From c9bd4a30370b48eda3c26bbb3e00a5a149fb2f55 Mon Sep 17 00:00:00 2001
From: Sergei Tsoganov <sergei@Sergeis-MacBook-Pro-2.local>
Date: Thu, 29 Jun 2023 15:27:47 +0300
Subject: [PATCH] Added certificate REPP integration tests

---
 .../repp/v1/certificates/create_test.rb       | 94 +++++++++++++++++++
 .../repp/v1/certificates/download_test.rb     | 49 ++++++++++
 .../repp/v1/certificates/show_test.rb         | 50 ++++++++++
 3 files changed, 193 insertions(+)
 create mode 100644 test/integration/repp/v1/certificates/create_test.rb
 create mode 100644 test/integration/repp/v1/certificates/download_test.rb
 create mode 100644 test/integration/repp/v1/certificates/show_test.rb

diff --git a/test/integration/repp/v1/certificates/create_test.rb b/test/integration/repp/v1/certificates/create_test.rb
new file mode 100644
index 000000000..47b866f9f
--- /dev/null
+++ b/test/integration/repp/v1/certificates/create_test.rb
@@ -0,0 +1,94 @@
+require 'test_helper'
+
+class ReppV1CertificatesCreateTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+
+    adapter = ENV['shunter_default_adapter'].constantize.new
+    adapter&.clear!
+  end
+
+  def test_creates_new_api_user_certificate_and_informs_admins
+    assert_difference('Certificate.count') do
+      assert_difference 'ActionMailer::Base.deliveries.size', +1 do
+        post repp_v1_certificates_path, headers: @auth_headers, params: request_body
+      end
+    end
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+  end
+
+  def test_return_error_when_invalid_certificate
+    request_body = {
+      certificate: {
+        api_user_id: @user.id,
+        csr: {
+          body: 'invalid',
+          type: 'csr',
+        },
+      },
+    }
+
+    post repp_v1_certificates_path, headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert json[:message].include? 'Invalid CSR or CRT'
+  end
+
+  def test_returns_error_response_if_throttled
+    ENV['shunter_default_threshold'] = '1'
+    ENV['shunter_enabled'] = 'true'
+
+    post repp_v1_certificates_path, headers: @auth_headers, params: request_body
+    post repp_v1_certificates_path, headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal json[:code], 2502
+    assert response.body.include?(Shunter.default_error_message)
+    ENV['shunter_default_threshold'] = '10000'
+    ENV['shunter_enabled'] = 'false'
+  end
+
+  def request_body
+    {
+      certificate: {
+        api_user_id: @user.id,
+        csr: {
+          body: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQ3dqQ0NB\n" \
+            "YW9DQVFBd2ZURUxNQWtHQTFVRUJoTUNSVlF4RVRBUEJnTlZCQWdNQ0VoaGNt\n" \
+            "cDFiV0ZoTVJBdwpEZ1lEVlFRSERBZFVZV3hzYVc1dU1SUXdFZ1lEVlFRS0RB\n" \
+            "dEpiblJsY201bGRDNWxaVEVRTUE0R0ExVUVBd3dICmFHOXpkQzVsWlRFaE1C\n" \
+            "OEdDU3FHU0liM0RRRUpBUllTYzJWeVoyVnBkRFpBWjIxaGFXd3VZMjl0TUlJ\n" \
+            "QklqQU4KQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBdk80\n" \
+            "UWltNlFxUzFRWVVRNjFUbGk0UG9DTTlhZgp4dUI5ZFM4endMb2hsOWhSOWdI\n" \
+            "dGJmcHpwSk5hLzlGeW0zcUdUZ3V0eVd3VGtWV3FzL0o3UjVpckxaY1pKaXI4\n" \
+            "CnZMZEo4SWlKL3ZTRDdNeS9oNzRRdHFGZlNNSi85bzAyUkJRdVFSWUU4Z3hU\n" \
+            "ZTRiMjU5NUJVQnZIUTFyczQxaGoKLzJ6SytuRDBsbHVvUFdrNnBCZ1NGZkN1\n" \
+            "Y0tWcE44Tm5vZUdGUjRnWHJQT0t2bkMwb3BxNi9SWmJxYm9hbTkxZwpWYWJ0\n" \
+            "Y0t4d3pmd2kxUlYzUUVxRXRUY0QvS0NwTzJRMTVXR3FtN2ZFYVMwVlZCckZw\n" \
+            "bzZWanZCSXUxRXJvcWJZCnBRaE9MZSt2RUh2bXFTS2JhZmFGTC9ZNHZyaU9P\n" \
+            "aU5yS01LTnR3cmVzeUI5TVh4YlNlMG9LSE1IVndJREFRQUIKb0FBd0RRWUpL\n" \
+            "b1pJaHZjTkFRRUxCUUFEZ2dFQkFKdEViWnlXdXNaeis4amVLeVJzL1FkdXNN\n" \
+            "bEVuV0RQTUdhawp3cllBbTVHbExQSEEybU9TUjkwQTY5TFBtY1FUVUtTTVRa\n" \
+            "NDBESjlnS2IwcVM3czU2UVFzblVQZ0hPMlFpWDlFCjZRcnVSTzNJN2kwSHZO\n" \
+            "K3g1Q29qUHBwQTNHaVdBb0dObG5uaWF5ZTB1UEhwVXFLbUcwdWFmVUpXS2tL\n" \
+            "Vi9vN3cKQXBIQWlQU0lLNHFZZ1FtZDBOTTFmM0FBL21pRi9xa3lZVGMya05s\n" \
+            "bG5DNm9vdldmV2hvSjdUdWluaE9Ka3BaaAp6YksxTHVoQ0FtWkNCVHowQmRt\n" \
