Beispiel #1
0
/**
 *
 * ThinkUp/webapp/api/v1/post.php
 *
 * Copyright (c) 2009-2013 Gina Trapani, Sam Rose
 *
 * LICENSE:
 *
 * This file is part of ThinkUp (http://thinkup.com).
 *
 * ThinkUp is free software: you can redistribute it and/or modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any
 * later version.
 *
 * ThinkUp is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License along with ThinkUp.  If not, see
 * <http://www.gnu.org/licenses/>.
 *
 *
 * @author Sam Rose <*****@*****.**>
 * @license http://www.gnu.org/licenses/gpl.html
 * @copyright 2009-2013 Gina Trapani, Sam Rose
 */
chdir("../../");
require_once 'init.php';
$controller = new PostAPIController();
echo $controller->go();
 public function testKeywordPosts()
 {
     $_GET['type'] = 'keyword_posts';
     $_GET['keyword'] = 'first';
     $_GET['network'] = 'twitter';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $this->assertEqual(sizeof($output), 20);
     // test the object type is correct
     $this->assertTrue(is_array($output));
     foreach ($output as $post) {
         $this->assertTrue($post instanceof stdClass);
         $this->assertEqual($post->protected, false);
     }
     // test all posts are from correct user
     foreach ($output as $post) {
         $this->assertWithinMargin($post->user->id, 102, 1);
     }
     //test page
     $_GET['page'] = 1;
     $_GET['order_by'] = 'post_id';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $this->assertEqual(sizeof($output), 20);
     $counter = 301;
     foreach ($output as $post) {
         $this->assertEqual($post->id, $counter);
         $counter = $counter + 2;
     }
     $_GET['page'] = 2;
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $this->assertEqual(sizeof($output), 10);
     $counter = 341;
     foreach ($output as $post) {
         $this->assertEqual($post->id, $counter);
         $counter = $counter + 2;
     }
     unset($_GET['page']);
     unset($_GET['order_by']);
     unset($_GET['direction']);
     //test #second
     $_GET['keyword'] = '#second';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $this->assertEqual(sizeof($output), 20);
     // test the object type is correct
     $this->assertTrue(is_array($output));
     foreach ($output as $post) {
         $this->assertTrue($post instanceof stdClass);
         $this->assertEqual($post->protected, false);
     }
     // test all posts are from correct user
     foreach ($output as $post) {
         $this->assertWithinMargin($post->user->id, 102, 1);
     }
     // test count
     for ($count = 1; $count <= 20; $count++) {
         $_GET['count'] = $count;
         $controller = new PostAPIController(true);
         $output = json_decode($controller->go());
         $this->assertEqual(sizeof($output), $count);
     }
     unset($_GET['count']);
     // test order_by
     $_GET['order_by'] = 'date';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $date = strtotime($output[0]->created_at);
     foreach ($output as $post) {
         $this->assertTrue(strtotime($post->created_at) <= $date);
         $date = strtotime($post->created_at);
     }
     $_GET['order_by'] = 'date';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $date = strtotime($output[0]->created_at);
     foreach ($output as $post) {
         $this->assertTrue(strtotime($post->created_at) >= $date);
         $date = strtotime($post->created_at);
     }
     $_GET['order_by'] = 'source';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->source;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->source, $str) <= 0);
         $str = $post->source;
     }
     $_GET['order_by'] = 'source';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->source;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->source, $str) >= 0);
         $str = $post->source;
     }
     $_GET['order_by'] = 'post_text';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->text;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->text, $str) <= 0);
         $str = $post->text;
     }
     $_GET['order_by'] = 'post_text';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->text;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->text, $str) >= 0);
         $str = $post->text;
     }
     $_GET['order_by'] = 'author_username';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->user->screen_name;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->user->screen_name, $str) <= 0);
         $str = $post->user->screen_name;
     }
     $_GET['order_by'] = 'author_username';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->user->screen_name;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->user->screen_name, $str) >= 0);
         $str = $post->user->screen_name;
     }
     // test trim user
     unset($_GET['order_by'], $_GET['direction']);
     $_GET['trim_user'] = true;
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $this->assertEqual(sizeof($output), 20);
     $this->assertEqual(sizeof($output[0]->user), 1);
     // test sql injection
     $_GET = array('type' => 'keyword_posts');
     $prefix = Config::getInstance()->getValue('table_prefix');
     foreach (get_object_vars($controller) as $key => $value) {
         if ($key == 'type' || $key == 'app_session') {
             continue;
         }
         $_GET[$key] = "'; DROP TABLE " . $prefix . "posts--";
         $controller = new PostAPIController(true);
         $output = json_decode($controller->go());
