From 53dda0b09e137ced6d60fb5bf844e46ef3ba13e4 Mon Sep 17 00:00:00 2001 From: Nicolas Le Goff Date: Wed, 5 Mar 2014 20:50:19 +0100 Subject: [PATCH] Delete references to API_OAuth2_Application class --- .../Command/Developer/RegenerateSqliteDb.php | 29 ++- .../Phrasea/Controller/Root/Account.php | 35 ++-- .../Phrasea/Controller/Root/Developers.php | 180 ++++++++---------- lib/classes/API/OAuth2/Form/DevAppDesktop.php | 9 +- .../API/OAuth2/Form/DevAppInternet.php | 11 +- lib/classes/patch/370alpha3a.php | 25 +-- lib/classes/patch/3715alpha1a.php | 25 +-- .../web/developers/application.html.twig | 2 +- .../Phrasea/Controller/Api/ApiTestCase.php | 12 +- .../Phrasea/Controller/Api/OAuth2Test.php | 30 +-- .../Controller/Root/DevelopersTest.php | 33 ++-- tests/classes/PhraseanetTestCase.php | 4 +- tests/classes/api/oauthv2/AccountTest.php | 2 +- tests/classes/api/oauthv2/ApplicationTest.php | 111 +++++------ 14 files changed, 238 insertions(+), 270 deletions(-) diff --git a/lib/Alchemy/Phrasea/Command/Developer/RegenerateSqliteDb.php b/lib/Alchemy/Phrasea/Command/Developer/RegenerateSqliteDb.php index 6da4cb6540..b316ada53b 100644 --- a/lib/Alchemy/Phrasea/Command/Developer/RegenerateSqliteDb.php +++ b/lib/Alchemy/Phrasea/Command/Developer/RegenerateSqliteDb.php @@ -13,6 +13,7 @@ namespace Alchemy\Phrasea\Command\Developer; use Alchemy\Phrasea\Border\Manager; use Alchemy\Phrasea\Command\Command; +use Alchemy\Phrasea\Model\Entities\ApiApplication; use Alchemy\Phrasea\Model\Entities\AuthFailure; use Alchemy\Phrasea\Model\Entities\AggregateToken; use Alchemy\Phrasea\Model\Entities\Basket; @@ -124,8 +125,8 @@ class RegenerateSqliteDb extends Command $fixtures['user']['test_phpunit_alt2'] = $DI['user_alt2']->getId(); $fixtures['user']['user_guest'] = $DI['user_guest']->getId(); - $fixtures['oauth']['user'] = $DI['app-user']->get_id(); - $fixtures['oauth']['user_notAdmin'] = $DI['app-user_notAdmin']->get_id(); + $fixtures['oauth']['user'] = $DI['api-app-user']->getId(); + $fixtures['oauth']['user-not-admin'] = $DI['api-app-user-not-admin']->getId(); $fixtures['databox']['records'] = $DI['databox']->get_sbas_id(); $fixtures['collection']['coll'] = $DI['coll']->get_base_id(); @@ -182,15 +183,23 @@ class RegenerateSqliteDb extends Command private function insertOauthApps(\Pimple $DI) { - $DI['app-user'] = \API_OAuth2_Application::create($this->container, $DI['user'], 'test application for user'); - $DI['app-user']->set_redirect_uri('http://callback.com/callback/'); - $DI['app-user']->set_website('http://website.com/'); - $DI['app-user']->set_type(\API_OAuth2_Application::WEB_TYPE); + $DI['api-app-user'] = $this->container['manipulator.api-application']->create( + 'test application for user', + ApiApplication::WEB_TYPE, + 'an api application description', + 'http://website.com/', + $DI['user'], + 'http://callback.com/callback/' + ); - $DI['app-user_notAdmin'] = \API_OAuth2_Application::create($this->container, $DI['user_notAdmin'], 'test application for user not admin'); - $DI['app-user_notAdmin']->set_redirect_uri('http://callback.com/callback/'); - $DI['app-user_notAdmin']->set_website('http://website.com/'); - $DI['app-user_notAdmin']->set_type(\API_OAuth2_Application::WEB_TYPE); + $DI['api-app-user-not-admin'] = $this->container['manipulator.api-application']->create( + 'test application for user', + ApiApplication::WEB_TYPE, + 'an api application description', + 'http://website.com/', + $DI['user_notAdmin'], + 'http://callback.com/callback/' + ); } private function insertAuthFailures(EntityManager $em, \Pimple $DI) diff --git a/lib/Alchemy/Phrasea/Controller/Root/Account.php b/lib/Alchemy/Phrasea/Controller/Root/Account.php index 7a259eb660..9e24e87e61 100644 --- a/lib/Alchemy/Phrasea/Controller/Root/Account.php +++ b/lib/Alchemy/Phrasea/Controller/Root/Account.php @@ -69,7 +69,8 @@ class Account implements ControllerProviderInterface ->bind('account_auth_apps'); // Displays a an authorized app grant - $controllers->get('/security/application/{application_id}/grant/', 'account.controller:grantAccess') + $controllers->get('/security/application/{application}/grant/', 'account.controller:grantAccess') + ->before($app['middleware.api-application.converter']) ->assert('application_id', '\d+') ->bind('grant_app_access'); @@ -191,33 +192,29 @@ class Account implements ControllerProviderInterface /** * Display authorized applications that can access user informations * - * @param Application $app A Silex application where the controller is mounted on - * @param Request $request The current request - * @param Integer $application_id The application id + * @param Application $app + * @param Request $request + * @param ApiApplication $application * * @return JsonResponse */ - public function grantAccess(Application $app, Request $request, $application_id) + public function grantAccess(Application $app, Request $request, ApiApplication $application) { if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) { $app->abort(400, $app->trans('Bad request format, only JSON is allowed')); } - $error = false; - - try { - $account = \API_OAuth2_Account::load_with_user( - $app - , new \API_OAuth2_Application($app, $application_id) - , $app['authentication']->getUser() - ); - - $account->set_revoked((bool) $request->query->get('revoke'), false); - } catch (NotFoundHttpException $e) { - $error = true; + if (null === $account = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application)) { + return $app->json(['success' => false]); } - return $app->json(['success' => !