/**
* test grabbing all Crews
**/
public function testGetAllValidCrews()
{
//count the number of rows and save it for later
$numRows = $this->getConnection()->getRowcount("crew");
//create a new Crew and insert it into mySQL
$crew = new Crew(null, $this->company->getCompanyId(), $this->VALID_CREWLOCATION);
$crew->insert($this->getPDO());
//grab the data from mySQL and enforce the fields match our expectations
$pdoCrews = Crew::getAllCrews($this->getPDO());
$this->assertEquals($numRows + 1, $this->getConnection()->getRowCount("crew"));
foreach ($pdoCrews as $pdoCrew) {
if ($pdoCrew->getCrewId() === $crew->getCrewId()) {
$this->assertEquals($pdoCrew->getCrewId(), $crew->getCrewId());
$this->assertEquals($pdoCrew->getCrewLocation(), $crew->getCrewLocation());
$this->assertEquals($pdoCrew->getCrewCompanyId(), $crew->getCrewCompanyId());
}
}
}
/**
* test grabbing all Companies
**/
public function testGetAllCompanies()
{
// count the number of rows and save it for later
$numRows = $this->getConnection()->getRowCount("company");
// create a new Company and insert to into mySQL
$company = new Company(null, $this->VALID_COMPANYNAME, $this->VALID_COMPANYADDRESS1, $this->VALID_COMPANYADDRESS2, $this->VALID_COMPANYATTN, $this->VALID_COMPANYSTATE, $this->VALID_COMPANYCITY, $this->VALID_COMPANYZIP, $this->VALID_COMPANYPHONE, $this->VALID_COMPANYEMAIL, $this->VALID_COMPANYURL);
$company->insert($this->getPDO());
// grab the data from mySQL and enforce the fields match our expectations
$results = Company::getAllCompanies($this->getPDO());
$this->assertEquals($numRows + 1, $this->getConnection()->getRowCount("company"));
$this->assertCount(1, $results);
$this->assertContainsOnlyInstancesOf("Edu\\Cnm\\Timecrunchers\\Company", $results);
// grab the result from the array and validate it
$pdoCompany = $results[0];
$this->assertSame($pdoCompany->getCompanyName(), $this->VALID_COMPANYNAME);
$this->assertSame($pdoCompany->getCompanyAddress1(), $this->VALID_COMPANYADDRESS1);
$this->assertSame($pdoCompany->getCompanyAddress2(), $this->VALID_COMPANYADDRESS2);
$this->assertSame($pdoCompany->getCompanyAttn(), $this->VALID_COMPANYATTN);
$this->assertSame($pdoCompany->getCompanyState(), $this->VALID_COMPANYSTATE);
$this->assertSame($pdoCompany->getCompanyCity(), $this->VALID_COMPANYCITY);
$this->assertSame($pdoCompany->getCompanyZip(), $this->VALID_COMPANYZIP);
$this->assertSame($pdoCompany->getCompanyPhone(), $this->VALID_COMPANYPHONE);
$this->assertSame($pdoCompany->getCompanyEmail(), $this->VALID_COMPANYEMAIL);
$this->assertSame($pdoCompany->getCompanyUrl(), $this->VALID_COMPANYURL);
}
} else {
$email = filter_var($requestObject->userEmail, FILTER_SANITIZE_EMAIL);
}
// create user
$user = User::getUserByUserEmail($pdo, $email);
if (empty($user)) {
throw new InvalidArgumentException("invalid email address");
}
// hash for $password
$hash = hash_pbkdf2("sha512", $password, $user->getUserSalt(), 262144);
// verify hash is correct
if ($hash !== $user->getUserHash()) {
throw new \InvalidArgumentException("password or username is incorrect");
}
// grabbing company from database and put company and user in the session
$company = Company::getCompanyByCompanyId($pdo, $user->getUserCompanyId());
$_SESSION["company"] = $company;
$_SESSION["user"] = $user;
$reply->message = "login was successful";
} else {
throw new \Exception("Invalid HTTP method");
}
} catch (\Exception $exception) {
$reply->status = $exception->getCode();
$reply->message = $exception->getMessage();
} catch (\TypeError $typeError) {
$reply->status = $exception->getCode();
$reply->message = $exception->getMessage();
}
header("Content-type: application/json");
echo json_encode($reply);
if (empty($requestObject->companyAttn) !== true) {
$companyAttn = filter_var($requestObject->companyAttn, FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
} else {
$companyAttn = null;
}
if (empty($requestObject->companyUrl) !== true) {
$companyUrl = filter_var($requestObject->companyUrl, FILTER_SANITIZE_URL);
} else {
$companyUrl = null;
}
}
// if($password !== $verifyPassword) {
// throw(new InvalidArgumentException ("Password and verify password must match."));
// }
//create a new company for the user
$company = new Company(null, $companyAttn, $companyName, $companyAddress1, $companyAddress2, $companyCity, $companyState, $companyZip, "111-111-1111", $companyEmail, $companyUrl);
$company->insert($pdo);
//create a new crew for the user
$crew = new Crew(null, $company->getCompanyId(), "");
$crew->insert($pdo);
//create new user
//create password salt, hash and activation code
$activation = bin2hex(random_bytes(16));
$salt = bin2hex(random_bytes(32));
$hash = hash_pbkdf2("sha512", "password", $salt, 262144);
$user = new User(null, $company->getCompanyId(), $crew->getCrewId(), Access::ADMIN, "5055551212", $userFirstName, $userLastName, $userEmail, $activation, $hash, $salt);
$user->insert($pdo);
$messageSubject = "Time Crunch Account Activation";
//building the activation link that can travel to another server and still work. This is the link that will be clicked to confirm the account.
// FIXME: make sure URL is /public_html/activation/$activation
$basePath = dirname($_SERVER["SCRIPT_NAME"], 4);
}
$company = new Company($companyId, $requestObject->companyName, $requestObject->companyAddress1, $requestObject->companyAddress2, $requestObject->companyAttn, $requestObject->companyState, $requestObject->companyCity, $requestObject->companyZip, $requestObject->companyPhone, $requestObject->companyEmail, $requestObject->companyUrl);
$company->update($pdo);
$reply->message = "Company updated OK";
} else {
if ($method === "POST") {
$company = new Company(null, $requestObject->companyName, $requestObject->companyAddress1, $requestObject->companyAddress2, $requestObject->companyAttn, $requestObject->companyState, $requestObject->companyCity, $requestObject->companyZip, $requestObject->companyPhone, $requestObject->companyEmail, $requestObject->companyUrl);
$company->insert($pdo);
$reply->message = "Company created OK";
}
}
}
} else {
if ($method === "DELETE") {
verifyXsrf();
$company = Company::getCompanyByCompanyId($pdo, $companyId);
if ($company === null) {
throw new RuntimeException("Company does not exist", 404);
}
$company->delete($pdo);
$deletedObject = new stdClass();
$deletedObject->companyId = $companyId;
$reply->message = "Company deleted OK";
} else {
throw new \RuntimeException("Must be an administrator to access.");
}
}
}
//send exception back to the caller
} catch (Exception $exception) {
$reply->status = $exception->getCode();