         unset($_GET[$key]);
     }
     $installer_dao = DAOFactory::getDAO('InstallerDAO');
     $this->assertTrue(array_search($prefix . "posts", $installer_dao->getTables()) !== false);
 }
 public function testAPIDisabled()
 {
     // test option does not exist (default is true)
     $_GET['type'] = 'user_posts_in_range';
     $_GET['user_id'] = 18;
     $_GET['from'] = '2006-01-02 00:00:00';
     $_GET['until'] = '2006-01-02 00:59:59';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $this->assertFalse(isset($output->error));
     // test option true
     $option_dao = DAOFactory::getDAO('OptionDAO');
     $option_dao->insertOption(OptionDAO::APP_OPTIONS, 'is_api_disabled', 'true');
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $this->assertEqual($output->error->type, 'APIDisabledException');
     // test option false
     $option_dao->updateOptionByName(OptionDAO::APP_OPTIONS, 'is_api_disabled', 'false');
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $this->assertFalse(isset($output->error));
 }
 public function testUserPostsInRange()
 {
     $_GET['type'] = 'user_posts_in_range';
     $_GET['user_id'] = 18;
     $_GET['from'] = '2006-01-02 00:00:00';
     $_GET['until'] = '2006-01-02 00:59:59';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     // test the object type is correct
     $this->assertTrue(is_array($output));
     foreach ($output as $post) {
         $this->assertTrue(is_a($post, 'stdClass'));
         $this->assertEqual($post->protected, false);
         $this->assertTrue(strtotime($post->created_at) >= strtotime($_GET['from']));
         $this->assertTrue(strtotime($post->created_at) < strtotime($_GET['until']));
     }
     // test order_by
     $_GET['order_by'] = 'date';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $date = strtotime($output[0]->created_at);
     foreach ($output as $post) {
         $this->assertTrue(strtotime($post->created_at) <= $date);
         $date = strtotime($post->created_at);
     }
     $_GET['order_by'] = 'date';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $date = strtotime($output[0]->created_at);
     foreach ($output as $post) {
         $this->assertTrue(strtotime($post->created_at) >= $date);
         $date = strtotime($post->created_at);
     }
     $_GET['order_by'] = 'post_id';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $id = $output[0]->id;
     foreach ($output as $post) {
         $this->assertTrue($post->id <= $id);
         $id = $post->id;
     }
     $_GET['order_by'] = 'post_id';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $id = $output[0]->id;
     foreach ($output as $post) {
         $this->assertTrue($post->id >= $id);
         $id = $post->id;
     }
     $_GET['order_by'] = 'source';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->source;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->source, $str) <= 0);
         $str = $post->source;
     }
     $_GET['order_by'] = 'source';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->source;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->source, $str) >= 0);
         $str = $post->source;
     }
     $_GET['order_by'] = 'follower_count';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $count = $output[0]->user->followers_count;
     foreach ($output as $post) {
         $this->assertTrue($post->user->followers_count <= $count);
         $count = $post->user->followers_count;
     }
     $_GET['order_by'] = 'follower_count';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $count = $output[0]->user->followers_count;
     foreach ($output as $post) {
         $this->assertTrue($post->user->followers_count >= $count);
         $count = $post->user->followers_count;
     }
     $_GET['order_by'] = 'post_text';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->text;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->text, $str) <= 0);
         $str = $post->text;
     }
     $_GET['order_by'] = 'post_text';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->text;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->text, $str) >= 0);
         $str = $post->text;
     }
     $_GET['order_by'] = 'author_username';
     $_GET['direction'] = 'DESC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->user->screen_name;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->user->screen_name, $str) <= 0);
         $str = $post->user->screen_name;
     }
     $_GET['order_by'] = 'author_username';
     $_GET['direction'] = 'ASC';
     $controller = new PostAPIController(true);
     $output = json_decode($controller->go());
     $str = $output[0]->user->screen_name;
     foreach ($output as $post) {
         $this->assertTrue(strcmp($post->user->screen_name, $str) >= 0);
         $str = $post->user->screen_name;
     }
     // test sql injection
     $_GET = array('type' => 'user_posts_in_range');
     $prefix = Config::getInstance()->getValue('table_prefix');
     foreach (get_object_vars($controller) as $key => $value) {
         if ($key == 'type' || $key == 'app_session') {
             continue;
         }
         $_GET[$key] = "'; DROP TABLE " . $prefix . "posts--";
         $controller = new PostAPIController(true);
         $output = json_decode($controller->go());
         unset($_GET[$key]);
     }
     $installer_dao = DAOFactory::getDAO('InstallerDAO');
     $this->assertTrue(array_search($prefix . "posts", $installer_dao->getTables()) !== false);
 }