tyler.durden
/
opensupports
mirror of https://github.com/opensupports/opensupports.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Ivan - Backend - Create /user/get path [skip ci]

This commit is contained in:
ivan 2016-09-09 00:38:58 -03:00
parent e22b3d999c
commit da7aad3576
13 changed files with 199 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
server/controllers/ticket/comment.php
View File

@ -16,8 +16,8 @@ class CommentController extends Controller {
'validation' => DataValidator::length(20, 500), 'validation' => DataValidator::length(20, 500),
'error' => ERRORS::INVALID_CONTENT 'error' => ERRORS::INVALID_CONTENT
], ],
'ticketId' => [ 'ticketNumber' => [
'validation' => DataValidator::dataStoreId('ticket'), 'validation' => DataValidator::validTicketNumber(),
'error' => ERRORS::INVALID_TICKET 'error' => ERRORS::INVALID_TICKET
] ]
] ]
@ -37,9 +37,9 @@ class CommentController extends Controller {
} }
private function requestData() { private function requestData() {
$ticketId = Controller::request('ticketId'); $ticketNumber = Controller::request('ticketNumber');
$this->ticket = Ticket::getTicket($ticketId); $this->ticket = Ticket::getByTicketNumber($ticketNumber);
$this->content = Controller::request('content'); $this->content = Controller::request('content');
} }

6
server/controllers/ticket/get.php
View File

@ -22,6 +22,10 @@ class TicketGetController extends Controller {
$ticket = Ticket::getByTicketNumber($ticketNumber); $ticket = Ticket::getByTicketNumber($ticketNumber);
Response::respondSuccess($ticket->toArray()); if ($ticket->isNull() || $ticket->author->id != Controller::getLoggedUser()->id) {
Response::respondError(ERRORS::INVALID_TICKET);
} else {
Response::respondSuccess($ticket->toArray());
}
} }
} }

2
server/controllers/user.php
View File

@ -6,6 +6,7 @@ include 'user/recover-password.php';
include 'user/send-recover-password.php'; include 'user/send-recover-password.php';
include 'user/edit-password.php'; include 'user/edit-password.php';
include 'user/edit-email.php'; include 'user/edit-email.php';
include 'user/get.php';
$userControllers = new ControllerGroup(); $userControllers = new ControllerGroup();
$userControllers->setGroupPath('/user'); $userControllers->setGroupPath('/user');
@ -17,5 +18,6 @@ $userControllers->addController(new SendRecoverPasswordController);
$userControllers->addController(new RecoverPasswordController); $userControllers->addController(new RecoverPasswordController);
$userControllers->addController(new EditPassword); $userControllers->addController(new EditPassword);
$userControllers->addController(new EditEmail); $userControllers->addController(new EditEmail);
$userControllers->addController(new GetUserController);
$userControllers->finalize(); $userControllers->finalize();

30
server/controllers/user/get.php Normal file
View File

@ -0,0 +1,30 @@
<?php
use Respect\Validation\Validator as DataValidator;
DataValidator::with('CustomValidations', true);
class GetUserController extends Controller {
const PATH = '/get';
public function validations() {
return [
'permission' => 'user',
'requestData' => []
];
}
public function handler() {
$user = Controller::getLoggedUser();
$parsedTicketList = [];
$ticketList = $user->sharedTicketList;
foreach($ticketList as $ticket) {
$parsedTicketList[] = $ticket->toArray();
}
Response::respondSuccess([
'name' => $user->name,
'email' => $user->email,
'tickets' => $parsedTicketList
]);
}
}

1
server/index.php
View File

@ -41,6 +41,7 @@ spl_autoload_register(function ($class) {
include_once 'libs/validations/dataStoreId.php'; include_once 'libs/validations/dataStoreId.php';
include_once 'libs/validations/userEmail.php'; include_once 'libs/validations/userEmail.php';
include_once 'libs/validations/captcha.php'; include_once 'libs/validations/captcha.php';
include_once 'libs/validations/validTicketNumber.php';
// LOAD CONTROLLERS // LOAD CONTROLLERS
foreach (glob('controllers/*.php') as $controller) { foreach (glob('controllers/*.php') as $controller) {