$error]); + if ((Boolean) $request->query->get('revoke')) { + $app['manipulator.api-account']->authorizeAccess($account); + } else { + $app['manipulator.api-account']->revokeAccess($account); + } + + return $app->json(['success' => true]); } /** @@ -244,7 +241,7 @@ class Account implements ControllerProviderInterface public function accountAuthorizedApps(Application $app, Request $request) { return $app['twig']->render('account/authorized_apps.html.twig', [ - "applications" => \API_OAuth2_Application::load_app_by_user($app, $app['authentication']->getUser()), + "applications" => $app['repo.api-applications']->findByUser($app['authentication']->getUser()), ]); } diff --git a/lib/Alchemy/Phrasea/Controller/Root/Developers.php b/lib/Alchemy/Phrasea/Controller/Root/Developers.php index bbc4e94398..34f241b3e6 100644 --- a/lib/Alchemy/Phrasea/Controller/Root/Developers.php +++ b/lib/Alchemy/Phrasea/Controller/Root/Developers.php @@ -11,6 +11,8 @@ namespace Alchemy\Phrasea\Controller\Root; +use Alchemy\Phrasea\Exception\InvalidArgumentException; +use Alchemy\Phrasea\Model\Entities\ApiApplication; use Silex\Application; use Silex\ControllerProviderInterface; use Symfony\Component\HttpFoundation\JsonResponse; @@ -37,23 +39,28 @@ class Developers implements ControllerProviderInterface $controllers->post('/application/', 'controller.account.developers:newApp') ->bind('submit_developers_application'); - $controllers->get('/application/{id}/', 'controller.account.developers:getApp') + $controllers->get('/application/{application}/', 'controller.account.developers:getApp') + ->before($app['middleware.api-application.converter']) ->assert('id', '\d+') ->bind('developers_application'); - $controllers->delete('/application/{id}/', 'controller.account.developers:deleteApp') + $controllers->delete('/application/{application}/', 'controller.account.developers:deleteApp') + ->before($app['middleware.api-application.converter']) ->assert('id', '\d+') ->bind('delete_developers_application'); - $controllers->post('/application/{id}/authorize_grant_password/', 'controller.account.developers:authorizeGrantpassword') + $controllers->post('/application/{application}/authorize_grant_password/', 'controller.account.developers:authorizeGrantPassword') + ->before($app['middleware.api-application.converter']) ->assert('id', '\d+') ->bind('submit_developers_application_authorize_grant_password'); - $controllers->post('/application/{id}/access_token/', 'controller.account.developers:renewAccessToken') + $controllers->post('/application/{application}/access_token/', 'controller.account.developers:renewAccessToken') + ->before($app['middleware.api-application.converter']) ->assert('id', '\d+') ->bind('submit_developers_application_token'); - $controllers->post('/application/{id}/callback/', 'controller.account.developers:renewAppCallback') + $controllers->post('/application/{application}/callback/', 'controller.account.developers:renewAppCallback') + ->before($app['middleware.api-application.converter']) ->assert('id', '\d+') ->bind('submit_application_callback'); @@ -61,123 +68,97 @@ class Developers implements ControllerProviderInterface } /** - * Delete application + * Delete application. + * + * @param Application $app + * @param Request $request + * @param ApiApplication $application * - * @param Application $app A Silex application where the controller is mounted on - * @param Request $request The current request - * @param integer $id The application id * @return JsonResponse */ - public function deleteApp(Application $app, Request $request, $id) + public function deleteApp(Application $app, Request $request, ApiApplication $application) { if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) { $app->abort(400, 'Bad request format, only JSON is allowed'); } - $error = false; + $app['manipulator.api-application']->delete($application); - try { - $clientApp = new \API_OAuth2_Application($app, $id); - $clientApp->delete(); - } catch (NotFoundHttpException $e) { - $error = true; - } - - return $app->json(['success' => !$error]); + return $app->json(['success' => true]); } /** - * Change application callback + * Change application callback. + * + * @param Application $app + * @param Request $request + * @param ApiApplication $application * - * @param Application $app A Silex application where the controller is mounted on - * @param Request $request The current request - * @param integer $id The application id * @return JsonResponse */ - public function renewAppCallback(Application $app, Request $request, $id) + public function renewAppCallback(Application $app, Request $request, ApiApplication $application) { if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) { $app->abort(400, 'Bad request format, only JSON is allowed'); } - $error = false; - try { - $clientApp = new \API_OAuth2_Application($app, $id); - - if (null !