|
2018-04-09 15:23:41 -04:00
|
|
|
/**
|
|
|
|
* Tests for the API functions.
|
|
|
|
*
|
|
|
|
* Functions that use header() need to be tested in a separate process.
|
|
|
|
* @see https://phpunit.de/manual/5.7/en/appendixes.annotations.html#appendixes.annotations.runTestsInSeparateProcesses
|
2021-04-01 15:19:45 -04:00
|
|
|
*
|
|
|
|
* @backupGlobals enabled
|
2018-04-09 15:23:41 -04:00
|
|
|
*/
|
2020-06-09 08:38:31 -04:00
|
|
|
class ApiTest extends FixtureTest
|
2018-04-09 15:23:41 -04:00
|
|
|
{
|
2018-12-30 15:42:56 -05:00
|
|
|
/**
|
|
|
|
* @var TestHandler Can handle log-outputs
|
|
|
|
*/
|
|
|
|
protected $logOutput;
|
|
|
|
|
2019-03-23 10:02:32 -04:00
|
|
|
/** @var array */
|
|
|
|
protected $selfUser;
|
|
|
|
/** @var array */
|
|
|
|
protected $friendUser;
|
|
|
|
/** @var array */
|
|
|
|
protected $otherUser;
|
|
|
|
|
|
|
|
protected $wrongUserId;
|
|
|
|
|
2019-07-26 09:54:14 -04:00
|
|
|
/** @var App */
|
|
|
|
protected $app;
|
|
|
|
|
2021-10-26 15:44:29 -04:00
|
|
|
/** @var IManageConfigValues */
|
2019-08-04 12:50:24 -04:00
|
|
|
protected $config;
|
|
|
|
|
2018-04-09 15:23:41 -04:00
|
|
|
/**
|
|
|
|
* Create variables used by tests.
|
|
|
|
*/
|
2021-04-01 17:04:30 -04:00
|
|
|
protected function setUp() : void
|
2018-04-09 15:23:41 -04:00
|
|
|
{
|
2020-09-11 14:14:47 -04:00
|
|
|
global $API, $called_api;
|
|
|
|
$API = [];
|
|
|
|
$called_api = [];
|
|
|
|
|
2019-07-28 11:40:42 -04:00
|
|
|
parent::setUp();
|
2018-07-01 14:46:24 -04:00
|
|
|
|
2021-10-26 16:09:11 -04:00
|
|
|
/** @var IManageConfigValues $config */
|
2021-10-26 15:44:29 -04:00
|
|
|
$this->config = $this->dice->create(IManageConfigValues::class);
|
2019-08-04 13:02:16 -04:00
|
|
|
|
|
|
|
$this->config->set('system', 'url', 'http://localhost');
|
|
|
|
$this->config->set('system', 'hostname', 'localhost');
|
|
|
|
$this->config->set('system', 'worker_dont_fork', true);
|
|
|
|
|
|
|
|
// Default config
|
|
|
|
$this->config->set('config', 'hostname', 'localhost');
|
|
|
|
$this->config->set('system', 'throttle_limit_day', 100);
|
|
|
|
$this->config->set('system', 'throttle_limit_week', 100);
|
|
|
|
$this->config->set('system', 'throttle_limit_month', 100);
|
|
|
|
$this->config->set('system', 'theme', 'system_theme');
|
|
|
|
|
2019-07-28 11:40:42 -04:00
|
|
|
|
2019-08-04 13:02:16 -04:00
|
|
|
/** @var App app */
|
2019-12-15 16:34:11 -05:00
|
|
|
$this->app = DI::app();
|
2019-07-27 08:37:24 -04:00
|
|
|
|
2021-07-25 10:27:13 -04:00
|
|
|
DI::args()->setArgc(1);
|
2019-07-26 09:54:14 -04:00
|
|
|
|
2018-04-09 15:23:41 -04:00
|
|
|
// User data that the test database is populated with
|
2019-07-28 11:40:42 -04:00
|
|
|
$this->selfUser = [
|
|
|
|
'id' => 42,
|
2018-04-09 15:23:41 -04:00
|
|
|
'name' => 'Self contact',
|
|
|
|
'nick' => 'selfcontact',
|
2018-07-01 15:07:50 -04:00
|
|
|
'nurl' => 'http://localhost/profile/selfcontact'
|
2018-07-01 14:46:24 -04:00
|
|
|
];
|
|
|
|
$this->friendUser = [
|
2019-07-28 11:40:42 -04:00
|
|
|
'id' => 44,
|
2018-07-01 14:46:24 -04:00
|
|
|
'name' => 'Friend contact',
|
|
|
|
'nick' => 'friendcontact',
|
2018-07-01 15:07:50 -04:00
|
|
|
'nurl' => 'http://localhost/profile/friendcontact'
|
2018-04-09 15:23:41 -04:00
|
|
|
];
|
2019-07-28 11:40:42 -04:00
|
|
|
$this->otherUser = [
|
|
|
|
'id' => 43,
|
2018-04-09 15:23:41 -04:00
|
|
|
'name' => 'othercontact',
|
|
|
|
'nick' => 'othercontact',
|
2018-07-01 15:07:50 -04:00
|
|
|
'nurl' => 'http://localhost/profile/othercontact'
|
2018-04-09 15:23:41 -04:00
|
|
|
];
|
|
|
|
|
|