6
server/libs/DataStoreList.php
View File

@ -1,7 +1,7 @@
<?php <?php
require_once 'models/DataStore.php'; require_once 'models/DataStore.php';
class DataStoreList { class DataStoreList implements IteratorAggregate{
private $list = []; private $list = [];
public static function getList($type, $beanList) { public static function getList($type, $beanList) {
@ -14,6 +14,10 @@ class DataStoreList {
return $dataStoreList; return $dataStoreList;
} }
public function getIterator() {
return new ArrayIterator($this->list);
}
public function add(DataStore $dataStore) { public function add(DataStore $dataStore) {
$this->list[] = $dataStore; $this->list[] = $dataStore;
} }

14
server/libs/validations/validTicketNumber.php Normal file
View File

@ -0,0 +1,14 @@
<?php
namespace CustomValidations;
use Respect\Validation\Rules\AbstractRule;
class ValidTicketNumber extends AbstractRule {
public function validate($ticketNumber) {
$ticket = \Ticket::getByTicketNumber($ticketNumber);
return !$ticket->isNull();
}
}

1
tests/init.rb
View File

@ -17,6 +17,7 @@ require './user/send-recover-password.rb'
require './user/recover-password.rb' require './user/recover-password.rb'
require './user/edit-password.rb' require './user/edit-password.rb'
require './user/edit-email.rb' require './user/edit-email.rb'
require './user/get.rb'
require './ticket/create.rb' require './ticket/create.rb'
require './ticket/comment.rb' require './ticket/comment.rb'
require './ticket/get.rb' require './ticket/get.rb'

17
tests/scripts.rb
View File

@ -18,6 +18,23 @@ class Scripts
:password => password :password => password
}) })
if response['data'].any?
$csrf_userid = response['data']['userId']
$csrf_token = response['data']['token']
end
response['data'] response['data']
end end
def self.createTicket()
result = request('/ticket/create', {
title: 'Winter is coming',
content: 'The north remembers',
departmentId: 1,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
result['data']
end
end end

