add: more encription keys api endpoints covered

pull/80/head
Luciano Righetti 2022-01-18 16:11:00 +01:00
parent f48c1a5a17
commit e6daa63064
5 changed files with 301 additions and 3 deletions

View File

@ -45,7 +45,7 @@ class EncryptionKeysFixture extends TestFixture
'encryption_key' => $this->getPublicKey(self::KEY_TYPE_EDCH),
'revoked' => false,
'expires' => null,
'owner_id' => OrganisationsFixture::ORGANISATION_A_ID,
'owner_id' => OrganisationsFixture::ORGANISATION_B_ID,
'owner_model' => 'Organisation',
'created' => $faker->dateTime()->getTimestamp(),
'modified' => $faker->dateTime()->getTimestamp()
@ -54,7 +54,7 @@ class EncryptionKeysFixture extends TestFixture
parent::init();
}
public function getPublicKey(string $type): string
public static function getPublicKey(string $type): string
{
switch ($type) {
case self::KEY_TYPE_EDCH:
@ -90,7 +90,7 @@ class EncryptionKeysFixture extends TestFixture
}
}
private function getPrivateKey(string $type): string
private static function getPrivateKey(string $type): string
{
switch ($type) {
case self::KEY_TYPE_EDCH:

View File

@ -0,0 +1,82 @@
<?php
declare(strict_types=1);
namespace App\Test\TestCase\Api\Users;
use Cake\TestSuite\IntegrationTestTrait;
use Cake\TestSuite\TestCase;
use App\Test\Fixture\AuthKeysFixture;
use App\Test\Fixture\EncryptionKeysFixture;
use App\Test\Fixture\UsersFixture;
use App\Test\Helper\ApiTestTrait;
class AddEncryptionKeyApiTest extends TestCase
{
use IntegrationTestTrait;
use ApiTestTrait;
protected const ENDPOINT = '/api/v1/encryptionKeys/add';
protected $fixtures = [
'app.Organisations',
'app.Individuals',
'app.Roles',
'app.Users',
'app.AuthKeys',
'app.EncryptionKeys'
];
public function testAddUserEncryptionKey(): void
{
$this->setAuthToken(AuthKeysFixture::ADMIN_API_KEY);
$faker = \Faker\Factory::create();
$uuid = $faker->uuid;
$this->post(
self::ENDPOINT,
[
'uuid' => $uuid,
'type' => EncryptionKeysFixture::TYPE_PGP,
'encryption_key' => EncryptionKeysFixture::getPublicKey(EncryptionKeysFixture::KEY_TYPE_EDCH),
'revoked' => false,
'expires' => null,
'owner_id' => UsersFixture::USER_ADMIN_ID,
'owner_model' => 'User'
]
);
$this->assertResponseOk();
$this->assertResponseContains(sprintf('"uuid": "%s"', $uuid));
$this->assertDbRecordExists('EncryptionKeys', ['uuid' => $uuid]);
//TODO: $this->assertRequestMatchesOpenApiSpec();
$this->assertResponseMatchesOpenApiSpec(self::ENDPOINT, 'post');
}
public function testAddAdminUserEncryptionKeyNotAllowedAsRegularUser(): void
{
$this->setAuthToken(AuthKeysFixture::REGULAR_USER_API_KEY);
$faker = \Faker\Factory::create();
$uuid = $faker->uuid;
$this->post(
self::ENDPOINT,
[
'uuid' => $uuid,
'type' => EncryptionKeysFixture::TYPE_PGP,
'encryption_key' => EncryptionKeysFixture::getPublicKey(EncryptionKeysFixture::KEY_TYPE_EDCH),
'revoked' => false,
'expires' => null,
'owner_id' => UsersFixture::USER_ADMIN_ID,
'owner_model' => 'User'
]
);
$this->assertResponseCode(405);
$this->assertDbRecordNotExists('EncryptionKeys', ['uuid' => $uuid]);
//TODO: $this->assertRequestMatchesOpenApiSpec();
$this->assertResponseMatchesOpenApiSpec(self::ENDPOINT, 'post');
}
}

View File

@ -0,0 +1,76 @@
<?php
declare(strict_types=1);
namespace App\Test\TestCase\Api\Users;
use Cake\TestSuite\IntegrationTestTrait;
use Cake\TestSuite\TestCase;
use App\Test\Fixture\AuthKeysFixture;
use App\Test\Fixture\EncryptionKeysFixture;
use App\Test\Helper\ApiTestTrait;
class EditBroodApiTest extends TestCase
{
use IntegrationTestTrait;
use ApiTestTrait;
protected const ENDPOINT = '/api/v1/encryptionKeys/edit';
protected $fixtures = [
'app.Organisations',
'app.Individuals',
'app.Roles',
'app.Users',
'app.AuthKeys',
'app.EncryptionKeys'
];
public function testRevokeEncryptionKey(): void
{
$this->setAuthToken(AuthKeysFixture::ADMIN_API_KEY);
$url = sprintf('%s/%d', self::ENDPOINT, EncryptionKeysFixture::ENCRYPTION_KEY_ORG_A_ID);
$this->put(
$url,
[
'revoked' => true,
]
);
$this->assertResponseOk();
$this->assertDbRecordExists(
'EncryptionKeys',
[
'id' => EncryptionKeysFixture::ENCRYPTION_KEY_ORG_A_ID,
'revoked' => true,
]
);
//TODO: $this->assertRequestMatchesOpenApiSpec();
$this->assertResponseMatchesOpenApiSpec($url, 'put');
}
public function testRevokeAdminEncryptionKeyNotAllowedAsRegularUser(): void
{
$this->setAuthToken(AuthKeysFixture::REGULAR_USER_API_KEY);
$url = sprintf('%s/%d', self::ENDPOINT, EncryptionKeysFixture::ENCRYPTION_KEY_ORG_B_ID);
$this->put(
$url,
[
'revoked' => true
]
);
$this->assertResponseCode(405);
$this->assertDbRecordNotExists(
'EncryptionKeys',
[
'id' => EncryptionKeysFixture::ENCRYPTION_KEY_ORG_B_ID,
'revoked' => true
]
);
//TODO: $this->assertRequestMatchesOpenApiSpec();
$this->assertResponseMatchesOpenApiSpec($url, 'put');
}
}

