From 01c7db68441c69e624ce31fc4985bf34b50d3e60 Mon Sep 17 00:00:00 2001 From: Tom Bloor Date: Tue, 25 Jul 2017 14:23:03 +0100 Subject: [PATCH 1/3] Removed admin api endpoint as unused --- lib/Pear/LocalLoop.pm | 5 - lib/Pear/LocalLoop/Controller/Api/Admin.pm | 106 --------------------- 2 files changed, 111 deletions(-) delete mode 100644 lib/Pear/LocalLoop/Controller/Api/Admin.pm diff --git a/lib/Pear/LocalLoop.pm b/lib/Pear/LocalLoop.pm index 1c5efd6..59ced68 100644 --- a/lib/Pear/LocalLoop.pm +++ b/lib/Pear/LocalLoop.pm @@ -152,11 +152,6 @@ sub startup { $api->post('/stats')->to('api-stats#post_index'); $api->post('/stats/leaderboard')->to('api-stats#post_leaderboards'); - my $api_admin = $api->under('/')->to('api-admin#auth'); - - $api_admin->post('/admin-approve')->to('api-admin#post_admin_approve'); - $api_admin->post('/admin-merge')->to('api-admin#post_admin_merge'); - my $admin_routes = $r->under('/admin')->to('admin#under'); $admin_routes->get('/home')->to('admin#home'); diff --git a/lib/Pear/LocalLoop/Controller/Api/Admin.pm b/lib/Pear/LocalLoop/Controller/Api/Admin.pm deleted file mode 100644 index e5d629a..0000000 --- a/lib/Pear/LocalLoop/Controller/Api/Admin.pm +++ /dev/null @@ -1,106 +0,0 @@ -package Pear::LocalLoop::Controller::Api::Admin; -use Mojo::Base 'Mojolicious::Controller'; - -has error_messages => sub { - return { - target_organisation_id => { - required => { message => 'target_organisation_id is missing', status => 400 }, - number => { message => 'target_organisation_id is not a number', status => 400 }, - in_resultset => { message => 'target_organisation_id does not exist in the database', status => 400 }, - }, - pending_organisation_id => { - required => { message => 'pending_organisation_id is missing', status => 400 }, - number => { message => 'pending_organisation_id is not a number', status => 400 }, - in_resultset => { message => 'pending_organisation_id does not exist in the database', status => 400 }, - }, - postcode => { - postcode => { message => 'postcode is not a valid uk postcode', status => 400 }, - }, - }; -}; - -sub auth { - my $c = shift; - - if ( defined $c->stash->{ api_user }->administrator ) { - return 1; - } - - $c->render( - json => { - success => Mojo::JSON->false, - message => 'Not Authorised', - }, - status => 403, - ); - return 0; -} - -sub post_admin_approve { - my $c = shift; - - my $validation = $c->validation; - - $validation->input( $c->stash->{api_json} ); - - my $pending_org_rs = $c->schema->resultset('PendingOrganisation'); - $validation->required('pending_organisation_id')->number->in_resultset('id', $pending_org_rs); - $validation->optional('name'); - $validation->optional('street_name'); - $validation->optional('town'); - $validation->optional('postcode')->postcode; - - return $c->api_validation_error if $validation->has_error; - - my $pending_org = $pending_org_rs->find( $validation->param('pending_organisation_id') ); - - my $valid_org = $c->schema->resultset('Organisation')->create({ - name => $validation->param('name') || $pending_org->name, - street_name => $validation->param('street_name') || $pending_org->street_name, - town => $validation->param('town') || $pending_org->town, - postcode => $validation->param('postcode') || $pending_org->postcode, - }); - - $c->copy_transactions_and_delete( $pending_org, $valid_org ); - - return $c->render( - json => { - success => Mojo::JSON->true, - message => 'Successfully Approved Organisation', - }, - status => 200, - ); -} - - -sub post_admin_merge { - my $c = shift; - - my $validation = $c->validation; - - $validation->input( $c->stash->{api_json} ); - - my $pending_org_rs = $c->schema->resultset('PendingOrganisation'); - $validation->required('pending_organisation_id')->number->in_resultset('id', $pending_org_rs); - - my $valid_org_rs = $c->schema->resultset('Organisation'); - $validation->required('target_organisation_id')->number->in_resultset('id', $valid_org_rs); - - return $c->api_validation_error if $validation->has_error; - - my $pending_org = $pending_org_rs->find( $validation->param('pending_organisation_id') ); - my $target_org = $valid_org_rs->find( $validation->param('target_organisation_id') ); - - $c->copy_transactions_and_delete( $pending_org, $target_org ); - - return $c->render( - json => { - success => Mojo::JSON->true, - message => 'Successfully Merged Organisations', - }, - status => 200, - ); -} - -1; - From b009fa5c86776ce86fddc11cea72fba08f641f1c Mon Sep 17 00:00:00 2001 