31
tests/ticket/comment.rb
View File

@ -1,8 +1,15 @@
describe '/ticket/comment/' do describe '/ticket/comment/' do
Scripts.createUser('commenter@os4.com', 'commenter', 'Commenter')
Scripts.login('commenter@os4.com', 'commenter')
result = Scripts.createTicket
@ticketNumber = result['ticketNumber']
it 'should fail if invalid token is passed' do it 'should fail if invalid token is passed' do
result = request('/ticket/comment', { result = request('/ticket/comment', {
content: 'some comment content', content: 'some comment content',
ticketId: 1, ticketId: @ticketNumber,
csrf_userid: $csrf_userid, csrf_userid: $csrf_userid,
csrf_token: 'INVALID_TOKEN' csrf_token: 'INVALID_TOKEN'
}) })
@ -14,7 +21,7 @@ describe '/ticket/comment/' do
it 'should fail if content is too short' do it 'should fail if content is too short' do
result = request('/ticket/comment', { result = request('/ticket/comment', {
content: 'Test', content: 'Test',
ticketId: 1, ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid, csrf_userid: $csrf_userid,
csrf_token: $csrf_token csrf_token: $csrf_token
}) })
@ -29,7 +36,7 @@ describe '/ticket/comment/' do
result = request('/ticket/comment', { result = request('/ticket/comment', {
content: long_text, content: long_text,
ticketId: 1, ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid, csrf_userid: $csrf_userid,
csrf_token: $csrf_token csrf_token: $csrf_token
}) })
@ -41,7 +48,7 @@ describe '/ticket/comment/' do
it 'should fail if ticket does not exist' do it 'should fail if ticket does not exist' do
result = request('/ticket/comment', { result = request('/ticket/comment', {
content: 'some comment content', content: 'some comment content',
ticketId: 30, ticketNumber: 30,
csrf_userid: $csrf_userid, csrf_userid: $csrf_userid,
csrf_token: $csrf_token csrf_token: $csrf_token
}) })
@ -53,28 +60,28 @@ describe '/ticket/comment/' do
it 'should add comment to ticket' do it 'should add comment to ticket' do
result = request('/ticket/comment', { result = request('/ticket/comment', {
content: 'some comment content', content: 'some comment content',
ticketId: 1, ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid, csrf_userid: $csrf_userid,
csrf_token: $csrf_token csrf_token: $csrf_token
}) })
(result['status']).should.equal('success') (result['status']).should.equal('success')
comment = $database.getRow('comment', '1', 'id') ticket = $database.getRow('ticket', @ticketNumber, 'ticket_number')
comment = $database.getRow('comment', ticket['id'], 'ticket_id')
(comment['content']).should.equal('some comment content') (comment['content']).should.equal('some comment content')
(comment['ticket_id']).should.equal('1')
(comment['author_id']).should.equal($csrf_userid) (comment['author_id']).should.equal($csrf_userid)
end end
it 'should fail if user is not the author nor owner' do it 'should fail if user is not the author nor owner' do
Scripts.createUser('commenter@comment.com', 'commenter', 'Commenter') Scripts.createUser('no_commenter@comment.com', 'no_commenter', 'No Commenter')
data = Scripts.login('commenter@comment.com', 'commenter') Scripts.login('no_commenter@comment.com', 'no_commenter')
result = request('/ticket/comment', { result = request('/ticket/comment', {
content: 'some comment content', content: 'some comment content',
ticketId: 1, ticketNumber: @ticketNumber,
csrf_userid: data['userId'], csrf_userid: $csrf_userid,
csrf_token: data['token'] csrf_token: $csrf_token
}) })
(result['status']).should.equal('fail') (result['status']).should.equal('fail')

16
tests/ticket/create.rb
View File

@ -1,13 +1,7 @@
describe '/ticket/create' do describe '/ticket/create' do
request('/user/logout') request('/user/logout')
Scripts.createUser('jonsnow@os4.com','jonpass','Jon Snow') Scripts.createUser('creator@os4.com','creator','Creator')
result = request('/user/login', { Scripts.login('creator@os4.com','creator')
email: 'jonsnow@os4.com',
password: 'jonpass'
})
$csrf_userid = result['data']['userId']
$csrf_token = result['data']['token']
it 'should fail if invalid token is passed' do it 'should fail if invalid token is passed' do
result = request('/ticket/create', { result = request('/ticket/create', {
@ -77,7 +71,7 @@ describe '/ticket/create' do
end end
it 'should fail if departmentId is invalid' do it 'should fail if departmentId is invalid' do
result = request('/ticket/create',{ result = request('/ticket/create', {
title: 'Winter is coming', title: 'Winter is coming',
content: 'The north remembers', content: 'The north remembers',
departmentId: 30, departmentId: 30,
@ -91,7 +85,7 @@ describe '/ticket/create' do
end end
it 'should create ticket if pass data is valid' do it 'should create ticket if pass data is valid' do
result = request('/ticket/create',{ result = request('/ticket/create', {
title: 'Winter is coming', title: 'Winter is coming',
content: 'The north remembers', content: 'The north remembers',
departmentId: 1, departmentId: 1,
@ -110,7 +104,7 @@ describe '/ticket/create' do
(ticket['author_id']).should.equal($csrf_userid) (ticket['author_id']).should.equal($csrf_userid)
(ticket['ticket_number'].size).should.equal(6) (ticket['ticket_number'].size).should.equal(6)
ticket_user_relation = $database.getRow('ticket_user','1','ticket_id') ticket_user_relation = $database.getRow('ticket_user', ticket['id'],'ticket_id')
(ticket_user_relation['user_id']).should.equal($csrf_userid) (ticket_user_relation['user_id']).should.equal($csrf_userid)
end end