+            "R2szUmVKL2dGTGpHWC9qd3BQRURPRGJHdkpYSzFuZzBwbXFlOFZzSms2SVYz\n" \
+            "Ckw0T3owY1JzTTc1UGtQbGloQ3RJOEJGQk04YVhCZjJ6QXZiV0NpY3piWTRh\n" \
+            "enBzc3VMbz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0tCg==\n",
+          type: 'csr',
+        },
+      },
+    }
+  end
+end
diff --git a/test/integration/repp/v1/certificates/download_test.rb b/test/integration/repp/v1/certificates/download_test.rb
new file mode 100644
index 000000000..df798b354
--- /dev/null
+++ b/test/integration/repp/v1/certificates/download_test.rb
@@ -0,0 +1,49 @@
+require 'test_helper'
+
+class ReppV1CertificatesDownloadTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @certificate = certificates(:api)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+
+    adapter = ENV['shunter_default_adapter'].constantize.new
+    adapter&.clear!
+  end
+
+  def test_returns_error_when_not_found
+    get download_repp_v1_api_user_certificate_path(id: 'wrong', api_user_id: @user.id, type: 'crt'), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+    assert_equal 2303, json[:code]
+    assert_equal 'Object does not exist', json[:message]
+  end
+
+  def test_shows_existing_api_user_certificate
+    get download_repp_v1_api_user_certificate_path(api_user_id: @user.id, id: @certificate, type: 'crt'), headers: @auth_headers
+
+    expected_filename = "#{@user.username}_#{Time.zone.today.strftime('%y%m%d')}_portal.crt.pem"
+
+    assert_response :success
+    assert_equal 'application/octet-stream', response.content_type
+    assert response.headers['Content-Disposition'].include? "attachment; filename=\"#{expected_filename}\""
+  end
+
+  def test_returns_error_response_if_throttled
+    ENV['shunter_default_threshold'] = '1'
+    ENV['shunter_enabled'] = 'true'
+
+    get download_repp_v1_api_user_certificate_path(api_user_id: @user.id, id: @certificate, type: 'crt'), headers: @auth_headers
+    get download_repp_v1_api_user_certificate_path(api_user_id: @user.id, id: @certificate, type: 'crt'), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal json[:code], 2502
+    assert response.body.include?(Shunter.default_error_message)
+    ENV['shunter_default_threshold'] = '10000'
+    ENV['shunter_enabled'] = 'false'
+  end
+end
diff --git a/test/integration/repp/v1/certificates/show_test.rb b/test/integration/repp/v1/certificates/show_test.rb
new file mode 100644
index 000000000..d16b0d3b5
--- /dev/null
+++ b/test/integration/repp/v1/certificates/show_test.rb
@@ -0,0 +1,50 @@
+require 'test_helper'
+
+class ReppV1CertificatesShowTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @certificate = certificates(:api)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+
+    adapter = ENV['shunter_default_adapter'].constantize.new
+    adapter&.clear!
+  end
+
+  def test_returns_error_when_not_found
+    get repp_v1_api_user_certificate_path(id: 'definitelynotexistant', api_user_id: @user.id), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :not_found
+    assert_equal 2303, json[:code]
+    assert_equal 'Object does not exist', json[:message]
+  end
+
+  def test_shows_existing_api_user_certificate
+    get repp_v1_api_user_certificate_path(api_user_id: @user.id, id: @certificate), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    assert_equal 1000, json[:code]
+    assert_equal 'Command completed successfully', json[:message]
+
+    assert_equal @certificate.id, json[:data][:cert][:id]
+  end
+
+  def test_returns_error_response_if_throttled
+    ENV['shunter_default_threshold'] = '1'
+    ENV['shunter_enabled'] = 'true'
+
+    get repp_v1_api_user_certificate_path(api_user_id: @user.id, id: @certificate), headers: @auth_headers
+    get repp_v1_api_user_certificate_path(api_user_id: @user.id, id: @certificate), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal json[:code], 2502
+    assert response.body.include?(Shunter.default_error_message)
+    ENV['shunter_default_threshold'] = '10000'
+    ENV['shunter_enabled'] = 'false'
+  end
+end