From: Tom Bloor Date: Tue, 25 Jul 2017 14:30:42 +0100 Subject: [PATCH 2/3] Remove admin approve and merge tests for removed code --- t/admin-approve.t | 394 ---------------------------------------- t/admin-merge.t | 449 ---------------------------------------------- 2 files changed, 843 deletions(-) delete mode 100644 t/admin-approve.t delete mode 100644 t/admin-merge.t diff --git a/t/admin-approve.t b/t/admin-approve.t deleted file mode 100644 index 3c287ed..0000000 --- a/t/admin-approve.t +++ /dev/null @@ -1,394 +0,0 @@ -use Mojo::Base -strict; - -use Test::More; -use Mojo::JSON; -use Test::Pear::LocalLoop; - -my $framework = Test::Pear::LocalLoop->new; -my $t = $framework->framework; -my $schema = $t->app->schema; -my $dump_error = sub { diag $t->tx->res->dom->at('pre[id="error"]')->text }; - -my @account_tokens = ('a', 'b', 'c'); - -$schema->resultset('AccountToken')->populate([ - [ 'name' ], - map { [ $_ ] } @account_tokens, -]); - -#This depends on "register.t", "login.t" and "upload.t" working. - -#Valid customer, this also tests that redirects are disabled for register. -print "test 1 - Create customer user account (Reno)\n"; -my $emailReno = 'reno@shinra.energy'; -my $passwordReno = 'turks'; -my $testJson = { - 'usertype' => 'customer', - 'token' => shift(@account_tokens), - 'full_name' => 'Reno', - 'display_name' => 'Reno', - 'email' => $emailReno, - 'postcode' => 'SA4 3FA', - 'password' => $passwordReno, - year_of_birth => 2006 -}; -$t->post_ok('/api/register' => json => $testJson) - ->status_is(200)->or($dump_error) - ->json_is('/success', Mojo::JSON->true); - -print "test 2 - Create organisation user account (Choco Billy)\n"; -my $emailBilly = 'choco.billy@chocofarm.org'; -my $passwordBilly = 'Choco'; -$testJson = { - 'usertype' => 'organisation', - 'token' => shift(@account_tokens), - 'name' => 'ChocoBillysGreens', - 'email' => $emailBilly, - 'postcode' => 'ST20 0LG', - 'password' => $passwordBilly, - 'street_name' => 'Chocobo Farm, Eastern Continent', - 'town' => 'Gaia', -}; -$t->post_ok('/api/register' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -print "test 3 - Create admin account\n"; -my $emailAdmin = 'admin@foodloop.net'; -my $passwordAdmin = 'ethics'; -$testJson = { - 'usertype' => 'customer', - 'token' => shift(@account_tokens), - 'display_name' => 'admin', - 'full_name' => 'admin', - 'email' => $emailAdmin, - 'postcode' => 'HD5 9XU', - 'password' => $passwordAdmin, - year_of_birth => 2006 -}; -$t->post_ok('/api/register' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -print "test 4 - Making 'admin' an Admin\n"; -my $rufus_user = $schema->resultset('User')->find({ email => $emailAdmin }); -is $schema->resultset('Administrator')->count, 0, "No admins"; -$rufus_user->find_or_create_related('administrator', {}); -is $schema->resultset('Administrator')->count, 1, "1 admin"; - -###################################################### - -#Login as non-admin Reno - -print "test 5 - Login - non-admin Reno (cookies, customer)\n"; -$testJson = { - 'email' => $emailReno, - 'password' => $passwordReno, -}; -$t->post_ok('/api/login' => json => $testJson) - ->status_is(200)->or($dump_error) - ->json_is('/success', Mojo::JSON->true); - -my $session_key = $t->tx->res->json('/session_key'); - -print "test 6 - add valid transaction (type 3: new organisation)\n"; -is $schema->resultset('PendingOrganisation')->count, 0, "No unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 0, "No unverified transactions" ; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation (choco billy)" ; -is $schema->resultset('Transaction')->count, 0, "No verified transactions" ; -my $nameToTestTurtle = 'Turtle\'s Paradise'; -my $json = { - transaction_value => 20, - transaction_type => 3, - organisation_name => $nameToTestTurtle, - street_name => "Town centre", - town => " Wutai", - postcode => "NW1 5RU", - session_key => $session_key, -}; -my $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200)->or($dump_error) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 1, "1 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 1, "1 unverified transaction" ; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation (choco billy)" ; -is $schema->resultset('Transaction')->count, 0, "No verified transactions" ; - -my $newPendingTurtleOrgId = $t->app->schema->resultset('PendingOrganisation')->find({ name => $nameToTestTurtle })->id; -#print "Turtle Id: " . $newPendingTurtleOrgId . "\n"; - -print "test 7 - Non-admin (customer) tries to approve their organisation and fails.