Added cors middleware test [SLE-197]

samuelgfeller · Apr 2, 2024 · 522c01c · 522c01c
1 parent 2eb03a8
commit 522c01c
Show file tree

Hide file tree

Showing 8 changed files with 51 additions and 20 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,3 +1,5 @@
+# Documentation:https://github.com/samuelgfeller/slim-example-project/wiki/GitHub-Actions#build-testing
+# How to deploy: https://github.com/samuelgfeller/slim-example-project/wiki/GitHub-Actions#deploying-to-server
 name: 🧪 Build test
 on:
   push:
@@ -7,6 +9,10 @@ on:
   pull_request:
     types: [ opened, synchronize, reopened ]
 
+env:
+  # Set APP_ENV to 'github' so that settings.php loads the correct configuration for database migrations and testing
+  APP_ENV: github
+
 jobs:
   run:
     runs-on: ${{ matrix.operating-system }}
@@ -69,14 +75,11 @@ jobs:
 
       - name: Execute database migrations
         run: composer migrate-prod
-        env:
-          APP_ENV: github
 
       - name: Show test db tables
         run: mysql -uroot -proot -D ${{ matrix.test-database }} -e "SHOW TABLES;"
 
       - name: Run test suite
         run: composer test
         env:
-          APP_ENV: github
           PHP_CS_FIXER_IGNORE_ENV: 1
diff --git a/.scrutinizer.yml b/.scrutinizer.yml
@@ -1,7 +1,6 @@
 filter:
   paths: [ "src/*" ]
-  excluded_paths: [ "vendor/*", "tests/*", "resources/", "public/", "src/Infrastructure/Console/**",
-                    "src/Application/ErrorHandler/**", ]
+  excluded_paths: [ "vendor/*", "tests/*", "resources/", "public/", "src/Infrastructure/Console/**", "src/Application/ErrorHandler/**", ]
 
 checks:
   php:

diff --git a/README.md b/README.md
@@ -3,6 +3,11 @@
 <h1>Slim <img src="https://i.imgur.com/YzDYQ0V.png" width="60px" alt="API"> starter</h1>
 
 [![Latest Version on Packagist](https://img.shields.io/github/release/samuelgfeller/slim-api-starter.svg)](https://packagist.org/packages/slim-api-starter)
+[![Code Coverage](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/?branch=master)
+[![Build Status](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/badges/build.png?b=master)](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/build-status/master)
+[![Quality Score](https://img.shields.io/scrutinizer/quality/g/samuelgfeller/slim-api-starter.svg)](https://scrutinizer-ci.com/g/samuelgfeller/slim-api-starter/?branch=master)
+[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg)](LICENSE)
+
 
