/**
*create dependent objects before running each test
**/
public final function setUp()
{
//run the default setUp() method first
parent::setUp();
// ***********************
$password = "******";
$activation = bin2hex(random_bytes(16));
$salt = bin2hex(random_bytes(32));
$hash = hash_pbkdf2("sha512", $password, $salt, 262144);
// creates and inserts Company to sql for User foreign key relations
$this->company = new Company(null, "Taco B.", "404 Taco St.", "suite:666", "Attention!!", "NM", "Burque", "87106", "5055551111", "*****@*****.**", "www.tocobell.com");
$this->company->insert($this->getPDO());
$_SESSION["company"] = $this->company;
// creates and inserts Access to sql for User foreign key relations
$this->access = new Access(null, "requestor or admin");
$this->access->insert($this->getPDO());
// create and insert a Crew to own the test Schedule
$this->crew = new Crew(null, $this->company->getCompanyId(), "Burque");
$this->crew->insert($this->getPDO());
//*****************
//create and insert a User to test Shift
$this->requestor = new User(null, $this->company->getCompanyId(), $this->crew->getCrewId(), $this->access->getAccessId(), "5551212", "Johnny", "Requestorman", "*****@*****.**", $activation, $hash, $salt);
$this->requestor->insert($this->getPDO());
//create and insert a User to test Shift
$this->admin = new User(null, $this->company->getCompanyId(), $this->crew->getCrewId(), $this->access->getAccessId(), "5551212", "Dave", "Adminman", "*****@*****.**", $activation, $hash, $salt);
$this->admin->insert($this->getPDO());
//create and insert a Request to test Shift
$this->request = new Request(null, $this->requestor->getUserId(), $this->admin->getUserId(), null, null, false, "I can haz time off nao, plz?", "Yes, and bring me a sandwich.");
$this->request->insert($this->getPDO());
}
/**
* create dependent objects before running each test
*/
public final function setUp()
{
// run the default setUp() method first
parent::setUp();
$password = "******";
$activation = bin2hex(random_bytes(16));
$salt = bin2hex(random_bytes(32));
$hash = hash_pbkdf2("sha512", $password, $salt, 262144);
// creates and inserts Company to sql for User foreign key relations
$this->company = new Company(null, "Taco B.", "404 Taco St.", "suite:666", "Attention!!", "NM", "Burque", "87106", "5055551111", "*****@*****.**", "www.tocobell.com");
$this->company->insert($this->getPDO());
$_SESSION["company"] = $this->company;
// creates and inserts Crew to sql for User foreign key relations
$this->crew = new Crew(null, $this->company->getCompanyId(), "the moon");
$this->crew->insert($this->getPDO());
// creates and inserts Access to sql for User foreign key relations
$this->access = new Access(null, "requestor or admin");
$this->access->insert($this->getPDO());
// create and insert a User to own the test Request
$this->requestor = new User(null, $this->company->getCompanyId(), $this->crew->getCrewId(), $this->access->getAccessId(), "5551212", "Johnny", "Requestorman", "*****@*****.**", $activation, $hash, $salt);
$this->requestor->insert($this->getPDO());
$this->admin = new User(null, $this->company->getCompanyId(), $this->crew->getCrewId(), $this->access->getAccessId(), "5552121", "Suzy", "Hughes", "*****@*****.**", $activation, $hash, $salt);
$this->admin->insert($this->getPDO());
// calculate the date (just use the time the unit test was setup...)
$this->VALID_REQUESTTIMESTAMP = new \DateTime();
$this->VALID_REQUESTACTIONTIMESTAMP = new \DateTime();
}
/**
* test grabbing all access
**/
public function testGetAllValidAccess()
{
//count all the rows and save it for later
$numRows = $this->getConnection()->getRowCount("access");
//create a new access and insert into mySQL
$access = new Access(null, $this->VALID_ACCESSNAME);
$access->insert($this->getPDO());
//grab the data from mySQL and enforce the fields match our expectations
$results = Access::getAllAccess($this->getPDO());
$this->assertEquals($numRows + 1, $this->getConnection()->getRowCount("access"));
$this->assertCount(1, $results);
$this->assertContainsOnlyInstancesOf("Edu\\Cnm\\Timecrunchers\\Access", $results);
//grab the result from the array and validate it
$pdoAccess = $results[0];
$this->assertEquals($pdoAccess->getAccessName(), $this->VALID_ACCESSNAME);
}
} else {
if (empty($shiftUserId) === false) {
$shift = Shift::getShiftByShiftUserId($pdo, $shiftUserId);
if ($shift !== null) {
$reply->data = $shift;
}
} else {
$shifts = Shift::getAllShifts($pdo);
if ($shifts !== null) {
$reply->data = $shifts;
}
}
}
}
// block non-admin users from doing admin-only tasks
if (Access::isAdminLoggedIn() === true) {
if ($method === "PUT" || $method === "POST") {
// this is where we injected admin only abilities
verifyXsrf();
$requestContent = file_get_contents("php://input");
$requestObject = json_decode($requestContent);
//make sure all fields are present, in order to prevent database issues
if (empty($requestObject->shiftUserId) === true) {
throw new \InvalidArgumentException("Shift user id cannot be empty", 405);
}
if (empty($requestObject->shiftCrewId) === true) {
throw new \InvalidArgumentException("Shift crew cannot be empty", 405);
}
if (empty($requestObject->shiftRequestId) === true) {
throw new \InvalidArgumentException("Shift request id cannot be empty", 405);
}
}
//perform put or post
if ($method === "PUT") {
$access = Access::getAccessByAccessId($pdo, $id);
if ($access === null) {
throw new RuntimeException("access does not exist", 404);
}
$access = new Access($id, $requestObject->accessName);
$access->update($pdo);
$reply->message = "Access updated ok";
//check to make sure a non-admin is only attempting to edit themselves
//if not, take their temp access and throw an exception
// use the example from Slack to determine admins
} else {
if ($method === "POST") {
$access = new Access(null, $requestObject->accessName);
$access->insert($pdo);
$reply->message = "Access created OK";
}
}
}
} else {
throw new RuntimeException("Must be an administrator to gain access.");
}
}
} catch (Exception $exception) {
$reply->status = $exception->getCode();
$reply->message = $exception->getMessage();
} catch (TypeError $typeError) {
$reply->status = $typeError->getCode();
$reply->message = $typeError->getMessage();
