ApiKeys fixed + tests

This commit is contained in:
Roman Hergenreder 2020-04-02 16:31:17 +02:00
parent cc334eb62d
commit 541b8563d5
6 changed files with 60 additions and 13 deletions

@ -28,9 +28,13 @@ class CreateApiKey extends Request {
$this->lastError = $sql->getLastError();
if ($this->success) {
$this->result["api_key"] = $apiKey;
$this->result["valid_until"] = $validUntil->getTimestamp();
$this->result["uid"] = $sql->getLastInsertId();
$this->result["api_key"] = array(
"api_key" => $apiKey,
"valid_until" => $validUntil->getTimestamp(),
"uid" => $sql->getLastInsertId(),
);
} else {
$this->result["api_key"] = null;
}
return $this->success;
}

@ -28,7 +28,14 @@ class GetApiKeys extends Request {
$this->lastError = $sql->getLastError();
if($this->success) {
$this->result["api_keys"] = $res;
$this->result["api_keys"] = array();
foreach($res as $row) {
$this->result["api_keys"][] = array(
"uid" => $row["uid"],
"api_key" => $row["api_key"],
"valid_until" => (new \DateTime($row["valid_until"]))->getTimestamp(),
);
}
}
return $this->success;

@ -18,7 +18,7 @@ class RefreshApiKey extends Request {
$id = $this->getParam("id");
$sql = $this->user->getSQL();
$res = $sql->select("COUNT(*)")
$res = $sql->select($sql->count())
->from("ApiKey")
->where(new Compare("uid", $id))
->where(new Compare("user_id", $this->user->getId()))
@ -29,7 +29,7 @@ class RefreshApiKey extends Request {
$this->success = ($res !== FALSE);
$this->lastError = $sql->getLastError();
if($this->success && $res[0]["COUNT(*)"] === 0) {
if($this->success && $res[0]["count"] === 0) {
$this->success = false;
$this->lastError = "This API-Key does not exist.";
}

@ -18,7 +18,7 @@ class RevokeApiKey extends Request {
$id = $this->getParam("id");
$sql = $this->user->getSQL();
$res = $sql->select("COUNT(*)")
$res = $sql->select($sql->count())
->from("ApiKey")
->where(new Compare("uid", $id))
->where(new Compare("user_id", $this->user->getId()))
@ -29,7 +29,7 @@ class RevokeApiKey extends Request {
$this->success = ($res !== FALSE);
$this->lastError = $sql->getLastError();
if($this->success && $res[0]["COUNT(*)"] === 0) {
if($this->success && $res[0]["count"] === 0) {
$this->success = false;
$this->lastError = "This API-Key does not exist.";
}

@ -60,6 +60,8 @@ abstract class SQL {
public abstract function connect();
public abstract function disconnect();
// TODO: pull code duplicates up
// Querybuilder
public abstract function executeCreateTable($query);
public abstract function executeInsert($query);

@ -6,12 +6,21 @@ class ApiTestCase(PhpTest):
super().__init__({
"Testing login…": self.test_login,
"Testing already logged in…": self.test_already_logged_in,
"Testing get api keys empty…": self.test_get_api_keys,
"Testing get api keys empty…": self.test_get_api_keys_empty,
"Testing create api key…": self.test_create_api_key,
"Testing referesh api key…": self.test_refresh_api_key,
"Testing revoke api key…": self.test_revoke_api_key,
"Testing logout…": self.test_logout,
})
def api(self, method):
return "/api/%s" % method
def getApiKeys(self):
obj = self.httpPost(self.api("getApiKeys"))
self.assertEquals(True, obj["success"], obj["msg"])
return obj
def test_login(self):
obj = self.httpPost(self.api("login"), data={ "username": PhpTest.ADMIN_USERNAME, "password": PhpTest.ADMIN_PASSWORD })
self.assertEquals(True, obj["success"], obj["msg"])
@ -21,8 +30,33 @@ class ApiTestCase(PhpTest):
obj = self.test_login()
self.assertEquals("You are already logged in", obj["msg"])
def test_get_api_keys(self):
obj = self.httpPost(self.api("getApiKeys"))
self.assertEquals(True, obj["success"], obj["msg"])
def test_get_api_keys_empty(self):
obj = self.getApiKeys()
self.assertEquals([], obj["api_keys"])
return obj
def test_create_api_key(self):
obj = self.httpPost(self.api("createApiKey"))
self.assertEquals(True, obj["success"], obj["msg"])
self.assertTrue("api_key" in obj)
self.apiKey = obj["api_key"]
obj = self.getApiKeys()
self.assertEquals(1, len(obj["api_keys"]))
self.assertDictEqual(self.apiKey, obj["api_keys"][0])
def test_refresh_api_key(self):
obj = self.httpPost(self.api("refreshApiKey"), data={"id": self.apiKey["uid"]})
self.assertEquals(True, obj["success"], obj["msg"])
self.assertTrue("valid_until" in obj)
self.assertTrue(obj["valid_until"] >= self.apiKey["valid_until"])
def test_revoke_api_key(self):
obj = self.httpPost(self.api("revokeApiKey"), data={"id": self.apiKey["uid"]})
self.assertEquals(True, obj["success"], obj["msg"])
self.test_get_api_keys_empty()
def test_logout(self):
obj = self.httpPost(self.api("logout"))
self.assertEquals(True, obj["success"], obj["msg"])
obj = self.httpPost(self.api("logout"))
self.assertEquals(False, obj["success"])