Koha-community
/
Koha
13
5
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Bug 19661: (follow-up) Use Basic auth in tests 

Test plan:

prove t/db_dependent/api/v1/acquisitions_funds.t

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
19.05.x
Josef Moravec 5 years ago
committed by Nick Clemens
parent
6e98cc4503
commit
48484173e2
1 changed files with 22 additions and 63 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 85
      t/db_dependent/api/v1/acquisitions_funds.t

85
t/db_dependent/api/v1/acquisitions_funds.t
View File

@ -22,25 +22,35 @@ use Test::Mojo;
use t::lib::TestBuilder;
use t::lib::Mocks;
use C4::Auth;
use C4::Context;
use C4::Budgets;
use Koha::Database;
use Koha::Patron;
my $schema = Koha::Database->new->schema;
my $builder = t::lib::TestBuilder->new();
$schema->storage->txn_begin;
# FIXME: sessionStorage defaults to mysql, but it seems to break transaction handling
# this affects the other REST api tests
t::lib::Mocks::mock_preference( 'SessionStorage', 'tmp' );
t::lib::Mocks::mock_preference( 'RESTBasicAuth', 1 );
$ENV{REMOTE_ADDR} = '127.0.0.1';
my $t = Test::Mojo->new('Koha::REST::V1');
my $librarian = $builder->build_object({
class => 'Koha::Patrons',
value => { flags => 2052 }
});
my $password = 'thePassword123';
$librarian->set_password({ password => $password, skip_validation => 1 });
my $userid = $librarian->userid;
my $patron = $builder->build_object({
class => 'Koha::Patrons',
value => { flags => 0 }
});
my $unauth_password = 'thePassword123';
$patron->set_password({ password => $unauth_password, skip_validation => 1 });
my $unauth_userid = $patron->userid;
my $fund1 = {
budget_code => 'ABCD',
budget_amount => '123.132000',
@ -56,70 +66,19 @@ $t->get_ok('/api/v1/acquisitions/funds')
$t->get_ok('/api/v1/acquisitions/funds/?name=testFund')
->status_is(401);
my ( $borrowernumber, $session_id )
#= create_user_and_session( { authorized => 1 } );
= create_user_and_session( );
my $tx = $t->ua->build_tx(GET => '/api/v1/acquisitions/funds');
$tx->req->cookies({name => 'CGISESSID', value => $session_id});
$tx->req->env({REMOTE_ADDR => '127.0.0.1'});
$t->request_ok($tx)
$t->get_ok("//$unauth_userid:$unauth_password@/api/v1/acquisitions/funds")
->status_is(403);
$tx = $t->ua->build_tx(GET => "/api/v1/acquisitions/funds/?name=" . $fund1->{ budget_name });
$tx->req->cookies({name => 'CGISESSID', value => $session_id});
$tx->req->env({REMOTE_ADDR => '127.0.0.1'});
$t->request_ok($tx)
$t->get_ok("//$unauth_userid:$unauth_password@/api/v1/acquisitions/funds/?name=" . $fund1->{ budget_name })
->status_is(403);
( $borrowernumber, $session_id )
= create_user_and_session( { authorized => 1 } );
$tx = $t->ua->build_tx(GET => '/api/v1/acquisitions/funds');
$tx->req->cookies({name => 'CGISESSID', value => $session_id});
$tx->req->env({REMOTE_ADDR => '127.0.0.1'});
$t->request_ok($tx)
$t->get_ok("//$userid:$password@/api/v1/acquisitions/funds")
->status_is(200);
$tx = $t->ua->build_tx(GET => "/api/v1/acquisitions/funds/?name=" . $fund1->{ budget_name });
$tx->req->cookies({name => 'CGISESSID', value => $session_id});
$tx->req->env({REMOTE_ADDR => '127.0.0.1'});
$t->request_ok($tx)
$t->get_ok("//$userid:$password@/api/v1/acquisitions/funds/?name=" . $fund1->{ budget_name })
->status_is(200)
->json_like('/0/name' => qr/$fund1->{ budget_name }/);
$schema->storage->txn_rollback;
sub create_user_and_session {
my $args = shift;
my $flags = ( $args->{authorized} ) ? 2052 : 0;
# my $flags = ( $args->{authorized} ) ? $args->{authorized} : 0;
my $dbh = C4::Context->dbh;
my $user = $builder->build(
{ source => 'Borrower',
value => { flags => $flags }
}
);
# Create a session for the authorized user
my $session = C4::Auth::get_session('');
$session->param( 'number', $user->{borrowernumber} );
$session->param( 'id', $user->{userid} );
$session->param( 'ip', '127.0.0.1' );
$session->param( 'lasttime', time() );
$session->flush;
if ( $args->{authorized} ) {
$dbh->do(
q{
INSERT INTO user_permissions (borrowernumber,module_bit,code)
VALUES (?,11,'budget_manage_all')},
undef, $user->{borrowernumber}
);
}
return ( $user->{borrowernumber}, $session->id );
}
1;

Write Preview
Loading…
Cancel
Save