nas
/
todo_api
Watch 2
Star 1
Fork 0
Code Issues 1 Pull Requests 0 Releases 0 Wiki Activity
api de gestion de ticket, basé sur php-crud-api. Le but est de décorrélé les outils de gestion des données, afin
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
586 Commits
1 Branch
Tree: a8e7964837
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a8e7964837'
${ noResults }
todo_api/tests/tests.php

tests.php 18KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542 
  1. <?php

  2. if (!file_exists(__DIR__.'/config.php')) {

  3. 	copy(__DIR__.'/config.php.dist',__DIR__.'/config.php');

  4. }

  5. require __DIR__.'/config.php';

  6. require __DIR__.'/../api.php';

  7. 

  8. class API

  9. {

  10. 	protected $test;

  11. 	protected $api;

  12. 

  13. 	public function __construct($test)

  14. 	{

  15. 		$this->test = $test;

  16. 	}

  17. 

  18. 	private function action($method,$url,$data='')

  19. 	{

  20. 		$url = parse_url($url);

  21. 		$query = isset($url['query'])?$url['query']:'';

  22. 		parse_str($query,$get);

  23. 

  24. 		$data = 'data://text/plain;base64,'.base64_encode($data);

  25. 

  26. 		$this->api = new PHP_CRUD_API(array(

  27. 				'dbengine'=>PHP_CRUD_API_Config::$dbengine,

  28. 				'hostname'=>PHP_CRUD_API_Config::$hostname,

  29. 				'username'=>PHP_CRUD_API_Config::$username,

  30. 				'password'=>PHP_CRUD_API_Config::$password,

  31. 				'database'=>PHP_CRUD_API_Config::$database,

  32. 				// callbacks

  33. 				'table_authorizer'=>function($action,$database,$table) { return true; },

  34. 				'column_authorizer'=>function($action,$database,$table,$column) { return !($column=='password'&&$action=='list'); },

  35. 				'record_filter'=>function($action,$database,$table) { return ($table=='posts')?array('id,ne,13'):false; },

  36. 				'tenancy_function'=>function($action,$database,$table,$column) { return ($table=='users'&&$column=='id')?1:null; },

  37. 				'input_sanitizer'=>function($action,$database,$table,$column,$type,$value) { return $value===null?null:strip_tags($value); },

  38. 				'input_validator'=>function($action,$database,$table,$column,$type,$value,$context) { return ($column=='category_id' && !is_numeric($value))?'must be numeric':true; },

  39. 				// for tests

  40. 				'method' =>$method,

  41. 				'request' =>$url['path'],

  42. 				'post'=>$data,

  43. 				'get' =>$get,

  44. 		));

  45. 		return $this;

  46. 	}

  47. 

  48. 	public function get($url)

  49. 	{

  50. 		return $this->action('GET',$url);

  51. 	}

  52. 

  53. 	public function post($url,$data)

  54. 	{

  55. 		return $this->action('POST',$url,$data);

  56. 	}

  57. 

  58. 	public function put($url,$data)

  59. 	{

  60. 		return $this->action('PUT',$url,$data);

  61. 	}

  62. 

  63. 	public function delete($url)

  64. 	{

  65. 		return $this->action('DELETE',$url);

  66. 	}

  67. 

  68. 	public function options($url)

  69. 	{

  70. 		return $this->action('OPTIONS',$url);

  71. 	}

  72. 

  73. 	public function expect($output,$error=false)

  74. 	{

  75. 		$exception = false;

  76. 		ob_start();

  77. 		try {

  78. 			$this->api->executeCommand();

  79. 		} catch (\Exception $e) {

  80. 			$exception = $e->getMessage();

  81. 		}

  82. 		$data = ob_get_contents();

  83. 		ob_end_clean();

  84. 		if ($exception) $this->test->assertEquals($error, $exception);

  85. 		else $this->test->assertEquals($output, $data);

  86. 		return $this;

  87. 	}

  88. }

  89. 

