/** * test for grabbing an organization by name that does not exist */ public function testGetInvalidOrganizationByName() { $organization = Organization::getOrganizationByOrgName($this->getPDO(), "Let the Poor Starve"); $this->assertSame($organization->getSize(), 0); }
$zip = filter_input(INPUT_GET, "zip", FILTER_SANITIZE_STRING); $current = filter_input(INPUT_GET, "current", FILTER_SANITIZE_STRING); //handle REST calls, while only allowing administrators access to database-modifying methods //should already have checked if they're a volunteer, so another check here would be redundant if ($method === "GET") { //set XSRF cookie setXsrfCookie("/"); //get the organization based on the given field if (empty($id) === false) { $reply->data = Organization::getOrganizationByOrgId($pdo, $id); } else { if (empty($city) === false) { $reply->data = Organization::getOrganizationByOrgCity($pdo, $city)->toArray(); } else { if (empty($name) === false) { $reply->data = Organization::getOrganizationByOrgName($pdo, $name)->toArray(); } else { if (empty($type) === false) { $reply->data = Organization::getOrganizationByOrgType($pdo, $type)->toArray(); } else { if (empty($zip) === false) { $reply->data = Organization::getOrganizationByOrgZip($pdo, $zip)->toArray(); } else { if (empty($current) === false) { //used to fetch the current organization info for angular $reply->data = Organization::getOrganizationByOrgId($pdo, $_SESSION["volunteer"]->getOrgId()); } else { $reply->data = Organization::getAllOrganizations($pdo)->toArray(); } } }
/** * test posting an invalid organization to the API */ public function testInvalidPost() { //test to make sure non-admin can't post //sign out as an admin, log-in as a volunteer $logout = $this->guzzle->get('https://bootcamp-coders.cnm.edu/~bbrown52/bread-basket/public_html/php/controllers/sign-out-controller.php'); $volLogin = new stdClass(); $volLogin->email = "*****@*****.**"; $volLogin->password = "******"; $login = $this->guzzle->post('https://bootcamp-coders.cnm.edu/~bbrown52/bread-basket/public_html/php/controllers/sign-in-controller.php', ['allow_redirects' => ['strict' => true], 'json' => $volLogin, 'headers' => ['X-XSRF-TOKEN' => $this->token]]); //try to post to an organization $organization = new Organization(null, $this->VALID_ADDRESS1, $this->VALID_ADDRESS2, $this->VALID_CITY, $this->VALID_DESCRIPTION, $this->VALID_HOURS, $this->VALID_NAME, $this->VALID_PHONE, $this->VALID_STATE, $this->VALID_TYPE, $this->VALID_ZIP); $response = $this->guzzle->post('https://bootcamp-coders.cnm.edu/~bbrown52/bread-basket/public_html/php/api/organization', ['allow_redirects' => ['strict' => true], 'json' => $organization, 'headers' => ['X-XSRF-TOKEN' => $this->token]]); $this->assertSame($response->getStatusCode(), 200); $body = $response->getBody(); $retrievedOrg = json_decode($body); //make sure the organization was not entered into the database $shouldNotExist = Organization::getOrganizationByOrgName($this->getPDO(), $this->VALID_NAME); $this->assertSame($shouldNotExist->getSize(), 0); //make sure 401 error is returned for trying to access an admin method as a volunteer $this->assertSame(401, $retrievedOrg->status); }