2020-04-03 20:16:05 -04:00
|
|
|
<?php namespace Tests\Api;
|
2020-01-18 05:04:13 -05:00
|
|
|
|
2020-05-22 17:34:18 -04:00
|
|
|
use BookStack\Auth\User;
|
2020-04-03 20:16:05 -04:00
|
|
|
use Tests\TestCase;
|
2020-01-18 05:04:13 -05:00
|
|
|
|
|
|
|
class ApiDocsTest extends TestCase
|
|
|
|
{
|
|
|
|
use TestsApi;
|
|
|
|
|
|
|
|
protected $endpoint = '/api/docs';
|
|
|
|
|
|
|
|
public function test_docs_page_not_visible_to_normal_viewers()
|
|
|
|
{
|
|
|
|
$viewer = $this->getViewer();
|
|
|
|
$resp = $this->actingAs($viewer)->get($this->endpoint);
|
|
|
|
$resp->assertStatus(403);
|
|
|
|
|
|
|
|
$resp = $this->actingAsApiEditor()->get($this->endpoint);
|
|
|
|
$resp->assertStatus(200);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function test_docs_page_returns_view_with_docs_content()
|
|
|
|
{
|
|
|
|
$resp = $this->actingAsApiEditor()->get($this->endpoint);
|
|
|
|
$resp->assertStatus(200);
|
|
|
|
$resp->assertSee(url('/api/docs.json'));
|
|
|
|
$resp->assertSee('Show a JSON view of the API docs data.');
|
|
|
|
$resp->assertHeader('Content-Type', 'text/html; charset=UTF-8');
|
|
|
|
}
|
|
|
|
|
|
|
|
public function test_docs_json_endpoint_returns_json()
|
|
|
|
{
|
|
|
|
$resp = $this->actingAsApiEditor()->get($this->endpoint . '.json');
|
|
|
|
$resp->assertStatus(200);
|
|
|
|
$resp->assertHeader('Content-Type', 'application/json');
|
|
|
|
$resp->assertJson([
|
|
|
|
'docs' => [ [
|
|
|
|
'name' => 'docs-display',
|
|
|
|
'uri' => 'api/docs'
|
|
|
|
] ]
|
|
|
|
]);
|
|
|
|
}
|
2020-05-22 17:34:18 -04:00
|
|
|
|
|
|
|
public function test_docs_page_visible_by_public_user_if_given_permission()
|
|
|
|
{
|
|
|
|
$this->setSettings(['app-public' => true]);
|
|
|
|
$guest = User::getDefault();
|
|
|
|
|
|
|
|
$this->startSession();
|
|
|
|
$resp = $this->get('/api/docs');
|
|
|
|
$resp->assertStatus(403);
|
|
|
|
|
|
|
|
$this->giveUserPermissions($guest, ['access-api']);
|
|
|
|
|
|
|
|
$resp = $this->get('/api/docs');
|
|
|
|
$resp->assertStatus(200);
|
|
|
|
}
|
2020-01-18 05:04:13 -05:00
|
|
|
}
|