== $request->request->get("callback")) { - $clientApp->set_redirect_uri($request->request->get("callback")); - } else { - $error = true; - } - } catch (NotFoundHttpException $e) { - $error = true; + $app['manipulator.api-application']->setRedirectUri($request->request->get("callback")); + } catch (InvalidArgumentException $e) { + return $app->json(['success' => false]); } - return $app->json(['success' => !$error]); + return $app->json(['success' => true]); } /** - * Authorize application to use a grant password type + * Authorize application to use a grant password type. + * + * @param Application $app + * @param Request $request + * @param ApiApplication $application * - * @param Application $app A Silex application where the controller is mounted on - * @param Request $request The current request - * @param integer $id The application id * @return JsonResponse */ - public function renewAccessToken(Application $app, Request $request, $id) + public function renewAccessToken(Application $app, Request $request, ApiApplication $application) { if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) { $app->abort(400, 'Bad request format, only JSON is allowed'); } - $error = false; - $accessToken = null; - - try { - $clientApp = new \API_OAuth2_Application($app, $id); - $account = $clientApp->get_user_account($app['authentication']->getUser()); - - $token = $account->get_token(); - - if ($token instanceof \API_OAuth2_Token) { - $token->renew(); - } else { - $token = \API_OAuth2_Token::create($app['phraseanet.appbox'], $account, $app['random.medium']); - } - - $accessToken = $token->get_value(); - } catch (\Exception $e) { - $error = true; + if (null === $account = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application)) { + $app->abort(404, sprintf('Account not found for application %s', $application->getName())); } - return $app->json(['success' => !$error, 'token' => $accessToken]); + $token = $account->getOauthToken(); + if ($account->hasOauthToken()) { + $app['manipulator.api-oauth-token']->renew($token); + } else { + $token = $app['manipulator.api-oauth-token']->create($account); + } + + return $app->json(['success' => true, 'token' => $token->getOauthToken()]); } /** - * Authorize application to use a grant password type + * Authorize application to use a grant password type. + * + * @param Application $app + * @param Request $request + * @param ApiApplication $application * - * @param Application $app A Silex application where the controller is mounted on - * @param Request $request The current request - * @param integer $id The application id * @return JsonResponse */ - public function authorizeGrantpassword(Application $app, Request $request, $id) + public function authorizeGrantPassword(Application $app, Request $request, ApiApplication $application) { if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) { $app->abort(400, 'Bad request format, only JSON is allowed'); } - $error = false; + $application->setGrantPassword((Boolean) $request->request->get('grant')); + $app['manipulator.api-application']->update($application); - try { - $clientApp = new \API_OAuth2_Application($app, $id); - $clientApp->set_grant_password((bool) $request->request->get('grant', false)); - } catch (NotFoundHttpException $e) { - $error = true; - } - - return $app->json(['success' => !$error]); + return $app->json(['success' => true]); } /** @@ -189,7 +170,7 @@ class Developers implements ControllerProviderInterface */ public function newApp(Application $app, Request $request) { - if ($request->request->get('type') === \API_OAuth2_Application::DESKTOP_TYPE) { + if ($request->request->get('type') === ApiApplication::DESKTOP_TYPE) { $form = new \API_OAuth2_Form_DevAppDesktop($app['request']); } else { $form = new \API_OAuth2_Form_DevAppInternet($app['request']); @@ -198,22 +179,22 @@ class Developers implements ControllerProviderInterface $violations = $app['validator']->validate($form); if ($violations->count() === 0) { - $application = \API_OAuth2_Application::create($app, $app['authentication']->getUser(), $form->getName()); - $application - ->set_description($form->getDescription()) - ->set_redirect_uri($form->getSchemeCallback() . $form->getCallback()) - ->set_type($form->getType()) - ->set_website($form->getSchemeWebsite() . $form->getWebsite()); + $application = $app['manipulator.api-application']->create( + $form->getName(), + $form->getType(), + $form->getDescription(), + sprintf('%s%s', $form->getSchemeWebsite(), $form->getWebsite()), + $app['authentication']->getUser(), + sprintf('%s%s', $form->getSchemeCallback(), $form->getCallback()) + ); return $app->redirectPath('developers_application', ['id' => $application->get_id()]); } - $var = [ + return $app['twig']->render('/developers/application_form.html.twig', [ "violations" => $violations, "form" => $form - ]; - - return $app['twig']->render('/developers/application_form.html.twig', $var); + ]); } /** @@ -226,7 +207,7 @@ class Developers implements