BookStack Code Mirror - bookstack/blob - tests/Api/ImportsApiTest.php

   1 <?php
   2
   3 namespace Api;
   4
   5 use BookStack\Entities\Models\Page;
   6 use BookStack\Exports\Import;
   7 use Tests\Api\TestsApi;
   8 use Tests\Exports\ZipTestHelper;
   9 use Tests\TestCase;
  10
  11 class ImportsApiTest extends TestCase
  12 {
  13     use TestsApi;
  14
  15     protected string $baseEndpoint = '/api/imports';
  16
  17     public function test_create_and_run(): void
  18     {
  19         $book = $this->entities->book();
  20         $zip = ZipTestHelper::zipUploadFromData([
  21             'page' => [
  22                 'name' => 'My API import page',
  23                 'tags' => [
  24                     [
  25                         'name' => 'My api tag',
  26                         'value' => 'api test value'
  27                     ]
  28                 ],
  29             ],
  30         ]);
  31
  32         $resp = $this->actingAsApiAdmin()->call('POST', $this->baseEndpoint, [], [], ['file' => $zip]);
  33         $resp->assertStatus(200);
  34
  35         $importId = $resp->json('id');
  36         $import = Import::query()->findOrFail($importId);
  37         $this->assertEquals('page', $import->type);
  38
  39         $resp = $this->post($this->baseEndpoint . "/{$import->id}", [
  40             'parent_type' => 'book',
  41             'parent_id' => $book->id,
  42         ]);
  43         $resp->assertJson([
  44             'name' => 'My API import page',
  45             'book_id' => $book->id,
  46         ]);
  47         $resp->assertJsonMissingPath('book');
  48
  49         $page = Page::query()->where('name', '=', 'My API import page')->first();
  50         $this->assertEquals('My api tag', $page->tags()->first()->name);
  51     }
  52
  53     public function test_create_validation_error(): void
  54     {
  55         $zip = ZipTestHelper::zipUploadFromData([
  56             'page' => [
  57                 'tags' => [
  58                     [
  59                         'name' => 'My api tag',
  60                         'value' => 'api test value'
  61                     ]
  62                 ],
  63             ],
  64         ]);
  65
  66         $resp = $this->actingAsApiAdmin()->call('POST', $this->baseEndpoint, [], [], ['file' => $zip]);
  67         $resp->assertStatus(422);
  68         $message = $resp->json('message');
  69
  70         $this->assertStringContainsString('ZIP upload failed with the following validation errors:', $message);
  71         $this->assertStringContainsString('[page.name] The name field is required.', $message);
  72     }
  73
  74     public function test_list(): void
  75     {
  76         $imports = Import::factory()->count(10)->create();
  77
  78         $resp = $this->actingAsApiAdmin()->get($this->baseEndpoint);
  79         $resp->assertJsonCount(10, 'data');
  80         $resp->assertJsonPath('total', 10);
  81
  82         $firstImport = $imports->first();
  83         $resp = $this->actingAsApiAdmin()->get($this->baseEndpoint . '?filter[id]=' . $firstImport->id);
  84         $resp->assertJsonCount(1, 'data');
  85         $resp->assertJsonPath('data.0.id', $firstImport->id);
  86         $resp->assertJsonPath('data.0.name', $firstImport->name);
  87         $resp->assertJsonPath('data.0.size', $firstImport->size);
  88         $resp->assertJsonPath('data.0.type', $firstImport->type);
  89     }
  90
  91     public function test_list_visibility_limited(): void
  92     {
  93         $user = $this->users->editor();
  94         $admin = $this->users->admin();
  95         $userImport = Import::factory()->create(['name' => 'MySuperUserImport', 'created_by' => $user->id]);
  96         $adminImport = Import::factory()->create(['name' => 'MySuperAdminImport', 'created_by' => $admin->id]);
  97         $this->permissions->grantUserRolePermissions($user, ['content-import']);
  98
  99         $resp = $this->actingAsForApi($user)->get($this->baseEndpoint);
 100         $resp->assertJsonCount(1, 'data');
 101         $resp->assertJsonPath('data.0.name', 'MySuperUserImport');
 102
 103         $this->permissions->grantUserRolePermissions($user, ['settings-manage']);
 104
 105         $resp = $this->actingAsForApi($user)->get($this->baseEndpoint);
 106         $resp->assertJsonCount(2, 'data');
 107         $resp->assertJsonPath('data.1.name', 'MySuperAdminImport');
 108     }
 109
 110     public function test_read(): void
 111     {
 112         $zip = ZipTestHelper::zipUploadFromData([
 113             'book' => [
 114                 'name' => 'My API import book',
 115                 'pages' => [
 116                     [
 117                         'name' => 'My import page',
 118                         'tags' => [
 119                             [
 120                                 'name' => 'My api tag',
 121                                 'value' => 'api test value'
 122                             ]
 123                         ]
 124                     ]
 125                 ],
 126             ],
 127         ]);
 128
 129         $resp = $this->actingAsApiAdmin()->call('POST', $this->baseEndpoint, [], [], ['file' => $zip]);
 130         $resp->assertStatus(200);
 131
 132         $resp = $this->get($this->baseEndpoint . "/{$resp->json('id')}");
 133         $resp->assertStatus(200);
 134
 135         $resp->assertJsonPath('details.name', 'My API import book');
 136         $resp->assertJsonPath('details.pages.0.name', 'My import page');
 137         $resp->assertJsonPath('details.pages.0.tags.0.name', 'My api tag');
 138         $resp->assertJsonMissingPath('metadata');
 139     }
 140
 141     public function test_delete(): void
 142     {
 143         $import = Import::factory()->create();
 144
 145         $resp = $this->actingAsApiAdmin()->delete($this->baseEndpoint . "/{$import->id}");
 146         $resp->assertStatus(204);
 147     }
 148
 149     public function test_content_import_permissions_needed(): void
 150     {
 151         $user = $this->users->viewer();
 152         $this->permissions->grantUserRolePermissions($user, ['access-api']);
 153         $this->actingAsForApi($user);
 154         $requests = [
 155              ['GET', $this->baseEndpoint],
 156              ['POST', $this->baseEndpoint],
 157              ['GET', $this->baseEndpoint . "/1"],
 158              ['POST', $this->baseEndpoint . "/1"],
 159              ['DELETE', $this->baseEndpoint . "/1"],
 160         ];
 161
 162         foreach ($requests as $request) {
 163             [$method, $endpoint] = $request;
 164             $resp = $this->json($method, $endpoint);
 165             $resp->assertStatus(403);
 166         }
 167
 168         $this->permissions->grantUserRolePermissions($user, ['content-import']);
 169
 170         foreach ($requests as $request) {
 171             [$method, $endpoint] = $request;
 172             $resp = $this->call($method, $endpoint);
 173             $this->assertNotEquals(403, $resp->status(), "A {$method} request to {$endpoint} returned 403");
 174         }
 175     }
 176 }