Added access tests

src/Translations/node.en_US.neon

@@ -45,6 +45,12 @@ base:
 		uniqueConstraint:
 			heading	: "Attribute not unique"
 			message	: "Provided attribute is not unique"
+		notAuthorized:
+			heading	: "Not authorized"
+			message	: "You are not authorized to perform this action"
+		forbidden:
+			heading	: "Not allowed"
+			message	: "You are not allowed to perform this action"
 
 triggers:
 	messages:

tests/fixtures/Controllers/actionsCreate.php

@@ -8,13 +8,25 @@
 const VALID_TOKEN_USER = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI3YzVkNzdhZC1kOTNlLTRjMmMtOThlNS05ZTFhZmM0NDQ2MTUiLCJpc3MiOiJjb20uZmFzdHliaXJkLmF1dGgtbm9kZSIsImlhdCI6MTU4NTc0MjQwMCwiZXhwIjoxNTg1NzQ5NjAwLCJ1c2VyIjoiZWZiZmJkZWYtYmZiZC02OGVmLWJmYmQtNzcwYjQwZWZiZmJkIiwicm9sZXMiOlsidXNlciJdfQ.cbatWCuGX-K8XbF9MMN7DqxV9hriWmUSGcDGGmnxXX0';
 
 return [
+	// Valid responses
+	//////////////////
 	'createChannelProperty'          => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
 		'Bearer ' . VALID_TOKEN,
 		file_get_contents(__DIR__ . '/requests/actions.createChannelProperty.json'),
 		StatusCodeInterface::STATUS_CREATED,
 		__DIR__ . '/responses/actions.createChannelProperty.json',
 	],
+
+	// Invalid responses
+	////////////////////
+	'notAllowed'                     => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		'Bearer ' . VALID_TOKEN_USER,
+		file_get_contents(__DIR__ . '/requests/actions.createChannelProperty.json'),
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
 	'createChannelPropertyNotUnique' => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
 		'Bearer ' . VALID_TOKEN,
@@ -29,11 +41,46 @@
 		StatusCodeInterface::STATUS_UNPROCESSABLE_ENTITY,
 		__DIR__ . '/responses/actions.create.missing.required.json',
 	],
+	'unknownTrigger'                 => [
+		'/v1/triggers/74e40f3e-84cb-4e0c-b3b3-fbf8246e0888/actions',
+		'Bearer ' . VALID_TOKEN,
+		file_get_contents(__DIR__ . '/requests/actions.createChannelProperty.json'),
+		StatusCodeInterface::STATUS_NOT_FOUND,
+		__DIR__ . '/responses/triggers.notFound.json',
+	],
 	'invalidType'                    => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
 		'Bearer ' . VALID_TOKEN,
 		file_get_contents(__DIR__ . '/requests/actions.create.invalidType.json'),
 		StatusCodeInterface::STATUS_UNPROCESSABLE_ENTITY,
 		__DIR__ . '/responses/actions.create.invalidType.json',
 	],
+	'missingToken'                   => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		null,
+		file_get_contents(__DIR__ . '/requests/actions.createChannelProperty.unique.json'),
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'emptyToken'                     => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		'',
+		file_get_contents(__DIR__ . '/requests/actions.createChannelProperty.unique.json'),
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'invalidToken'                   => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		'Bearer ' . INVALID_TOKEN,
+		file_get_contents(__DIR__ . '/requests/actions.createChannelProperty.unique.json'),
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
+	'expiredToken'                   => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		'Bearer ' . EXPIRED_TOKEN,
+		file_get_contents(__DIR__ . '/requests/actions.createChannelProperty.unique.json'),
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
 ];

tests/fixtures/Controllers/actionsDelete.php

@@ -8,16 +8,57 @@
 const VALID_TOKEN_USER = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI3YzVkNzdhZC1kOTNlLTRjMmMtOThlNS05ZTFhZmM0NDQ2MTUiLCJpc3MiOiJjb20uZmFzdHliaXJkLmF1dGgtbm9kZSIsImlhdCI6MTU4NTc0MjQwMCwiZXhwIjoxNTg1NzQ5NjAwLCJ1c2VyIjoiZWZiZmJkZWYtYmZiZC02OGVmLWJmYmQtNzcwYjQwZWZiZmJkIiwicm9sZXMiOlsidXNlciJdfQ.cbatWCuGX-K8XbF9MMN7DqxV9hriWmUSGcDGGmnxXX0';
 