ControllerProviderInterface public function listApps(Application $app, Request $request) { return $app['twig']->render('developers/applications.html.twig', [ - "applications" => \API_OAuth2_Application::load_dev_app_by_user($app, $app['authentication']->getUser()) + "applications" => $app['repo.api-applications']->findByCreator($app['authentication']->getUser()) ]); } @@ -247,25 +228,26 @@ class Developers implements ControllerProviderInterface } /** - * Get application information + * Gets application information. * - * @param Application $app A Silex application where the controller is mounted on - * @param Request $request The current request - * @param integer $id The application id - * @return Response + * @param Application $app + * @param Request $request + * @param ApiApplication $application + * + * @return mixed */ - public function getApp(Application $app, Request $request, $id) + public function getApp(Application $app, Request $request, ApiApplication $application) { - try { - $client = new \API_OAuth2_Application($app, $id); - } catch (NotFoundHttpException $e) { - $app->abort(404); + $token = null; + + if (null !== $account = $app['repo.api-accounts']->findByUserAndApplication($app['authentication']->getUser(), $application)) { + if ($account->hasOauthToken()) { + $token = $account->getOauthToken()->getOauthToken(); + } } - $token = $client->get_user_account($app['authentication']->getUser())->get_token()->get_value(); - return $app['twig']->render('developers/application.html.twig', [ - "application" => $client, + "application" => $application, "user" => $app['authentication']->getUser(), "token" => $token ]); diff --git a/lib/classes/API/OAuth2/Form/DevAppDesktop.php b/lib/classes/API/OAuth2/Form/DevAppDesktop.php index 5f2faeddda..7b50727b71 100644 --- a/lib/classes/API/OAuth2/Form/DevAppDesktop.php +++ b/lib/classes/API/OAuth2/Form/DevAppDesktop.php @@ -9,6 +9,7 @@ * file that was distributed with this source code. */ +use Alchemy\Phrasea\Model\Entities\ApiApplication; use Symfony\Component\Validator\Mapping\ClassMetadata; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Validator\Constraints; @@ -48,9 +49,7 @@ class API_OAuth2_Form_DevAppDesktop public $urlwebsite; /** - * - * @param Request $request - * @return API_OAuth2_Form_DevApp + * @param Request $request */ public function __construct(Request $request) { @@ -58,8 +57,8 @@ class API_OAuth2_Form_DevAppDesktop $this->description = $request->get('description', ''); $this->scheme_website = $request->get('scheme-website', 'http://'); $this->website = $request->get('website', ''); - $this->callback = API_OAuth2_Application::NATIVE_APP_REDIRECT_URI; - $this->type = API_OAuth2_Application::DESKTOP_TYPE; + $this->callback = ApiApplication::NATIVE_APP_REDIRECT_URI; + $this->type = ApiApplication::DESKTOP_TYPE; $this->urlwebsite = $this->scheme_website . $this->website; diff --git a/lib/classes/API/OAuth2/Form/DevAppInternet.php b/lib/classes/API/OAuth2/Form/DevAppInternet.php index e73dc077c8..e05fa297b3 100644 --- a/lib/classes/API/OAuth2/Form/DevAppInternet.php +++ b/lib/classes/API/OAuth2/Form/DevAppInternet.php @@ -9,6 +9,7 @@ * file that was distributed with this source code. */ +use Alchemy\Phrasea\Model\Entities\ApiApplication; use Symfony\Component\Validator\Mapping\ClassMetadata; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Validator\Constraints; @@ -44,9 +45,7 @@ class API_OAuth2_Form_DevAppInternet public $urlcallback; /** - * - * @param Request $request - * @return API_OAuth2_Form_DevApp + * @param Request $request */ public function __construct(Request $request) { @@ -56,10 +55,10 @@ class API_OAuth2_Form_DevAppInternet $this->callback = $request->get('callback', ''); $this->scheme_website = $request->get('scheme-website', 'http://'); $this->scheme_callback = $request->get('scheme-callback', 'http://'); - $this->type = API_OAuth2_Application::WEB_TYPE; + $this->type = ApiApplication::WEB_TYPE; - $this->urlwebsite = $this->scheme_website . $this->website; - $this->urlcallback = $this->scheme_callback . $this->callback; + $this->urlwebsite = sprintf('%s%s', $this->scheme_website, $this->website); + $this->urlcallback = sprintf('%s%s', $this->scheme_callback, $this->callback); return $this; } diff --git a/lib/classes/patch/370alpha3a.php b/lib/classes/patch/370alpha3a.php index 9adf908a2d..f8c1bc8561 100644 --- a/lib/classes/patch/370alpha3a.php +++ b/lib/classes/patch/370alpha3a.php @@ -10,6 +10,7 @@ */ use Alchemy\Phrasea\Application; +use Alchemy\Phrasea\Model\Entities\ApiApplication; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; class patch_370alpha3a extends patchAbstract @@ -58,18 +59,20 @@ class patch_370alpha3a extends patchAbstract */ public function apply(base $appbox, Application $app) { - try { - \API_OAuth2_Application::load_from_client_id($app, \API_OAuth2_Application_Navigator::CLIENT_ID); - } catch (NotFoundHttpException $e) { - $client = \API_OAuth2_Application::create($app, null, \API_OAuth2_Application_Navigator::CLIENT_NAME); + if (null === $app['repo.api-applications']->findByClientId(\API_OAuth2_Application_Navigator::CLIENT_ID)) { + $application = $app['manipulator.api-applications']->create( + \API_OAuth2_Application_Navigator::CLIENT_NAME, + ApiApplication::DESKTOP_TYPE, + 'http://www.phraseanet.com', + null, + ApiApplication::NATIVE_APP_REDIRECT_URI + ); - $client->set_activated(true); - $client->set_grant_password(true); - $client->set_website("http://www.phraseanet.com"); - $client->set_client_id(\API_OAuth2_Application_Navigator::CLIENT_ID); - $client->set_client_secret(\API_OAuth2_Application_Navigator::CLIENT_SECRET); - $client->set_type(\API_OAuth2_Application::DESKTOP_TYPE); - $client->set_redirect_uri(\API_OAuth2_Application::NATIVE_APP_REDIRECT_URI); + $application->setGrantPassword(true); + $application->setClientId(\API_OAuth2_Application_Navigator::CLIENT_ID); + $application->setClientSecret(\API_OAuth2_Application_Navigator::CLIENT_SECRET); + + $app['manipulator.api-applications']->update($application); } return true; diff --git a/lib/classes/patch/3715alpha1a.php b/lib/classes/patch/3715alpha1a.php index d9556d69c3..134b0ce565 100644 --- a/lib/classes/patch/3715alpha1a.php +++ b/lib/classes/patch/3715alpha1a.php @@ -10,6 +10,7 @@ */ use Alchemy\Phrasea\Application; +use Alchemy\Phrasea\Model\Entities\ApiApplication; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; class patch_3715alpha1a extends patchAbstract @@ -59,18 +60,20 @@ class patch_3715alpha1a extends patchAbstract */ public function apply(base $appbox, Application $app) { - try { - \API_OAuth2_Application::load_from_client_id($app, \API_OAuth2_Application_OfficePlugin::CLIENT_ID); - } catch (NotFoundHttpException $e) { - $client = \API_OAuth2_Application::create($app, null, \API_OAuth2_Application_OfficePlugin::CLIENT_NAME); + if (null === $app['repo.api-applications']->findByClientId(\API_OAuth2_Application_OfficePlugin::CLIENT_ID)) { + $application = $app['manipulator.api-applications']->create( + \API_OAuth2_Application_OfficePlugin::CLIENT_NAME, + ApiApplication::DESKTOP_TYPE, + 'http://www.phraseanet.com', + null, + ApiApplication::NATIVE_APP_REDIRECT_URI + ); - $client->set_activated(true); - $client->set_grant_password(true); - $client->set_website("http://www.phraseanet.com"); - $client->set_client_id(\API_OAuth2_Application_OfficePlugin::CLIENT_ID); - $client->set_client_secret(\API_OAuth2_Application_OfficePlugin::CLIENT_SECRET); - $client->set_type(\API_OAuth2_Application::DESKTOP_TYPE); - $client->set_redirect_uri(\API_OAuth2_Application::NATIVE_APP_REDIRECT_URI); + $application->setGrantPassword(true); + $application->setClientId(\API_OAuth2_Application_OfficePlugin::CLIENT_ID); + $application->setClientSecret(\API_OAuth2_Application_OfficePlugin::CLIENT_SECRET); + + $app['manipulator.api-applications']->update($application); } return true; diff --git a/templates/web/developers/application.html.twig b/templates/web/developers/application.html.twig index e3d6266e2e..e9eac5c9d0 100644 --- a/templates/web/developers/application.html.twig +++ b/templates/web/developers/application.html.twig @@ -32,7 +32,7 @@ {{ "URL de callback" | trans }} - {% if application.get_type() == constant("API_OAuth2_Application::DESKTOP_TYPE") %} + {% if application.get_type() == constant("Alchemy\Phrasea\Model\Entities\ApiApplication::DESKTOP_TYPE") %} {{ application.get_redirect_uri() }} diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Api/ApiTestCase.php b/tests/Alchemy/Tests/Phrasea/Controller/Api/ApiTestCase.php index 64ce5e1beb..1b78483f55 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Api/ApiTestCase.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Api/ApiTestCase.php @@ -7,6 +7,7 @@ use Alchemy\Phrasea\Border\File; use Alchemy\Phrasea\Controller\Api\V1; use Alchemy\Phrasea\Core\PhraseaEvents; use Alchemy\Phrasea\Authentication\Context; +use Alchemy\Phrasea\Model\Entities\ApiApplication; use Alchemy\Phrasea\Model\Entities\Task; use Alchemy\Phrasea\Model\Entities\User; use Doctrine\Common\Collections\ArrayCollection; @@ -27,7 +28,7 @@ abstract class ApiTestCase extends \PhraseanetWebTestCase */ private static $account; /** - * @var \API_OAuth2_Application + * @var ApiApplication */ private static $oauthApplication; /** @@ -39,7 +40,7 @@ abstract class ApiTestCase extends \PhraseanetWebTestCase */ private static $adminAccount; /** - * @var \API_OAuth2_Application + * @var \ApiApplication */ private static $adminApplication; private static $apiInitialized = false; @@ -167,9 +168,10 @@ abstract class ApiTestCase extends \PhraseanetWebTestCase $fail = null; try { - - $nativeApp = \API_OAuth2_Application::load_from_client_id(self::$DI['app'], \API_OAuth2_Application_Navigator::CLIENT_ID); - + $nativeApp = self::$DI['app']['repo.api-applications']->findByClientId(\API_OAuth2_Application_Navigator::CLIENT_ID); + if (null === $nativeApp) { + throw new \Exception(sprintf('%s not found', \API_OAuth2_Application_Navigator::CLIENT_ID)); + } $account = \API_OAuth2_Account::create(self::$DI['app'], self::$DI['user'], $nativeApp); $token = $account->get_token()->get_value(); $this->setToken($token); diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Api/OAuth2Test.php b/tests/Alchemy/Tests/Phrasea/Controller/Api/OAuth2Test.php index 22381f3387..cc8465a7e3 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Api/OAuth2Test.