Ivan - Backend - Create /user/get path [skip ci]

This commit is contained in:
ivan 2016-09-09 00:38:58 -03:00
parent e22b3d999c
commit da7aad3576
13 changed files with 199 additions and 47 deletions

View File

@ -16,8 +16,8 @@ class CommentController extends Controller {
'validation' => DataValidator::length(20, 500),
'error' => ERRORS::INVALID_CONTENT
],
'ticketId' => [
'validation' => DataValidator::dataStoreId('ticket'),
'ticketNumber' => [
'validation' => DataValidator::validTicketNumber(),
'error' => ERRORS::INVALID_TICKET
]
]
@ -37,9 +37,9 @@ class CommentController extends Controller {
}
private function requestData() {
$ticketId = Controller::request('ticketId');
$ticketNumber = Controller::request('ticketNumber');
$this->ticket = Ticket::getTicket($ticketId);
$this->ticket = Ticket::getByTicketNumber($ticketNumber);
$this->content = Controller::request('content');
}

View File

@ -22,6 +22,10 @@ class TicketGetController extends Controller {
$ticket = Ticket::getByTicketNumber($ticketNumber);
Response::respondSuccess($ticket->toArray());
if ($ticket->isNull() || $ticket->author->id != Controller::getLoggedUser()->id) {
Response::respondError(ERRORS::INVALID_TICKET);
} else {
Response::respondSuccess($ticket->toArray());
}
}
}

View File

@ -6,6 +6,7 @@ include 'user/recover-password.php';
include 'user/send-recover-password.php';
include 'user/edit-password.php';
include 'user/edit-email.php';
include 'user/get.php';
$userControllers = new ControllerGroup();
$userControllers->setGroupPath('/user');
@ -17,5 +18,6 @@ $userControllers->addController(new SendRecoverPasswordController);
$userControllers->addController(new RecoverPasswordController);
$userControllers->addController(new EditPassword);
$userControllers->addController(new EditEmail);
$userControllers->addController(new GetUserController);
$userControllers->finalize();

View File

@ -0,0 +1,30 @@
<?php
use Respect\Validation\Validator as DataValidator;
DataValidator::with('CustomValidations', true);
class GetUserController extends Controller {
const PATH = '/get';
public function validations() {
return [
'permission' => 'user',
'requestData' => []
];
}
public function handler() {
$user = Controller::getLoggedUser();
$parsedTicketList = [];
$ticketList = $user->sharedTicketList;
foreach($ticketList as $ticket) {
$parsedTicketList[] = $ticket->toArray();
}
Response::respondSuccess([
'name' => $user->name,
'email' => $user->email,
'tickets' => $parsedTicketList
]);
}
}

View File

@ -41,6 +41,7 @@ spl_autoload_register(function ($class) {
include_once 'libs/validations/dataStoreId.php';
include_once 'libs/validations/userEmail.php';
include_once 'libs/validations/captcha.php';
include_once 'libs/validations/validTicketNumber.php';
// LOAD CONTROLLERS
foreach (glob('controllers/*.php') as $controller) {

View File

@ -1,7 +1,7 @@
<?php
require_once 'models/DataStore.php';
class DataStoreList {
class DataStoreList implements IteratorAggregate{
private $list = [];
public static function getList($type, $beanList) {
@ -14,6 +14,10 @@ class DataStoreList {
return $dataStoreList;
}
public function getIterator() {
return new ArrayIterator($this->list);
}
public function add(DataStore $dataStore) {
$this->list[] = $dataStore;
}

View File

@ -0,0 +1,14 @@
<?php
namespace CustomValidations;
use Respect\Validation\Rules\AbstractRule;
class ValidTicketNumber extends AbstractRule {
public function validate($ticketNumber) {
$ticket = \Ticket::getByTicketNumber($ticketNumber);
return !$ticket->isNull();
}
}

View File

@ -17,6 +17,7 @@ require './user/send-recover-password.rb'
require './user/recover-password.rb'
require './user/edit-password.rb'
require './user/edit-email.rb'
require './user/get.rb'
require './ticket/create.rb'
require './ticket/comment.rb'
require './ticket/get.rb'

View File

@ -18,6 +18,23 @@ class Scripts
:password => password
})
if response['data'].any?
$csrf_userid = response['data']['userId']
$csrf_token = response['data']['token']
end
response['data']
end
def self.createTicket()
result = request('/ticket/create', {
title: 'Winter is coming',
content: 'The north remembers',
departmentId: 1,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
result['data']
end
end

View File

@ -1,8 +1,15 @@
describe '/ticket/comment/' do
Scripts.createUser('commenter@os4.com', 'commenter', 'Commenter')
Scripts.login('commenter@os4.com', 'commenter')
result = Scripts.createTicket
@ticketNumber = result['ticketNumber']
it 'should fail if invalid token is passed' do
result = request('/ticket/comment', {
content: 'some comment content',
ticketId: 1,
ticketId: @ticketNumber,
csrf_userid: $csrf_userid,
csrf_token: 'INVALID_TOKEN'
})
@ -14,7 +21,7 @@ describe '/ticket/comment/' do
it 'should fail if content is too short' do
result = request('/ticket/comment', {
content: 'Test',
ticketId: 1,
ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
@ -29,7 +36,7 @@ describe '/ticket/comment/' do
result = request('/ticket/comment', {
content: long_text,
ticketId: 1,
ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
@ -41,7 +48,7 @@ describe '/ticket/comment/' do
it 'should fail if ticket does not exist' do
result = request('/ticket/comment', {
content: 'some comment content',
ticketId: 30,
ticketNumber: 30,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
@ -53,28 +60,28 @@ describe '/ticket/comment/' do
it 'should add comment to ticket' do
result = request('/ticket/comment', {
content: 'some comment content',
ticketId: 1,
ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('success')
comment = $database.getRow('comment', '1', 'id')
ticket = $database.getRow('ticket', @ticketNumber, 'ticket_number')
comment = $database.getRow('comment', ticket['id'], 'ticket_id')
(comment['content']).should.equal('some comment content')
(comment['ticket_id']).should.equal('1')
(comment['author_id']).should.equal($csrf_userid)
end
it 'should fail if user is not the author nor owner' do
Scripts.createUser('commenter@comment.com', 'commenter', 'Commenter')
data = Scripts.login('commenter@comment.com', 'commenter')
Scripts.createUser('no_commenter@comment.com', 'no_commenter', 'No Commenter')
Scripts.login('no_commenter@comment.com', 'no_commenter')
result = request('/ticket/comment', {
content: 'some comment content',
ticketId: 1,
csrf_userid: data['userId'],
csrf_token: data['token']
ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')

