test(api) : add comprehensive API test suite (161 tests)

- Add AbstractApiTestCase with auth helpers and entity factories - Add tests for all entities: Machine, Piece, Composant, Product, Site, ModelType, Constructeur, CustomField, CustomFieldValue, Document, MachineComponentLink, MachinePieceLink, MachineProductLink, Profile - Add controller tests: CommentController, EntityHistory - Add HealthCheck, Filter, Pagination, Validation, Session tests - Test auth (401), authorization (403), CRUD, and edge cases Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 13:42:56 +01:00
parent b342d0e50a
commit efc6ec5691
22 changed files with 2843 additions and 0 deletions
--- a/tests/Api/Session/SessionProfileTest.php
+++ b/tests/Api/Session/SessionProfileTest.php
@@ -0,0 +1,138 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Api\Session;
+
+use App\Tests\AbstractApiTestCase;
+
+/**
+ * @internal
+ */
+class SessionProfileTest extends AbstractApiTestCase
+{
+    private const PASSWORD = 'secret123';
+
+    public function testLoginSuccess(): void
+    {
+        $profile = $this->createProfile(password: self::PASSWORD);
+        $client  = static::createClient();
+
+        $client->request('POST', '/api/session/profile', [
+            'json' => [
+                'profileId' => $profile->getId(),
+                'password'  => self::PASSWORD,
+            ],
+        ]);
+
+        $this->assertResponseStatusCodeSame(200);
+        $this->assertJsonContains([
+            'id'        => $profile->getId(),
+            'firstName' => 'Test',
+            'lastName'  => 'User',
+            'isActive'  => true,
+        ]);
+    }
+
+    public function testLoginWrongPassword(): void
+    {
+        $profile = $this->createProfile(password: self::PASSWORD);
+        $client  = static::createClient();
+
+        $client->request('POST', '/api/session/profile', [
+            'json' => [
+                'profileId' => $profile->getId(),
+                'password'  => 'wrong',
+            ],
+        ]);
+
+        $this->assertResponseStatusCodeSame(401);
+        $this->assertJsonContains(['message' => 'Mot de passe incorrect.']);
+    }
+
+    public function testLoginMissingPassword(): void
+    {
+        $profile = $this->createProfile(password: self::PASSWORD);
+        $client  = static::createClient();
+
+        $client->request('POST', '/api/session/profile', [
+            'json' => [
+                'profileId' => $profile->getId(),
+            ],
+        ]);
+
+        $this->assertResponseStatusCodeSame(400);
+        $this->assertJsonContains(['message' => 'Mot de passe requis.']);
+    }
+
+    public function testLoginMissingProfileId(): void
+    {
+        $client = static::createClient();
+        $client->request('POST', '/api/session/profile', [
+            'json' => [],
+        ]);
+
+        $this->assertResponseStatusCodeSame(400);
+        $this->assertJsonContains(['message' => 'profileId est requis.']);
+    }
+
+    public function testLoginInactiveProfile(): void
+    {
+        $profile = $this->createProfile(password: self::PASSWORD, isActive: false);
+        $client  = static::createClient();
+
+        $client->request('POST', '/api/session/profile', [
+            'json' => [
+                'profileId' => $profile->getId(),
+                'password'  => self::PASSWORD,
+            ],
+        ]);
+
+        $this->assertResponseStatusCodeSame(401);
+    }
+
+    public function testLoginNoPasswordSet(): void
+    {
+        $profile = $this->createProfile();
+        $client  = static::createClient();
+
+        $client->request('POST', '/api/session/profile', [
+            'json' => [
+                'profileId' => $profile->getId(),
+                'password'  => 'anything',
+            ],
+        ]);
+
+        $this->assertResponseStatusCodeSame(403);
+    }
+
+    public function testGetActiveProfileAuthenticated(): void
+    {
+        $client = $this->createViewerClient();
+        $client->request('GET', '/api/session/profile');
+
+        $this->assertResponseIsSuccessful();
+        $this->assertJsonContains(['isActive' => true]);
+    }
+
+    public function testGetActiveProfileUnauthenticated(): void
+    {
+        $client = $this->createUnauthenticatedClient();
+        $client->request('GET', '/api/session/profile');
+
+        $this->assertResponseStatusCodeSame(401);
+        $this->assertJsonContains(['message' => 'Aucun profil actif.']);
+    }
+
+    public function testLogout(): void
+    {
+        $client = $this->createViewerClient();
+
+        $client->request('DELETE', '/api/session/profile');
+        $this->assertResponseIsSuccessful();
+        $this->assertJsonContains(['success' => true]);
+
+        $client->request('GET', '/api/session/profile');
+        $this->assertResponseStatusCodeSame(401);
+    }
+}