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Api/OAuth2Test.php @@ -4,6 +4,7 @@ namespace Alchemy\Tests\Phrasea\Controller\Api; use Alchemy\Phrasea\Core\PhraseaEvents; use Alchemy\Phrasea\Authentication\Context; +use Alchemy\Phrasea\Model\Entities\ApiApplication; /** * Test oauthv2 flow based on ietf authv2 spec @@ -13,7 +14,7 @@ class OAuth2Test extends \PhraseanetAuthenticatedWebTestCase { /** * - * @var API_OAuth2_Application + * @var ApiApplication */ public static $account_id; public static $account; @@ -44,26 +45,9 @@ class OAuth2Test extends \PhraseanetAuthenticatedWebTestCase parent::tearDownAfterClass(); } - public static function deleteInsertedRow(\appbox $appbox, \API_OAuth2_Application $app) + public static function deleteInsertedRow(\appbox $appbox, ApiApplication $application) { - $conn = $appbox->get_connection(); - $sql = ' - DELETE FROM api_applications - WHERE application_id = :id - '; - $t = [':id' => $app->get_id()]; - $stmt = $conn->prepare($sql); - $stmt->execute($t); - $stmt->closeCursor(); - $sql = ' - DELETE FROM api_accounts - WHERE api_account_id = :id - '; - $acc = self::getAccount(); - $t = [':id' => $acc->get_id()]; - $stmt = $conn->prepare($sql); - $stmt->execute($t); - $stmt->closeCursor(); + self::$DI['app']['manipulator.api-application']->delete($application); } /** @@ -136,11 +120,9 @@ class OAuth2Test extends \PhraseanetAuthenticatedWebTestCase public function testAuthorizeRedirect() { //session off - $apps = \API_OAuth2_Application::load_authorized_app_by_user(self::$DI['app'], self::$DI['user']); + $apps = self::$DI['app']['repos.api-application']->findAuthorizedAppsByUser(self::$DI['user']); foreach ($apps as $app) { - if ($app->get_client_id() == self::$DI['oauth2-app-user']->get_client_id()) { - $authorize = true; - + if ($app->get_client_id() === self::$DI['oauth2-app-user']->getClientId()) { self::$DI['client']->followRedirects(); } } diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Root/DevelopersTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Root/DevelopersTest.php index 8d1d86f390..942af2e579 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Root/DevelopersTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Root/DevelopersTest.php @@ -2,6 +2,7 @@ namespace Alchemy\Tests\Phrasea\Controller\Root; +use Alchemy\Phrasea\Model\Entities\ApiApplication; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; class DevelopersTest extends \PhraseanetAuthenticatedWebTestCase @@ -34,7 +35,7 @@ class DevelopersTest extends \PhraseanetAuthenticatedWebTestCase public function testPostNewAppInvalidArguments() { $crawler = self::$DI['client']->request('POST', '/developers/application/', [ - 'type' => \API_OAuth2_Application::WEB_TYPE, + 'type' => ApiApplication::WEB_TYPE, 'name' => '', 'description' => 'okok', 'website' => 'my.website.com', @@ -55,11 +56,11 @@ class DevelopersTest extends \PhraseanetAuthenticatedWebTestCase */ public function testPostNewApp() { - $apps = \API_OAuth2_Application::load_dev_app_by_user(self::$DI['app'], self::$DI['user']); + $apps = self::$DI['app']['repos.api-applications']->findByCreator(self::$DI['user']); $nbApp = count($apps); self::$DI['client']->request('POST', '/developers/application/', [ - 'type' => \API_OAuth2_Application::WEB_TYPE, + 'type' => ApiApplication::WEB_TYPE, 'name' => 'hello', 'description' => 'okok', 'website' => 'my.website.com', @@ -68,7 +69,7 @@ class DevelopersTest extends \PhraseanetAuthenticatedWebTestCase 'scheme-callback' => 'http://' ]); - $apps = \API_OAuth2_Application::load_dev_app_by_user(self::$DI['app'], self::$DI['user']); + $apps = self::$DI['app']['repos.api-applications']->findByCreator(self::$DI['user']); $this->assertTrue(self::$DI['client']->getResponse()->isRedirect()); $this->assertGreaterThan($nbApp, count($apps)); @@ -121,16 +122,16 @@ class DevelopersTest extends \PhraseanetAuthenticatedWebTestCase */ public function testDeleteApp() { - $oauthApp = \API_OAuth2_Application::create(self::$DI['app'], self::$DI['user'], 'test app'); - $this->XMLHTTPRequest('DELETE', '/developers/application/' . $oauthApp->get_id() . '/'); + $oauthApp = self::$DI['app']['manipulator.api-application']->create( + 'test app', + '', + '', + 'http://phraseanet.com/' + ); + $this->XMLHTTPRequest('DELETE', '/developers/application/' . $oauthApp->getId() . '/'); $this->assertTrue(self::$DI['client']->getResponse()->isOk()); - try { - new \API_OAuth2_Application(self::$DI['app'], $oauthApp->get_id()); - $this->fail('Application not deleted'); - } catch (NotFoundHttpException $e) { - - } + $this->assertNull(self::$DI['app']['repos.api-application']->find($oauthApp->getId())); } /** @@ -183,8 +184,8 @@ class DevelopersTest extends \PhraseanetAuthenticatedWebTestCase $this->assertTrue(self::$DI['client']->getResponse()->isOk()); $content = json_decode(self::$DI['client']->getResponse()->getContent()); $this->assertTrue($content->success); - $oauthApp = new \API_OAuth2_Application(self::$DI['app'], $oauthApp->get_id()); - $this->assertEquals('my.callback.com', $oauthApp->get_redirect_uri()); + $oauthApp = self::$DI['app']['repos.api-application']->find($oauthApp->getId()); + $this->assertEquals('my.callback.com', $oauthApp->getRedirectUri()); } /** @@ -265,7 +266,7 @@ class DevelopersTest extends \PhraseanetAuthenticatedWebTestCase $this->assertTrue(self::$DI['client']->getResponse()->isOk()); $content = json_decode(self::$DI['client']->getResponse()->getContent()); $this->assertTrue($content->success); - $oauthApp = new \API_OAuth2_Application(self::$DI['app'], $oauthApp->get_id()); - $this->assertTrue($oauthApp->is_password_granted()); + $oauthApp = self::$DI['app']['repos.api-application']->find($oauthApp->getId()); + $this->assertTrue($oauthApp->isPasswordGranted()); } } diff --git a/tests/classes/PhraseanetTestCase.php b/tests/classes/PhraseanetTestCase.php index 16cfa774f3..e0b5f434ec 100644 --- a/tests/classes/PhraseanetTestCase.php +++ b/tests/classes/PhraseanetTestCase.php @@ -199,11 +199,11 @@ abstract class PhraseanetTestCase extends WebTestCase }); self::$DI['oauth2-app-user'] = self::$DI->share(function ($DI) { - return new \API_OAuth2_Application($DI['app'], self::$fixtureIds['oauth']['user']); + return new $DI['app']['repo.api-applications']->find(self::$fixtureIds['oauth']['user']); }); self::$DI['oauth2-app-user_notAdmin'] = self::$DI->share(function ($DI) { - return new \API_OAuth2_Application($DI['app'], self::$fixtureIds['oauth']['user_notAdmin']); + return new $DI['app']['repo.api-applications']->find(self::$fixtureIds['oauth']['user-not-admin']); }); self::$DI['logger'] = self::$DI->share(function () { diff --git a/tests/classes/api/oauthv2/AccountTest.php b/tests/classes/api/oauthv2/AccountTest.php index d67a2371b9..096f468cb2 100644 --- a/tests/classes/api/oauthv2/AccountTest.php +++ b/tests/classes/api/oauthv2/AccountTest.php @@ -32,7 +32,7 @@ class api_oauthv2_AccountTest extends \PhraseanetTestCase $this->assertInstanceOf('API_OAuth2_Token', $this->object->get_token()); - $this->assertInstanceOf('API_OAuth2_Application', $this->object->get_application()); + $this->assertInstanceOf('ApiApplication', $this->object->get_application()); $this->assertEquals(self::$DI['oauth2-app-user'], $this->object->get_application()); } diff --git a/tests/classes/api/oauthv2/ApplicationTest.php b/tests/classes/api/oauthv2/ApplicationTest.php index 3d499db903..575e3997a6 100644 --- a/tests/classes/api/oauthv2/ApplicationTest.php +++ b/tests/classes/api/oauthv2/ApplicationTest.php @@ -1,113 +1,104 @@ get_client_id(); - $loaded = API_OAuth2_Application::load_from_client_id(self::$DI['app'], $client_id); - $this->assertInstanceOf('API_OAuth2_Application', $loaded); + $loaded = self::$DI['app']['repo.api-applications']->findByClientId(self::$DI['oauth2-app-user']->getClientId()); + $this->assertInstanceOf('ApiApplication', $loaded); $this->assertEquals(self::$DI['oauth2-app-user'], $loaded); } public function testLoad_dev_app_by_user() { - $apps = API_OAuth2_Application::load_dev_app_by_user(self::$DI['app'], self::$DI['user']); + $apps = self::$DI['app']['repo.api-applications']->findByCreator(self::$DI['user']); $this->assertTrue(is_array($apps)); $this->assertTrue(count($apps) > 0); $found = false; foreach ($apps as $app) { - if ($app->get_id() === self::$DI['oauth2-app-user']->get_id()) + if ($app->get_id() === self::$DI['oauth2-app-user']->getId()) { $found = true; - $this->assertInstanceOf('API_OAuth2_Application', $app); + } + $this->assertInstanceOf('ApiApplication', $app); } - if ( ! $found) + if (!$found) { $this->fail(); + } } public function testLoad_app_by_user() { - $apps = API_OAuth2_Application::load_app_by_user(self::$DI['app'], self::$DI['user']); + $apps = self::$DI['app']['repo.api-applications']->findByUser(self::$DI['user']); $this->assertTrue(is_array($apps)); $this->assertTrue(count($apps) > 0); $found = false; foreach ($apps as $app) { - if ($app->get_id() === self::$DI['oauth2-app-user']->get_id()) + if ($app->get_id() === self::$DI['oauth2-app-user']->get_id()) { $found = true; - $this->assertInstanceOf('API_OAuth2_Application', $app); + } + $this->assertInstanceOf('ApiApplication', $app); } - if ( ! $found) + if (!$found) { $this->fail(); + } } public function testGettersAndSetters() { - $this->assertTrue(is_int(self::$DI['oauth2-app-user']->get_id())); - $this->assertInstanceOf('Alchemy\Phrasea\Model\Entities\User', self::$DI['oauth2-app-user']->get_creator()); - $this->assertEquals(self::$DI['user']->getId(), self::$DI['oauth2-app-user']->get_creator()->getId()); + $this->assertTrue(is_int(self::$DI['oauth2-app-user']->getId())); + $this->assertInstanceOf('Alchemy\Phrasea\Model\Entities\User', self::$DI['oauth2-app-user']->getCreator()); + $this->assertEquals(self::$DI['user']->getId(), self::$DI['oauth2-app-user']->getCreator()->getId()); + $this->assertTrue(in_array(self::$DI['oauth2-app-user']->getType(), [ApiApplication::DESKTOP_TYPE, ApiApplication::WEB_TYPE])); + $this->assertTrue(is_string(self::$DI['oauth2-app-user']->getNonce())); + $this->assertEquals(64, strlen(self::$DI['oauth2-app-user']->getNonce())); + self::$DI['