From 8c4653c18c329173200e60c897d6d7b985505d62 Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Wed, 17 Jun 2015 14:06:18 +0100 Subject: [PATCH 1/9] Respond with the correct responses on error --- app/Http/Middleware/Admin.php | 6 ++---- app/Http/Middleware/ApiAuthenticate.php | 26 ++++++------------------- app/Http/Middleware/Authenticate.php | 7 ++----- resources/lang/de/errors.php | 25 ------------------------ resources/lang/en-UD/errors.php | 25 ------------------------ resources/lang/en/errors.php | 25 ------------------------ resources/lang/es/errors.php | 25 ------------------------ resources/lang/fr/errors.php | 25 ------------------------ resources/lang/id/errors.php | 25 ------------------------ resources/lang/nl/errors.php | 25 ------------------------ resources/lang/pl/errors.php | 25 ------------------------ resources/lang/pt-BR/errors.php | 25 ------------------------ resources/lang/zh-CN/errors.php | 25 ------------------------ resources/lang/zh-TW/errors.php | 25 ------------------------ resources/views/errors/401.blade.php | 19 ------------------ resources/views/errors/404.blade.php | 19 ------------------ 16 files changed, 10 insertions(+), 342 deletions(-) delete mode 100755 resources/lang/de/errors.php delete mode 100755 resources/lang/en-UD/errors.php delete mode 100755 resources/lang/en/errors.php delete mode 100755 resources/lang/es/errors.php delete mode 100755 resources/lang/fr/errors.php delete mode 100644 resources/lang/id/errors.php delete mode 100755 resources/lang/nl/errors.php delete mode 100755 resources/lang/pl/errors.php delete mode 100755 resources/lang/pt-BR/errors.php delete mode 100755 resources/lang/zh-CN/errors.php delete mode 100755 resources/lang/zh-TW/errors.php delete mode 100644 resources/views/errors/401.blade.php delete mode 100644 resources/views/errors/404.blade.php diff --git a/app/Http/Middleware/Admin.php b/app/Http/Middleware/Admin.php index 0f664aaac..f2e56c8bc 100644 --- a/app/Http/Middleware/Admin.php +++ b/app/Http/Middleware/Admin.php @@ -13,7 +13,7 @@ namespace CachetHQ\Cachet\Http\Middleware; use Closure; use Illuminate\Contracts\Auth\Guard; -use Illuminate\Support\Facades\Response; +use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; class Admin { @@ -45,9 +45,7 @@ class Admin public function handle($request, Closure $next) { if (!$this->auth->check() || ($this->auth->check() && !$this->auth->user()->isAdmin)) { - return Response::view('errors.401', [ - 'pageTitle' => trans('errors.unauthorized.title'), - ], 401); + throw new UnauthorizedHttpException(); } return $next($request); diff --git a/app/Http/Middleware/ApiAuthenticate.php b/app/Http/Middleware/ApiAuthenticate.php index bb1eb95e9..5f0559f9d 100644 --- a/app/Http/Middleware/ApiAuthenticate.php +++ b/app/Http/Middleware/ApiAuthenticate.php @@ -15,6 +15,7 @@ use CachetHQ\Cachet\Models\User; use Closure; use Illuminate\Contracts\Auth\Guard; use Illuminate\Database\Eloquent\ModelNotFoundException; +use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; class ApiAuthenticate { @@ -48,34 +49,19 @@ class ApiAuthenticate if ($this->auth->guest()) { if ($apiToken = $request->header('X-Cachet-Token')) { try { - $user = User::findByApiToken($apiToken); - - $this->auth->onceUsingId($user->id); + $this->auth->onceUsingId(User::findByApiToken($apiToken)->id); } catch (ModelNotFoundException $e) { - return $this->handleError(); + throw new UnauthorizedHttpException(); } - } elseif ($user = $request->getUser()) { + } elseif ($request->getUser()) { if ($this->auth->onceBasic() !