\n"; -$json = { - pending_organisation_id => $newPendingTurtleOrgId, - session_key => $session_key, -}; -$t->post_ok('/api/admin-approve' => json => $json) - ->status_is(403) - ->json_is('/success', Mojo::JSON->false) - ->json_like('/message', qr/Not Authorised/i); - - -print "test 8 - Logout Reno\n"; -$t->post_ok('/api/logout', json => { session_key => $session_key } ) - ->status_is(200)->or($dump_error) - ->json_is('/success', Mojo::JSON->true); - -#End of non-admin Reno - -###################################################### - -#Login as non-admin Choco Billy - -print "test 9 - Login - non-admin Choco Billy (cookies, organisation)\n"; -$testJson = { - 'email' => $emailBilly, - 'password' => $passwordBilly, -}; -$t->post_ok('/api/login' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -$session_key = $t->tx->res->json('/session_key'); - -print "test 10 - add valid transaction (type 3: new organisation)\n"; -is $schema->resultset('PendingOrganisation')->count, 1, "1 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 1, "1 unverified transaction" ; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation (choco billy)" ; -is $schema->resultset('Transaction')->count, 0, "No verified transactions" ; - -my $nameToTestKalm = 'Kalm Inn'; -$json = { - transaction_value => 10, - transaction_type => 3, - organisation_name => $nameToTestKalm, - street_name => "Town centre", - town => "Kalm", - postcode => "NW11 7GZ", - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -is $schema->resultset('PendingOrganisation')->count, 2, "2 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 2, "2 unverified transaction" ; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation (choco billy)" ; -is $schema->resultset('Transaction')->count, 0, "No verified transactions" ; - -my $newPendingKalmOrgId = $t->app->schema->resultset('PendingOrganisation')->find({ name => $nameToTestKalm })->id; - -print "test 11 - add valid transaction (type 2: unvalidated organisation)\n"; -$json = { - transaction_value => 10, - transaction_type => 2, - organisation_id => $newPendingKalmOrgId, - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200)->or($dump_error) - ->json_is('/success', Mojo::JSON->true); - -is $schema->resultset('PendingOrganisation')->count, 2, "2 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 3, "3 unverified transaction" ; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation (choco billy)" ; -is $schema->resultset('Transaction')->count, 0, "No verified transactions" ; - -print "test 12 - add valid transaction (type 3: new organisation)\n"; -my $nameToTestJunon = 'Store'; -$json = { - transaction_value => 10, - transaction_type => 3, - organisation_name => $nameToTestJunon, - street_name => "Main street", - town => "Under Junon", - postcode => "NW1W 7GF", - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -my $newPendingJunonOrgId = $t->app->schema->resultset('PendingOrganisation')->find({ name => $nameToTestJunon })->id; -#print "Junon Id: " . $newPendingJunonOrgId . "\n"; -is $schema->resultset('PendingOrganisation')->count, 3, "3 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 4, "4 unverified transaction" ; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation (choco billy)" ; -is $schema->resultset('Transaction')->count, 0, "No verified transactions" ; - -print "test 13 - add valid transaction (type 2: unvalidated organisation)\n"; -$json = { - transaction_value => 20, - transaction_type => 2, - organisation_id => $newPendingJunonOrgId, - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 3, "3 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 5, "5 unverified transaction" ; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation (choco billy)" ; -is $schema->resultset('Transaction')->count, 0, "No verified transactions" ; - -print "test 14 - add valid transaction (type 2: unvalidated organisation)\n"; -$json = { - transaction_value => 30, - transaction_type => 2, - organisation_id => $newPendingJunonOrgId, - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 3, "3 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 6, "6 unverified transaction" ; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation (choco billy)" ; -is $schema->resultset('Transaction')->count, 0, "No verified transactions" ; - -print "test 15 - Non-admin (organisation) tries to approve their organisation and fails.