OilfieldToolsNet/shlink
4
0
Fork 0
mirror of https://github.com/shlinkio/shlink.git synced 2024-11-22 08:56:42 -06:00
Code Issues Packages Projects Releases Wiki Activity

Created API tests to cover deletion and renaming of tags with non-admin API keys

Browse Source
This commit is contained in:
Alejandro Celaya 2021-01-10 10:28:00 +01:00
parent 2be0050f3d
commit 34bb023b7d
2 changed files with 73 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
module/Rest/test-api/Action/DeleteTagsTest.php Normal file
View File

@ -0,0 +1,35 @@
<?php
declare(strict_types=1);
namespace ShlinkioApiTest\Shlink\Rest\Action;
use GuzzleHttp\RequestOptions;
use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;
class DeleteTagsTest extends ApiTestCase
{
/**
* @test
* @dataProvider provideNonAdminApiKeys
*/
public function anErrorIsReturnedWithNonAdminApiKeys(string $apiKey): void
{
$resp = $this->callApiWithKey(self::METHOD_DELETE, '/tags', [
RequestOptions::QUERY => ['tags' => ['foo']],
], $apiKey);
$payload = $this->getJsonResponsePayload($resp);
self::assertEquals(self::STATUS_FORBIDDEN, $resp->getStatusCode());
self::assertEquals(self::STATUS_FORBIDDEN, $payload['status']);
self::assertEquals('FORBIDDEN_OPERATION', $payload['type']);
self::assertEquals('You are not allowed to delete tags', $payload['detail']);
self::assertEquals('Forbidden tag operation', $payload['title']);
}
public function provideNonAdminApiKeys(): iterable
{
yield 'author' => ['author_api_key'];
yield 'domain' => ['domain_api_key'];
}
}

38
module/Rest/test-api/Action/RenameTagTest.php Normal file
View File

@ -0,0 +1,38 @@
<?php
declare(strict_types=1);
namespace ShlinkioApiTest\Shlink\Rest\Action;
use GuzzleHttp\RequestOptions;
use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;
class RenameTagTest extends ApiTestCase
{
/**
* @test
* @dataProvider provideNonAdminApiKeys
*/
public function anErrorIsReturnedWithNonAdminApiKeys(string $apiKey): void
{
$resp = $this->callApiWithKey(self::METHOD_PUT, '/tags', [
RequestOptions::JSON => [
'oldName' => 'foo',
'newName' => 'foo_renamed',
],
], $apiKey);
$payload = $this->getJsonResponsePayload($resp);
self::assertEquals(self::STATUS_FORBIDDEN, $resp->getStatusCode());
self::assertEquals(self::STATUS_FORBIDDEN, $payload['status']);
self::assertEquals('FORBIDDEN_OPERATION', $payload['type']);
self::assertEquals('You are not allowed to rename tags', $payload['detail']);
self::assertEquals('Forbidden tag operation', $payload['title']);
}
public function provideNonAdminApiKeys(): iterable
{
yield 'author' => ['author_api_key'];
yield 'domain' => ['domain_api_key'];
}
}