  90. class PHP_CRUD_API_Test extends PHPUnit_Framework_TestCase

  91. {

  92. 	public static function setUpBeforeClass()

  93. 	{

  94. 		if (PHP_CRUD_API_Config::$database=='{{test_database}}') {

  95. 			die("Configure database in 'config.php' before running tests.\n");

  96. 		}

  97. 

  98. 		$dbengine = PHP_CRUD_API_Config::$dbengine;

  99. 		$hostname = PHP_CRUD_API_Config::$hostname;

  100. 		$username = PHP_CRUD_API_Config::$username;

  101. 		$password = PHP_CRUD_API_Config::$password;

  102. 		$database = PHP_CRUD_API_Config::$database;

  103. 

  104. 		$fixture = __DIR__.'/blog_'.strtolower($dbengine).'.sql';

  105. 

  106. 		if ($dbengine == 'MySQL') {

  107. 

  108. 			$link = mysqli_connect($hostname, $username, $password, $database);

  109. 			if (mysqli_connect_errno()) {

  110. 				die("Connect failed: ".mysqli_connect_error()."\n");

  111. 			}

  112. 			mysqli_set_charset($link,'utf8');

  113. 

  114. 			$i=0;

  115. 			if (mysqli_multi_query($link, file_get_contents($fixture))) {

  116. 				do { $i++; mysqli_next_result($link); } while (mysqli_more_results($link));

  117. 			}

  118. 			if (mysqli_errno($link)) {

  119. 				die("Loading '$fixture' failed on statemement #$i with error:\n".mysqli_error($link)."\n");

  120. 			}

  121. 

  122. 			mysqli_close($link);

  123. 

  124. 		} elseif ($dbengine == 'SQLServer') {

  125. 

  126. 			$connectionInfo = array();

  127. 			$connectionInfo['UID']=$username;

  128. 			$connectionInfo['PWD']=$password;

  129. 			$connectionInfo['Database']=$database;

  130. 			$connectionInfo['CharacterSet']='UTF-8';

  131. 			$conn = sqlsrv_connect( $hostname, $connectionInfo);

  132. 			if (!$conn) {

  133. 				die("Connect failed: ".print_r( sqlsrv_errors(), true));

  134. 			}

  135. 			$queries = preg_split('/\n\s*GO\s*\n/', file_get_contents($fixture));

  136. 			array_pop($queries);

  137. 			foreach ($queries as $i=>$query) {

  138. 				if (!sqlsrv_query($conn, $query)) {

  139. 					$i++;

  140. 					die("Loading '$fixture' failed on statemement #$i with error:\n".print_r( sqlsrv_errors(), true)."\n");

  141. 				}

  142. 			}

  143. 			sqlsrv_close($conn);

  144. 

  145. 		} elseif ($dbengine == 'PostgreSQL') {

  146. 

  147. 			$e = function ($v) { return str_replace(array('\'','\\'),array('\\\'','\\\\'),$v); };

  148. 			$hostname = $e($hostname);

  149. 			$database = $e($database);

  150. 			$username = $e($username);

  151. 			$password = $e($password);

  152. 			$conn_string = "host='$hostname' dbname='$database' user='$username' password='$password' options='--client_encoding=UTF8'";

  153. 			$db = pg_connect($conn_string);

  154. 			if (!$db) {

  155. 				die("Connect failed: ".print_r( sqlsrv_errors(), true));

  156. 			}

  157. 			$queries = preg_split('/;\s*\n/', file_get_contents($fixture));

  158. 			array_pop($queries);

  159. 			foreach ($queries as $i=>$query) {

  160. 				if (!pg_query($db, $query.';')) {

  161. 					$i++;

  162. 					die("Loading '$fixture' failed on statemement #$i with error:\n".print_r( pg_last_error($db), true)."\n");

  163. 				}

  164. 			}

  165. 			pg_close($db);

  166. 

  167. 		} elseif ($dbengine == 'SQLite') {

  168. 

  169. 			$db = new SQLite3($database);

  170. 			if (!$db) {

  171. 				die("Could not open '$database' SQLite database: ".SQLite3::lastErrorMsg().' ('.SQLite3::lastErrorCode().")\n");

  172. 			}

  173. 			$queries = preg_split('/;\s*\n/', file_get_contents($fixture));

  174. 			array_pop($queries);

  175. 			foreach ($queries as $i=>$query) {

  176. 				if (!$db->query($query.';')) {

  177. 					$i++;

  178. 					die("Loading '$fixture' failed on statemement #$i with error:\n".$db->lastErrorCode().': '.$db->lastErrorMsg()."\n");

  179. 				}

  180. 			}

  181. 			$db->close();

  182. 		}

  183. 	}

  184. 

  185. 	public function testListPosts()

  186. 	{

  187. 		$test = new API($this);

  188. 		$test->get('/posts');

  189. 		$test->expect('{"posts":{"columns":["id","user_id","category_id","content"],"records":[["1","1","1","blog started"],["2","1","2","It works!"]]}}');

  190. 	}

  191. 

  192. 	public function testListPostColumns()

  193. 	{

  194. 		$test = new API($this);

  195. 		$test->get('/posts?columns=id,content');

  196. 		$test->expect('{"posts":{"columns":["id","content"],"records":[["1","blog started"],["2","It works!"]]}}');

  197. 	}

  198. 

  199. 	public function testListPostsWithTransform()

  200. 	{

  201. 		$test = new API($this);

  202. 		$test->get('/posts?transform=1');

  203. 		$test->expect('{"posts":[{"id":"1","user_id":"1","category_id":"1","content":"blog started"},{"id":"2","user_id":"1","category_id":"2","content":"It works!"}]}');

  204. 	}

  205. 

  206. 	public function testReadPost()

  207. 	{

  208. 		$test = new API($this);

  209. 		$test->get('/posts/2');

  210. 		$test->expect('{"id":"2","user_id":"1","category_id":"2","content":"It works!"}');

  211. 	}

  212. 

  213. 	public function testReadPostColumns()

  214. 	{

  215. 		$test = new API($this);

  216. 		$test->get('/posts/2?columns=id,content');

  217. 		$test->expect('{"id":"2","content":"It works!"}');

  218. 	}

  219. 

  220. 	public function testAddPost()

  221. 	{

  222. 		$test = new API($this);

  223. 		$test->post('/posts','{"user_id":"1","category_id":"1","content":"test"}');

  224. 		$test->expect('3');

  225. 	}

  226. 

  227. 	public function testEditPost()

  228. 	{

  229. 		$test = new API($this);

  230. 		$test->put('/posts/3','{"user_id":"1","category_id":"1","content":"test (edited)"}');

  231. 		$test->expect('1');

  232. 		$test->get('/posts/3');

  233. 		$test->expect('{"id":"3","user_id":"1","category_id":"1","content":"test (edited)"}');

  234. 	}

  235. 

  236. 	public function testEditPostColumnsMissingField()

  237. 	{

  238. 		$test = new API($this);

  239. 		$test->put('/posts/3?columns=id,content','{"content":"test (edited 2)"}');

  240. 		$test->expect('1');

  241. 		$test->get('/posts/3');

  242. 		$test->expect('{"id":"3","user_id":"1","category_id":"1","content":"test (edited 2)"}');

  243. 	}

  244. 

  245.     public function testEditPostColumnsExtraField()

  246. 	{

  247. 		$test = new API($this);

  248. 		$test->put('/posts/3?columns=id,content','{"user_id":"2","content":"test (edited 3)"}');

  249. 		$test->expect('1');

  250. 		$test->get('/posts/3');

  251. 		$test->expect('{"id":"3","user_id":"1","category_id":"1","content":"test (edited 3)"}');

  252. 	}

  253. 

  254. 	public function testEditPostWithUtf8Content()

  255. 	{

  256. 		$utf8 = json_encode('Hello world, Καλημέρα κόσμε, コンニチハ');

  257. 		$test = new API($this);

  258. 		$test->put('/posts/2','{"content":'.$utf8.'}');

  259. 		$test->expect('1');

  260. 		$test->get('/posts/2');

  261. 		$test->expect('{"id":"2","user_id":"1","category_id":"2","content":'.$utf8.'}');

  262. 	}

  263. 

  264. 	public function testEditPostWithUtf8ContentWithPost()

  265. 	{

  266. 		$utf8 = '€ Hello world, Καλημέρα κόσμε, コンニチハ';

  267. 		$url_encoded = urlencode($utf8);

  268. 		$json_encoded = json_encode($utf8);

  269. 		$test = new API($this);

  270. 		$test->put('/posts/2','content='.$url_encoded);

  271. 		$test->expect('1');

  272. 		$test->get('/posts/2');

  273. 		$test->expect('{"id":"2","user_id":"1","category_id":"2","content":'.$json_encoded.'}');

  274. 	}

  275. 

  276. 	public function testDeletePost()

  277. 	{

  278. 		$test = new API($this);

  279. 		$test->delete('/posts/3');

  280. 		$test->expect('1');

  281. 		$test->get('/posts/3');

  282. 		$test->expect(false,'Not found (object)');

  283. 	}

  284. 

  285. 	public function testAddPostWithPost()

  286. 	{

  287. 		$test = new API($this);

  288. 		$test->post('/posts','user_id=1&category_id=1&content=test');

  289. 		$test->expect('4');

  290. 	}

  291. 

  292. 	public function testEditPostWithPost()

  293. 	{

  294. 		$test = new API($this);

  295. 		$test->put('/posts/4','user_id=1&category_id=1&content=test+(edited)');

  296. 		$test->expect('1');

  297. 		$test->get('/posts/4');

  298. 		$test->expect('{"id":"4","user_id":"1","category_id":"1","content":"test (edited)"}');

  299. 	}

  300. 

  301. 	public function testDeletePostWithPost()

  302. 	{

  303. 		$test = new API($this);

  304. 		$test->delete('/posts/4');

  305. 		$test->expect('1');

  306. 		$test->get('/posts/4');

  307. 		$test->expect(false,'Not found (object)');

  308. 	}

  309. 

  310. 	public function testListWithPaginate()

  311. 	{

  312. 		$test = new API($this);

  313. 		for ($i=1;$i<=10;$i++) {

  314. 		  $test->post('/posts','{"user_id":"1","category_id":"1","content":"#'.$i.'"}');

  315. 		  $test->expect(4+$i);

  316. 		}

  317. 		$test->get('/posts?page=2,2&order=id');

  318. 		$test->expect('{"posts":{"columns":["id","user_id","category_id","content"],"records":[["5","1","1","#1"],["6","1","1","#2"]],"results":11}}');

  319. 	}

  320. 

  321. 	public function testListWithPaginateLastPage()

  322. 	{

  323. 		$test = new API($this);

  324. 		$test->get('/posts?page=3,5&order=id');

  325. 		$test->expect('{"posts":{"columns":["id","user_id","category_id","content"],"records":[["14","1","1","#10"]],"results":11}}');

  326. 	}

  327. 

  328. 	public function testListExampleFromReadme()

  329. 	{

  330. 		$test = new API($this);

  331. 		$test->get('/posts?include=categories,tags,comments&filter=id,eq,1');

  332. 		$test->expect('{"posts":{"columns":["id","user_id","category_id","content"],"records":[["1","1","1","blog started"]]},"post_tags":{"relations":{"post_id":"posts.id"},"columns":["id","post_id","tag_id"],"records":[["1","1","1"],["2","1","2"]]},"categories":{"relations":{"id":"posts.category_id"},"columns":["id","name","icon"],"records":[["1","anouncement",null]]},"tags":{"relations":{"id":"post_tags.tag_id"},"columns":["id","name"],"records":[["1","funny"],["2","important"]]},"comments":{"relations":{"post_id":"posts.id"},"columns":["id","post_id","message"],"records":[["1","1","great"],["2","1","fantastic"]]}}');

  333. 	}

  334. 

  335. 	public function testListExampleFromReadmeWithTransform()

  336. 	{

  337. 		$test = new API($this);

  338. 		$test->get('/posts?include=categories,tags,comments&filter=id,eq,1&transform=1');

  339. 		$test->expect('{"posts":[{"id":"1","post_tags":[{"id":"1","post_id":"1","tag_id":"1","tags":[{"id":"1","name":"funny"}]},{"id":"2","post_id":"1","tag_id":"2","tags":[{"id":"2","name":"important"}]}],"comments":[{"id":"1","post_id":"1","message":"great"},{"id":"2","post_id":"1","message":"fantastic"}],"user_id":"1","category_id":"1","categories":[{"id":"1","name":"anouncement","icon":null}],"content":"blog started"}]}');

  340. 	}

  341. 

  342. 	public function testEditCategoryWithBinaryContent()

  343. 	{

  344. 		$binary = base64_encode("\0abc\0\n\r\b\0");

  345. 		$base64url = rtrim(strtr($binary, '+/', '-_'), '=');

  346. 		$test = new API($this);

  347. 		$test->put('/categories/2','{"icon":"'.$base64url.'"}');

  348. 		$test->expect('1');

  349. 		$test->get('/categories/2');

  350. 		$test->expect('{"id":"2","name":"article","icon":"'.$binary.'"}');

  351. 	}

  352. 

  353. 	public function testEditCategoryWithNull()

  354. 	{

  355. 		$test = new API($this);

  356. 		$test->put('/categories/2','{"icon":null}');

  357. 		$test->expect('1');

  358. 		$test->get('/categories/2');

  359. 		$test->expect('{"id":"2","name":"article","icon":null}');

  360. 	}

  361. 

  362. 	public function testEditCategoryWithBinaryContentWithPost()

  363. 	{

  364. 		$binary = base64_encode("€ \0abc\0\n\r\b\0");

  365. 		$base64url = rtrim(strtr($binary, '+/', '-_'), '=');

  366. 		$test = new API($this);

  367. 		$test->put('/categories/2','icon='.$base64url);

  368. 		$test->expect('1');

  369. 		$test->get('/categories/2');

  370. 		$test->expect('{"id":"2","name":"article","icon":"'.$binary.'"}');

  371. 	}

  372. 

  373. 	public function testEditCategoryWithNullWithPost()

  374. 	{

  375. 		$test = new API($this);

  376. 		$test->put('/categories/2','icon__is_null');

  377. 		$test->expect('1');

  378. 		$test->get('/categories/2');

  379. 		$test->expect('{"id":"2","name":"article","icon":null}');

  380. 	}

  381. 

  382. 	public function testAddPostFailure()

  383. 	{

  384. 		$test = new API($this);

  385. 		$test->post('/posts','{"user_id":"a","category_id":"1","content":"tests"}');

  386. 		$test->expect('null');

  387. 	}

  388. 

  389. 	public function testOptionsRequest()

  390. 	{

  391. 		$test = new API($this);

  392. 		$test->options('/posts/2');

  393. 		$test->expect('["Access-Control-Allow-Headers: Content-Type","Access-Control-Allow-Methods: OPTIONS, GET, PUT, POST, DELETE","Access-Control-Allow-Credentials: true","Access-Control-Max-Age: 1728000"]',false);

  394. 	}

  395. 

  396. 	public function testHidingPasswordColumn()

  397. 	{

  398. 		$test = new API($this);

  399. 		$test->get('/users?filter=id,eq,1&transform=1');

  400. 		$test->expect('{"users":[{"id":"1","username":"user1"}]}');

  401. 	}

  402. 

  403. 	public function testValidatorErrorMessage()

  404. 	{

  405. 		$test = new API($this);

  406. 		$test->put('/posts/1','{"category_id":"a"}');

  407. 		$test->expect(false,'{"category_id":"must be numeric"}');

  408. 	}

  409. 

  410. 	public function testSanitizerToStripTags()

  411. 	{

  412. 		$test = new API($this);

  413. 		$test->put('/categories/2','{"name":"<script>alert();</script>"}');

  414. 		$test->expect('1');

  415. 		$test->get('/categories/2');

  416. 		$test->expect('{"id":"2","name":"alert();","icon":null}');

  417. 	}

  418. 

  419. 	public function testErrorOnInvalidJson()

  420. 	{

  421. 		$test = new API($this);

  422. 		$test->post('/posts','{"}');

  423. 		$test->expect(false,'Not found (input)');

  424. 	}

  425. 

  426. 	public function testErrorOnDuplicatePrimaryKey()

  427. 	{

  428. 		$test = new API($this);

  429. 		$test->post('/posts','{"id":"1","user_id":"1","category_id":"1","content":"blog started (duplicate)"}');

  430. 		$test->expect('null');

  431. 	}

  432. 

  433. 	public function testErrorOnFailingForeignKeyConstraint()

  434. 	{

  435. 		$test = new API($this);

  436. 		$test->post('/posts','{"user_id":"3","category_id":"1","content":"fk constraint"}');

  437. 		$test->expect('null');

  438. 	}

  439. 

  440. 	public function testForJsonpCallbackOnList()

  441. 	{

  442. 		$test = new API($this);

  443. 		$test->get('/posts?filter[]=id,eq,1&callback=test_jsonp_fn&transform=1');

  444. 		$test->expect('test_jsonp_fn({"posts":[{"id":"1","user_id":"1","category_id":"1","content":"blog started"}]});');

  445. 	}

  446. 

  447. 	public function testMissingIntermediateTable()

  448. 	{

  449. 		$test = new API($this);

  450. 		$test->get('/users?include=posts,tags');

  451. 		$test->expect('{"users":{"columns":["id","username"],"records":[["1","user1"]]},"posts":{"relations":{"user_id":"users.id"},"columns":["id","user_id","category_id","content"],"records":[["1","1","1","blog started"],["2","1","2","\u20ac Hello world, \u039a\u03b1\u03bb\u03b7\u03bc\u1f73\u03c1\u03b1 \u03ba\u1f79\u03c3\u03bc\u03b5, \u30b3\u30f3\u30cb\u30c1\u30cf"],["5","1","1","#1"],["6","1","1","#2"],["7","1","1","#3"],["8","1","1","#4"],["9","1","1","#5"],["10","1","1","#6"],["11","1","1","#7"],["12","1","1","#8"],["14","1","1","#10"]]},"post_tags":{"relations":{"post_id":"posts.id"},"columns":["id","post_id","tag_id"],"records":[["1","1","1"],["2","1","2"],["3","2","1"],["4","2","2"]]},"tags":{"relations":{"id":"post_tags.tag_id"},"columns":["id","name"],"records":[["1","funny"],["2","important"]]}}');

  452. 	}

  453. 

  454. 	public function testEditUser()

  455. 	{

  456. 		$test = new API($this);

  457. 		$test->put('/users/1','{"password":"testtest"}');

  458. 		$test->expect('1');

  459. 	}

  460. 