== null) { - return $this->handleError(); + throw new AccessDeniedHttpException(); } } else { - return $this->handleError(); + throw new AccessDeniedHttpException(); } } return $next($request); } - - /** - * Common method for returning an unauthorized error. - * - * @return \Symfony\Component\HttpFoundation\Response - */ - protected function handleError() - { - return response()->json([ - 'message' => 'You are not authorized to view this content.', - 'status_code' => 401, - ], 401); - } } diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php index 2bfc642fa..6922ed42c 100644 --- a/app/Http/Middleware/Authenticate.php +++ b/app/Http/Middleware/Authenticate.php @@ -13,6 +13,7 @@ namespace CachetHQ\Cachet\Http\Middleware; use Closure; use Illuminate\Contracts\Auth\Guard; +use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; class Authenticate { @@ -44,11 +45,7 @@ class Authenticate public function handle($request, Closure $next) { if ($this->auth->guest()) { - if ($request->ajax()) { - return response('Unauthorized.', 401); - } else { - return redirect()->guest('auth/login'); - } + throw new UnauthorizedHttpException(); } return $next($request); diff --git a/resources/lang/de/errors.php b/resources/lang/de/errors.php deleted file mode 100755 index 2a5f1505f..000000000 --- a/resources/lang/de/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => 'Die Seite konnte nicht gefunden werden!', - 'message' => 'Entschuldigung, aber die Seite konnte nicht gefunden werden. Überprüfen Sie die URL und versuchen Sie es erneut.', - 'link' => 'Zurück zur Startseite', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => 'Unauthorized', - 'message' => 'Sorry, you need admin privileges to see this page.', - 'link' => 'Return to homepage', - ], -]; diff --git a/resources/lang/en-UD/errors.php b/resources/lang/en-UD/errors.php deleted file mode 100755 index 8d8ce52ef..000000000 --- a/resources/lang/en-UD/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => 'crwdns208:0crwdne208:0', - 'title' => 'crwdns367:0crwdne367:0', - 'message' => 'crwdns368:0crwdne368:0', - 'link' => 'crwdns369:0crwdne369:0', - ], - 'unauthorized' => [ - 'code' => 'crwdns370:0crwdne370:0', - 'title' => 'crwdns371:0crwdne371:0', - 'message' => 'crwdns372:0crwdne372:0', - 'link' => 'crwdns373:0crwdne373:0', - ], -]; diff --git a/resources/lang/en/errors.php b/resources/lang/en/errors.php deleted file mode 100755 index 9e13a37d7..000000000 --- a/resources/lang/en/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => 'That page went missing!', - 'message' => 'Sorry, but the page you are looking for has not been found. Check the URL for errors and try again.', - 'link' => 'Return to homepage', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => 'Unauthorized', - 'message' => 'Sorry, you need admin privileges to see this page.', - 'link' => 'Return to homepage', - ], -]; diff --git a/resources/lang/es/errors.php b/resources/lang/es/errors.php deleted file mode 100755 index e08678345..000000000 --- a/resources/lang/es/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => '¡Esta página se perdió!', - 'message' => 'Lo sentimos, no se ha encontrado la página que estás buscando. Comprueba que la dirección URL no contenga errores y vuelve a intentarlo.', - 'link' => 'Regresar a la página de inicio', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => 'No autorizado', - 'message' => 'Lo sentimos, necesitas privilegios de administrador para ver esta página.', - 'link' => 'Regresar a la página de inicio', - ], -]; diff --git a/resources/lang/fr/errors.php b/resources/lang/fr/errors.php deleted file mode 100755 index 58c893798..000000000 --- a/resources/lang/fr/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => 'Cette page est manquante !', - 'message' => 'Désolé, mais la page que vous recherchez est introuvable. Vérifier l\'URL et essayez à nouveau.', - 'link' => 'Retour à l\'accueil', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => 'Unauthorized', - 'message' => 'Sorry, you need admin privileges to see this page.', - 'link' => 'Return to homepage', - ], -]; diff --git a/resources/lang/id/errors.php b/resources/lang/id/errors.php deleted file mode 100644 index ba6e430be..000000000 --- a/resources/lang/id/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => 'Halaman ini hilang!', - 'message' => 'Maaf, halaman yang diinginkan tidak ditemukan. Periksa apakah ada kesalahan URL lalu coba lagi.', - 'link' => 'Kembali ke depan', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => 'Tidak dibolehkan', - 'message' => 'Maaf, anda perlu kewenangan admin untuk melihat halaman ini.', - 'link' => 'Kembali ke depan', - ], -]; diff --git a/resources/lang/nl/errors.php b/resources/lang/nl/errors.php deleted file mode 100755 index 5b73d1ceb..000000000 --- a/resources/lang/nl/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => 'Die pagina is vermist geraakt!', - 'message' => 'Sorry, maar de pagina die je zoekt is niet gevonden. Controleer de URL op fouten en probeer het nogmaals.', - 'link' => 'Terug naar homepagina', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => 'Ongeautoriseerd', - 'message' => 'Sorry, maar je moet beheerdersrechten hebben om deze pagina te bekijken.', - 'link' => 'Terug naar homepagina', - ], -]; diff --git a/resources/lang/pl/errors.php b/resources/lang/pl/errors.php deleted file mode 100755 index 9e13a37d7..000000000 --- a/resources/lang/pl/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => 'That page went missing!', - 'message' => 'Sorry, but the page you are looking for has not been found. Check the URL for errors and try again.', - 'link' => 'Return to homepage', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => 'Unauthorized', - 'message' => 'Sorry, you need admin privileges to see this page.', - 'link' => 'Return to homepage', - ], -]; diff --git a/resources/lang/pt-BR/errors.php b/resources/lang/pt-BR/errors.php deleted file mode 100755 index ba315f3bb..000000000 --- a/resources/lang/pt-BR/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => 'Essa página desapareceu!', - 'message' => 'Desculpe, mas a página que você está procurando não foi encontrada. Verifique a URL por erros e tente novamente.', - 'link' => 'Voltar para a página inicial', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => 'Não autorizado', - 'message' => 'Desculpe, que você precisa de privilégios de administrador para ver esta página.', - 'link' => 'Voltar para a página inicial', - ], -]; diff --git a/resources/lang/zh-CN/errors.php b/resources/lang/zh-CN/errors.php deleted file mode 100755 index b40875a02..000000000 --- a/resources/lang/zh-CN/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => '这个页面失踪了!', - 'message' => '抱歉,但我们无法找到您要访问的的页面。请检查你的 URL,然后重试。', - 'link' => '返回主页', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => '未授权', - 'message' => '很抱歉,您需要管理员权限才能看到此页面。', - 'link' => '返回主页', - ], -]; diff --git a/resources/lang/zh-TW/errors.php b/resources/lang/zh-TW/errors.php deleted file mode 100755 index 33df5af84..000000000 --- a/resources/lang/zh-TW/errors.php +++ /dev/null @@ -1,25 +0,0 @@ - - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -return [ - 'not-found' => [ - 'code' => '404', - 'title' => '找不到頁面', - 'message' => '抱歉,你所請求的頁面並不存在。請檢查你的 URL 是否正確並再試一次。', - 'link' => '返回主頁', - ], - 'unauthorized' => [ - 'code' => '401', - 'title' => '未經授權', - 'message' => '抱歉,你需要管理員權限方可瀏覽本頁面。', - 'link' => '返回主頁', - ], -]; diff --git a/resources/views/errors/401.blade.php b/resources/views/errors/401.blade.php deleted file mode 100644 index 10f342bb3..000000000 --- a/resources/views/errors/401.blade.php +++ /dev/null @@ -1,19 +0,0 @@ -@extends('layout.error') - -@section('content') -
-
- -
-

