/**
* set up for dependent objects before running each test
*/
public final function setUp()
{
//run default set-up method
parent::setUp();
//create salt and hash
$this->VALID_HASH = hash_pbkdf2("sha512", "idonatefood", $this->VALID_SALT, 262144, 128);
$this->VALID_SALT = bin2hex(openssl_random_pseudo_bytes(32));
//create an organization for the volunteers to be a part of
$organization = new Organization(null, "123 Easy Street", '', "Albuquerque", "Feeding people since 1987", "9 - 5", "Food for Hangry People", "505-765-4321", "NM", "R", "87801");
$organization->insert($this->getPDO());
$this->valid_org_id = $organization->getOrgId();
//create a new volunteer to use as an admin for the tests
//don't need to insert them into the database: just need their info to create sessions
//for testing purposes, allow them to create organizations they're not associated with
$salt = bin2hex(openssl_random_pseudo_bytes(32));
$hash = hash_pbkdf2("sha512", "coffeeblack", $salt, 262144, 128);
$this->admin = new Volunteer(null, $organization->getOrgId(), "*****@*****.**", null, "Kathryn", $hash, true, "Janeway", "505-123-4567", $salt);
$this->admin->insert($this->getPDO());
//create a non-admin volunteer for the tests
$salt = bin2hex(openssl_random_pseudo_bytes(32));
$hash = hash_pbkdf2("sha512", "password1234", $salt, 262144, 128);
$this->volunteer = new Volunteer(null, $organization->getOrgId(), "*****@*****.**", null, "Jane", $hash, false, "Doe", "505-555-5555", $salt);
$this->volunteer->insert($this->getPDO());
//create the guzzle client
$this->guzzle = new \GuzzleHttp\Client(["cookies" => true]);
//visit ourselves to get the xsrf-token
$this->guzzle->get('https://bootcamp-coders.cnm.edu/~kkeller13/bread-basket/public_html/php/api/volunteer');
$cookies = $this->guzzle->getConfig()["cookies"];
$this->token = $cookies->getCookieByName("XSRF-TOKEN")->getValue();
//send a request to the sign-in method
$adminLogin = new stdClass();
$adminLogin->email = "*****@*****.**";
$adminLogin->password = "******";
$login = $this->guzzle->post('https://bootcamp-coders.cnm.edu/~kkeller13/bread-basket/public_html/php/controllers/sign-in-controller.php', ['json' => $adminLogin, 'headers' => ['X-XSRF-TOKEN' => $this->token]]);
}
/**
* test getting all listing Types
*/
public function testValidGetAll2()
{
//test getting by parameter new listing type
//create a new listing type, and insert into the database
$listingType = new ListingType(null, $this->VALID_TYPE_2);
$listingType->insert($this->getPDO());
$listingType = new ListingType(null, $this->VALID_TYPE);
$listingType->insert($this->getPDO());
//send the get request to the API
$response = $this->guzzle->get('https://bootcamp-coders.cnm.edu/~tfenstermaker/bread-basket/public_html/php/api/listingtype', ['headers' => ['X-XSRF-TOKEN' => $this->token]]);
//ensure the response was sent, and the api returned a positive status
$this->assertSame($response->getStatusCode(), 200);
$body = $response->getBody();
$retrievedListingType = json_decode($body);
$this->assertSame(200, $retrievedListingType->status);
//ensure the response returned a non-empty array
$this->assertGreaterThan(0, sizeof($retrievedListingType->data->listingTypeId));
}
/**
* test posting an invalid organization to the API
*/
public function testInvalidPost()
{
//test to make sure non-admin can't post
//sign out as an admin, log-in as a volunteer
$logout = $this->guzzle->get('https://bootcamp-coders.cnm.edu/~bbrown52/bread-basket/public_html/php/controllers/sign-out-controller.php');
$volLogin = new stdClass();
$volLogin->email = "*****@*****.**";
$volLogin->password = "******";
$login = $this->guzzle->post('https://bootcamp-coders.cnm.edu/~bbrown52/bread-basket/public_html/php/controllers/sign-in-controller.php', ['allow_redirects' => ['strict' => true], 'json' => $volLogin, 'headers' => ['X-XSRF-TOKEN' => $this->token]]);
//try to post to an organization
$organization = new Organization(null, $this->VALID_ADDRESS1, $this->VALID_ADDRESS2, $this->VALID_CITY, $this->VALID_DESCRIPTION, $this->VALID_HOURS, $this->VALID_NAME, $this->VALID_PHONE, $this->VALID_STATE, $this->VALID_TYPE, $this->VALID_ZIP);
$response = $this->guzzle->post('https://bootcamp-coders.cnm.edu/~bbrown52/bread-basket/public_html/php/api/organization', ['allow_redirects' => ['strict' => true], 'json' => $organization, 'headers' => ['X-XSRF-TOKEN' => $this->token]]);
$this->assertSame($response->getStatusCode(), 200);
$body = $response->getBody();
$retrievedOrg = json_decode($body);
//make sure the organization was not entered into the database
$shouldNotExist = Organization::getOrganizationByOrgName($this->getPDO(), $this->VALID_NAME);
$this->assertSame($shouldNotExist->getSize(), 0);
//make sure 401 error is returned for trying to access an admin method as a volunteer
$this->assertSame(401, $retrievedOrg->status);
}