mirror of
https://github.com/MarijnDoeve/TijdVoorDeTest.git
synced 2026-07-11 12:28:23 +02:00
test: expand coverage, dedupe data-driven tests, extract shared WebTestCase base (#201)
* test: expand coverage, dedupe data-driven tests, extract shared WebTestCase base - Add #[CoversClass] to Base64Test and FilenameSanitizerTest - Merge near-duplicate test methods into #[DataProvider] cases across ResetPasswordControllerTest, SettingsControllerTest, ClaimSeasonCommandTest, FilenameSanitizerTest, Base64Test, and SeasonRepositoryTest - Add integration tests for previously untested controllers: public QuizController (quiz-taking flow), LoginController, RegistrationController, EliminationController, and PrepareEliminationController - Add unit tests for Elimination and BankQuestion entity logic - Extract shared WebTestCase setup/helpers (client, entityManager, login, entity lookups, CSRF token scraping) into AbstractControllerWebTestCase, removing duplicated boilerplate from all 14 WebTestCase files * test: address PR review feedback - Scope AbstractControllerWebTestCase::getCandidate/getQuizByName by season code (both Candidate and Quiz are only unique per season, not system-wide) and add a CandidateRepository regression test guarding against same-named candidates in different seasons - Add missing entityManager->clear() before verifying DB state after a POST in PrepareEliminationControllerTest and QuestionBankControllerTest - Add non-owner denial tests for BackofficeController::exportQuiz and QuizQuestionController::edit/reorder, which had IsGranted checks with no test coverage * ci: publish PHPUnit coverage to GitHub code coverage - Generate a Cobertura report alongside the existing JUnit report and upload it with actions/upload-code-coverage so coverage shows up on PRs and the default branch via GitHub's code coverage feature - Add a step to copy both reports out of the php container before publishing them, since var/ is a Docker volume (see the Dockerfile's VOLUME /app/var/) and isn't bind-mounted to the runner — this also fixes the existing JUnit report publishing step, which was silently looking at a path that never had contets on the runner * ci: fix coverage report paths and tolerate Code Quality not yet enabled - Write PHPUnit's JUnit and Cobertura reports to reports/ instead of var/, since var/ is a Docker volume (Dockerfile's VOLUME /app/var/) that isn't bind-mounted to the runner - reports written there never reached the host, which is also why the prior junit.xml publish step had nothing to read. reports/ is a plain path under the project's bind mount, so no extra copy-out step is needed - Set fail-on-error: false on the coverage upload step: it 404s until "Code Quality" is turned on for the repo under Settings > Code security > Code quality, a one-time manual step
This commit is contained in:
@@ -4,28 +4,34 @@ declare(strict_types=1);
|
||||
|
||||
namespace Tvdt\Tests\Helpers;
|
||||
|
||||
use PHPUnit\Framework\Attributes\CoversClass;
|
||||
use PHPUnit\Framework\Attributes\DataProvider;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Safe\Exceptions\UrlException;
|
||||
use Tvdt\Helpers\Base64;
|
||||
|
||||
#[CoversClass(Base64::class)]
|
||||
final class Base64Test extends TestCase
|
||||
{
|
||||
public function testBase64UrlEncode(): void
|
||||
/** @return iterable<string, array{string, string}> */
|
||||
public static function pairProvider(): iterable
|
||||
{
|
||||
$this->assertSame('TWFyaWpu', Base64::base64UrlEncode('Marijn'));
|
||||
$this->assertSame('UGhpbGluZQ', Base64::base64UrlEncode('Philine'));
|
||||
|
||||
$this->assertSame('_g', Base64::base64UrlEncode(\chr(254)));
|
||||
$this->assertSame('-g', Base64::base64UrlEncode(\chr(250)));
|
||||
yield 'Marijn' => ['Marijn', 'TWFyaWpu'];