{{ trans('errors.unauthorized.code') }}

-

{{ trans('errors.unauthorized.title') }}

- -
-

{{ trans('errors.unauthorized.message') }}

-
-

- {{ trans('errors.unauthorized.link') }} -

-
-
-@stop diff --git a/resources/views/errors/404.blade.php b/resources/views/errors/404.blade.php deleted file mode 100644 index 4b484421d..000000000 --- a/resources/views/errors/404.blade.php +++ /dev/null @@ -1,19 +0,0 @@ -@extends('layout.error') - -@section('content') -
-
- -
-

{{ trans('errors.not-found.code') }}

-

{{ trans('errors.not-found.title') }}

- -
-

{{ trans('errors.not-found.message') }}

-
-

- {{ trans('errors.not-found.link') }} -

-
-
-@stop From fad3ed9a513b5446dcada08c3cc77e812d09042d Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Wed, 17 Jun 2015 14:11:36 +0100 Subject: [PATCH 2/9] Typo fixes --- app/Http/Middleware/ApiAuthenticate.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Http/Middleware/ApiAuthenticate.php b/app/Http/Middleware/ApiAuthenticate.php index 5f0559f9d..dc26807ed 100644 --- a/app/Http/Middleware/ApiAuthenticate.php +++ b/app/Http/Middleware/ApiAuthenticate.php @@ -55,10 +55,10 @@ class ApiAuthenticate } } elseif ($request->getUser()) { if ($this->auth->onceBasic() !== null) { - throw new AccessDeniedHttpException(); + throw new UnauthorizedHttpException(); } } else { - throw new AccessDeniedHttpException(); + throw new UnauthorizedHttpException(); } } From a7effcce7a4b164ae474f36e426b22de01af4920 Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Thu, 18 Jun 2015 18:12:10 +0100 Subject: [PATCH 3/9] Fixed unauthorized exceptions --- app/Http/Middleware/Admin.php | 4 ++-- app/Http/Middleware/ApiAuthenticate.php | 8 ++++---- app/Http/Middleware/Authenticate.php | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/app/Http/Middleware/Admin.php b/app/Http/Middleware/Admin.php index f2e56c8bc..f989a0085 100644 --- a/app/Http/Middleware/Admin.php +++ b/app/Http/Middleware/Admin.php @@ -13,7 +13,7 @@ namespace CachetHQ\Cachet\Http\Middleware; use Closure; use Illuminate\Contracts\Auth\Guard; -use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; +use Symfony\Component\HttpKernel\Exception\HttpException; class Admin { @@ -45,7 +45,7 @@ class Admin public function handle($request, Closure $next) { if (!$this->auth->check() || ($this->auth->check() && !$this->auth->user()->isAdmin)) { - throw new UnauthorizedHttpException(); + throw new HttpException(401); } return $next($request); diff --git a/app/Http/Middleware/ApiAuthenticate.php b/app/Http/Middleware/ApiAuthenticate.php index dc26807ed..3a5105060 100644 --- a/app/Http/Middleware/ApiAuthenticate.php +++ b/app/Http/Middleware/ApiAuthenticate.php @@ -15,7 +15,7 @@ use CachetHQ\Cachet\Models\User; use Closure; use Illuminate\Contracts\Auth\Guard; use Illuminate\Database\Eloquent\ModelNotFoundException; -use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; +use Symfony\Component\HttpKernel\Exception\HttpException; class ApiAuthenticate { @@ -51,14 +51,14 @@ class ApiAuthenticate try { $this->auth->onceUsingId(User::findByApiToken($apiToken)->id); } catch (ModelNotFoundException $e) { - throw new UnauthorizedHttpException(); + throw new HttpException(401); } } elseif ($request->getUser()) { if ($this->auth->onceBasic() !