 return [
-	'delete'        => [
+	// Valid responses
+	//////////////////
+	'delete'         => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
 		'Bearer ' . VALID_TOKEN,
 		StatusCodeInterface::STATUS_NO_CONTENT,
 		__DIR__ . '/responses/actions.delete.json',
 	],
-	'deleteUnknown' => [
-		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/69786d15-fd0c-4d9f-9378-33287c2009af',
+
+	// Invalid responses
+	////////////////////
+	'notAllowed'     => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . VALID_TOKEN_USER,
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'deleteUnknown'  => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/74e40f3e-84cb-4e0c-b3b3-fbf8246e0888',
 		'Bearer ' . VALID_TOKEN,
 		StatusCodeInterface::STATUS_NOT_FOUND,
 		__DIR__ . '/responses/actions.notFound.json',
 	],
+	'unknownTrigger' => [
+		'/v1/triggers/74e40f3e-84cb-4e0c-b3b3-fbf8246e0888/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . VALID_TOKEN,
+		StatusCodeInterface::STATUS_NOT_FOUND,
+		__DIR__ . '/responses/triggers.notFound.json',
+	],
+	'missingToken'   => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		null,
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'emptyToken'     => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'',
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'invalidToken'   => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . INVALID_TOKEN,
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
+	'expiredToken'   => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . EXPIRED_TOKEN,
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
 ];

tests/fixtures/Controllers/actionsRead.php

@@ -8,46 +8,129 @@
 const VALID_TOKEN_USER = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI3YzVkNzdhZC1kOTNlLTRjMmMtOThlNS05ZTFhZmM0NDQ2MTUiLCJpc3MiOiJjb20uZmFzdHliaXJkLmF1dGgtbm9kZSIsImlhdCI6MTU4NTc0MjQwMCwiZXhwIjoxNTg1NzQ5NjAwLCJ1c2VyIjoiZWZiZmJkZWYtYmZiZC02OGVmLWJmYmQtNzcwYjQwZWZiZmJkIiwicm9sZXMiOlsidXNlciJdfQ.cbatWCuGX-K8XbF9MMN7DqxV9hriWmUSGcDGGmnxXX0';
 
 return [
-	'readAll'                  => [
+	// Valid responses
+	//////////////////
+	'readAll'                         => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
 		'Bearer ' . VALID_TOKEN,
 		StatusCodeInterface::STATUS_OK,
 		__DIR__ . '/responses/actions.index.json',
 	],
-	'readAllPaging'            => [
+	'readAllPaging'                   => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions?page[offset]=1&page[limit]=1',
 		'Bearer ' . VALID_TOKEN,
 		StatusCodeInterface::STATUS_OK,
 		__DIR__ . '/responses/actions.index.paging.json',
 	],
-	'readOne'                  => [
+	'readOne'                         => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
 		'Bearer ' . VALID_TOKEN,
 		StatusCodeInterface::STATUS_OK,
 		__DIR__ . '/responses/actions.read.json',
 	],
-	'readOneInclude'           => [
+	'readOneInclude'                  => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4?include=trigger',
 		'Bearer ' . VALID_TOKEN,
 		StatusCodeInterface::STATUS_OK,
 		__DIR__ . '/responses/actions.read.include.json',
 	],
-	'readOneUnknown'           => [
-		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/69786d15-fd0c-4d9f-9378-33287c2009af',
+	'readRelationshipsTrigger'        => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4/relationships/trigger',
+		'Bearer ' . VALID_TOKEN,
+		StatusCodeInterface::STATUS_OK,
+		__DIR__ . '/responses/actions.readRelationships.trigger.json',
+	],
+	'readAllUser'                     => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		'Bearer ' . VALID_TOKEN_USER,
+		StatusCodeInterface::STATUS_OK,
+		__DIR__ . '/responses/actions.index.json',
+	],
+	'readOneUser'                     => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . VALID_TOKEN_USER,
+		StatusCodeInterface::STATUS_OK,
+		__DIR__ . '/responses/actions.read.json',
+	],
+
+	// Invalid responses
+	////////////////////
+	'readOneUnknown'                  => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/74e40f3e-84cb-4e0c-b3b3-fbf8246e0888',
 		'Bearer ' . VALID_TOKEN,
 		StatusCodeInterface::STATUS_NOT_FOUND,
 		__DIR__ . '/responses/actions.notFound.json',
 	],
-	'readRelationshipsTrigger' => [
-		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4/relationships/trigger',
+	'readOneUnknownTrigger'           => [
+		'/v1/triggers/74e40f3e-84cb-4e0c-b3b3-fbf8246e0888/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
 		'Bearer ' . VALID_TOKEN,
-		StatusCodeInterface::STATUS_OK,
-		__DIR__ . '/responses/actions.readRelationships.trigger.json',
+		StatusCodeInterface::STATUS_NOT_FOUND,
+		__DIR__ . '/responses/triggers.notFound.json',
 	],
-	'readRelationshipsUnknown' => [
+	'readRelationshipsUnknown'        => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4/relationships/unknown',
 		'Bearer ' . VALID_TOKEN,
 		StatusCodeInterface::STATUS_NOT_FOUND,
 		__DIR__ . '/responses/relation.unknown.json',
 	],
+	'readRelationshipsUnknownAction'  => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/74e40f3e-84cb-4e0c-b3b3-fbf8246e0888/relationships/trigger',
+		'Bearer ' . VALID_TOKEN,
+		StatusCodeInterface::STATUS_NOT_FOUND,
+		__DIR__ . '/responses/actions.notFound.json',
+	],
+	'readRelationshipsUnknownTrigger' => [
+		'/v1/triggers/74e40f3e-84cb-4e0c-b3b3-fbf8246e0888/actions/4aa84028-d8b7-4128-95b2-295763634aa4/relationships/trigger',
+		'Bearer ' . VALID_TOKEN,
+		StatusCodeInterface::STATUS_NOT_FOUND,
+		__DIR__ . '/responses/triggers.notFound.json',
+	],
+	'readAllMissingToken'             => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		null,
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'readOneMissingToken'             => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		null,
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'readAllEmptyToken'               => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		'',
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'readOneEmptyToken'               => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'',
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'readAllInvalidToken'             => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		'Bearer ' . INVALID_TOKEN,
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
+	'readOneInvalidToken'             => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . INVALID_TOKEN,
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
+	'readAllExpiredToken'             => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions',
+		'Bearer ' . EXPIRED_TOKEN,
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
+	'readOneExpiredToken'             => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . EXPIRED_TOKEN,
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
 ];