 [Slim 4](https://www.slimframework.com/) API starter template with a few examples and some essential [features](#features) to 
 build a secure and scalable API following 2024 best practices and 
@@ -65,7 +70,7 @@ demo table `user`:
 composer migrate
 ```
 
-### 4. Insert demo data
+#### 4. Insert demo data
 You can install four demo users into the database to test the API response by
 running the following command:
 
@@ -81,7 +86,7 @@ Replace the matrix value "test-database" `slim_api_starter_test` with the name o
 your test database as you specified in `config/env/env.test.php`.
 If you are not using Scrutinizer, remove the "Scrutinizer Scan" step from the workflow.  
 
-### Done!
+#### Done!
 That's it! Your project should now be fully set up and ready to use.  
 If you are using XAMPP and installed the project in the `htdocs` folder, you can access it via
 http://localhost/project-name.  

diff --git a/config/env/env.dev.php b/config/env/env.dev.php
@@ -1,6 +1,7 @@
 <?php
 /**
  * Development specific configuration values.
+ * https://github.com/samuelgfeller/slim-example-project/wiki/Configuration
  */
 
 // Set false to show production error pages

diff --git a/config/env/env.example.php b/config/env/env.example.php
@@ -6,8 +6,11 @@
  * the project root directory, to protect against overwriting at deployment.
  *
  * How to set values
- * good $settings['db]['key'] = 'val'; $settings['db]['nextKey'] = 'nextVal';
- * bad $settings['db'] = [ 'key' => 'val', 'nextKey' => 'nextVal',];
+ * correct: $settings['db]['key'] = 'val'; $settings['db]['nextKey'] = 'nextVal';
+ * incorrect $settings['db'] = [ 'key' => 'val', 'nextKey' => 'nextVal',];
+ * Every key must be set by its own to not overwrite the entire array.
+ *
+ * Documentation: https://github.com/samuelgfeller/slim-example-project/wiki/Configuration
  */
 
 // $_ENV['APP_ENV'] should be set to "prod" in the secret env.php file of the prod server.

diff --git a/config/env/env.prod.php b/config/env/env.prod.php
@@ -1,19 +1,16 @@
 <?php
 /**
- * Production specific configuration values.
+ * Production-specific configuration values.
  *
  * For these settings to be taken into account in production,
  * $_ENV['APP_ENV'] must be set to "prod" in the env.php file of the productive server.
  *
  * How to set values
- * bad $settings['db'] = [ 'key' => 'val', 'nextKey' => 'nextVal',];
- * good $settings['db]['key'] = 'val'; $settings['db]['nextKey'] = 'nextVal';
- * It's mandatory to set every key by its own and not remap the entire array
+ * correct: $settings['db]['key'] = 'val'; $settings['db]['nextKey'] = 'nextVal';
+ * incorrect $settings['db'] = [ 'key' => 'val', 'nextKey' => 'nextVal',];
+ * Every key must be set by its own to not overwrite the entire array.
  */
 
-// error_reporting taken from server php.ini
-// display_errors value defined in server
-
 // Error handler. More controlled than ini
 $settings['error']['display_error_details'] = false;
 
@@ -22,4 +19,3 @@
 // $settings['db']['database'] = '';
 
 // $settings['api']['allowed_origin'] = 'https://prod-frontend-domain.com';
-$settings['api']['allowed_origin'] = 'https://slim-api-starter-frontend.samuel-gfeller.ch';
diff --git a/public/frontend/home.html b/public/frontend/home.html
@@ -8,12 +8,13 @@
 </head>
 <body>
 <h1>Frontend for Slim API Starter</h1>
-<p>This frontend is an example of a separate application that will communicate with the API.</p>
+<p>This frontend is an example of a separate application that communicates with the API.</p>
 <p>The link to the actual frontend must be added to the <code>$settings['api']['allowed_origin']</code>
     in the config files: <code class="file-name">config/env/env.dev.php</code> and <code class="file-name">config/env/env.prod.php</code>.
 </p>
-<p>You can test the API by clicking on the button below. It should request the list of users
-    that were inserted for demonstration purposes.</p>
+<p>You can test the API by clicking on the button below which will make an Ajax
+    GET request to retrieve the list of users
+    that are in the database.</p>
 <button id="request-users-btn">GET /users</button>
 <pre id="request-output" style="display: none"></pre>
 

diff --git a/tests/Integration/Api/CorsMiddlewareTest.php b/tests/Integration/Api/CorsMiddlewareTest.php
@@ -0,0 +1,23 @@
+<?php
+
+namespace Api;
+
+use App\Test\Trait\AppTestTrait;
+use PHPUnit\Framework\TestCase;
+use TestTraits\Trait\HttpTestTrait;
+
+class CorsMiddlewareTest extends TestCase
+{
+    use AppTestTrait;
+    use HttpTestTrait;
+
+    public function testCorsMiddleware(): void
+    {
+        // Make options request
+        $request = $this->createRequest('OPTIONS', '');
+        $response = $this->app->handle($request);
+        $allowedUrl = $this->container->get('settings')['api']['allowed_origin'];
+        // Check that the response contains the Access-Control-Allow-Origin header
+        self::assertSame($allowedUrl, $response->getHeaderLine('Access-Control-Allow-Origin'));
+    }
+}