|
|
// User ID that we know is not in the database
|
|
|
|
$this->wrongUserId = 666;
|
|
|
|
|
2019-12-15 19:35:26 -05:00
|
|
|
DI::session()->start();
|
2019-12-10 16:29:49 -05:00
|
|
|
|
2018-04-09 15:23:41 -04:00
|
|
|
// Most API require login so we force the session
|
|
|
|
$_SESSION = [
|
|
|
|
'authenticated' => true,
|
2019-07-28 11:40:42 -04:00
|
|
|
'uid' => $this->selfUser['id']
|
2018-04-09 15:23:41 -04:00
|
|
|
];
|
2021-11-17 17:12:21 -05:00
|
|
|
BasicAuth::setCurrentUserID($this->selfUser['id']);
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the api_user() function.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiUser()
|
|
|
|
{
|
2021-11-18 01:58:43 -05:00
|
|
|
self::assertEquals($this->selfUser['id'], BaseApi::getCurrentUserID());
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
2021-12-30 14:51:21 -05:00
|
|
|
|
2018-04-09 15:23:41 -04:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the api_source() function.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiSource()
|
|
|
|
{
|
2021-11-24 02:26:22 -05:00
|
|
|
self::assertEquals('api', BasicAuth::getCurrentApplicationToken()['name']);
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the api_source() function with a Twidere user agent.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiSourceWithTwidere()
|
|
|
|
{
|
|
|
|
$_SERVER['HTTP_USER_AGENT'] = 'Twidere';
|
2021-11-24 02:26:22 -05:00
|
|
|
self::assertEquals('Twidere', BasicAuth::getCurrentApplicationToken()['name']);
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the api_source() function with a GET parameter.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiSourceWithGet()
|
|
|
|
{
|
2021-11-24 02:11:33 -05:00
|
|
|
$_REQUEST['source'] = 'source_name';
|
2021-11-24 02:26:22 -05:00
|
|
|
self::assertEquals('source_name', BasicAuth::getCurrentApplicationToken()['name']);
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the api_date() function.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiDate()
|
|
|
|
{
|
2021-11-18 16:43:13 -05:00
|
|
|
self::assertEquals('Wed Oct 10 00:00:00 +0000 1990', DateTimeFormat::utc('1990-10-10', DateTimeFormat::API));
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-11-08 16:35:41 -05:00
|
|
|
* Test the BasicAuth::getCurrentUserID() function without any login.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @runInSeparateProcess
|
2021-04-01 15:19:45 -04:00
|
|
|
* @preserveGlobalState disabled
|
2021-04-01 16:16:16 -04:00
|
|
|
* @preserveGlobalState disabled
|
2018-04-09 15:23:41 -04:00
|
|
|
*/
|
|
|
|
public function testApiLoginWithoutLogin()
|
|
|
|
{
|
2021-11-18 01:03:21 -05:00
|
|
|
BasicAuth::setCurrentUserID();
|
2021-05-16 17:49:40 -04:00
|
|
|
$this->expectException(\Friendica\Network\HTTPException\UnauthorizedException::class);
|
2021-11-08 16:35:41 -05:00
|
|
|
BasicAuth::getCurrentUserID(true);
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-11-08 16:35:41 -05:00
|
|
|
* Test the BasicAuth::getCurrentUserID() function with a bad login.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @runInSeparateProcess
|
2021-04-01 15:19:45 -04:00
|
|
|
* @preserveGlobalState disabled
|
2021-04-01 16:16:16 -04:00
|
|
|
* @preserveGlobalState disabled
|
2018-04-09 15:23:41 -04:00
|
|
|
*/
|
|
|
|
public function testApiLoginWithBadLogin()
|
|
|
|
{
|
2021-11-18 01:03:21 -05:00
|
|
|
BasicAuth::setCurrentUserID();
|
2021-05-16 17:49:40 -04:00
|
|
|
$this->expectException(\Friendica\Network\HTTPException\UnauthorizedException::class);
|