tests/fixtures/Controllers/actionsUpdate.php

@@ -8,25 +8,79 @@
 const VALID_TOKEN_USER = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI3YzVkNzdhZC1kOTNlLTRjMmMtOThlNS05ZTFhZmM0NDQ2MTUiLCJpc3MiOiJjb20uZmFzdHliaXJkLmF1dGgtbm9kZSIsImlhdCI6MTU4NTc0MjQwMCwiZXhwIjoxNTg1NzQ5NjAwLCJ1c2VyIjoiZWZiZmJkZWYtYmZiZC02OGVmLWJmYmQtNzcwYjQwZWZiZmJkIiwicm9sZXMiOlsidXNlciJdfQ.cbatWCuGX-K8XbF9MMN7DqxV9hriWmUSGcDGGmnxXX0';
 
 return [
-	'update'      => [
+	// Valid responses
+	//////////////////
+	'update'         => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
 		'Bearer ' . VALID_TOKEN,
 		file_get_contents(__DIR__ . '/requests/actions.update.json'),
 		StatusCodeInterface::STATUS_OK,
 		__DIR__ . '/responses/actions.update.json',
 	],
-	'invalidType' => [
+
+	// Invalid responses
+	////////////////////
+	'notAllowed'     => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . VALID_TOKEN_USER,
+		file_get_contents(__DIR__ . '/requests/actions.update.json'),
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'unknownTrigger' => [
+		'/v1/triggers/74e40f3e-84cb-4e0c-b3b3-fbf8246e0888/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . VALID_TOKEN,
+		file_get_contents(__DIR__ . '/requests/actions.update.json'),
+		StatusCodeInterface::STATUS_NOT_FOUND,
+		__DIR__ . '/responses/triggers.notFound.json',
+	],
+	'unknownAction'  => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/74e40f3e-84cb-4e0c-b3b3-fbf8246e0888',
+		'Bearer ' . VALID_TOKEN,
+		file_get_contents(__DIR__ . '/requests/actions.update.json'),
+		StatusCodeInterface::STATUS_NOT_FOUND,
+		__DIR__ . '/responses/actions.notFound.json',
+	],
+	'invalidType'    => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
 		'Bearer ' . VALID_TOKEN,
 		file_get_contents(__DIR__ . '/requests/actions.update.invalidType.json'),
 		StatusCodeInterface::STATUS_UNPROCESSABLE_ENTITY,
 		__DIR__ . '/responses/actions.update.invalidType.json',
 	],
-	'idMismatch'  => [
+	'idMismatch'     => [
 		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
 		'Bearer ' . VALID_TOKEN,
 		file_get_contents(__DIR__ . '/requests/actions.update.idMismatch.json'),
 		StatusCodeInterface::STATUS_BAD_REQUEST,
 		__DIR__ . '/responses/invalid.identifier.json',
 	],
+	'missingToken'   => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		null,
+		file_get_contents(__DIR__ . '/requests/actions.update.json'),
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'emptyToken'     => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'',
+		file_get_contents(__DIR__ . '/requests/actions.update.json'),
+		StatusCodeInterface::STATUS_FORBIDDEN,
+		__DIR__ . '/responses/forbidden.json',
+	],
+	'invalidToken'   => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . INVALID_TOKEN,
+		file_get_contents(__DIR__ . '/requests/actions.update.json'),
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
+	'expiredToken'   => [
+		'/v1/triggers/c64ba1c4-0eda-4cab-87a0-4d634f7b67f4/actions/4aa84028-d8b7-4128-95b2-295763634aa4',
+		'Bearer ' . EXPIRED_TOKEN,
+		file_get_contents(__DIR__ . '/requests/actions.update.json'),
+		StatusCodeInterface::STATUS_UNAUTHORIZED,
+		__DIR__ . '/responses/unauthorized.json',
+	],
 ];