View File

@ -0,0 +1,40 @@
<?php
declare(strict_types=1);
namespace App\Test\TestCase\Api\Users;
use Cake\TestSuite\IntegrationTestTrait;
use Cake\TestSuite\TestCase;
use App\Test\Fixture\AuthKeysFixture;
use App\Test\Fixture\EncryptionKeysFixture;
use App\Test\Helper\ApiTestTrait;
class ViewEncryptionKeyApiTest extends TestCase
{
use IntegrationTestTrait;
use ApiTestTrait;
protected const ENDPOINT = '/api/v1/encryptionKeys/view';
protected $fixtures = [
'app.Organisations',
'app.Individuals',
'app.Roles',
'app.Users',
'app.AuthKeys',
'app.EncryptionKeys'
];
public function testViewEncryptionKeyById(): void
{
$this->setAuthToken(AuthKeysFixture::ADMIN_API_KEY);
$url = sprintf('%s/%d', self::ENDPOINT, EncryptionKeysFixture::ENCRYPTION_KEY_ORG_A_ID);
$this->get($url);
$this->assertResponseOk();
$this->assertResponseContains(sprintf('"id": %d', EncryptionKeysFixture::ENCRYPTION_KEY_ORG_A_ID));
// TODO: $this->assertRequestMatchesOpenApiSpec();
$this->assertResponseMatchesOpenApiSpec($url);
}
}

View File

@ -652,6 +652,62 @@ paths:
default:
$ref: "#/components/responses/ApiErrorResponse"
/api/v1/encryptionKeys/view/{encryptionKeyId}:
get:
summary: "Get encryption key by ID"
operationId: getEncryptionKeyId
tags:
- EncryptionKeys
parameters:
- $ref: "#/components/parameters/encryptionKeyId"
responses:
"200":
$ref: "#/components/responses/EncryptionKeyResponse"
"403":
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
"405":
$ref: "#/components/responses/MethodNotAllowedApiErrorResponse"
default:
$ref: "#/components/responses/ApiErrorResponse"
/api/v1/encryptionKeys/add:
post:
summary: "Add encryption key"
operationId: addEncryptionKey
tags:
- EncryptionKeys
requestBody:
$ref: "#/components/requestBodies/CreateEncryptionKeyRequest"
responses:
"200":
$ref: "#/components/responses/EncryptionKeyResponse"
"403":
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
"405":
$ref: "#/components/responses/MethodNotAllowedApiErrorResponse"
default:
$ref: "#/components/responses/ApiErrorResponse"
/api/v1/encryptionKeys/edit/{encryptionKeyId}:
put:
summary: "Edit encryption key"
operationId: editEncryptionKey
tags:
- EncryptionKeys
parameters:
- $ref: "#/components/parameters/encryptionKeyId"
requestBody:
$ref: "#/components/requestBodies/EditEncryptionKeyRequest"
responses:
"200":
$ref: "#/components/responses/EncryptionKeyResponse"
"403":
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
"405":
$ref: "#/components/responses/MethodNotAllowedApiErrorResponse"
default:
$ref: "#/components/responses/ApiErrorResponse"
/api/v1/encryptionKeys/delete/{encryptionKeyId}:
delete:
summary: "Delete encryption key by ID"
@ -1601,6 +1657,50 @@ components:
authkey:
$ref: "#/components/schemas/AuthKey"
CreateEncryptionKeyRequest:
required: true
content:
application/json:
schema:
type: object
properties:
uuid:
$ref: "#/components/schemas/UUID"
type:
$ref: "#/components/schemas/EncryptionKeyType"
encryption_key:
$ref: "#/components/schemas/EncryptionKeyValue"
revoked:
type: boolean
expires:
$ref: "#/components/schemas/EncryptionKeyExpiration"
owner_id:
$ref: "#/components/schemas/ID"
owner_model:
$ref: "#/components/schemas/ModelName"
EditEncryptionKeyRequest:
required: true
content:
application/json:
schema:
type: object
properties:
uuid:
$ref: "#/components/schemas/UUID"
type:
$ref: "#/components/schemas/EncryptionKeyType"
encryption_key:
$ref: "#/components/schemas/EncryptionKeyValue"
revoked:
type: boolean
expires:
$ref: "#/components/schemas/EncryptionKeyExpiration"
owner_id:
$ref: "#/components/schemas/ID"
owner_model:
$ref: "#/components/schemas/ModelName"
responses:
# Individuals
IndividualResponse: