Skip to content

Commit

Permalink
added new 'validate' controller and hooked it into CI
Browse files Browse the repository at this point in the history
Partly satisfies #81
  • Loading branch information
RocketMan committed Aug 30, 2021
1 parent f6b25d4 commit f1b6273
Show file tree
Hide file tree
Showing 5 changed files with 174 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,4 +40,4 @@ before_script:
- export HTTP_ACCEPT="application/json"
- export HTTP_USER_AGENT="Travis CI"

script: php zk test action=test subaction=test
script: php zk validate
1 change: 1 addition & 0 deletions config/controller_config.php
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,5 @@
'api' => ZK\Controllers\API::class,
'sso' => ZK\Controllers\SSOLogin::class,
'push' => ZK\Controllers\PushServer::class,
'validate' => ZK\Controllers\Validate::class,
];
149 changes: 149 additions & 0 deletions controllers/Validate.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,149 @@
<?php
/**
* Zookeeper Online
*
* @author Jim Mason <[email protected]>
* @copyright Copyright (C) 1997-2021 Jim Mason <[email protected]>
* @link https://zookeeper.ibinx.com/
* @license GPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License,
* version 3, along with this program. If not, see
* http://www.gnu.org/licenses/
*
*/

namespace ZK\Controllers;

use ZK\Engine\Engine;
use ZK\Engine\IChart;
use ZK\Engine\IPlaylist;
use ZK\Engine\IUser;

use ZK\UI\UICommon as UI;

class Validate implements IController {
private $success = true;
private $session;
private $testPass;

private const TEST_USER = "__test_u";
private const TEST_NAME = "Test User";
private const TEST_ACCESS = "qr"; // some unused roles for safety

private const FAIL = "\033[0;31m";
private const OK = "\033[0;32m";
private const NORMAL = "\033[0m";

private static function success($success) {
if($success)
echo self::OK."OK";
else
echo self::FAIL."FAILED!";
echo self::NORMAL."\n";
}

public function processRequest() {
if(php_sapi_name() != "cli") {
http_response_code(400);
return;
}

$this->session = Engine::session();
echo "\nStarting Validation...\n\n";
try {
$success = $this->validateCreateUser() &&
$this->validateSignon() &&
$this->validateCategories() &&
$this->validateDeleteUser();
// even if $success is true, it is possible that one
// of the tests failed but let the others continue
//
// in this case, it will clear $this->success
} catch (\Exception $e) {
// if there is a db configuration issue (wrong db name
// or password, etc.), we'll get an exception.
echo self::FAIL."\nFATAL: ".$e->getMessage().self::NORMAL."\n";
$success = false;
}
echo "\nDone.\n";
exit($success && $this->success?0:1);
}

public function validateCreateUser() {
$api = Engine::api(IUser::class);

// clear test user, if any
//
// we don't want to show any errors from the attempted deletion;
// if there is a database configuration problem, it will show up below.
error_reporting(0);
$api->deleteUser(self::TEST_USER);
error_reporting(E_ALL & ~E_NOTICE);

echo "\tcreate user: ";
$this->testPass = md5(uniqid(rand()));
$success = $api->insertUser(self::TEST_USER, $this->testPass,
self::TEST_NAME, self::TEST_ACCESS, "");
self::success($success);
if($success) {
echo "\tvalidate user: ";
$user = $api->getUser(self::TEST_USER);
$success = $user['realname'] == self::TEST_NAME;
self::success($success);
}
return $success;
}

public function validateSignon() {
echo "\tvalidate signon: ";
if(Engine::api(IUser::class)->validatePassword(self::TEST_USER,
$this->testPass, 1, $access)) {
self::success(true);
echo "\tvalidate session: ";
// Create a session
//
// Suppress warnings from session cookie creation
error_reporting(E_ERROR);
$sessionID = md5(uniqid(rand()));
$this->session->create($sessionID, self::TEST_USER, $access);

// Validate session
$this->session->validate($sessionID);
$success = $this->session->isAuth(substr(self::TEST_ACCESS, 1, 1));
self::success($success);

// Resume normal error reporting
error_reporting(E_ALL & ~E_NOTICE);
} else {
self::success(false);
$success = false;
}
return $success;
}

public function validateCategories() {
echo "\tvalidate categories: ";
$cats = Engine::api(IChart::class)->getCategories();
$success = sizeof($cats) == 16;
self::success($success);
$this->success &= $success;
return true; // continue even if this test fails
}

public function validateDeleteUser() {
echo "\tdelete user: ";
$success = Engine::api(IUser::class)->deleteUser(self::TEST_USER);
self::success($success);
return $success;
}
}
1 change: 1 addition & 0 deletions engine/IUser.php
Original file line number Diff line number Diff line change
Expand Up @@ -43,4 +43,5 @@ function createNewAccount($fullname, $account);
function validatePassword($user, $password, $updateTimestamp, &$groups=0);
function updateUser($user, $password, $realname="XXZZ", $groups="XXZZ", $expiration="XXZZ");
function insertUser($user, $password, $realname, $groups, $expiration);
function deleteUser($user);
}
22 changes: 22 additions & 0 deletions engine/impl/User.php
Original file line number Diff line number Diff line change
Expand Up @@ -253,4 +253,26 @@ public function insertUser($user, $password, $realname, $groups, $expiration) {
$stmt->execute();
return ($stmt->rowCount() > 0);
}

public function deleteUser($user) {
// validate this user has no playlists nor reviews
$query = "SELECT COUNT(*) c FROM lists WHERE dj = ?";
$stmt = $this->prepare($query);
$stmt->bindValue(1, $user);
$result = $stmt->executeAndFetch();
if($result['c'])
return false;

$query = "SELECT COUNT(*) c FROM reviews WHERE user = ?";
$stmt = $this->prepare($query);
$stmt->bindValue(1, $user);
$result = $stmt->executeAndFetch();
if($result['c'])
return false;

$query = "DELETE FROM users WHERE name = ?";
$stmt = $this->prepare($query);
$stmt->bindValue(1, $user);
return $stmt->execute();
}
}

0 comments on commit f1b6273

Please sign in to comment.