PrivateBin/tst/jsonApi.php

278 lines
9.9 KiB
PHP
Raw Normal View History

<?php
2016-07-21 17:09:48 +02:00
use PrivateBin\data\data;
use PrivateBin\privatebin;
use PrivateBin\request;
use PrivateBin\serversalt;
class jsonApiTest extends PHPUnit_Framework_TestCase
{
protected $_model;
public function setUp()
{
/* Setup Routine */
2016-07-21 17:09:48 +02:00
$this->_model = data::getInstance(array('dir' => PATH . 'data'));
serversalt::setPath(PATH . 'data');
$this->reset();
}
public function tearDown()
{
/* Tear Down Routine */
helper::confRestore();
}
public function reset()
{
$_POST = array();
$_GET = array();
$_SERVER = array();
if ($this->_model->exists(helper::getPasteId())) {
$this->_model->delete(helper::getPasteId());
}
helper::confRestore();
}
/**
* @runInSeparateProcess
*/
public function testCreate()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
helper::confBackup();
helper::createIniFile(CONF, $options);
$_POST = helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['REMOTE_ADDR'] = '::1';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$response = json_decode($content, true);
$this->assertEquals(0, $response['status'], 'outputs status');
$this->assertStringEndsWith('?' . $response['id'], $response['url'], 'returned URL points to new paste');
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
$paste = $this->_model->read($response['id']);
$this->assertEquals(
hash_hmac('sha256', $response['id'], $paste->meta->salt),
$response['deletetoken'],
'outputs valid delete token'
);
}
/**
* @runInSeparateProcess
*/
public function testPut()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
helper::confBackup();
helper::createIniFile(CONF, $options);
$paste = helper::getPaste();
unset($paste['meta']);
$file = tempnam(sys_get_temp_dir(), 'FOO');
file_put_contents($file, http_build_query($paste));
request::setInputStream($file);
$_SERVER['QUERY_STRING'] = helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'PUT';
$_SERVER['REMOTE_ADDR'] = '::1';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$response = json_decode($content, true);
$this->assertEquals(0, $response['status'], 'outputs status');
$this->assertEquals(helper::getPasteId(), $response['id'], 'outputted paste ID matches input');
$this->assertStringEndsWith('?' . $response['id'], $response['url'], 'returned URL points to new paste');
$this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data');
$paste = $this->_model->read($response['id']);
$this->assertEquals(
hash_hmac('sha256', $response['id'], $paste->meta->salt),
$response['deletetoken'],
'outputs valid delete token'
);
}
/**
* @runInSeparateProcess
*/
public function testDelete()
{
$this->reset();
$this->_model->create(helper::getPasteId(), helper::getPaste());
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(helper::getPasteId());
$file = tempnam(sys_get_temp_dir(), 'FOO');
file_put_contents($file, http_build_query(array(
'deletetoken' => hash_hmac('sha256', helper::getPasteId(), $paste->meta->salt),
)));
request::setInputStream($file);
$_SERVER['QUERY_STRING'] = helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'DELETE';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$response = json_decode($content, true);
$this->assertEquals(0, $response['status'], 'outputs status');
$this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste successfully deleted');
}
/**
* @runInSeparateProcess
*/
public function testDeleteWithPost()
{
$this->reset();
$this->_model->create(helper::getPasteId(), helper::getPaste());
$this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(helper::getPasteId());
$_POST = array(
'action' => 'delete',
'deletetoken' => hash_hmac('sha256', helper::getPasteId(), $paste->meta->salt),
);
$_SERVER['QUERY_STRING'] = helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'POST';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$response = json_decode($content, true);
$this->assertEquals(0, $response['status'], 'outputs status');
$this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste successfully deleted');
}
/**
* @runInSeparateProcess
*/
public function testRead()
{
$this->reset();
$paste = helper::getPasteWithAttachment();
$this->_model->create(helper::getPasteId(), $paste);
$_SERVER['QUERY_STRING'] = helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$response = json_decode($content, true);
$this->assertEquals(0, $response['status'], 'outputs success status');
$this->assertEquals(helper::getPasteId(), $response['id'], 'outputs data correctly');
$this->assertStringEndsWith('?' . $response['id'], $response['url'], 'returned URL points to new paste');
$this->assertEquals($paste['data'], $response['data'], 'outputs data correctly');
$this->assertEquals($paste['attachment'], $response['attachment'], 'outputs attachment correctly');
$this->assertEquals($paste['attachmentname'], $response['attachmentname'], 'outputs attachmentname correctly');
$this->assertEquals($paste['meta']['formatter'], $response['meta']['formatter'], 'outputs format correctly');
$this->assertEquals($paste['meta']['postdate'], $response['meta']['postdate'], 'outputs postdate correctly');
$this->assertEquals($paste['meta']['opendiscussion'], $response['meta']['opendiscussion'], 'outputs opendiscussion correctly');
$this->assertEquals(0, $response['comment_count'], 'outputs comment_count correctly');
$this->assertEquals(0, $response['comment_offset'], 'outputs comment_offset correctly');
}
/**
* @runInSeparateProcess
*/
public function testJsonLdPaste()
{
$this->reset();
$paste = helper::getPasteWithAttachment();
$this->_model->create(helper::getPasteId(), $paste);
$_GET['jsonld'] = 'paste';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$this->assertEquals(str_replace(
'?jsonld=',
'/?jsonld=',
file_get_contents(PUBLIC_PATH . '/js/paste.jsonld')
), $content, 'outputs data correctly');
}
/**
* @runInSeparateProcess
*/
public function testJsonLdComment()
{
$this->reset();
$paste = helper::getPasteWithAttachment();
$this->_model->create(helper::getPasteId(), $paste);
$_GET['jsonld'] = 'comment';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$this->assertEquals(str_replace(
'?jsonld=',
'/?jsonld=',
file_get_contents(PUBLIC_PATH . '/js/comment.jsonld')
), $content, 'outputs data correctly');
}
/**
* @runInSeparateProcess
*/
public function testJsonLdPasteMeta()
{
$this->reset();
$paste = helper::getPasteWithAttachment();
$this->_model->create(helper::getPasteId(), $paste);
$_GET['jsonld'] = 'pastemeta';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$this->assertEquals(str_replace(
'?jsonld=',
'/?jsonld=',
file_get_contents(PUBLIC_PATH . '/js/pastemeta.jsonld')
), $content, 'outputs data correctly');
}
/**
* @runInSeparateProcess
*/
public function testJsonLdCommentMeta()
{
$this->reset();
$paste = helper::getPasteWithAttachment();
$this->_model->create(helper::getPasteId(), $paste);
$_GET['jsonld'] = 'commentmeta';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$this->assertEquals(str_replace(
'?jsonld=',
'/?jsonld=',
file_get_contents(PUBLIC_PATH . '/js/commentmeta.jsonld')
), $content, 'outputs data correctly');
}
/**
* @runInSeparateProcess
*/
public function testJsonLdInvalid()
{
$this->reset();
$paste = helper::getPasteWithAttachment();
$this->_model->create(helper::getPasteId(), $paste);
$_GET['jsonld'] = '../cfg/conf.ini';
ob_start();
2016-07-11 11:58:15 +02:00
new privatebin;
$content = ob_get_contents();
2016-08-02 10:29:25 +02:00
ob_end_clean();
$this->assertEquals('{}', $content, 'does not output nasty data');
}
}