dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
mw.Api: Replace deprecated token names by 'csrf'
[lhc/web/wiklou.git] / tests / qunit / suites / resources / mediawiki.api / mediawiki.api.test.js
1 ( function ( mw, $ ) {
2 QUnit.module( 'mediawiki.api', QUnit.newMwEnvironment( {
3 setup: function () {
4 this.server = this.sandbox.useFakeServer();
5 this.server.respondImmediately = true;
6 }
7 } ) );
8
9 function sequence( responses ) {
10 var i = 0;
11 return function ( request ) {
12 var response = responses[ i ];
13 if ( response ) {
14 i++;
15 request.respond.apply( request, response );
16 }
17 };
18 }
19
20 function sequenceBodies( status, headers, bodies ) {
21 jQuery.each( bodies, function ( i, body ) {
22 bodies[ i ] = [ status, headers, body ];
23 } );
24 return sequence( bodies );
25 }
26
27 QUnit.test( 'get()', function ( assert ) {
28 var api = new mw.Api();
29
30 this.server.respond( [ 200, { 'Content-Type': 'application/json' }, '[]' ] );
31
32 return api.get( {} ).then( function ( data ) {
33 assert.deepEqual( data, [], 'If request succeeds without errors, resolve deferred' );
34 } );
35 } );
36
37 QUnit.test( 'post()', function ( assert ) {
38 var api = new mw.Api();
39
40 this.server.respond( [ 200, { 'Content-Type': 'application/json' }, '[]' ] );
41
42 return api.post( {} ).then( function ( data ) {
43 assert.deepEqual( data, [], 'Simple POST request' );
44 } );
45 } );
46
47 QUnit.test( 'API error', function ( assert ) {
48 var api = new mw.Api();
49
50 this.server.respond( [ 200, { 'Content-Type': 'application/json' },
51 '{ "error": { "code": "unknown_action" } }'
52 ] );
53
54 api.get( { action: 'doesntexist' } )
55 .fail( function ( errorCode ) {
56 assert.equal( errorCode, 'unknown_action', 'API error should reject the deferred' );
57 } )
58 .always( assert.async() );
59 } );
60
61 QUnit.test( 'FormData support', function ( assert ) {
62 var api = new mw.Api();
63
64 this.server.respond( function ( request ) {
65 if ( window.FormData ) {
66 assert.ok( !request.url.match( /action=/ ), 'Request has no query string' );
67 assert.ok( request.requestBody instanceof FormData, 'Request uses FormData body' );
68 } else {
69 assert.ok( !request.url.match( /action=test/ ), 'Request has no query string' );
70 assert.equal( request.requestBody, 'action=test&format=json', 'Request uses query string body' );
71 }
72 request.respond( 200, { 'Content-Type': 'application/json' }, '[]' );
73 } );
74
75 return api.post( { action: 'test' }, { contentType: 'multipart/form-data' } );
76 } );
77
78 QUnit.test( 'Converting arrays to pipe-separated', function ( assert ) {
79 var api = new mw.Api();
80
81 this.server.respond( function ( request ) {
82 assert.ok( request.url.match( /test=foo%7Cbar%7Cbaz/ ), 'Pipe-separated value was submitted' );
83 request.respond( 200, { 'Content-Type': 'application/json' }, '[]' );
84 } );
85
86 return api.get( { test: [ 'foo', 'bar', 'baz' ] } );
87 } );
88
89 QUnit.test( 'Omitting false booleans', function ( assert ) {
90 var api = new mw.Api();
91
92 this.server.respond( function ( request ) {
93 assert.ok( !request.url.match( /foo/ ), 'foo query parameter is not present' );
94 assert.ok( request.url.match( /bar=true/ ), 'bar query parameter is present with value true' );
95 request.respond( 200, { 'Content-Type': 'application/json' }, '[]' );
96 } );
97
98 return api.get( { foo: false, bar: true } );
99 } );
100
101 QUnit.test( 'getToken() - cached', function ( assert ) {
102 var api = new mw.Api(),
103 test = this;
104
105 // Get csrfToken for local wiki, this should not make
106 // a request as it should be retrieved from mw.user.tokens.
