mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
Объединены сущности для авторизации посредством JWT токенов и токенов, выданных через oAuth2.
Все действия, связанные с аккаунтами, теперь вызываются через url `/api/v1/accounts/<id>/<action>`. Добавлена вменяемая система разграничения прав на основе RBAC. Теперь oAuth2 токены генерируются как случайная строка в 40 символов длинной, а не UUID. Исправлен баг с неправильным временем жизни токена в ответе успешного запроса аутентификации. Теперь все unit тесты можно успешно прогнать без наличия интернета.
This commit is contained in:
ErickSkrauch
@ -1,47 +0,0 @@
|
||||
<?php
|
||||
namespace tests\codeception\api\functional\internal;
|
||||
|
||||
use common\models\OauthScope as S;
|
||||
use tests\codeception\api\_pages\InternalRoute;
|
||||
use tests\codeception\api\functional\_steps\OauthSteps;
|
||||
use tests\codeception\api\FunctionalTester;
|
||||
|
||||
class BanCest {
|
||||
|
||||
/**
|
||||
* @var InternalRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new InternalRoute($I);
|
||||
}
|
||||
|
||||
public function testBanAccount(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant([S::ACCOUNT_BLOCK]);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
|
||||
$this->route->ban(1);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
]);
|
||||
}
|
||||
|
||||
public function testBanBannedAccount(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant([S::ACCOUNT_BLOCK]);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
|
||||
$this->route->ban(10);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'account' => 'error.account_already_banned',
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,7 +1,6 @@
|
||||
<?php
|
||||
namespace tests\codeception\api\functional\internal;
|
||||
|
||||
use common\models\OauthScope as S;
|
||||
use tests\codeception\api\_pages\InternalRoute;
|
||||
use tests\codeception\api\functional\_steps\OauthSteps;
|
||||
use tests\codeception\api\FunctionalTester;
|
||||
@ -18,7 +17,7 @@ class InfoCest {
|
||||
}
|
||||
|
||||
public function testGetInfoById(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant([S::INTERNAL_ACCOUNT_INFO]);
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant(['internal_account_info']);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
|
||||
$this->route->info('id', 1);
|
||||
@ -26,7 +25,7 @@ class InfoCest {
|
||||
}
|
||||
|
||||
public function testGetInfoByUuid(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant([S::INTERNAL_ACCOUNT_INFO]);
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant(['internal_account_info']);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
|
||||
$this->route->info('uuid', 'df936908-b2e1-544d-96f8-2977ec213022');
|
||||
@ -34,7 +33,7 @@ class InfoCest {
|
||||
}
|
||||
|
||||
public function testGetInfoByUsername(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant([S::INTERNAL_ACCOUNT_INFO]);
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant(['internal_account_info']);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
|
||||
$this->route->info('username', 'admin');
|
||||
@ -42,7 +41,7 @@ class InfoCest {
|
||||
}
|
||||
|
||||
public function testInvalidParams(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant([S::INTERNAL_ACCOUNT_INFO]);
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant(['internal_account_info']);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
|
||||
$this->route->info('', '');
|
||||
@ -50,7 +49,7 @@ class InfoCest {
|
||||
}
|
||||
|
||||
public function testAccountNotFound(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant([S::INTERNAL_ACCOUNT_INFO]);
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant(['internal_account_info']);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
|
||||
$this->route->info('username', 'this-user-not-exists');
|
||||
|
||||
@ -1,47 +0,0 @@
|
||||
<?php
|
||||
namespace tests\codeception\api\functional\internal;
|
||||
|
||||
use common\models\OauthScope as S;
|
||||
use tests\codeception\api\_pages\InternalRoute;
|
||||
use tests\codeception\api\functional\_steps\OauthSteps;
|
||||
use tests\codeception\api\FunctionalTester;
|
||||
|
||||
class PardonCest {
|
||||
|
||||
/**
|
||||
* @var InternalRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new InternalRoute($I);
|
||||
}
|
||||
|
||||
public function testPardonAccount(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant([S::ACCOUNT_BLOCK]);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
|
||||
$this->route->pardon(10);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
]);
|
||||
}
|
||||
|
||||
public function testPardonNotBannedAccount(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessTokenByClientCredentialsGrant([S::ACCOUNT_BLOCK]);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
|
||||
$this->route->pardon(1);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'account' => 'error.account_not_banned',
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user