View File

@ -1,13 +1,7 @@
describe '/ticket/create' do
request('/user/logout')
Scripts.createUser('jonsnow@os4.com','jonpass','Jon Snow')
result = request('/user/login', {
email: 'jonsnow@os4.com',
password: 'jonpass'
})
$csrf_userid = result['data']['userId']
$csrf_token = result['data']['token']
Scripts.createUser('creator@os4.com','creator','Creator')
Scripts.login('creator@os4.com','creator')
it 'should fail if invalid token is passed' do
result = request('/ticket/create', {
@ -77,7 +71,7 @@ describe '/ticket/create' do
end
it 'should fail if departmentId is invalid' do
result = request('/ticket/create',{
result = request('/ticket/create', {
title: 'Winter is coming',
content: 'The north remembers',
departmentId: 30,
@ -91,7 +85,7 @@ describe '/ticket/create' do
end
it 'should create ticket if pass data is valid' do
result = request('/ticket/create',{
result = request('/ticket/create', {
title: 'Winter is coming',
content: 'The north remembers',
departmentId: 1,
@ -110,7 +104,7 @@ describe '/ticket/create' do
(ticket['author_id']).should.equal($csrf_userid)
(ticket['ticket_number'].size).should.equal(6)
ticket_user_relation = $database.getRow('ticket_user','1','ticket_id')
ticket_user_relation = $database.getRow('ticket_user', ticket['id'],'ticket_id')
(ticket_user_relation['user_id']).should.equal($csrf_userid)
end

View File

@ -1,30 +1,51 @@
describe '/ticket/get/' do
request('/user/logout')
Scripts.createUser('cersei@os4.com', 'cersei','Cersei Lannister')
result = request('/user/login', {
email: 'cersei@os4.com',
password: 'cersei'
})
$csrf_userid = result['data']['userId']
$csrf_token = result['data']['token']
result = request('/ticket/create', {
title: 'Should we pay?',
content: 'A Lannister always pays his debts.',
departmentId: 1,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
@ticketNumber = result['data']['ticketNumber']
Scripts.createUser('not_ticket_getter@os4.com', 'not_ticket_getter','No Author')
#it 'should fail if ticketNumber is invalid' do
before do
result = Scripts.login('cersei@os4.com', 'cersei')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/ticket/create', {
title: 'Should we pay?',
content: 'A Lannister always pays his debts.',
departmentId: 1,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
@ticketNumber = result['data']['ticketNumber']
end
#end
it 'should fail if ticketNumber is invalid' do
result = request('/ticket/get', {
ticketNumber: (@ticketNumber.to_i + 1).to_s,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
#it 'should fail if ticket does not belong to user' do
(result['status']).should.equal('fail')
end
#end
it 'should fail if ticket does not belong to user' do
request('/user/logout')
result = Scripts.login('not_ticket_getter@os4.com', 'not_ticket_getter')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/ticket/get', {
ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')
end
it 'should successfully return the ticket information' do
result = Scripts.login('cersei@os4.com', 'cersei')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/ticket/get', {
ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid,

57
tests/user/get.rb Normal file
View File

@ -0,0 +1,57 @@
describe '/user/get' do
request('/user/logout')
Scripts.createUser('user_get@os4.com', 'user_get','User Get')
result = Scripts.login('user_get@os4.com', 'user_get')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/ticket/create', {
title: 'Should we pay?',
content: 'A Lannister always pays his debts.',
departmentId: 1,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
@ticketNumber = result['data']['ticketNumber']
it 'should fail if not logged' do
request('/user/logout')
result = request('/user/get', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')
end
it 'should successfully return the ticket information' do
result = Scripts.login('user_get@os4.com', 'user_get')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/user/get', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
ticket = $database.getRow('ticket', @ticketNumber, 'ticket_number')
(result['status']).should.equal('success')
(result['data']['name']).should.equal('User Get')
(result['data']['email']).should.equal('user_get@os4.com')
ticketFromUser = result['data']['tickets'][0]
(ticketFromUser['ticketNumber']).should.equal(ticket['ticket_number'])
(ticketFromUser['title']).should.equal(ticket['title'])
(ticketFromUser['content']).should.equal(ticket['content'])
(ticketFromUser['department']['id']).should.equal('1')
(ticketFromUser['department']['name']).should.equal($database.getRow('department', 1)['name'])
(ticketFromUser['date']).should.equal(ticket['date'])
(ticketFromUser['file']).should.equal(ticket['file'])
(ticketFromUser['language']).should.equal(ticket['language'])
(ticketFromUser['unread']).should.equal(false)
(ticketFromUser['author']['name']).should.equal('User Get')
(ticketFromUser['author']['email']).should.equal('user_get@os4.com')
(ticketFromUser['owner']).should.equal([])
(ticketFromUser['comments']).should.equal([])
end
end