commit 2ddee3dfd8255e4c89f8b57c190a97f0275ec9d9
parent c91eec05c0f63feb4c2e55db9322901d205b5606
Author: Felicitus <felicitus@felicitus.org>
Date: Wed, 9 Dec 2015 17:18:50 +0100
Added unit tests for user protection
Diffstat:
3 files changed, 45 insertions(+), 3 deletions(-)
diff --git a/src/PartKeepr/AuthBundle/Action/PutUserAction.php b/src/PartKeepr/AuthBundle/Action/PutUserAction.php
@@ -7,6 +7,7 @@ use Dunglas\ApiBundle\Api\ResourceInterface;
use Dunglas\ApiBundle\Exception\RuntimeException;
use Dunglas\ApiBundle\Model\DataProviderInterface;
use PartKeepr\AuthBundle\Entity\User;
+use PartKeepr\AuthBundle\Exceptions\UserProtectedException;
use PartKeepr\AuthBundle\Services\UserService;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
@@ -51,6 +52,7 @@ class PutUserAction
*
* @throws NotFoundHttpException
* @throws RuntimeException
+ * @throws UserProtectedException
*/
public function __invoke(Request $request, $id)
{
@@ -67,6 +69,10 @@ class PutUserAction
$context = $resourceType->getDenormalizationContext();
$context['object_to_populate'] = $data;
+ if ($data->isProtected()) {
+ throw new UserProtectedException();
+ }
+
$data = $this->serializer->deserialize(
$request->getContent(),
$resourceType->getEntityClass(),
diff --git a/src/PartKeepr/AuthBundle/Exceptions/UserProtectedException.php b/src/PartKeepr/AuthBundle/Exceptions/UserProtectedException.php
@@ -0,0 +1,12 @@
+<?php
+namespace PartKeepr\AuthBundle\Exceptions;
+
+use PartKeepr\CoreBundle\Exceptions\TranslatableException;
+
+class UserProtectedException extends TranslatableException
+{
+ public function getMessageKey()
+ {
+ return "User is protected against changes";
+ }
+}
diff --git a/src/PartKeepr/AuthBundle/Tests/UserTest.php b/src/PartKeepr/AuthBundle/Tests/UserTest.php
@@ -2,9 +2,11 @@
namespace PartKeepr\AuthBundle\Tests;
+use Doctrine\Common\DataFixtures\Executor\ORMExecutor;
use Doctrine\Common\DataFixtures\ProxyReferenceRepository;
use PartKeepr\AuthBundle\Entity\FOSUser;
use PartKeepr\AuthBundle\Entity\User;
+use PartKeepr\AuthBundle\Exceptions\UserProtectedException;
use PartKeepr\CoreBundle\Tests\WebTestCase;
class UserTest extends WebTestCase
@@ -16,11 +18,16 @@ class UserTest extends WebTestCase
public function setUp()
{
- $this->fixtures = $this->loadFixtures(
+ /**
+ * @var ORMExecutor $ormExecutor
+ */
+ $ormExecutor = $this->loadFixtures(
array(
'PartKeepr\AuthBundle\DataFixtures\LoadUserData',
- )
- )->getReferenceRepository();
+ ));
+
+
+ $this->fixtures = $ormExecutor->getReferenceRepository();
}
public function testCreateUser()
@@ -143,6 +150,23 @@ class UserTest extends WebTestCase
$userService->protect($user);
$this->assertTrue($user->isProtected());
+
+ $client = static::makeClient(true);
+
+ $iriConverter = $this->getContainer()->get("api.iri_converter");
+ $iri = $iriConverter->getIriFromItem($user);
+
+ $data = [
+ "username" => "foo"
+ ];
+ $client->request("PUT", $iri, array(), array(), array(), json_encode($data));
+
+ $response = json_decode($client->getResponse()->getContent());
+
+ $exception = new UserProtectedException();
+ $this->assertEquals(500, $client->getResponse()->getStatusCode());
+ $this->assertObjectHasAttribute("hydra:description", $response);
+ $this->assertEquals($exception->getMessageKey(), $response->{"hydra:description"});
}
public function testUserUnprotect()