107 return api.getToken( 'csrf' )
108 .then( function ( token ) {
109 assert.ok( token.length, 'Got a token' );
110 }, function ( err ) {
111 assert.equal( '', err, 'API error' );
112 } )
113 .then( function () {
114 assert.equal( test.server.requests.length, 0, 'Requests made' );
115 } );
116 } );
117
118 QUnit.test( 'getToken() - uncached', function ( assert ) {
119 var api = new mw.Api(),
120 firstDone = assert.async(),
121 secondDone = assert.async();
122
123 this.server.respondWith( /type=testuncached/, [ 200, { 'Content-Type': 'application/json' },
124 '{ "query": { "tokens": { "testuncachedtoken": "good" } } }'
125 ] );
126
127 // Get a token of a type that isn't prepopulated by user.tokens.
128 // Could use "block" or "delete" here, but those could in theory
129 // be added to user.tokens, use a fake one instead.
130 api.getToken( 'testuncached' )
131 .done( function ( token ) {
132 assert.equal( token, 'good', 'The token' );
133 } )
134 .fail( function ( err ) {
135 assert.equal( err, '', 'API error' );
136 } )
137 .always( firstDone );
138
139 api.getToken( 'testuncached' )
140 .done( function ( token ) {
141 assert.equal( token, 'good', 'The cached token' );
142 } )
143 .fail( function ( err ) {
144 assert.equal( err, '', 'API error' );
145 } )
146 .always( secondDone );
147
148 assert.equal( this.server.requests.length, 1, 'Requests made' );
149 } );
150
151 QUnit.test( 'getToken() - error', function ( assert ) {
152 var api = new mw.Api();
153
154 this.server.respondWith( /type=testerror/, sequenceBodies( 200, { 'Content-Type': 'application/json' },
155 [
156 '{ "error": { "code": "bite-me", "info": "Smite me, O Mighty Smiter" } }',
157 '{ "query": { "tokens": { "testerrortoken": "good" } } }'
158 ]
159 ) );
160
161 // Don't cache error (bug 65268)
162 return api.getToken( 'testerror' )
163 .then( null, function ( err ) {
164 assert.equal( err, 'bite-me', 'Expected error' );
165
166 return api.getToken( 'testerror' );
167 } )
168 .then( function ( token ) {
169 assert.equal( token, 'good', 'The token' );
170 } );
171 } );
172
173 QUnit.test( 'getToken() - deprecated', function ( assert ) {
174 // Cache API endpoint from default to avoid cachehit in mw.user.tokens
175 var api = new mw.Api( { ajax: { url: '/postWithToken/api.php' } } ),
176 test = this;
177
178 this.server.respondWith( /type=csrf/, [ 200, { 'Content-Type': 'application/json' },
179 '{ "query": { "tokens": { "csrftoken": "csrfgood" } } }'
180 ] );
181
182 // Get a token of a type that is in the legacy map.