|
||||
yield 'Philine' => ['Philine', 'UGhpbGluZQ'];
|
||||
yield 'byte 254' => [\chr(254), '_g'];
|
||||
yield 'byte 250' => [\chr(250), '-g'];
|
||||
}
|
||||
|
||||
public function testBase64UrlDecode(): void
|
||||
#[DataProvider('pairProvider')]
|
||||
public function testBase64UrlEncode(string $decoded, string $encoded): void
|
||||
{
|
||||
$this->assertSame('Marijn', Base64::base64UrlDecode('TWFyaWpu'));
|
||||
$this->assertSame('Philine', Base64::base64UrlDecode('UGhpbGluZQ'));
|
||||
$this->assertSame($encoded, Base64::base64UrlEncode($decoded));
|
||||
}
|
||||
|
||||
$this->assertSame(\chr(254), Base64::base64UrlDecode('_g'));
|
||||
$this->assertSame(\chr(250), Base64::base64UrlDecode('-g'));
|
||||
#[DataProvider('pairProvider')]
|
||||
public function testBase64UrlDecode(string $decoded, string $encoded): void
|
||||
{
|
||||
$this->assertSame($decoded, Base64::base64UrlDecode($encoded));
|
||||
}
|
||||
|
||||
public function testBase64UrlDecodeCanHandlePadding(): void
|
||||
|
||||
@@ -4,41 +4,31 @@ declare(strict_types=1);
|
||||
|
||||
namespace Tvdt\Tests\Helpers;
|
||||
|
||||
use PHPUnit\Framework\Attributes\CoversClass;
|
||||
use PHPUnit\Framework\Attributes\DataProvider;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Tvdt\Helpers\FilenameSanitizer;
|
||||
|
||||
#[CoversClass(FilenameSanitizer::class)]
|
||||
final class FilenameSanitizerTest extends TestCase
|
||||
{
|
||||
public function testReplacesSpacesWithDashes(): void
|
||||
/** @return iterable<string, array{string, string}> */
|
||||
public static function sanitizeProvider(): iterable
|
||||
{
|
||||
$this->assertSame('Krtek-Weekend', FilenameSanitizer::sanitize('Krtek Weekend'));
|
||||
yield 'replaces spaces with dashes' => ['Krtek Weekend', 'Krtek-Weekend'];
|
||||
yield 'strips path traversal' => ['../../etc/passwd', 'etc-passwd'];
|
||||
yield 'strips forward slash' => ['a/b', 'a-b'];
|
||||
yield 'strips backslash' => ['a\\b', 'a-b'];
|
||||
yield 'strips control characters and special symbols' => ["Quiz #1 <script>\0", 'Quiz-1-script'];
|
||||
yield 'transliterates unicode to ascii' => ['Wéird Ñame', 'Weird-Name'];
|
||||
yield 'transliterates at sign in email' => ['test@example.org', 'test-example-org'];
|
||||
yield 'returns unnamed for empty input' => ['', 'unnamed'];
|
||||
yield 'returns unnamed for fully stripped input' => ['///', 'unnamed'];
|
||||
}
|
||||
|
||||
public function testStripsPathSeparatorsAndTraversal(): void
|
||||
#[DataProvider('sanitizeProvider')]
|
||||
public function testSanitize(string $input, string $expected): void
|
||||
{
|
||||
$this->assertSame('etc-passwd', FilenameSanitizer::sanitize('../../etc/passwd'));
|
||||
$this->assertSame('a-b', FilenameSanitizer::sanitize('a/b'));
|
||||
$this->assertSame('a-b', FilenameSanitizer::sanitize('a\\b'));
|
||||
}
|
||||
|
||||
public function testStripsControlCharactersAndSpecialSymbols(): void
|
||||
{
|
||||
$this->assertSame('Quiz-1-script', FilenameSanitizer::sanitize("Quiz #1 <script>\0"));
|
||||
}
|
||||
|
||||
public function testTransliteratesUnicodeToAscii(): void
|
||||
{
|
||||
$this->assertSame('Weird-Name', FilenameSanitizer::sanitize('Wéird Ñame'));
|
||||
}
|
||||
|
||||
public function testTransliteratesAtSignInEmail(): void
|
||||
{
|
||||
$this->assertSame('test-example-org', FilenameSanitizer::sanitize('test@example.org'));
|
||||
}
|
||||
|
||||
public function testReturnsUnnamedForEmptyOrFullyStrippedInput(): void
|
||||
{
|
||||
$this->assertSame('unnamed', FilenameSanitizer::sanitize(''));
|
||||
$this->assertSame('unnamed', FilenameSanitizer::sanitize('///'));
|
||||
$this->assertSame($expected, FilenameSanitizer::sanitize($input));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user