57
tests/ticket/get.rb
View File

@ -1,30 +1,51 @@
describe '/ticket/get/' do describe '/ticket/get/' do
request('/user/logout') request('/user/logout')
Scripts.createUser('cersei@os4.com', 'cersei','Cersei Lannister') Scripts.createUser('cersei@os4.com', 'cersei','Cersei Lannister')
result = request('/user/login', { Scripts.createUser('not_ticket_getter@os4.com', 'not_ticket_getter','No Author')
email: 'cersei@os4.com',
password: 'cersei'
})
$csrf_userid = result['data']['userId']
$csrf_token = result['data']['token']
result = request('/ticket/create', {
title: 'Should we pay?',
content: 'A Lannister always pays his debts.',
departmentId: 1,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
@ticketNumber = result['data']['ticketNumber']
#it 'should fail if ticketNumber is invalid' do before do
result = Scripts.login('cersei@os4.com', 'cersei')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/ticket/create', {
title: 'Should we pay?',
content: 'A Lannister always pays his debts.',
departmentId: 1,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
@ticketNumber = result['data']['ticketNumber']
end
#end it 'should fail if ticketNumber is invalid' do
result = request('/ticket/get', {
ticketNumber: (@ticketNumber.to_i + 1).to_s,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
#it 'should fail if ticket does not belong to user' do (result['status']).should.equal('fail')
end
#end it 'should fail if ticket does not belong to user' do
request('/user/logout')
result = Scripts.login('not_ticket_getter@os4.com', 'not_ticket_getter')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/ticket/get', {
ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')
end
it 'should successfully return the ticket information' do it 'should successfully return the ticket information' do
result = Scripts.login('cersei@os4.com', 'cersei')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/ticket/get', { result = request('/ticket/get', {
ticketNumber: @ticketNumber, ticketNumber: @ticketNumber,
csrf_userid: $csrf_userid, csrf_userid: $csrf_userid,

57
tests/user/get.rb Normal file
View File

@ -0,0 +1,57 @@
describe '/user/get' do
request('/user/logout')
Scripts.createUser('user_get@os4.com', 'user_get','User Get')
result = Scripts.login('user_get@os4.com', 'user_get')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/ticket/create', {
title: 'Should we pay?',
content: 'A Lannister always pays his debts.',
departmentId: 1,
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
@ticketNumber = result['data']['ticketNumber']
it 'should fail if not logged' do
request('/user/logout')
result = request('/user/get', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
(result['status']).should.equal('fail')
end
it 'should successfully return the ticket information' do
result = Scripts.login('user_get@os4.com', 'user_get')
$csrf_userid = result['userId']
$csrf_token = result['token']
result = request('/user/get', {
csrf_userid: $csrf_userid,
csrf_token: $csrf_token
})
ticket = $database.getRow('ticket', @ticketNumber, 'ticket_number')
(result['status']).should.equal('success')
(result['data']['name']).should.equal('User Get')
(result['data']['email']).should.equal('user_get@os4.com')
ticketFromUser = result['data']['tickets'][0]
(ticketFromUser['ticketNumber']).should.equal(ticket['ticket_number'])
(ticketFromUser['title']).should.equal(ticket['title'])
(ticketFromUser['content']).should.equal(ticket['content'])
(ticketFromUser['department']['id']).should.equal('1')
(ticketFromUser['department']['name']).should.equal($database.getRow('department', 1)['name'])
(ticketFromUser['date']).should.equal(ticket['date'])
(ticketFromUser['file']).should.equal(ticket['file'])
(ticketFromUser['language']).should.equal(ticket['language'])
(ticketFromUser['unread']).should.equal(false)
(ticketFromUser['author']['name']).should.equal('User Get')
(ticketFromUser['author']['email']).should.equal('user_get@os4.com')
(ticketFromUser['owner']).should.equal([])
(ticketFromUser['comments']).should.equal([])
end
end