2018-04-09 15:23:41 -04:00
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user@server';
|
2021-11-08 16:35:41 -05:00
|
|
|
BasicAuth::getCurrentUserID(true);
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-11-08 16:35:41 -05:00
|
|
|
* Test the BasicAuth::getCurrentUserID() function with oAuth.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiLoginWithOauth()
|
|
|
|
{
|
|
|
|
$this->markTestIncomplete('Can we test this easily?');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-11-08 16:35:41 -05:00
|
|
|
* Test the BasicAuth::getCurrentUserID() function with authentication provided by an addon.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiLoginWithAddonAuth()
|
|
|
|
{
|
|
|
|
$this->markTestIncomplete('Can we test this easily?');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-11-08 16:35:41 -05:00
|
|
|
* Test the BasicAuth::getCurrentUserID() function with a correct login.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @runInSeparateProcess
|
2021-04-01 16:16:16 -04:00
|
|
|
* @preserveGlobalState disabled
|
2021-04-01 15:19:45 -04:00
|
|
|
* @doesNotPerformAssertions
|
2018-04-09 15:23:41 -04:00
|
|
|
*/
|
|
|
|
public function testApiLoginWithCorrectLogin()
|
|
|
|
{
|
2021-11-18 01:03:21 -05:00
|
|
|
BasicAuth::setCurrentUserID();
|
2018-04-09 15:23:41 -04:00
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'Test user';
|
2019-07-28 11:40:42 -04:00
|
|
|
$_SERVER['PHP_AUTH_PW'] = 'password';
|
2021-11-08 16:35:41 -05:00
|
|
|
BasicAuth::getCurrentUserID(true);
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-11-08 16:35:41 -05:00
|
|
|
* Test the BasicAuth::getCurrentUserID() function with a remote user.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @runInSeparateProcess
|
2021-04-01 16:16:16 -04:00
|
|
|
* @preserveGlobalState disabled
|
2018-04-09 15:23:41 -04:00
|
|
|
*/
|
|
|
|
public function testApiLoginWithRemoteUser()
|
|
|
|
{
|
2021-11-18 01:03:21 -05:00
|
|
|
BasicAuth::setCurrentUserID();
|
2021-05-16 17:49:40 -04:00
|
|
|
$this->expectException(\Friendica\Network\HTTPException\UnauthorizedException::class);
|
2018-04-09 15:23:41 -04:00
|
|
|
$_SERVER['REDIRECT_REMOTE_USER'] = '123456dXNlcjpwYXNzd29yZA==';
|
2021-11-08 16:35:41 -05:00
|
|
|
BasicAuth::getCurrentUserID(true);
|
2018-04-09 15:23:41 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-11-08 17:10:07 -05:00
|
|
|
* Test the Arrays::walkRecursive() function.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiWalkRecursive()
|
|
|
|
{
|
|
|
|
$array = ['item1'];
|
2020-10-17 08:19:57 -04:00
|
|
|
self::assertEquals(
|
2018-04-09 15:23:41 -04:00
|
|
|
$array,
|
2021-11-08 17:10:07 -05:00
|
|
|
Arrays::walkRecursive(
|
2018-04-09 15:23:41 -04:00
|
|
|
$array,
|
|
|
|
function () {
|
|
|
|
// Should we test this with a callback that actually does something?
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-11-08 17:10:07 -05:00
|
|
|
* Test the Arrays::walkRecursive() function with an array.
|
2019-07-28 11:40:42 -04:00
|
|
|
*
|
2018-04-09 15:23:41 -04:00
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiWalkRecursiveWithArray()
|
|
|
|
{
|
|
|
|
$array = [['item1'], ['item2']];
|
2020-10-17 08:19:57 -04:00
|
|
|
self::assertEquals(
|
2018-04-09 15:23:41 -04:00
|
|
|
$array,
|
2021-11-08 17:10:07 -05:00
|
|
|
Arrays::walkRecursive(
|
2018-04-09 15:23:41 -04:00
|
|
|
$array,
|
|
|
|
function () {
|
|
|
|
// Should we test this with a callback that actually does something?
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
}
|