183 return api.getToken( 'email' )
184 .done( function ( token ) {
185 assert.equal( token, 'csrfgood', 'Token' );
186 } )
187 .fail( function ( err ) {
188 assert.equal( err, '', 'API error' );
189 } )
190 .always( function () {
191 assert.equal( test.server.requests.length, 1, 'Requests made' );
192 } );
193 } );
194
195 QUnit.test( 'badToken()', function ( assert ) {
196 var api = new mw.Api(),
197 test = this;
198
199 this.server.respondWith( /type=testbad/, sequenceBodies( 200, { 'Content-Type': 'application/json' },
200 [
201 '{ "query": { "tokens": { "testbadtoken": "bad" } } }',
202 '{ "query": { "tokens": { "testbadtoken": "good" } } }'
203 ]
204 ) );
205
206 return api.getToken( 'testbad' )
207 .then( function () {
208 api.badToken( 'testbad' );
209 return api.getToken( 'testbad' );
210 } )
211 .then( function ( token ) {
212 assert.equal( token, 'good', 'The token' );
213 assert.equal( test.server.requests.length, 2, 'Requests made' );
214 } );
215
216 } );
217
218 QUnit.test( 'badToken( legacy )', function ( assert ) {
219 var api = new mw.Api( { ajax: { url: '/badTokenLegacy/api.php' } } ),
220 test = this;
221
222 this.server.respondWith( /type=csrf/, sequenceBodies( 200, { 'Content-Type': 'application/json' },
223 [
224 '{ "query": { "tokens": { "csrftoken": "badlegacy" } } }',
225 '{ "query": { "tokens": { "csrftoken": "goodlegacy" } } }'
226 ]
227 ) );
228
229 return api.getToken( 'options' )
230 .then( function () {
231 api.badToken( 'options' );
232 return api.getToken( 'options' );
233 } )
234 .then( function ( token ) {
235 assert.equal( token, 'goodlegacy', 'The token' );
236 assert.equal( test.server.requests.length, 2, 'Request made' );
237 } );
238
239 } );
240
241 QUnit.test( 'postWithToken( tokenType, params )', function ( assert ) {
242 var api = new mw.Api( { ajax: { url: '/postWithToken/api.php' } } );
243
244 this.server.respondWith( 'GET', /type=testpost/, [ 200, { 'Content-Type': 'application/json' },
245 '{ "query": { "tokens": { "testposttoken": "good" } } }'
246 ] );
247 this.server.respondWith( 'POST', /api/, function ( request ) {
248 if ( request.requestBody.match( /token=good/ ) ) {
249 request.respond( 200, { 'Content-Type': 'application/json' },
250 '{ "example": { "foo": "quux" } }'
251 );
252 }
253 } );
254
255 return api.postWithToken( 'testpost', { action: 'example', key: 'foo' } )
256 .then( function ( data ) {
257 assert.deepEqual( data, { example: { foo: 'quux' } } );
258 } );
259 } );
260
261 QUnit.test( 'postWithToken( tokenType, params with assert )', function ( assert ) {
262 var api = new mw.Api( { ajax: { url: '/postWithToken/api.php' } } ),
263 test = this;
264
265 this.server.respondWith( /assert=user/, [ 200, { 'Content-Type': 'application/json' },
266 '{ "error": { "code": "assertuserfailed", "info": "Assertion failed" } }'
267 ] );
268
269 return api.postWithToken( 'testassertpost', { action: 'example', key: 'foo', assert: 'user' } )
270 // Cast error to success and vice versa
271 .then( function ( ) {
272 return $.Deferred().reject( 'Unexpected success' );
273 }, function ( errorCode ) {
274 assert.equal( errorCode, 'assertuserfailed', 'getToken fails assert' );
275 return $.Deferred().resolve();
276 } )
277 .then( function () {
278 assert.equal( test.server.requests.length, 1, 'Requests made' );
279 } );
280 } );
281
282 QUnit.test( 'postWithToken( tokenType, params, ajaxOptions )', function ( assert ) {
283 var api = new mw.Api(),
284 test = this;
285
286 this.server.respond( [ 200, { 'Content-Type': 'application/json' }, '{ "example": "quux" }' ] );
287
288 return api.postWithToken( 'csrf',
289 { action: 'example' },
290 {
291 headers: {
292 'X-Foo': 'Bar'
293 }
294 }
295 )
296 .then( function () {
297 assert.equal( test.server.requests[ 0 ].requestHeaders[ 'X-Foo' ], 'Bar', 'Header sent' );
