Appwrite/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite.git synced 2026-05-26 13:51:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

DatabasesCustomClientTest.php uncomment tests

Browse Source
This commit is contained in:
fogelito
2023-02-12 23:53:52 +02:00
parent bf84ac3adc
commit 7cd1ffc085
1 changed files with 208 additions and 208 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/e2e/Services/Databases/DatabasesCustomClientTest.php
+208 -208
View File
@@ -15,212 +15,212 @@ class DatabasesCustomClientTest extends Scope
use DatabasesBase;
use ProjectCustom;
use SideClient;
//
// public function testAllowedPermissions(): void
// {
// /**
// * Test for SUCCESS
// */
//
// $database = $this->client->call(Client::METHOD_POST, '/databases', [
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ], [
// 'databaseId' => ID::unique(),
// 'name' => 'Test Database'
// ]);
//
// $databaseId = $database['body']['$id'];
//
// // Collection aliases write to create, update, delete
// $movies = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ]), [
// 'collectionId' => ID::unique(),
// 'name' => 'Movies',
// 'documentSecurity' => true,
// 'permissions' => [
// Permission::write(Role::user($this->getUser()['$id'])),
// ],
// ]);
//
// $moviesId = $movies['body']['$id'];
//
// $this->assertContains(Permission::create(Role::user($this->getUser()['$id'])), $movies['body']['$permissions']);
// $this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $movies['body']['$permissions']);
// $this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $movies['body']['$permissions']);
//
// $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/attributes/string', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ]), [
// 'key' => 'title',
// 'size' => 256,
// 'required' => true,
// ]);
//
// sleep(1);
//
// // Document aliases write to update, delete
// $document1 = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// ], $this->getHeaders()), [
// 'documentId' => ID::unique(),
// 'data' => [
// 'title' => 'Captain America',
// ],
// 'permissions' => [
// Permission::write(Role::user($this->getUser()['$id'])),
// ]
// ]);
//
// $this->assertNotContains(Permission::create(Role::user($this->getUser()['$id'])), $document1['body']['$permissions']);
// $this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $document1['body']['$permissions']);
// $this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $document1['body']['$permissions']);
//
// /**
// * Test for FAILURE
// */
//
// // Document does not allow create permission
// $document2 = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// ], $this->getHeaders()), [
// 'documentId' => ID::unique(),
// 'data' => [
// 'title' => 'Captain America',
// ],
// 'permissions' => [
// Permission::create(Role::user($this->getUser()['$id'])),
// ]
// ]);
//
// $this->assertEquals(400, $document2['headers']['status-code']);
// }
//
// public function testUpdateWithoutPermission(): array
// {
// // If document has been created by server and client tried to update it without adjusting permissions, permission validation should be skipped
//
// // As a part of preparation, we get ID of currently logged-in user
// $response = $this->client->call(Client::METHOD_GET, '/account', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ], $this->getHeaders()));
// $this->assertEquals(200, $response['headers']['status-code']);
//
// $userId = $response['body']['$id'];
//
// $database = $this->client->call(Client::METHOD_POST, '/databases', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ]), [
// 'databaseId' => ID::custom('permissionCheckDatabase'),
// 'name' => 'Test Database',
// ]);
// $this->assertEquals(201, $database['headers']['status-code']);
// $this->assertEquals('Test Database', $database['body']['name']);
//
// $databaseId = $database['body']['$id'];
// // Create collection
// $response = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ]), [
// 'collectionId' => ID::custom('permissionCheck'),
// 'name' => 'permissionCheck',
// 'permissions' => [],
// 'documentSecurity' => true,
// ]);
// $this->assertEquals(201, $response['headers']['status-code']);
//
// // Add attribute to collection
// $response = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/permissionCheck/attributes/string', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ]), [
// 'key' => 'name',
// 'size' => 255,
// 'required' => true,
// ]);
// $this->assertEquals(202, $response['headers']['status-code']);
//
// // Wait for database worker to finish creating attributes
// sleep(2);
//
// // Creating document by server, give read permission to our user + some other user
// $response = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/permissionCheck/documents', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ]), [
// 'documentId' => ID::custom('permissionCheckDocument'),
// 'data' => [
// 'name' => 'AppwriteBeginner',
// ],
// 'permissions' => [
// Permission::read(Role::user(ID::custom('user2'))),
// Permission::read(Role::user($userId)),
// Permission::update(Role::user($userId)),
// Permission::delete(Role::user($userId)),
// ],
// ]);
//
// $this->assertEquals(201, $response['headers']['status-code']);
//
// // Update document
// // This is the point of this test. We should be allowed to do this action, and it should not fail on permission check
// $response = $this->client->call(Client::METHOD_PATCH, '/databases/' . $databaseId . '/collections/permissionCheck/documents/permissionCheckDocument', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// ], $this->getHeaders()), [
// 'data' => [
// 'name' => 'AppwriteExpert',
// ]
// ]);
//
// $this->assertEquals(200, $response['headers']['status-code']);
//
// // Get name of the document, should be the new one
// $response = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/permissionCheck/documents/permissionCheckDocument', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// ], $this->getHeaders()));
// $this->assertEquals(200, $response['headers']['status-code']);
// $this->assertEquals("AppwriteExpert", $response['body']['name']);
//
// // Cleanup to prevent collision with other tests
// // Delete collection
// $response = $this->client->call(Client::METHOD_DELETE, '/databases/' . $databaseId . '/collections/permissionCheck', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ]));
//
// $this->assertEquals(204, $response['headers']['status-code']);
//
//
// // Wait for database worker to finish deleting collection
// sleep(2);
//
// // Make sure collection has been deleted
// $response = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/permissionCheck', array_merge([
// 'content-type' => 'application/json',
// 'x-appwrite-project' => $this->getProject()['$id'],
// 'x-appwrite-key' => $this->getProject()['apiKey']
// ]));
// $this->assertEquals(404, $response['headers']['status-code']);
//
// return [];
// }
public function testAllowedPermissions(): void
{
/**
* Test for SUCCESS
*/
$database = $this->client->call(Client::METHOD_POST, '/databases', [
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
], [
'databaseId' => ID::unique(),
'name' => 'Test Database'
]);
$databaseId = $database['body']['$id'];
// Collection aliases write to create, update, delete
$movies = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
]), [
'collectionId' => ID::unique(),
'name' => 'Movies',
'documentSecurity' => true,
'permissions' => [
Permission::write(Role::user($this->getUser()['$id'])),
],
]);
$moviesId = $movies['body']['$id'];
$this->assertContains(Permission::create(Role::user($this->getUser()['$id'])), $movies['body']['$permissions']);
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $movies['body']['$permissions']);
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $movies['body']['$permissions']);
$this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/attributes/string', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
]), [
'key' => 'title',
'size' => 256,
'required' => true,
]);
sleep(1);
// Document aliases write to update, delete
$document1 = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'documentId' => ID::unique(),
'data' => [
'title' => 'Captain America',
],
'permissions' => [
Permission::write(Role::user($this->getUser()['$id'])),
]
]);
$this->assertNotContains(Permission::create(Role::user($this->getUser()['$id'])), $document1['body']['$permissions']);
$this->assertContains(Permission::update(Role::user($this->getUser()['$id'])), $document1['body']['$permissions']);
$this->assertContains(Permission::delete(Role::user($this->getUser()['$id'])), $document1['body']['$permissions']);
/**
* Test for FAILURE
*/
// Document does not allow create permission
$document2 = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/' . $moviesId . '/documents', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'documentId' => ID::unique(),
'data' => [
'title' => 'Captain America',
],
'permissions' => [
Permission::create(Role::user($this->getUser()['$id'])),
]
]);
$this->assertEquals(400, $document2['headers']['status-code']);
}
public function testUpdateWithoutPermission(): array
{
// If document has been created by server and client tried to update it without adjusting permissions, permission validation should be skipped
// As a part of preparation, we get ID of currently logged-in user
$response = $this->client->call(Client::METHOD_GET, '/account', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
], $this->getHeaders()));
$this->assertEquals(200, $response['headers']['status-code']);
$userId = $response['body']['$id'];
$database = $this->client->call(Client::METHOD_POST, '/databases', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
]), [
'databaseId' => ID::custom('permissionCheckDatabase'),
'name' => 'Test Database',
]);
$this->assertEquals(201, $database['headers']['status-code']);
$this->assertEquals('Test Database', $database['body']['name']);
$databaseId = $database['body']['$id'];
// Create collection
$response = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
]), [
'collectionId' => ID::custom('permissionCheck'),
'name' => 'permissionCheck',
'permissions' => [],
'documentSecurity' => true,
]);
$this->assertEquals(201, $response['headers']['status-code']);
// Add attribute to collection
$response = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/permissionCheck/attributes/string', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
]), [
'key' => 'name',
'size' => 255,
'required' => true,
]);
$this->assertEquals(202, $response['headers']['status-code']);
// Wait for database worker to finish creating attributes
sleep(2);
// Creating document by server, give read permission to our user + some other user
$response = $this->client->call(Client::METHOD_POST, '/databases/' . $databaseId . '/collections/permissionCheck/documents', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
]), [
'documentId' => ID::custom('permissionCheckDocument'),
'data' => [
'name' => 'AppwriteBeginner',
],
'permissions' => [
Permission::read(Role::user(ID::custom('user2'))),
Permission::read(Role::user($userId)),
Permission::update(Role::user($userId)),
Permission::delete(Role::user($userId)),
],
]);
$this->assertEquals(201, $response['headers']['status-code']);
// Update document
// This is the point of this test. We should be allowed to do this action, and it should not fail on permission check
$response = $this->client->call(Client::METHOD_PATCH, '/databases/' . $databaseId . '/collections/permissionCheck/documents/permissionCheckDocument', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'data' => [
'name' => 'AppwriteExpert',
]
]);
$this->assertEquals(200, $response['headers']['status-code']);
// Get name of the document, should be the new one
$response = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/permissionCheck/documents/permissionCheckDocument', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()));
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertEquals("AppwriteExpert", $response['body']['name']);
// Cleanup to prevent collision with other tests
// Delete collection
$response = $this->client->call(Client::METHOD_DELETE, '/databases/' . $databaseId . '/collections/permissionCheck', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
]));
$this->assertEquals(204, $response['headers']['status-code']);
// Wait for database worker to finish deleting collection
sleep(2);
// Make sure collection has been deleted
$response = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/permissionCheck', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
]));
$this->assertEquals(404, $response['headers']['status-code']);
return [];
}
}