]> BookStack Code Mirror - bookstack/blob - tests/Api/BooksApiTest.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add LDAP_TLS_CACERTFILE to example env file
[bookstack] / tests / Api / BooksApiTest.php
1 <?php
2
3 namespace Tests\Api;
4
5 use BookStack\Entities\Models\Book;
6 use Carbon\Carbon;
7 use Illuminate\Support\Facades\DB;
8 use Tests\TestCase;
9
10 class BooksApiTest extends TestCase
11 {
12     use TestsApi;
13
14     protected string $baseEndpoint = '/api/books';
15
16     public function test_index_endpoint_returns_expected_book()
17     {
18         $this->actingAsApiEditor();
19         $firstBook = Book::query()->orderBy('id', 'asc')->first();
20
21         $resp = $this->getJson($this->baseEndpoint . '?count=1&sort=+id');
22         $resp->assertJson(['data' => [
23             [
24                 'id'   => $firstBook->id,
25                 'name' => $firstBook->name,
26                 'slug' => $firstBook->slug,
27                 'owned_by' => $firstBook->owned_by,
28                 'created_by' => $firstBook->created_by,
29                 'updated_by' => $firstBook->updated_by,
30             ],
31         ]]);
32     }
33
34     public function test_create_endpoint()
35     {
36         $this->actingAsApiEditor();
37         $templatePage = $this->entities->templatePage();
38         $details = [
39             'name'                => 'My API book',
40             'description'         => 'A book created via the API',
41             'default_template_id' => $templatePage->id,
42         ];
43
44         $resp = $this->postJson($this->baseEndpoint, $details);
45         $resp->assertStatus(200);
46
47         $newItem = Book::query()->orderByDesc('id')->where('name', '=', $details['name'])->first();
48         $resp->assertJson(array_merge($details, [
49             'id' => $newItem->id,
50             'slug' => $newItem->slug,
51             'description_html' => '<p>A book created via the API</p>',
52         ]));
53         $this->assertActivityExists('book_create', $newItem);
54     }
55
56     public function test_create_endpoint_with_html()
57     {
58         $this->actingAsApiEditor();
59         $details = [
60             'name'             => 'My API book',
61             'description_html' => '<p>A book <em>created</em> <strong>via</strong> the API</p>',
62         ];
63
64         $resp = $this->postJson($this->baseEndpoint, $details);
65         $resp->assertStatus(200);
66
67         $newItem = Book::query()->orderByDesc('id')->where('name', '=', $details['name'])->first();
68         $expectedDetails = array_merge($details, [
69             'id'          => $newItem->id,
70             'description' => 'A book created via the API',
71         ]);
72
73         $resp->assertJson($expectedDetails);
74         $this->assertDatabaseHas('books', $expectedDetails);
75     }
76
77     public function test_book_name_needed_to_create()
78     {
79         $this->actingAsApiEditor();
80         $details = [
81             'description' => 'A book created via the API',
82         ];
83
84         $resp = $this->postJson($this->baseEndpoint, $details);
85         $resp->assertStatus(422);
86         $resp->assertJson([
87             'error' => [
88                 'message'    => 'The given data was invalid.',
89                 'validation' => [
90                     'name' => ['The name field is required.'],
91                 ],
92                 'code'       => 422,
93             ],
94         ]);
95     }
96
97     public function test_read_endpoint()
98     {
99         $this->actingAsApiEditor();
100         $book = $this->entities->book();
101
102         $resp = $this->getJson($this->baseEndpoint . "/{$book->id}");
103
104         $resp->assertStatus(200);
105         $resp->assertJson([
106             'id'         => $book->id,
107             'slug'       => $book->slug,
108             'created_by' => [
109                 'name' => $book->createdBy->name,
110             ],
111             'updated_by' => [
112                 'name' => $book->createdBy->name,
113             ],
114             'owned_by' => [
115                 'name' => $book->ownedBy->name,
116             ],
117             'default_template_id' => null,
118         ]);
119     }
120
121     public function test_read_endpoint_includes_chapter_and_page_contents()
122     {
123         $this->actingAsApiEditor();
124         $book = $this->entities->bookHasChaptersAndPages();
125         $chapter = $book->chapters()->first();
126         $chapterPage = $chapter->pages()->first();
127
128         $resp = $this->getJson($this->baseEndpoint . "/{$book->id}");
129
130         $directChildCount = $book->directPages()->count() + $book->chapters()->count();
131         $resp->assertStatus(200);
132         $resp->assertJsonCount($directChildCount, 'contents');
133         $resp->assertJson([
134             'contents' => [
135                 [
136                     'type' => 'chapter',
137                     'id' => $chapter->id,
138                     'name' => $chapter->name,
139                     'slug' => $chapter->slug,
140                     'pages' => [
141                         [
142                             'id' => $chapterPage->id,
143                             'name' => $chapterPage->name,
144                             'slug' => $chapterPage->slug,
145                         ]
146                     ]
147                 ]
148             ]
149         ]);
150     }
151
152     public function test_update_endpoint()
153     {
154         $this->actingAsApiEditor();
155         $book = $this->entities->book();
156         $templatePage = $this->entities->templatePage();
157         $details = [
158             'name'        => 'My updated API book',
159             'description' => 'A book updated via the API',
