From 522c01c8e3acdca5af3dd90b3e6daed27dd039a3 Mon Sep 17 00:00:00 2001 From: samuelgfeller Date: Tue, 2 Apr 2024 11:52:26 +0200 Subject: [PATCH] Added cors middleware test [SLE-197] --- .github/workflows/build.yml | 9 +++++--- .scrutinizer.yml | 3 +-- README.md | 9 ++++++-- config/env/env.dev.php | 1 + config/env/env.example.php | 7 ++++-- config/env/env.prod.php | 12 ++++------ public/frontend/home.html | 7 +++--- tests/Integration/Api/CorsMiddlewareTest.php | 23 ++++++++++++++++++++ 8 files changed, 51 insertions(+), 20 deletions(-) create mode 100644 tests/Integration/Api/CorsMiddlewareTest.php diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ada63d6..14bdd88 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,3 +1,5 @@ +# Documentation:https://github.com/samuelgfeller/slim-example-project/wiki/GitHub-Actions#build-testing +# How to deploy: https://github.com/samuelgfeller/slim-example-project/wiki/GitHub-Actions#deploying-to-server name: 🧪 Build test on: push: @@ -7,6 +9,10 @@ on: pull_request: types: [ opened, synchronize, reopened ] +env: + # Set APP_ENV to 'github' so that settings.php loads the correct configuration for database migrations and testing + APP_ENV: github + jobs: run: runs-on: ${{ matrix.operating-system }} @@ -69,8 +75,6 @@ jobs: - name: Execute database migrations run: composer migrate-prod - env: - APP_ENV: github - name: Show test db tables run: mysql -uroot -proot -D ${{ matrix.test-database }} -e "SHOW TABLES;" @@ -78,5 +82,4 @@ jobs: - name: Run test suite run: composer test env: - APP_ENV: github PHP_CS_FIXER_IGNORE_ENV: 1 diff --git a/.scrutinizer.yml b/.scrutinizer.yml index a2f59fd..a9e47b8 100644 --- a/.scrutinizer.yml +++ b/.scrutinizer.yml @@ -1,7 +1,6 @@ filter: paths: [ "src/*" ] - excluded_paths: [ "vendor/*", "tests/*", "resources/", "public/", "src/Infrastructure/Console/**", - "src/Application/ErrorHandler/**", ] + excluded_paths: [ "vendor/*", "tests/*", "resources/", "public/", "src/Infrastructure/Console/**", "src/Application/ErrorHandler/**", ] checks: php: diff --git a/README.md b/README.md index f172e40..b75de89 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,11 @@

Slim API starter

[![Latest Version on Packagist](https://img.shields.io/github/release/samuelgfeller/slim-api-starter.svg)](https://packagist.org/packages/slim-api-starter) +[![Code Coverage](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/?branch=master) +[![Build Status](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/badges/build.png?b=master)](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/build-status/master) +[![Quality Score](https://img.shields.io/scrutinizer/quality/g/samuelgfeller/slim-api-starter.svg)](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/?branch=master) +[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg)](LICENSE) + [Slim 4](https://www.slimframework.com/) API starter template with a few examples and some essential [features](#features) to build a secure and scalable API following 2024 best practices and @@ -65,7 +70,7 @@ demo table `user`: composer migrate ``` -### 4. Insert demo data +#### 4. Insert demo data You can install four demo users into the database to test the API response by running the following command: @@ -81,7 +86,7 @@ Replace the matrix value "test-database" `slim_api_starter_test` with the name o your test database as you specified in `config/env/env.test.php`. If you are not using Scrutinizer, remove the "Scrutinizer Scan" step from the workflow. -### Done! +#### Done! That's it! Your project should now be fully set up and ready to use. If you are using XAMPP and installed the project in the `htdocs` folder, you can access it via http://localhost/project-name. diff --git a/config/env/env.dev.php b/config/env/env.dev.php index 32f6a9b..13e88df 100644 --- a/config/env/env.dev.php +++ b/config/env/env.dev.php @@ -1,6 +1,7 @@ 'val', 'nextKey' => 'nextVal',]; + * correct: $settings['db]['key'] = 'val'; $settings['db]['nextKey'] = 'nextVal'; + * incorrect $settings['db'] = [ 'key' => 'val', 'nextKey' => 'nextVal',]; + * Every key must be set by its own to not overwrite the entire array. + * + * Documentation: https://github.com/samuelgfeller/slim-example-project/wiki/Configuration */ // $_ENV['APP_ENV'] should be set to "prod" in the secret env.php file of the prod server. diff --git a/config/env/env.prod.php b/config/env/env.prod.php index 4e3a0ba..d25c8c6 100644 --- a/config/env/env.prod.php +++ b/config/env/env.prod.php @@ -1,19 +1,16 @@ 'val', 'nextKey' => 'nextVal',]; - * good $settings['db]['key'] = 'val'; $settings['db]['nextKey'] = 'nextVal'; - * It's mandatory to set every key by its own and not remap the entire array + * correct: $settings['db]['key'] = 'val'; $settings['db]['nextKey'] = 'nextVal'; + * incorrect $settings['db'] = [ 'key' => 'val', 'nextKey' => 'nextVal',]; + * Every key must be set by its own to not overwrite the entire array. */ -// error_reporting taken from server php.ini -// display_errors value defined in server - // Error handler. More controlled than ini $settings['error']['display_error_details'] = false; @@ -22,4 +19,3 @@ // $settings['db']['database'] = ''; // $settings['api']['allowed_origin'] = 'https://prod-frontend-domain.com'; -$settings['api']['allowed_origin'] = 'https://slim-api-starter-frontend.samuel-gfeller.ch'; diff --git a/public/frontend/home.html b/public/frontend/home.html index a9b6ffc..4e61476 100644 --- a/public/frontend/home.html +++ b/public/frontend/home.html @@ -8,12 +8,13 @@

Frontend for Slim API Starter

-

This frontend is an example of a separate application that will communicate with the API.

+

This frontend is an example of a separate application that communicates with the API.

The link to the actual frontend must be added to the $settings['api']['allowed_origin'] in the config files: config/env/env.dev.php and config/env/env.prod.php.

-

You can test the API by clicking on the button below. It should request the list of users - that were inserted for demonstration purposes.

+

You can test the API by clicking on the button below which will make an Ajax + GET request to retrieve the list of users + that are in the database.

diff --git a/tests/Integration/Api/CorsMiddlewareTest.php b/tests/Integration/Api/CorsMiddlewareTest.php new file mode 100644 index 0000000..fc98daa --- /dev/null +++ b/tests/Integration/Api/CorsMiddlewareTest.php @@ -0,0 +1,23 @@ +createRequest('OPTIONS', ''); + $response = $this->app->handle($request); + $allowedUrl = $this->container->get('settings')['api']['allowed_origin']; + // Check that the response contains the Access-Control-Allow-Origin header + self::assertSame($allowedUrl, $response->getHeaderLine('Access-Control-Allow-Origin')); + } +}