298
299 return api.postWithToken( 'csrf',
300 { action: 'example' },
301 function () {
302 assert.ok( false, 'This parameter cannot be a callback' );
303 }
304 );
305 } )
306 .then( function ( data ) {
307 assert.equal( data.example, 'quux' );
308
309 assert.equal( test.server.requests.length, 2, 'Request made' );
310 } );
311 } );
312
313 QUnit.test( 'postWithToken() - badtoken', function ( assert ) {
314 var api = new mw.Api();
315
316 this.server.respondWith( /type=testbadtoken/, sequenceBodies( 200, { 'Content-Type': 'application/json' },
317 [
318 '{ "query": { "tokens": { "testbadtokentoken": "bad" } } }',
319 '{ "query": { "tokens": { "testbadtokentoken": "good" } } }'
320 ]
321 ) );
322 this.server.respondWith( 'POST', /api/, function ( request ) {
323 if ( request.requestBody.match( /token=bad/ ) ) {
324 request.respond( 200, { 'Content-Type': 'application/json' },
325 '{ "error": { "code": "badtoken" } }'
326 );
327 }
328 if ( request.requestBody.match( /token=good/ ) ) {
329 request.respond( 200, { 'Content-Type': 'application/json' },
330 '{ "example": { "foo": "quux" } }'
331 );
332 }
333 } );
334
335 // - Request: new token -> bad
336 // - Request: action=example -> badtoken error
337 // - Request: new token -> good
338 // - Request: action=example -> success
339 return api.postWithToken( 'testbadtoken', { action: 'example', key: 'foo' } )
340 .then( function ( data ) {
341 assert.deepEqual( data, { example: { foo: 'quux' } } );
342 } );
343 } );
344
345 QUnit.test( 'postWithToken() - badtoken-cached', function ( assert ) {
346 var sequenceA,
347 api = new mw.Api();
348
349 this.server.respondWith( /type=testonce/, sequenceBodies( 200, { 'Content-Type': 'application/json' },
350 [
351 '{ "query": { "tokens": { "testoncetoken": "good-A" } } }',
352 '{ "query": { "tokens": { "testoncetoken": "good-B" } } }'
353 ]
354 ) );
355 sequenceA = sequenceBodies( 200, { 'Content-Type': 'application/json' },
356 [
357 '{ "example": { "value": "A" } }',
358 '{ "error": { "code": "badtoken" } }'
359 ]
360 );
361 this.server.respondWith( 'POST', /api/, function ( request ) {
362 if ( request.requestBody.match( /token=good-A/ ) ) {
363 sequenceA( request );
364 } else if ( request.requestBody.match( /token=good-B/ ) ) {
365 request.respond( 200, { 'Content-Type': 'application/json' },
366 '{ "example": { "value": "B" } }'
367 );
368 }
369 } );
370
371 // - Request: new token -> A
372 // - Request: action=example
373 return api.postWithToken( 'testonce', { action: 'example', key: 'foo' } )
374 .then( function ( data ) {
375 assert.deepEqual( data, { example: { value: 'A' } } );
376
377 // - Request: action=example w/ token A -> badtoken error
378 // - Request: new token -> B
379 // - Request: action=example w/ token B -> success
380 return api.postWithToken( 'testonce', { action: 'example', key: 'bar' } );
381 } )
382 .then( function ( data ) {
383 assert.deepEqual( data, { example: { value: 'B' } } );
384 } );
385 } );
386
387 QUnit.module( 'mediawiki.api (2)', {
388 setup: function () {
389 var self = this,
390 requests = this.requests = [];
391 this.api = new mw.Api();
392 this.sandbox.stub( jQuery, 'ajax', function () {
393 var request = $.extend( {
394 abort: self.sandbox.spy()
395 }, $.Deferred() );
396 requests.push( request );
397 return request;
398 } );
399 }
400 } );
401
402 QUnit.test( '#abort', 3, function ( assert ) {
403 this.api.get( {
404 a: 1
405 } );
406 this.api.post( {
407 b: 2
408 } );
409 this.api.abort();
410 assert.ok( this.requests.length === 2, 'Check both requests triggered' );
411 $.each( this.requests, function ( i, request ) {
412 assert.ok( request.abort.calledOnce, 'abort request number ' + i );
413 } );
414 } );
415 }( mediaWiki, jQuery ) );
Wiklou, le Wiki du Wiklou