use Mojo::Base -strict; use Test::More; use Mojo::JSON; use Test::Pear::LocalLoop; my $framework = Test::Pear::LocalLoop->new; my $t = $framework->framework; my $schema = $t->app->schema; my $dump_error = sub { diag $t->tx->res->dom->at('pre[id="error"]')->text }; my @account_tokens = ('a', 'b', 'c'); $schema->resultset('AccountToken')->populate([ [ 'name' ], map { [ $_ ] } @account_tokens, ]); #Add a test purchase_time to use for receipt uploading. my $test_purchase_time = "2017-08-14T11:29:07.965+01:00"; #Add one company that we've apparently authenticated but does not have an account. my $org_rs = $schema->resultset('Organisation'); is $org_rs->count, 0, "No organisations"; my $shinra_entity = $schema->resultset('Entity')->create_org({ name => 'Shinra Electric Power Company', street_name => 'Sector 0, Midgar, Eastern Continent', town => 'Gaia', postcode => 'E1 M00', submitted_by_id => 1, }); is $org_rs->count, 1, "1 testing organisation"; my $org_id_shinra = $shinra_entity->organisation->id; $schema->resultset('Category')->create({ id => 1, name => "Test Category", }); #Valid customer, this also tests that redirects are disabled for register. print "test 1 - Create customer user account (Rufus)\n"; my $emailRufus = 'test1@example.com'; my $passwordRufus = 'abc123'; my $testJson = { 'usertype' => 'customer', 'token' => shift(@account_tokens), 'full_name' => 'RufusShinra', 'display_name' => 'RufusShinra', 'email' => $emailRufus, 'postcode' => 'GU10 5SA', 'password' => $passwordRufus, 'year_of_birth' => 2006 }; $t->post_ok('/api/register' => json => $testJson) ->status_is(200) ->json_is('/success', Mojo::JSON->true); print "test 2 - Create customer user account (Hojo)\n"; my $emailHojo = 'hojo@shinra.energy'; my $passwordHojo = 'Mako'; $testJson = { 'usertype' => 'customer', 'token' => shift(@account_tokens), 'display_name' => 'ProfessorHojo', 'full_name' => 'ProfessorHojo', 'email' => $emailHojo, 'postcode' => 'DE15 9LT', 'password' => $passwordHojo, 'year_of_birth' => 2006 }; $t->post_ok('/api/register' => json => $testJson) ->status_is(200) ->json_is('/success', Mojo::JSON->true); print "test 3 - Create organisation user account (Choco Billy)\n"; my $emailBilly = 'choco.billy@chocofarm.org'; my $passwordBilly = 'Choco'; $testJson = { 'usertype' => 'organisation', 'token' => shift(@account_tokens), 'name' => 'ChocoBillysGreens', 'email' => $emailBilly, 'postcode' => 'SO50 7NJ', 'password' => $passwordBilly, 'street_name' => 'Chocobo Farm, Eastern Continent', 'town' => 'Gaia', 'sector' => 'A', }; $t->post_ok('/api/register' => json => $testJson) ->status_is(200) ->json_is('/success', Mojo::JSON->true) ->json_like('/message', qr/Registered Successfully/); ###################################################### #Login as Hojo (customer) #Test login, this also checks that redirects are disabled for login when logged out. print "test 4 - Login - Rufus (cookies, customer)\n"; $testJson = { 'email' => $emailRufus, 'password' => $passwordRufus, }; $t->post_ok('/api/login' => json => $testJson) ->status_is(200) ->json_is('/success', Mojo::JSON->true); my $session_key = $t->tx->res->json('/session_key'); print "test 5 - JSON missing\n"; my $upload = {file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->json_like('/message', qr/JSON is missing/); #TODO Check for malformed JSON. print "test 6 - transaction_value missing\n"; my $json = { transaction_type => 1, purchase_time => $test_purchase_time, organisation_id => $org_id_shinra, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/transaction amount is missing/i); print "test 7 - transaction_value non-numbers\n"; $json = { transaction_value => 'Abc', transaction_type => 1, purchase_time => $test_purchase_time, organisation_id => $org_id_shinra, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/transaction amount does not look like a number/i); print "test 8 - transaction_value equal to zero\n"; $json = { transaction_value => 0, transaction_type => 1, purchase_time => $test_purchase_time, organisation_id => $org_id_shinra, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/transaction amount cannot be equal to or less than zero/i); print "test 9 - transaction_value less than zero\n"; $json = { transaction_value => -1, transaction_type => 1, purchase_time => $test_purchase_time, organisation_id => $org_id_shinra, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/transaction amount cannot be equal to or less than zero/i); print "test 10 - transaction_type missing\n"; $json = { transaction_value => 10, purchase_time => $test_purchase_time, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/transaction type is missing/i); print "test 11 - transaction_type invalid.