openinfra/openstackid-resources
Code Issues Proposed changes
openstackid-resources/tests/ProtectedApiTest.php
smarcet 9f01b9e3b3 Booking Rooms Model 
* model changes

* Endpoint to get all avaible booking rooms per summit

GET /api/v1/summits/{id}/locations/bookable-rooms

query string params

page ( int ) current page number
per_page ( int) max amount of items per page
filter ( allowed fields: name, description, cost, capacity, availability_day[epoch], attribute[string|number])
order ( allowed fields id,name,capacity)
expand ( allowed relations venue,floor,attribute_type)

scopes
%s/bookable-rooms/read
%s/summits/read/all

* Endpoint to get slot availability  per room

GET /api/v1/summits/{id}/locations/bookable-rooms/{room_id}/availability/{day}

where id is summit id (integer)
room_id ( integer)
and day (epoch timestamp)

scopes
%s/bookable-rooms/read
%s/summits/read/all

* endpoint create reservation

POST /api/v1/summits/{id}/locations/bookable-rooms/{room_id}/reservations

payload

'currency'       => 'required|string|currency_iso',
'amount'         => 'required|integer',
'start_datetime' => 'required|date_format:U',
'end_datetime'   => 'required|date_format:U|after:start_datetime',

scopes
%s/bookable-rooms/my-reservations/write

* endpoint to get all my reservations

GET /api/v1/summits/{id}/locations/bookable-rooms/all/reservations/me

query string params

expand [owner, room, type]

scopes
%s/bookable-rooms/my-reservations/read

* endpoint to cancel/ask for refund a reservation

DELETE /api/v1/summits/{id}/locations/bookable-rooms/all/reservations/{reservation_id}

scopes
%s/bookable-rooms/my-reservations/write

Change-Id: I741878c6ffc833ba23fca40f09f4664b42c8edd4
2019-06-03 19:20:15 -03:00

160 lines
5.8 KiB
PHP
Raw Blame History

<?php
/**
* Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Config;
use models\oauth2\AccessToken;
use App\Models\ResourceServer\IAccessTokenService;
use App\Security\SummitScopes;
use App\Security\OrganizationScopes;
use App\Security\MemberScopes;
/**
* Class AccessTokenServiceStub
*/
class AccessTokenServiceStub implements IAccessTokenService
{
/**
* @param string $token_value
* @return AccessToken
* @throws \libs\oauth2\OAuth2InvalidIntrospectionResponse
*/
public function get($token_value)
{
$url = Config::get('app.scope_base_realm');
$parts = @parse_url($url);
$realm = $parts['host'];
$scopes = array(
$url . '/public-clouds/read',
$url . '/private-clouds/read',
$url . '/consultants/read',
$url . '/summits/read',
$url . '/summits/read/all',
$url . '/summits/write',
$url . '/summits/write-event',
$url . '/summits/publish-event',
$url . '/summits/delete-event',
$url . '/summits/read-external-orders',
$url . '/summits/confirm-external-orders',
$url . '/summits/write-videos',
$url . '/me/read',
$url . '/summits/read-notifications',
$url . '/members/read',
$url . '/members/read/me',
$url . '/members/invitations/read',
$url . '/members/invitations/write',
$url . '/teams/read',
$url . '/teams/write',
$url . '/me/summits/events/favorites/add',
$url . '/me/summits/events/favorites/delete',
sprintf(SummitScopes::WriteSpeakersData, $url),
sprintf(SummitScopes::WriteMySpeakersData, $url),
sprintf(SummitScopes::WriteAttendeesData, $url),
sprintf(MemberScopes::WriteMemberData, $url),
sprintf(MemberScopes::WriteMyMemberData, $url),
sprintf(SummitScopes::WritePromoCodeData, $url),
sprintf(OrganizationScopes::WriteOrganizationData, $url),
sprintf(OrganizationScopes::ReadOrganizationData, $url),
sprintf(SummitScopes::WritePresentationMaterialsData, $url),
sprintf(SummitScopes::ReadMyBookableRoomsReservationData, $url),
sprintf(SummitScopes::WriteMyBookableRoomsReservationData, $url),
);
return AccessToken::createFromParams('123456789', implode(' ', $scopes), '1', $realm, '1','11624', 3600, 'WEB_APPLICATION', '', '');
}
}
class AccessTokenServiceStub2 implements IAccessTokenService
{
/**
* @param string $token_value
* @return AccessToken
* @throws \libs\oauth2\OAuth2InvalidIntrospectionResponse
*/
public function get($token_value)
{
$url = Config::get('app.scope_base_realm');
$parts = @parse_url($url);
$realm = $parts['host'];
$scopes = array(
$url . '/public-clouds/read',
$url . '/private-clouds/read',
$url . '/consultants/read',
$url . '/summits/read',
$url . '/summits/read/all',
$url . '/summits/write',
$url . '/summits/write-event',
$url . '/summits/publish-event',
$url . '/summits/delete-event',
$url . '/summits/read-external-orders',
$url . '/summits/confirm-external-orders',
$url . '/summits/write-videos',
$url . '/summits/write-videos',
$url . '/me/read',
$url . '/summits/read-notifications',
$url . '/members/read',
$url . '/members/read/me',
$url . '/members/invitations/read',
$url . '/members/invitations/write',
$url . '/teams/read',
$url . '/teams/write',
$url . '/me/summits/events/favorites/add',
$url . '/me/summits/events/favorites/delete',
sprintf(SummitScopes::WriteSpeakersData, $url),
sprintf(SummitScopes::WriteMySpeakersData, $url),
sprintf(SummitScopes::WriteAttendeesData, $url),
sprintf(MemberScopes::WriteMemberData, $url),
sprintf(SummitScopes::WritePromoCodeData, $url),
sprintf(OrganizationScopes::WriteOrganizationData, $url),
sprintf(OrganizationScopes::ReadOrganizationData, $url),
sprintf(SummitScopes::WritePresentationMaterialsData, $url),
sprintf(SummitScopes::ReadMyBookableRoomsReservationData, $url),
sprintf(SummitScopes::WriteMyBookableRoomsReservationData, $url),
);
return AccessToken::createFromParams('123456789', implode(' ', $scopes), '1', $realm, null,null, 3600, 'SERVICE', '', '');
}
}
/**
* Class ProtectedApiTest
*/
abstract class ProtectedApiTest extends \Tests\BrowserKitTestCase
{
/**
* @var string
*/
protected $access_token;
public function createApplication()
{
$app = parent::createApplication();
App::singleton('App\Models\ResourceServer\IAccessTokenService', 'AccessTokenServiceStub');
return $app;
}
public function setUp()
{
$this->access_token = '123456789';
parent::setUp();
}
public function tearDown()
{
Mockery::close();
parent::tearDown();
}
}
View Git Blame Copy Permalink