oauth2-app-user']->set_type(ApiApplication::WEB_TYPE); + $this->assertEquals(ApiApplication::WEB_TYPE, self::$DI['oauth2-app-user']->getType()); + self::$DI['oauth2-app-user']->set_type(ApiApplication::DESKTOP_TYPE); + $this->assertEquals(ApiApplication::DESKTOP_TYPE, self::$DI['oauth2-app-user']->getType()); + $this->assertEquals(ApiApplication::NATIVE_APP_REDIRECT_URI, self::$DI['oauth2-app-user']->getRedirectUri()); + self::$DI['oauth2-app-user']->setType(ApiApplication::WEB_TYPE); - $this->assertTrue(in_array(self::$DI['oauth2-app-user']->get_type(), [API_OAuth2_Application::DESKTOP_TYPE, API_OAuth2_Application::WEB_TYPE])); - - $this->assertTrue(is_string(self::$DI['oauth2-app-user']->get_nonce())); - $this->assertEquals(64, strlen(self::$DI['oauth2-app-user']->get_nonce())); - - try { - self::$DI['oauth2-app-user']->set_type('prout'); - $this->fail(); - } catch (Exception_InvalidArgument $e) { - - } - - self::$DI['oauth2-app-user']->set_type(API_OAuth2_Application::WEB_TYPE); - $this->assertEquals(API_OAuth2_Application::WEB_TYPE, self::$DI['oauth2-app-user']->get_type()); - self::$DI['oauth2-app-user']->set_type(API_OAuth2_Application::DESKTOP_TYPE); - $this->assertEquals(API_OAuth2_Application::DESKTOP_TYPE, self::$DI['oauth2-app-user']->get_type()); - $this->assertEquals(API_OAuth2_Application::NATIVE_APP_REDIRECT_URI, self::$DI['oauth2-app-user']->get_redirect_uri()); - self::$DI['oauth2-app-user']->set_type(API_OAuth2_Application::WEB_TYPE); - - self::$DI['oauth2-app-user']->set_name('prout'); - $this->assertEquals('prout', self::$DI['oauth2-app-user']->get_name()); - self::$DI['oauth2-app-user']->set_name('test application for user'); - $this->assertEquals('test application for user', self::$DI['oauth2-app-user']->get_name()); + self::$DI['oauth2-app-user']->setName('prout'); + $this->assertEquals('prout', self::$DI['oauth2-app-user']->getName()); + self::$DI['oauth2-app-user']->setName('test application for user'); + $this->assertEquals('test application for user', self::$DI['oauth2-app-user']->getName()); $desc = 'prouti prouto prout prout'; - self::$DI['oauth2-app-user']->set_description($desc); - $this->assertEquals($desc, self::$DI['oauth2-app-user']->get_description()); - self::$DI['oauth2-app-user']->set_description(''); - $this->assertEquals('', self::$DI['oauth2-app-user']->get_description()); + self::$DI['oauth2-app-user']->setDescription($desc); + $this->assertEquals($desc, self::$DI['oauth2-app-user']->getDescription()); + self::$DI['oauth2-app-user']->setDescription(''); + $this->assertEquals('', self::$DI['oauth2-app-user']->getDescription()); $site = 'http://www.example.com/'; - self::$DI['oauth2-app-user']->set_website($site); - $this->assertEquals($site, self::$DI['oauth2-app-user']->get_website()); - self::$DI['oauth2-app-user']->set_website(''); - $this->assertEquals('', self::$DI['oauth2-app-user']->get_website()); + self::$DI['oauth2-app-user']->setWebsite($site); + $this->assertEquals($site, self::$DI['oauth2-app-user']->getWebsite()); + self::$DI['oauth2-app-user']->setWebsite(''); + $this->assertEquals('', self::$DI['oauth2-app-user']->getWebsite()); - $this->assertInstanceOf('DateTime', self::$DI['oauth2-app-user']->get_created_on()); + $this->assertInstanceOf('DateTime', self::$DI['oauth2-app-user']->getCreated()); + $this->assertInstanceOf('DateTime', self::$DI['oauth2-app-user']->getUpdated()); - $this->assertInstanceOf('DateTime', self::$DI['oauth2-app-user']->get_last_modified()); - - $this->assertMd5(self::$DI['oauth2-app-user']->get_client_id()); + $this->assertMd5(self::$DI['oauth2-app-user']->getClientId()); $client_id = md5('prouto'); - self::$DI['oauth2-app-user']->set_client_id($client_id); - $this->assertEquals($client_id, self::$DI['oauth2-app-user']->get_client_id()); - $this->assertMd5(self::$DI['oauth2-app-user']->get_client_id()); + self::$DI['oauth2-app-user']->seClientId($client_id); + $this->assertEquals($client_id, self::$DI['oauth2-app-user']->getClientId()); + $this->assertMd5(self::$DI['oauth2-app-user']->getClientId()); - $this->assertMd5(self::$DI['oauth2-app-user']->get_client_secret()); + $this->assertMd5(self::$DI['oauth2-app-user']->getClientSecret()); $client_secret = md5('prouto'); - self::$DI['oauth2-app-user']->set_client_secret($client_secret); - $this->assertEquals($client_secret, self::$DI['oauth2-app-user']->get_client_secret()); - $this->assertMd5(self::$DI['oauth2-app-user']->get_client_secret()); + self::$DI['oauth2-app-user']->setClientSecret($client_secret); + $this->assertEquals($client_secret, self::$DI['oauth2-app-user']->getClientSecret()); + $this->assertMd5(self::$DI['oauth2-app-user']->getClientSecret()); $uri = 'http://www.example.com/callback/'; - self::$DI['oauth2-app-user']->set_redirect_uri($uri); - $this->assertEquals($uri, self::$DI['oauth2-app-user']->get_redirect_uri()); - - $this->assertInstanceOf('API_OAuth2_Account', self::$DI['oauth2-app-user']->get_user_account(self::$DI['user'])); + self::$DI['oauth2-app-user']->setRedirectUri($uri); + $this->assertEquals($uri, self::$DI['oauth2-app-user']->getRedirectUri()); } private function assertmd5($md5)