\n"; $json = { transaction_value => 10, transaction_type => 4, purchase_time => $test_purchase_time, session_key => $session_key, # organisation_id => $org_id_shinra }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/transaction type is not a valid value/i); print "test 12 - file not uploaded.\n"; $json = { transaction_value => 10, transaction_type => 1, purchase_time => $test_purchase_time, organisation_id => 1, session_key => $session_key, }; $t->post_ok('/api/upload' => json => $json ) ->status_is(200) ->or($framework->dump_error) ->json_is('/success', Mojo::JSON->true) ->json_like('/message', qr/Upload Successful/); is $schema->resultset('Transaction')->count, 1, "1 transaction"; print "test 13 - organisation_id missing (type 1: already validated)\n"; $json = { transaction_value => 10, transaction_type => 1, purchase_time => $test_purchase_time, session_key => $session_key, # organisation_id => $org_id_shinra }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/organisation ID is missing/i); print "test 14 - organisation_id for non-existent id. (type 1: already validated)\n"; $json = { transaction_value => 10, transaction_type => 1, purchase_time => $test_purchase_time, organisation_id => ($org_id_shinra + 100), session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/organisation ID does not exist in the database/i); print "test 15 - valid addition. (type 1: already validated)\n"; is $schema->resultset('Transaction')->count, 1, "1 transaction"; $json = { transaction_value => 10, transaction_type => 1, purchase_time => $test_purchase_time, organisation_id => $org_id_shinra, session_key => $session_key, category => 1, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(200) ->json_is('/success', Mojo::JSON->true) ->json_like('/message', qr/Upload Successful/); is $schema->resultset('Transaction')->count, 2, "2 transaction"; # Add type 3 (new organisation) checking. print "test 16 - organsation missing (type 3: new organisation)\n"; $json = { transaction_value => 10, transaction_type => 3, purchase_time => $test_purchase_time, street_name => "Slums, Sector 7", town => "Midgar", postcode => "E1 0AA", session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/organisation name is missing/i); print "test 17 - add valid transaction (type 3: new organisation)\n"; is $schema->resultset('Organisation')->search({ pending => 1 })->count, 0, "No pending organisations"; is $schema->resultset('Organisation')->search({ pending => 1 })->entity->sales->count, 0, "No pending transactions"; $json = { transaction_value => 10, transaction_type => 3, purchase_time => $test_purchase_time, organisation_name => '7th Heaven', street_name => "Slums, Sector 7", town => "Midgar", postcode => "E1 0AA", category => 1, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(200) ->json_is('/success', Mojo::JSON->true) ->json_like('/message', qr/Upload Successful/); is $schema->resultset('Organisation')->search({ pending => 1 })->count, 1, "1 pending organisations"; is $schema->resultset('Organisation')->search({ pending => 1 })->entity->sales->count, 1, "1 pending transactions"; # Add type 2 (unverified organisation) checking. print "test 18 - organisation_id missing (type 2: existing organisation)\n"; $json = { transaction_value => 10, transaction_type => 2, purchase_time => $test_purchase_time, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->or($framework->dump_error) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/organisation ID is missing/i); print "test 19 - organisation_id not a number (type 2: existing organisation)\n"; $json = { transaction_value => 10, transaction_type => 2, purchase_time => $test_purchase_time, organisation_id => "Abc", session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/organisation ID is not a number/i); print "test 20 - id does not exist (type 2: existing organisation)\n"; $json = { transaction_value => 10, transaction_type => 2, purchase_time => $test_purchase_time, organisation_id => 1000, #Id that does not exist session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/organisation ID does not exist in the database/i); print "test 21 - purchase_time is missing\n"; is $schema->resultset('Organisation')->search({ pending => 1 })->entity->sales->count, 1, "1 pending transactions"; $json = { transaction_value => 10, transaction_type => 1, organisation_id => $org_id_shinra, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(200) ->json_is('/success', Mojo::JSON->true); print "test 22 - Logout Rufus (type 2: existing organisation)\n"; $t->post_ok('/api/logout', json => { session_key => $session_key } ) ->status_is(200) ->json_is('/success', Mojo::JSON->true); #End of Rufus (customer) ###################################################### #Login as Hojo (customer) print "test 23 - Login Hojo (cookies, customer)\n"; $testJson = { 'email' => $emailHojo, 'password' => $passwordHojo, }; $t->post_ok('/api/login' => json => $testJson) ->status_is(200) ->json_is('/success', Mojo::JSON->true); $session_key = $t->tx->res->json('/session_key'); print "test 24 - add valid transaction but for with account (type 2: existing organisation)\n"; my $org_result = $schema->resultset('Organisation')->find({ name => '7th Heaven' }); my $unvalidatedOrganisationId = $org_result->id; is $schema->resultset('Organisation')->search({ pending => 1 })->entity->sales->count, 1, "1 pending transactions"; $json = { transaction_value => 10, transaction_type => 2, purchase_time => $test_purchase_time, organisation_id => $unvalidatedOrganisationId, session_key => $session_key, category => 1, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->content_like(qr/organisation ID does not exist in the database/i); is $schema->resultset('Organisation')->search({ pending => 1 })->entity->sales->count, 1, "1 pending transactions"; print "test 25 - Logout Hojo\n"; $t->post_ok('/api/logout', json => { session_key => $session_key } ) ->status_is(200) ->json_is('/success', Mojo::JSON->true); #End of Hojo (customer) ###################################################### #Login as Rufus (customer) print "test 26 - Login Rufus (cookies, customer)\n"; $testJson = { 'email' => $emailRufus, 'password' => $passwordRufus, }; $t->post_ok('/api/login' => json => $testJson) ->status_is(200) ->json_is('/success', Mojo::JSON->true); $session_key = $t->tx->res->json('/session_key'); print "test 27 - add valid transaction (type 2: existing organisation)\n"; is $schema->resultset('Organisation')->search({ pending => 1 })->entity->sales->count, 1, "1 pending transactions"; $json = { transaction_value => 10, transaction_type => 2, purchase_time => $test_purchase_time, organisation_id => $unvalidatedOrganisationId, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(200) ->json_is('/success', Mojo::JSON->true) ->json_like('/message', qr/Upload Successful/); is $schema->resultset('Organisation')->search({ pending => 1 })->entity->sales->count, 2, "2 pending transactions"; print "test 28 - Logout Rufus\n"; $t->post_ok('/api/logout' => json => { session_key => $session_key } ) ->status_is(200) ->json_is('/success', Mojo::JSON->true); #End of Rufus (customer) ###################################################### #Login as Choco Billy (organisation) print "test 29 - Login Choco Billy (cookies, organisation)\n"; $testJson = { 'email' => $emailBilly, 'password' => $passwordBilly, }; $t->post_ok('/api/login' => json => $testJson) ->status_is(200) ->json_is('/success', Mojo::JSON->true); $session_key = $t->tx->res->json('/session_key'); print "test 30 - organisation buy from another organisation\n"; is $schema->resultset('Transaction')->count, 5, "5 transaction"; $json = { transaction_value => 100000, transaction_type => 1, purchase_time => $test_purchase_time, organisation_id => $org_id_shinra, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(200) ->json_is('/success', Mojo::JSON->true) ->json_like('/message', qr/Upload Successful/); is $schema->resultset('Transaction')->count, 6, "6 transaction"; print "test 31 - organisation buy from same organisation\n"; $json = { transaction_value => 100000, transaction_type => 1, purchase_time => $test_purchase_time, organisation_id => 2, session_key => $session_key, }; $upload = {json => Mojo::JSON::encode_json($json), file => {file => './t/test.jpg'}}; $t->post_ok('/api/upload' => form => $upload ) ->status_is(400) ->json_is('/success', Mojo::JSON->false) ->json_like('/message', qr/organisation ID does not exist in the database/); is $schema->resultset('Transaction')->count, 6, "6 transaction"; done_testing();