\n"; -$json = { - pending_organisation_id => $newPendingKalmOrgId, - session_key => $session_key, -}; -$t->post_ok('/api/admin-approve' => json => $json) - ->status_is(403) - ->json_is('/success', Mojo::JSON->false) - ->json_like('/message', qr/Not Authorised/i); - -print "test 16 - Logout Choco Billy\n"; -$t->post_ok('/api/logout', json => { session_key => $session_key } ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -#End of non-admin Choco Billy - -###################################################### - -#Login as Admin - -print "test 17 - Login - admin\n"; -$testJson = { - 'email' => $emailAdmin, - 'password' => $passwordAdmin, -}; -$t->post_ok('/api/login' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -$session_key = $t->tx->res->json('/session_key'); - -print "test 18 - JSON is missing.\n"; -$t->post_ok('/api/admin-approve' => json => {}) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->json_like('/message', qr/JSON is missing/i); - -print "test 19 - pending_organisation_id missing (non-modify).\n"; -$json = { - session_key => $session_key, -}; -$t->post_ok('/api/admin-approve' => json => $json) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->content_like(qr/pending_organisation_id is missing/i); - -print "test 20 - pending_organisation_id not number (non-modify).\n"; -$json = { - pending_organisation_id => 'Abc', - session_key => $session_key, -}; -$t->post_ok('/api/admin-approve' => json => $json) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->json_like('/message', qr/pending_organisation_id is not a number/i); - -print "test 21 - pending_organisation_id does not exist (non-modify).\n"; - -my $maxPendingId = $schema->resultset('PendingOrganisation')->get_column('id')->max; -$json = { - pending_organisation_id => $maxPendingId + 1, - session_key => $session_key, -}; -$t->post_ok('/api/admin-approve' => json => $json) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->json_like('/message', qr/pending_organisation_id does not exist in the database/i); - -#TODO add text to see the specific one has moved. - -print "test 22 - valid approval (non-modify).\n"; -is $schema->resultset('PendingOrganisation')->count, 3, "3 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 6, "6 unverified transaction"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; -$json = { - pending_organisation_id => $newPendingKalmOrgId, - session_key => $session_key, -}; -$t->post_ok('/api/admin-approve' => json => $json) - ->status_is(200)->or($dump_error) - ->json_is('/success', Mojo::JSON->true); - -is $schema->resultset('PendingOrganisation')->count, 2, "2 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 4, "4 unverified transaction"; -is $schema->resultset('Organisation')->count, 2, "2 verified organisations"; -is $schema->resultset('Transaction')->count, 2, "2 verified transactions"; -is $schema->resultset('PendingOrganisation')->find({ name => $nameToTestKalm }), undef, "Kalm does not exist in pending orgs."; -ok $schema->resultset('Organisation')->find({ name => $nameToTestKalm }), "Kalm exists in verified orgs."; - -print "test 23 - valid approval (modify all).\n"; -#TODO if we implement constraints on the input data this will fail -my $test_name = "Change testing turtle name"; -my $test_street_name = "Change testing turtle address"; -my $test_town = "TestinTown"; -my $test_postcode = "BN21 2RB"; -$json = { - pending_organisation_id => $newPendingTurtleOrgId, - name => $test_name, - street_name => $test_street_name, - town => $test_town, - postcode => $test_postcode, - session_key => $session_key, -}; -$t->post_ok('/api/admin-approve' => json => $json) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 1, "1 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 3, "3 unverified transaction" ; -is $schema->resultset('Organisation')->count, 3, "3 verified organisation (choco billy)" ; -is $schema->resultset('Transaction')->count, 3, "3 verified transactions" ; -is $schema->resultset('PendingOrganisation')->find({ name => $nameToTestTurtle }), undef, "Turtle does not exist in pending orgs."; -is $schema->resultset('Organisation')->find({ name => $nameToTestTurtle }), undef, "original Turtle does not exists in verified orgs."; -my $turtle_result = $schema->resultset('Organisation')->find({ name => $test_name }); -ok $turtle_result, "new Turtle exists in verified orgs."; -is $turtle_result->street_name, $test_street_name, 'street_name correct'; -is $turtle_result->town, $test_town, 'town correct'; -is $turtle_result->postcode, $test_postcode, 'postcode correct'; - -print "test 24 - valid approval (modify some).