$pusher->trigger("listing", "update", $listing); //if this isn't supposed to be an admin, take away the temporary admin access $security = Volunteer::getVolunteerByVolId($pdo, $_SESSION["volunteer"]->getVolId()); if ($security->getVolIsAdmin() === false) { $_SESSION["volunteer"]->setVolIsAdmin(false); } $reply->message = "Listing updated OK"; } elseif ($method === "POST") { //create new listing $listing = new Listing(null, $_SESSION["volunteer"]->getOrgId(), $requestObject->listingClaimedBy, $requestObject->listingClosed, $requestObject->listingCost, $requestObject->listingMemo, $requestObject->listingParentId, $requestObject->listingPostTime, $requestObject->listingTypeId); $listing->insert($pdo); $pusher->trigger("listing", "new", $listing); $reply->message = "Listing created OK"; } } elseif ($method === "DELETE") { $listing = Listing::getListingByListingId($pdo, $id); if ($listing === null) { throw new RuntimeException("Listing does not exist", 404); } $listing->delete($pdo); $deletedObject = new stdClass(); $deletedObject->listingId = $id; $pusher->trigger("listing", "delete", $deletedObject); $reply->message = "Listing deleted OK"; } } else { //if not an admin and attempting a method other than get, throw an exception if (empty($method) === false && $method !== "GET") { throw new RangeException("Only administrators are allowed to modify entries", 401); } }
/** * test getting an organization by listing id that doesn't exist */ public function testGetInvalidListingByListingId() { $listing = Listing::getListingByListingId($this->getPDO(), BreadBasketTest::INVALID_KEY); $this->assertNull($listing); }
/** * test deleting a valid listing in the database * */ public function testValidDelete() { //create a new listing, and insert it $listing = new Listing(null, $this->organization->getOrgId(), $this->VALID_CLAIMEDBY, $this->VALID_LISTINGCLOSED, $this->VALID_COST, $this->VALID_MEMO, $this->VALID_PARENT_ID, $this->valid_datetime, $this->listingType->getListingTypeId()); $listing->insert($this->getPDO()); //perform the actual delete $response = $this->guzzle->delete('https://bootcamp-coders.cnm.edu/~bbrown52/bread-basket/public_html/php/api/listing/' . $listing->getListingId(), ['headers' => ['X-XSRF-TOKEN' => $this->token]]); //grab the data from guzzle and enforce that the status codes are correct $this->assertSame($response->getStatusCode(), 200); $body = $response->getBody(); $retrievedListing = json_decode($body); $this->assertSame(200, $retrievedListing->status); //try retrieving entry from database and ensure it was deleted $deletedListing = Listing::getListingByListingId($this->getPDO(), $listing->getOrgId()); $this->assertNull($deletedListing); }