shlink/module/Rest/test/Middleware/CrossDomainMiddlewareTest.php

<?php
namespace ShlinkioTest\Shlink\Rest\Middleware;

use PHPUnit_Framework_TestCase as TestCase;
use Shlinkio\Shlink\Rest\Middleware\CrossDomainMiddleware;
use Zend\Diactoros\Response;
use Zend\Diactoros\ServerRequestFactory;

class CrossDomainMiddlewareTest extends TestCase
{
    /**
     * @var CrossDomainMiddleware
     */
    protected $middleware;

    public function setUp()
    {
        $this->middleware = new CrossDomainMiddleware();
    }

    /**
     * @test
     */
    public function nonCrossDomainRequestsAreNotAffected()
    {
        $originalResponse = new Response();
        $response = $this->middleware->__invoke(
            ServerRequestFactory::fromGlobals(),
            $originalResponse,
            function ($req, $resp) {
                return $resp;
            }
        );
        $this->assertSame($originalResponse, $response);

        $headers = $response->getHeaders();
        $this->assertArrayNotHasKey('Access-Control-Allow-Origin', $headers);
        $this->assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
    }

    /**
     * @test
     */
    public function anyRequestIncludesTheAllowAccessHeader()
    {
        $originalResponse = new Response();
        $response = $this->middleware->__invoke(
            ServerRequestFactory::fromGlobals()->withHeader('Origin', 'local'),
            $originalResponse,
            function ($req, $resp) {
                return $resp;
            }
        );
        $this->assertNotSame($originalResponse, $response);

        $headers = $response->getHeaders();
        $this->assertArrayHasKey('Access-Control-Allow-Origin', $headers);
        $this->assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
    }

    /**
     * @test
     */
    public function optionsRequestIncludesMoreHeaders()
    {
        $originalResponse = new Response();
        $request = ServerRequestFactory::fromGlobals(['REQUEST_METHOD' => 'OPTIONS'])->withHeader('Origin', 'local');

        $response = $this->middleware->__invoke($request, $originalResponse, function ($req, $resp) {
            return $resp;
        });
        $this->assertNotSame($originalResponse, $response);

        $headers = $response->getHeaders();
        $this->assertArrayHasKey('Access-Control-Allow-Origin', $headers);
        $this->assertArrayHasKey('Access-Control-Allow-Headers', $headers);
    }
}
Added first tests to Rest module 2016-07-19 19:19:05 +03:00			`<?php`
			`namespace ShlinkioTest\Shlink\Rest\Middleware;`

			`use PHPUnit_Framework_TestCase as TestCase;`
			`use Shlinkio\Shlink\Rest\Middleware\CrossDomainMiddleware;`
			`use Zend\Diactoros\Response;`
			`use Zend\Diactoros\ServerRequestFactory;`

			`class CrossDomainMiddlewareTest extends TestCase`
			`{`
			`/**`
			`* @var CrossDomainMiddleware`
			`*/`
			`protected $middleware;`

			`public function setUp()`
			`{`
			`$this->middleware = new CrossDomainMiddleware();`
			`}`

			`/**`
			`* @test`
			`*/`
Improved CrossDomainMiddleware preventing headers to be injected on non-CORS requests 2016-07-19 21:20:18 +03:00			`public function nonCrossDomainRequestsAreNotAffected()`
Added first tests to Rest module 2016-07-19 19:19:05 +03:00			`{`
Improved CrossDomainMiddleware preventing headers to be injected on non-CORS requests 2016-07-19 21:20:18 +03:00			`$originalResponse = new Response();`
Added first tests to Rest module 2016-07-19 19:19:05 +03:00			`$response = $this->middleware->__invoke(`
			`ServerRequestFactory::fromGlobals(),`
Improved CrossDomainMiddleware preventing headers to be injected on non-CORS requests 2016-07-19 21:20:18 +03:00			`$originalResponse,`
			`function ($req, $resp) {`
			`return $resp;`
			`}`
			`);`
			`$this->assertSame($originalResponse, $response);`

			`$headers = $response->getHeaders();`
			`$this->assertArrayNotHasKey('Access-Control-Allow-Origin', $headers);`
			`$this->assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);`
			`}`

			`/**`
			`* @test`
			`*/`
			`public function anyRequestIncludesTheAllowAccessHeader()`
			`{`
			`$originalResponse = new Response();`
			`$response = $this->middleware->__invoke(`
			`ServerRequestFactory::fromGlobals()->withHeader('Origin', 'local'),`
			`$originalResponse,`
Added first tests to Rest module 2016-07-19 19:19:05 +03:00			`function ($req, $resp) {`
			`return $resp;`
			`}`
			`);`
Improved CrossDomainMiddleware preventing headers to be injected on non-CORS requests 2016-07-19 21:20:18 +03:00			`$this->assertNotSame($originalResponse, $response);`
Added first tests to Rest module 2016-07-19 19:19:05 +03:00
			`$headers = $response->getHeaders();`
			`$this->assertArrayHasKey('Access-Control-Allow-Origin', $headers);`
			`$this->assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);`
			`}`

			`/**`
			`* @test`
			`*/`
			`public function optionsRequestIncludesMoreHeaders()`
			`{`
Improved CrossDomainMiddleware preventing headers to be injected on non-CORS requests 2016-07-19 21:20:18 +03:00			`$originalResponse = new Response();`
			`$request = ServerRequestFactory::fromGlobals(['REQUEST_METHOD' => 'OPTIONS'])->withHeader('Origin', 'local');`
Added first tests to Rest module 2016-07-19 19:19:05 +03:00
Improved CrossDomainMiddleware preventing headers to be injected on non-CORS requests 2016-07-19 21:20:18 +03:00			`$response = $this->middleware->__invoke($request, $originalResponse, function ($req, $resp) {`
Added first tests to Rest module 2016-07-19 19:19:05 +03:00			`return $resp;`
			`});`
Improved CrossDomainMiddleware preventing headers to be injected on non-CORS requests 2016-07-19 21:20:18 +03:00			`$this->assertNotSame($originalResponse, $response);`
Added first tests to Rest module 2016-07-19 19:19:05 +03:00
			`$headers = $response->getHeaders();`
			`$this->assertArrayHasKey('Access-Control-Allow-Origin', $headers);`
			`$this->assertArrayHasKey('Access-Control-Allow-Headers', $headers);`
			`}`
			`}`