\n"; -#TODO if we implement constraints on the input data this will fail -$test_name = "Change testing junon name"; -$json = { - pending_organisation_id => $newPendingJunonOrgId, - name => $test_name, - session_key => $session_key, -}; -$t->post_ok('/api/admin-approve' => json => $json) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 0, "0 unverified organisation"; -is $schema->resultset('PendingTransaction')->count, 0, "0 unverified transaction"; -is $schema->resultset('Organisation')->count, 4, "4 verified organisations"; -is $schema->resultset('Transaction')->count, 6, "6 verified transactions"; -is $schema->resultset('PendingOrganisation')->find({ name => $nameToTestJunon }), undef, "Junon does not exist in pending orgs."; -is $schema->resultset('Organisation')->find({ name => $nameToTestJunon }), undef, "original Junon does not exists in verified orgs."; -my $junon_result = $schema->resultset('Organisation')->find({ name => $test_name }); -ok $junon_result, "new Junon exists in verified orgs."; - -############################################## - -done_testing(); diff --git a/t/admin-merge.t b/t/admin-merge.t deleted file mode 100644 index 661f264..0000000 --- a/t/admin-merge.t +++ /dev/null @@ -1,449 +0,0 @@ -use Mojo::Base -strict; - -use Test::More; -use Mojo::JSON; -use Test::Pear::LocalLoop; - -my $framework = Test::Pear::LocalLoop->new; -my $t = $framework->framework; -my $schema = $t->app->schema; -my $dump_error = sub { diag $t->tx->res->dom->at('pre[id="error"]')->text }; - -my @account_tokens = ('a', 'b', 'c'); - -$schema->resultset('AccountToken')->populate([ - [ 'name' ], - map { [ $_ ] } @account_tokens, -]); - -#This depends on "register.t", "login.t", "upload.t" and "admin-approve.t" working. - -#Valid customer, this also tests that redirects are disabled for register. -print "test 1 - Create customer user account (Reno)\n"; -my $emailReno = 'reno@shinra.energy'; -my $passwordReno = 'turks'; -my $testJson = { - 'usertype' => 'customer', - 'token' => shift(@account_tokens), - 'full_name' => 'Reno', - 'display_name' => 'Reno', - 'email' => $emailReno, - 'postcode' => 'SA4 3FA', - 'password' => $passwordReno, - year_of_birth => 2006 -}; -$t->post_ok('/api/register' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -print "test 2 - Create organisation user account (Choco Billy)\n"; -my $emailBilly = 'choco.billy@chocofarm.org'; -my $passwordBilly = 'Choco'; -$testJson = { - 'usertype' => 'organisation', - 'token' => shift(@account_tokens), - 'name' => 'ChocoBillysGreens', - 'email' => $emailBilly, - 'postcode' => 'ST20 0LG', - 'password' => $passwordBilly, - 'street_name' => 'Chocobo Farm, Eastern Continent', - town => 'Gaia', -}; -$t->post_ok('/api/register' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - - -print "test 3 - Create admin account\n"; -my $emailAdmin = 'admin@foodloop.net'; -my $passwordAdmin = 'ethics'; -$testJson = { - 'usertype' => 'customer', - 'token' => shift(@account_tokens), - 'display_name' => 'admin', - 'full_name' => 'admin', - 'email' => $emailAdmin, - 'postcode' => 'HD5 9XU', - 'password' => $passwordAdmin, - year_of_birth => 2006 -}; -$t->post_ok('/api/register' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -print "test 4 - Making 'admin' an Admin\n"; -my $rufus_user = $schema->resultset('User')->find({ email => $emailAdmin }); -is $schema->resultset('Administrator')->count, 0, "No admins"; -$rufus_user->find_or_create_related('administrator', {}); -is $schema->resultset('Administrator')->count, 1, "1 admin"; - -###################################################### - -#Login as non-admin Reno - -print "test 5 - Login - non-admin Reno (cookies, customer)\n"; -$testJson = { - 'email' => $emailReno, - 'password' => $passwordReno, -}; -$t->post_ok('/api/login' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -my $session_key = $t->tx->res->json('/session_key'); - -print "test 6 - add valid transaction (type 3: new organisation)\n"; -is $schema->resultset('PendingOrganisation')->count, 0, "No unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 0, "No unverified transactions"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; - -my $nameToTestTurtle = 'Turtle\'s Paradise'; -my $json = { - transaction_value => 20, - transaction_type => 3, - organisation_name => $nameToTestTurtle, - street_name => "Town centre", - town => " Wutai", - postcode => "NW10 8HH", - session_key => $session_key, -}; -my $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 1, "1 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 1, "1 unverified transactions"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; - -my $newPendingTurtleOrgId = $t->app->schema->resultset('PendingOrganisation')->find({ name => $nameToTestTurtle })->id; -print "Turtle Id: " . $newPendingTurtleOrgId . "\n"; - - -print "test 7 - Logout Reno\n"; -$t->post_ok('/api/logout', json => { session_key => $session_key } ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -#End of non-admin Reno - -###################################################### - -#Login as non-admin Choco Billy - -print "test 8 - Login - non-admin Choco Billy (cookies, organisation)\n"; -$testJson = { - 'email' => $emailBilly, - 'password' => $passwordBilly, -}; -$t->post_ok('/api/login' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -$session_key = $t->tx->res->json('/session_key'); - -print "test 9 - add valid transaction (type 3: new organisation)\n"; -is $schema->resultset('PendingOrganisation')->count, 1, "1 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 1, "1 unverified transactions"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; - -my $nameToTestTurtlePartial = 'Turtle\'s Paradise2'; -$json = { - transaction_value => 20, - transaction_type => 3, - organisation_name => $nameToTestTurtlePartial, - street_name => "", - town => "Turtlesville", - postcode => "", - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200)->or($dump_error) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 2, "2 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 2, "2 unverified transactions"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; - -my $newPendingTurtleOrgIdPartial = $t->app->schema->resultset('PendingOrganisation')->find({ name => $nameToTestTurtlePartial })->id; -print "Turtle Id 2: " . $newPendingTurtleOrgIdPartial . "\n"; - -#done_testing(); -#exit; - - -print "test 10 - add valid transaction (type 2: unvalidated organisation)\n"; -$json = { - transaction_value => 10, - transaction_type => 2, - organisation_id => $newPendingTurtleOrgIdPartial, - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 2, "2 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 3, "3 unverified transactions"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; - -print "test 11 - add valid transaction (type 3: new organisation)\n"; -my $nameToTestJunon = 'Store'; -$json = { - transaction_value => 10, - transaction_type => 3, - organisation_name => $nameToTestJunon, - street_name => "Main street", - town => "Under Junon", - postcode => "NW9 5EB", - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -my $newPendingJunonOrgId = $t->app->schema->resultset('PendingOrganisation')->find({ name => $nameToTestJunon })->id; -print "Junon Id: " . $newPendingJunonOrgId . "\n"; - -is $schema->resultset('PendingOrganisation')->count, 3, "3 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 4, "4 unverified transactions"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; - -print "test 12 - add valid transaction (type 2: unvalidated organisation)\n"; -$json = { - transaction_value => 20, - transaction_type => 2, - organisation_id => $newPendingJunonOrgId, - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 3, "3 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 5, "5 unverified transactions"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; - -print "test 13 - add valid transaction (type 2: unvalidated organisation)\n"; -$json = { - transaction_value => 30, - transaction_type => 2, - organisation_id => $newPendingJunonOrgId, - session_key => $session_key, -}; -$upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; -$t->post_ok('/api/upload' => form => $upload ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 3, "3 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 6, "6 unverified transactions"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; - -print "test 14 - Logout Choco Billy\n"; -$t->post_ok('/api/logout', json => { session_key => $session_key } ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -#End of non-admin Choco Billy - -###################################################### - -#Login as Admin - -print "test 15 - Login - admin\n"; -$testJson = { - 'email' => $emailAdmin, - 'password' => $passwordAdmin, -}; -$t->post_ok('/api/login' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -$session_key = $t->tx->res->json('/session_key'); - -print "test 16 - Admin - Approve the correctly filled out organisation.