  461. 	public function testEditUserWithId()

  462. 	{

  463. 		if (PHP_CRUD_API_Config::$dbengine!='SQLServer') {

  464. 			$test = new API($this);

  465. 			$test->put('/users/1','{"id":"2","password":"testtest2"}');

  466. 			$test->expect('1');

  467. 			$test->get('/users/1');

  468. 			$test->expect('{"id":"1","username":"user1","password":"testtest2"}');

  469. 		}

  470. 	}

  471. 

  472. 	public function testReadOtherUser()

  473. 	{

  474. 		$test = new API($this);

  475. 		$test->get('/users/2');

  476. 		$test->expect(false,'Not found (object)');

  477. 	}

  478. 

  479. 	public function testEditOtherUser()

  480. 	{

  481. 		$test = new API($this);

  482. 		$test->put('/users/2','{"password":"testtest"}');

  483. 		$test->expect('0');

  484. 	}

  485. 

  486. 	public function testFilterCategoryOnNullIcon()

  487. 	{

  488. 		$test = new API($this);

  489. 		$test->get('/categories?filter[]=icon,is,null&transform=1');

  490. 		$test->expect('{"categories":[{"id":"1","name":"anouncement","icon":null},{"id":"2","name":"alert();","icon":null}]}');

  491. 	}

  492. 

  493. 	public function testFilterCategoryOnNotNullIcon()

  494. 	{

  495. 		$test = new API($this);

  496. 		$test->get('/categories?filter[]=icon,no,null&transform=1');

  497. 		$test->expect('{"categories":[]}');

  498. 	}

  499. 

  500. 	public function testFilterPostsNotIn()

  501. 	{

  502. 		$test = new API($this);

  503. 		$test->get('/posts?filter[]=id,ni,1,2,3,4,7,8,9,10,11,12,13,14&transform=1');

  504. 		$test->expect('{"posts":[{"id":"5","user_id":"1","category_id":"1","content":"#1"},{"id":"6","user_id":"1","category_id":"1","content":"#2"}]}');

  505. 	}

  506. 

  507. 	public function testColumnsWithTable()

  508. 	{

  509. 		$test = new API($this);

  510. 		$test->get('/posts?columns=posts.content&filter=id,eq,1&transform=1');

  511. 		$test->expect('{"posts":[{"content":"blog started"}]}');

  512. 	}

  513. 

  514. 	public function testColumnsWithTableWildcard()

  515. 	{

  516. 		$test = new API($this);

  517. 		$test->get('/posts?columns=posts.*&filter=id,eq,1&transform=1');

  518. 		$test->expect('{"posts":[{"id":"1","user_id":"1","category_id":"1","content":"blog started"}]}');

  519. 	}

  520. 

  521. 	public function testColumnsOnInclude()

  522. 	{

  523. 		$test = new API($this);

  524. 		$test->get('/posts?include=categories&columns=categories.name&filter=id,eq,1&transform=1');

  525. 		$test->expect('{"posts":[{"category_id":"1","categories":[{"id":"1","name":"anouncement"}]}]}');

  526. 	}

  527. 

  528. 	public function testColumnsOnWrongInclude()

  529. 	{

  530. 		$test = new API($this);

  531. 		$test->get('/posts?include=categories&columns=categories&filter=id,eq,1&transform=1');

  532. 		$test->expect('{"posts":[{"category_id":"1","categories":[{"id":"1"}]}]}');

  533. 	}

  534. 

  535. 	public function testColumnsOnImplicitJoin()

  536. 	{

  537. 		$test = new API($this);

  538. 		$test->get('/posts?include=tags&columns=posts.id,tags.name&filter=id,eq,1&transform=1');

  539. 		$test->expect('{"posts":[{"id":"1","post_tags":[{"post_id":"1","tag_id":"1","tags":[{"id":"1","name":"funny"}]},{"post_id":"1","tag_id":"2","tags":[{"id":"2","name":"important"}]}]}]}');

  540. 	}

  541. 

  542. }