160             'default_template_id' => $templatePage->id,
161         ];
162
163         $resp = $this->putJson($this->baseEndpoint . "/{$book->id}", $details);
164         $book->refresh();
165
166         $resp->assertStatus(200);
167         $resp->assertJson(array_merge($details, [
168             'id' => $book->id,
169             'slug' => $book->slug,
170             'description_html' => '<p>A book updated via the API</p>',
171         ]));
172         $this->assertActivityExists('book_update', $book);
173     }
174
175     public function test_update_endpoint_with_html()
176     {
177         $this->actingAsApiEditor();
178         $book = $this->entities->book();
179         $details = [
180             'name'             => 'My updated API book',
181             'description_html' => '<p>A book <strong>updated</strong> via the API</p>',
182         ];
183
184         $resp = $this->putJson($this->baseEndpoint . "/{$book->id}", $details);
185         $resp->assertStatus(200);
186
187         $this->assertDatabaseHas('books', array_merge($details, ['id' => $book->id, 'description' => 'A book updated via the API']));
188     }
189
190     public function test_update_increments_updated_date_if_only_tags_are_sent()
191     {
192         $this->actingAsApiEditor();
193         $book = $this->entities->book();
194         DB::table('books')->where('id', '=', $book->id)->update(['updated_at' => Carbon::now()->subWeek()]);
195
196         $details = [
197             'tags' => [['name' => 'Category', 'value' => 'Testing']],
198         ];
199
200         $this->putJson($this->baseEndpoint . "/{$book->id}", $details);
201         $book->refresh();
202         $this->assertGreaterThan(Carbon::now()->subDay()->unix(), $book->updated_at->unix());
203     }
204
205     public function test_update_cover_image_control()
206     {
207         $this->actingAsApiEditor();
208         /** @var Book $book */
209         $book = $this->entities->book();
210         $this->assertNull($book->cover);
211         $file = $this->files->uploadedImage('image.png');
212
213         // Ensure cover image can be set via API
214         $resp = $this->call('PUT', $this->baseEndpoint . "/{$book->id}", [
215             'name'  => 'My updated API book with image',
216         ], [], ['image' => $file]);
217         $book->refresh();
218
219         $resp->assertStatus(200);
220         $this->assertNotNull($book->cover);
221
222         // Ensure further updates without image do not clear cover image
223         $resp = $this->put($this->baseEndpoint . "/{$book->id}", [
224             'name' => 'My updated book again',
225         ]);
226         $book->refresh();
227
228         $resp->assertStatus(200);
229         $this->assertNotNull($book->cover);
230
231         // Ensure update with null image property clears image
232         $resp = $this->put($this->baseEndpoint . "/{$book->id}", [
233             'image' => null,
234         ]);
235         $book->refresh();
236
237         $resp->assertStatus(200);
238         $this->assertNull($book->cover);
239     }
240
241     public function test_delete_endpoint()
242     {
243         $this->actingAsApiEditor();
244         $book = $this->entities->book();
245         $resp = $this->deleteJson($this->baseEndpoint . "/{$book->id}");
246
247         $resp->assertStatus(204);
248         $this->assertActivityExists('book_delete');
249     }
250
251     public function test_export_html_endpoint()
252     {
253         $this->actingAsApiEditor();
254         $book = $this->entities->book();
255
256         $resp = $this->get($this->baseEndpoint . "/{$book->id}/export/html");
257         $resp->assertStatus(200);
258         $resp->assertSee($book->name);
259         $resp->assertHeader('Content-Disposition', 'attachment; filename="' . $book->slug . '.html"');
260     }
261
262     public function test_export_plain_text_endpoint()
263     {
264         $this->actingAsApiEditor();
265         $book = $this->entities->book();
266
267         $resp = $this->get($this->baseEndpoint . "/{$book->id}/export/plaintext");
268         $resp->assertStatus(200);
269         $resp->assertSee($book->name);
270         $resp->assertHeader('Content-Disposition', 'attachment; filename="' . $book->slug . '.txt"');
271     }
272
273     public function test_export_pdf_endpoint()
274     {
275         $this->actingAsApiEditor();
276         $book = $this->entities->book();
277
278         $resp = $this->get($this->baseEndpoint . "/{$book->id}/export/pdf");
279         $resp->assertStatus(200);
280         $resp->assertHeader('Content-Disposition', 'attachment; filename="' . $book->slug . '.pdf"');
281     }
282
283     public function test_export_markdown_endpoint()
284     {
285         $this->actingAsApiEditor();
286         $book = Book::visible()->has('pages')->has('chapters')->first();
287
288         $resp = $this->get($this->baseEndpoint . "/{$book->id}/export/markdown");
289         $resp->assertStatus(200);
290         $resp->assertHeader('Content-Disposition', 'attachment; filename="' . $book->slug . '.md"');
291         $resp->assertSee('# ' . $book->name);
292         $resp->assertSee('# ' . $book->pages()->first()->name);
293         $resp->assertSee('# ' . $book->chapters()->first()->name);
294     }
295
296     public function test_cant_export_when_not_have_permission()
297     {
298         $types = ['html', 'plaintext', 'pdf', 'markdown'];
299         $this->actingAsApiEditor();
300         $this->permissions->removeUserRolePermissions($this->users->editor(), ['content-export']);
301
302         $book = $this->entities->book();
303         foreach ($types as $type) {
304             $resp = $this->get($this->baseEndpoint . "/{$book->id}/export/{$type}");
305             $this->assertPermissionError($resp);
306         }
307     }
308 }
The core source code for the BookStack project.