\n"; -is $schema->resultset('PendingOrganisation')->count, 3, "3 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 6, "6 unverified transactions"; -is $schema->resultset('Organisation')->count, 1, "1 verified organisation"; -is $schema->resultset('Transaction')->count, 0, "No verified transactions"; -$json = { - pending_organisation_id => $newPendingTurtleOrgId, - session_key => $session_key, -}; -$t->post_ok('/api/admin-approve' => json => $json) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -my $turtleValidatedId = $t->app->schema->resultset('Organisation')->find({ name => $nameToTestTurtle })->id; -is $schema->resultset('PendingOrganisation')->count, 2, "2 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 5, "5 unverified transactions"; -is $schema->resultset('Organisation')->count, 2, "2 verified organisation"; -is $schema->resultset('Transaction')->count, 1, "1 verified transactions"; - -print "test 17 - Logout Admin\n"; -$t->post_ok('/api/logout', json => { session_key => $session_key } ) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -#End of Admin - -###################################################### - -#Login as non-admin Choco Billy - -print "test 18 - Login - non-admin Choco Billy (cookies, organisation)\n"; -$testJson = { - 'email' => $emailBilly, - 'password' => $passwordBilly, -}; -$t->post_ok('/api/login' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -$session_key = $t->tx->res->json('/session_key'); - -print "test 19 - Attempt to merge own unvalidated organisation with validated one and fails.\n"; -$json = { - pending_organisation_id => $newPendingTurtleOrgIdPartial, - target_organisation_id => $turtleValidatedId, - session_key => $session_key, -}; -$t->post_ok('/api/admin-merge' => json => $json) - ->status_is(403) - ->json_is('/success', Mojo::JSON->false) - ->json_like('/message', qr/Not Authorised/i); - -print "test 20 - Logout Choco Billy\n"; -$t->post_ok('/api/logout', json => { session_key => $session_key }) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); - -#End of non-admin Choco Billy - -###################################################### - -#Login as Admin - -print "test 21 - Login - admin\n"; -$testJson = { - 'email' => $emailAdmin, - 'password' => $passwordAdmin, -}; -$t->post_ok('/api/login' => json => $testJson) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -$session_key = $t->tx->res->json('/session_key'); - -print "test 22 - JSON is missing.\n"; -$t->post_ok('/api/admin-merge' => json => {}) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->json_like('/message', qr/JSON is missing/); - - -print "test 23 - pending_organisation_id missing.\n"; -$json = { - target_organisation_id => $turtleValidatedId, - session_key => $session_key, -}; -$t->post_ok('/api/admin-merge' => json => $json) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->json_like('/message', qr/pending_organisation_id is missing/i); - - -print "test 24 - pending_organisation_id not number.\n"; -$json = { - pending_organisation_id => "ABC", - target_organisation_id => $turtleValidatedId, - session_key => $session_key, -}; -$t->post_ok('/api/admin-merge' => json => $json) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->content_like(qr/pending_organisation_id is not a number/i); - - -print "test 25 - target_organisation_id missing.\n"; -$json = { - pending_organisation_id => $newPendingTurtleOrgIdPartial, - session_key => $session_key, -}; -$t->post_ok('/api/admin-merge' => json => $json) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->content_like(qr/target_organisation_id is missing/i); - - -print "test 26 - target_organisation_id not number.\n"; -$json = { - pending_organisation_id => $newPendingTurtleOrgIdPartial, - target_organisation_id => "ABC", - session_key => $session_key, -}; -$t->post_ok('/api/admin-merge' => json => $json) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->content_like(qr/target_organisation_id is not a number/i); - - -print "test 27 - pending_organisation_id does not exist.\n"; -my $maxPendingId = $schema->resultset('PendingOrganisation')->get_column('id')->max; -$json = { - pending_organisation_id => ($maxPendingId + 1), - target_organisation_id => $turtleValidatedId, - session_key => $session_key, -}; -$t->post_ok('/api/admin-merge' => json => $json) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->content_like(qr/pending_organisation_id does not exist in the database/i); - - -print "test 28 - target_organisation_id does not exist.