== null) { - throw new UnauthorizedHttpException(); + throw new HttpException(401); } } else { - throw new UnauthorizedHttpException(); + throw new HttpException(401); } } diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php index 6922ed42c..cc0513cc0 100644 --- a/app/Http/Middleware/Authenticate.php +++ b/app/Http/Middleware/Authenticate.php @@ -13,7 +13,7 @@ namespace CachetHQ\Cachet\Http\Middleware; use Closure; use Illuminate\Contracts\Auth\Guard; -use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; +use Symfony\Component\HttpKernel\Exception\HttpException; class Authenticate { @@ -45,7 +45,7 @@ class Authenticate public function handle($request, Closure $next) { if ($this->auth->guest()) { - throw new UnauthorizedHttpException(); + throw new HttpException(401); } return $next($request); From c52f0ada07530e95e805048d8bb10e402f2c69e7 Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Thu, 18 Jun 2015 18:12:40 +0100 Subject: [PATCH 4/9] Added an acceptable middleware --- app/Http/Middleware/Acceptable.php | 36 ++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 app/Http/Middleware/Acceptable.php diff --git a/app/Http/Middleware/Acceptable.php b/app/Http/Middleware/Acceptable.php new file mode 100644 index 000000000..d635fa802 --- /dev/null +++ b/app/Http/Middleware/Acceptable.php @@ -0,0 +1,36 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace CachetHQ\Cachet\Http\Middleware; + +use Closure; +use Symfony\Component\HttpKernel\Exception\NotAcceptableHttpException; + +class Acceptable +{ + /** + * Handle an incoming request. + * + * @param \Illuminate\Http\Request $request + * @param \Closure $next + * @param string $type + * + * @return mixed + */ + public function handle($request, Closure $next, $type) + { + if (!$request->accepts($type)) { + throw new NotAcceptableHttpException(); + } + + return $next($request); + } +} From ddf64cc65317ad54fae1d744a4e231280af559bd Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Thu, 18 Jun 2015 18:13:01 +0100 Subject: [PATCH 5/9] Make sure we only return a response from the api if the user understands it --- app/Http/Routes/ApiRoutes.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/app/Http/Routes/ApiRoutes.php b/app/Http/Routes/ApiRoutes.php index a374755a7..bca1cc7b0 100644 --- a/app/Http/Routes/ApiRoutes.php +++ b/app/Http/Routes/ApiRoutes.php @@ -23,8 +23,9 @@ class ApiRoutes public function map(Registrar $router) { $router->group([ - 'namespace' => 'Api', - 'prefix' => 'api/v1', + 'namespace' => 'Api', + 'prefix' => 'api/v1', + 'middleware' => 'accept:application/json' ], function ($router) { // General $router->get('ping', 'GeneralController@ping'); From 2b43b83455f27bed059f0af5e8bddd0df562a535 Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Thu, 18 Jun 2015 18:13:15 +0100 Subject: [PATCH 6/9] Added middleware to the kernel --- app/Http/Kernel.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 9a29749b4..24706e4a1 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -45,5 +45,6 @@ class Kernel extends HttpKernel 'app.isSetup' => 'CachetHQ\Cachet\Http\Middleware\AppIsSetup', 'app.hasSetting' => 'CachetHQ\Cachet\Http\Middleware\HasSetting', 'app.subscribers' => 'CachetHQ\Cachet\Http\Middleware\SubscribersConfigured', + 'accept' => 'CachetHQ\Cachet\Http\Middleware\Acceptable', ]; } From 62ac2780cf34b01fe0857fe7f858584d5bc2b35d Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Thu, 18 Jun 2015 18:13:37 +0100 Subject: [PATCH 7/9] Removed unneeded checks --- tests/Api/ComponentTest.php | 2 +- tests/Api/IncidentTest.php | 1 - tests/Api/MetricPointTest.php | 1 - tests/Api/MetricTest.php | 1 - 4 files changed, 1 insertion(+), 4 deletions(-) diff --git a/tests/Api/ComponentTest.php b/tests/Api/ComponentTest.php index dfe77a383..e503712ec 100644 --- a/tests/Api/ComponentTest.php +++ b/tests/Api/ComponentTest.php @@ -38,8 +38,8 @@ class ComponentTest extends AbstractTestCase public function testPostComponentUnauthorized() { $this->post('/api/v1/components'); + $this->assertResponseStatus(401); - $this->seeJson(['message' => 'You are not authorized to view this content.', 'status_code' => 401]); } public function testPostComponentNoData() diff --git a/tests/Api/IncidentTest.php b/tests/Api/IncidentTest.php index 0d90c9581..b764d45b6 100644 --- a/tests/Api/IncidentTest.php +++ b/tests/Api/IncidentTest.php @@ -39,7 +39,6 @@ class IncidentTest extends AbstractTestCase { $this->post('/api/v1/incidents'); $this->assertResponseStatus(401); - $this->seeJson(['message' => 'You are not authorized to view this content.', 'status_code' => 401]); } public function testPostIncidentNoData() diff --git a/tests/Api/MetricPointTest.php b/tests/Api/MetricPointTest.php index e0160d172..a3c250159 100644 --- a/tests/Api/MetricPointTest.php +++ b/tests/Api/MetricPointTest.php @@ -40,7 +40,6 @@ class MetricPointTest extends AbstractTestCase $this->post("/api/v1/metrics/{$metric->id}/points"); $this->assertResponseStatus(401); - $this->seeJson(['message' => 'You are not authorized to view this content.', 'status_code' => 401]); } public function testPostMetricPoint() diff --git a/tests/Api/MetricTest.php b/tests/Api/MetricTest.php index 90acb7098..ef16f959b 100644 --- a/tests/Api/MetricTest.php +++ b/tests/Api/MetricTest.php @@ -39,7 +39,6 @@ class MetricTest extends AbstractTestCase { $this->post('/api/v1/metrics'); $this->assertResponseStatus(401); - $this->seeJson(['message' => 'You are not authorized to view this content.', 'status_code' => 401]); } public function testPostMetricNoData() From 77834fb493c83de952fb14fb908df49efc0697b5 Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Thu, 18 Jun 2015 18:15:16 +0100 Subject: [PATCH 8/9] Added more api tests --- tests/Api/GeneralTest.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/Api/GeneralTest.php b/tests/Api/GeneralTest.php index 635d89623..e44f257bf 100644 --- a/tests/Api/GeneralTest.php +++ b/tests/Api/GeneralTest.php @@ -20,5 +20,26 @@ class GeneralTest extends AbstractTestCase $this->get('/api/v1/ping'); $this->seeJson(['data' => 'Pong!']); $this->assertResponseOk(); + $this->seeHeader('Content-Type', 'application/json'); + } + + public function testErrorPage() + { + $this->get('/api/v1/not-found'); + + $this->assertResponseStatus(404); + $this->seeHeader('Content-Type', 'application/json'); + $this->seeJson(['errors' => [[ + 'status' => 404, + 'title' => 'Not Found', + 'detail' => 'The requested resource could not be found but may be available again in the future.', + ]]]); + } + + public function testNotAcceptableContentType() + { + $this->get('/api/v1/ping', ['HTTP_Accept' => 'text/html']); + + $this->assertResponseStatus(406); } } From 14494cc74b55524581224d043d241ad1d3ea66ef Mon Sep 17 00:00:00 2001 From: Graham Campbell Date: Thu, 18 Jun 2015 18:18:59 +0100 Subject: [PATCH 9/9] CS fix --- app/Http/Routes/ApiRoutes.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Http/Routes/ApiRoutes.php b/app/Http/Routes/ApiRoutes.php index bca1cc7b0..94668fb03 100644 --- a/app/Http/Routes/ApiRoutes.php +++ b/app/Http/Routes/ApiRoutes.php @@ -25,7 +25,7 @@ class ApiRoutes $router->group([ 'namespace' => 'Api', 'prefix' => 'api/v1', - 'middleware' => 'accept:application/json' + 'middleware' => 'accept:application/json', ], function ($router) { // General $router->get('ping', 'GeneralController@ping');