ENH: refs #250. Add unit test for web api authentication using the session

zachmullen · zachmullen · commit 8e6f9bed8259 · 2011-09-15T10:29:42.000-04:00
diff --git a/modules/api/controllers/components/AuthenticationComponent.php b/modules/api/controllers/components/AuthenticationComponent.php
@@ -37,7 +37,9 @@ public function getUser($args, $sessionDao)
         return 0;
         }
       $token = $args['token'];
-      $userapiDao = $this->Api_Userapi->getUserapiFromToken($token);
+      $modelLoad = new MIDAS_ModelLoader();
+      $userApiModel = $modelLoad->loadModel('Userapi', 'api');
+      $userapiDao = $userApiModel->getUserapiFromToken($token);
       if(!$userapiDao)
         {
         throw new Exception('Invalid token', MIDAS_INVALID_TOKEN);
@@ -47,7 +49,8 @@ public function getUser($args, $sessionDao)
         {
         return false;
         }
-      $userDao = $this->User->load($userid);
+      $userModel = $modelLoad->loadModel('User');
+      $userDao = $userModel->load($userid);
       return $userDao;
       }
     }
diff --git a/modules/api/tests/controllers/ApiIndexControllerTest.php b/modules/api/tests/controllers/ApiIndexControllerTest.php
@@ -26,16 +26,17 @@ public function setUp()
     }
 
   /** Invoke the JSON web API */
-  private function _callJsonApi()
+  private function _callJsonApi($sessionUser = null)
     {
-    $this->dispatchUrI($this->webroot.'api/json');
-    return json_decode($this->response->getBody());
+    $this->dispatchUrI($this->webroot.'api/json', $sessionUser);
+    return json_decode($this->getBody());
     }
 
   /** Make sure we got a good response from a web API call */
   private function _assertStatusOk($resp)
     {
     $this->assertNotEquals($resp, false);
+    $this->assertEquals($resp->message, '');
     $this->assertEquals($resp->stat, 'ok');
     $this->assertEquals($resp->code, 0);
     $this->assertTrue(isset($resp->data));
@@ -184,4 +185,30 @@ public function testUserApikeyDefault()
 
     $this->assertEquals($resp->data->apikey, $apiKey);
     }
+
+  /** Test that we can authenticate to the web API using the user session */
+  public function testSessionAuthentication()
+    {
+    $usersFile = $this->loadData('User', 'default');
+    $userDao = $this->User->load($usersFile[0]->getKey());
+
+    $this->resetAll();
+    $this->params = array();
+    $this->params['method'] = 'midas.user.folders';
+    $this->params['useSession'] = 'true';
+    $this->request->setMethod('POST');
+    $resp = $this->_callJsonApi($userDao);
+    $this->_assertStatusOk($resp);
+
+    // We should see the user's folders
+    $this->assertEquals(count($resp->data), 2);
+
+    foreach($resp->data as $folder)
+      {
+      $this->assertEquals($folder->_model, 'Folder');
+      $this->assertEquals($folder->parent_id, 1000);
+      }
+    $this->assertEquals($resp->data[0]->name, 'User 1 name Folder 2');
+    $this->assertEquals($resp->data[1]->name, 'User 1 name Folder 3');
+    }
   }

Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,9 @@ public function getUser($args, $sessionDao)`
`37`	`37`	`return 0;`
`38`	`38`	`}`
`39`	`39`	`$token = $args['token'];`
`40`		`- $userapiDao = $this->Api_Userapi->getUserapiFromToken($token);`
	`40`	`+ $modelLoad = new MIDAS_ModelLoader();`
	`41`	`+ $userApiModel = $modelLoad->loadModel('Userapi', 'api');`
	`42`	`+ $userapiDao = $userApiModel->getUserapiFromToken($token);`
`41`	`43`	`if(!$userapiDao)`
`42`	`44`	`{`
`43`	`45`	`throw new Exception('Invalid token', MIDAS_INVALID_TOKEN);`
`@@ -47,7 +49,8 @@ public function getUser($args, $sessionDao)`
`47`	`49`	`{`
`48`	`50`	`return false;`
`49`	`51`	`}`
`50`		`- $userDao = $this->User->load($userid);`
	`52`	`+ $userModel = $modelLoad->loadModel('User');`
	`53`	`+ $userDao = $userModel->load($userid);`
`51`	`54`	`return $userDao;`
`52`	`55`	`}`
`53`	`56`	`}`