\n"; -my $maxId = $schema->resultset('Organisation')->get_column('id')->max; -$json = { - pending_organisation_id => $newPendingTurtleOrgIdPartial, - target_organisation_id => ($maxId + 1), - session_key => $session_key, -}; -$t->post_ok('/api/admin-merge' => json => $json) - ->status_is(400) - ->json_is('/success', Mojo::JSON->false) - ->content_like(qr/target_organisation_id does not exist in the database/i); - -my $turtle_result = $schema->resultset('Organisation')->find($turtleValidatedId); -my $old_name = $turtle_result->name; -my $old_street_name = $turtle_result->street_name; -my $old_postcode = $turtle_result->postcode; -my $old_town = $turtle_result->town; - -print "test 29 - valid merge.\n"; -is $schema->resultset('PendingOrganisation')->count, 2, "2 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 5, "5 unverified transactions"; -is $schema->resultset('Organisation')->count, 2, "2 verified organisation"; -is $schema->resultset('Transaction')->count, 1, "1 verified transactions"; -is $turtle_result->transactions->count, 1, '1 transactions for turtle'; -$json = { - pending_organisation_id => $newPendingTurtleOrgIdPartial, - target_organisation_id => $turtleValidatedId, - session_key => $session_key, -}; -$t->post_ok('/api/admin-merge' => json => $json) - ->status_is(200) - ->json_is('/success', Mojo::JSON->true); -is $schema->resultset('PendingOrganisation')->count, 1, "1 unverified organisations"; -is $schema->resultset('PendingTransaction')->count, 3, "3 unverified transactions"; -is $schema->resultset('Organisation')->count, 2, "2 verified organisation"; -is $schema->resultset('Transaction')->count, 3, "3 verified transactions"; -is $turtle_result->transactions->count, 3, '3 transactions for turtle'; -is $turtle_result->name, $old_name, 'name unchanged'; -is $turtle_result->town, $old_town, 'town unchanged'; -is $turtle_result->postcode, $old_postcode, 'postcode unchanged'; -is $turtle_result->street_name, $old_street_name, 'street_name unchanged'; - -done_testing(); From 9dd808c547b6a344a4ccdf8d6b07abd58453b674 Mon Sep 17 00:00:00 2001 From: Tom Bloor Date: Tue, 25 Jul 2017 14:33:11 +0100 Subject: [PATCH 3/3] Fix issue with approving organisations. --- lib/Pear/LocalLoop.pm | 2 +- .../Controller/Admin/Organisations.pm | 32 +++++++++++++------ 2 files changed, 24 insertions(+), 10 deletions(-) diff --git a/lib/Pear/LocalLoop.pm b/lib/Pear/LocalLoop.pm index 59ced68..2c92757 100644 --- a/lib/Pear/LocalLoop.pm +++ b/lib/Pear/LocalLoop.pm @@ -204,8 +204,8 @@ sub startup { submitted_at => $from_org_transaction->submitted_at, } ); + $from_org_transaction->delete; } - $from_org->delete; }); } diff --git a/lib/Pear/LocalLoop/Controller/Admin/Organisations.pm b/lib/Pear/LocalLoop/Controller/Admin/Organisations.pm index d1b39b3..55f90f5 100644 --- a/lib/Pear/LocalLoop/Controller/Admin/Organisations.pm +++ b/lib/Pear/LocalLoop/Controller/Admin/Organisations.pm @@ -1,6 +1,8 @@ package Pear::LocalLoop::Controller::Admin::Organisations; use Mojo::Base 'Mojolicious::Controller'; +use Try::Tiny; + sub list { my $c = shift; @@ -28,15 +30,27 @@ sub pending_read { sub pending_approve { my $c = shift; my $pending_org = $c->schema->resultset('PendingOrganisation')->find( $c->param('id') ); - my $valid_org = $c->schema->resultset('Organisation')->create({ - name => $pending_org->name, - street_name => $pending_org->street_name, - town => $pending_org->town, - postcode => $pending_org->postcode, - }); - $c->copy_transactions_and_delete( $pending_org, $valid_org ); - $c->flash( success => 'Validated Organisation' ); - $c->redirect_to( '/admin/organisations/valid/' . $valid_org->id ); + + my $valid_org; + try { + $c->schema->storage->txn_do( sub { + $valid_org = $c->schema->resultset('Organisation')->create({ + name => $pending_org->name, + street_name => $pending_org->street_name, + town => $pending_org->town, + postcode => $pending_org->postcode, + }); + $c->copy_transactions_and_delete( $pending_org, $valid_org ); + } ); + } finally { + if ( @_ ) { + $c->flash( error => 'Something went wrong Validating the Organisation' ); + $c->redirect_to( '/admin/organisations/pending/' . $pending_org->id ); + } else { + $c->flash( success => 'Validated Organisation' ); + $c->redirect_to( '/admin/organisations/valid/' . $valid_org->id ); + } + } } 1;