Stage 3.4

2026-04-20 16:40:44 +03:00
parent 42a047a938
commit b24cbc97f3
25 changed files with 2520 additions and 123 deletions
--- a/test/scripts/test_calendar_api.sh
+++ b/test/scripts/test_calendar_api.sh
@@ -0,0 +1,217 @@
+#!/bin/bash
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+BASE_URL="http://localhost:8080"
+
+log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
+log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
+log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
+
+extract_json() {
+    echo "$1" | grep -o "\"$2\":\"[^\"]*\"" | head -1 | sed "s/\"$2\":\"//;s/\"$//"
+}
+
+http_post() {
+    local url=$1
+    local data=$2
+    local token=$3
+
+    if [ -n "$token" ]; then
+        curl -s -X POST "$url" \
+            -H "Content-Type: application/json" \
+            -H "Authorization: Bearer $token" \
+            -d "$data"
+    else
+        curl -s -X POST "$url" \
+            -H "Content-Type: application/json" \
+            -d "$data"
+    fi
+}
+
+http_get() {
+    local url=$1
+    local token=$2
+
+    if [ -n "$token" ]; then
+        curl -s -X GET "$url" \
+            -H "Authorization: Bearer $token"
+    else
+        curl -s -X GET "$url"
+    fi
+}
+
+http_put() {
+    local url=$1
+    local data=$2
+    local token=$3
+
+    curl -s -X PUT "$url" \
+        -H "Content-Type: application/json" \
+        -H "Authorization: Bearer $token" \
+        -d "$data"
+}
+
+http_delete() {
+    local url=$1; local token=$2
+    curl -s -X DELETE "$url" -H "Authorization: Bearer $token"
+}
+
+echo "============================================================"
+echo "          EVENTHUB CALENDAR API TEST SCRIPT"
+echo "============================================================"
+echo ""
+
+log_info "Setting up test users..."
+
+# Создаём двух пользователей
+OWNER_EMAIL="calendar_owner_$(date +%s)@example.com"
+OWNER_PASS="owner123"
+OTHER_EMAIL="calendar_other_$(date +%s)@example.com"
+OTHER_PASS="other123"
+
+# Владелец
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$OWNER_EMAIL\",\"password\":\"$OWNER_PASS\"}" "")
+OWNER_TOKEN=$(extract_json "$response" "token")
+OWNER_ID=$(extract_json "$response" "id")
+log_success "Owner created: $OWNER_ID"
+
+# Другой пользователь
+response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$OTHER_EMAIL\",\"password\":\"$OTHER_PASS\"}" "")
+OTHER_TOKEN=$(extract_json "$response" "token")
+OTHER_ID=$(extract_json "$response" "id")
+log_success "Other user created: $OTHER_ID"
+
+echo ""
+log_info "============================================================"
+log_info "TEST 1: Create calendar"
+log_info "============================================================"
+
+response=$(http_post "$BASE_URL/v1/calendars" "{\"title\":\"My Personal Calendar\",\"description\":\"Test description\"}" "$OWNER_TOKEN")
+CALENDAR_ID=$(extract_json "$response" "id")
+
+if [ -n "$CALENDAR_ID" ]; then
+    log_success "Calendar created: $CALENDAR_ID"
+else
+    log_error "Calendar creation failed: $response"
+    exit 1
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 2: Create commercial calendar"
+log_info "============================================================"
+
+response=$(http_post "$BASE_URL/v1/calendars" "{\"title\":\"Commercial Calendar\",\"type\":\"commercial\"}" "$OWNER_TOKEN")
+COMMERCIAL_ID=$(extract_json "$response" "id")
+log_success "Commercial calendar created: $COMMERCIAL_ID"
+
+echo ""
+log_info "============================================================"
+log_info "TEST 3: List calendars (owner)"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/v1/calendars" "$OWNER_TOKEN")
+COUNT=$(echo "$response" | grep -o "\"id\"" | wc -l)
+log_success "Owner sees $COUNT calendars"
+
+echo ""
+log_info "============================================================"
+log_info "TEST 4: List calendars (other user - empty)"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/v1/calendars" "$OTHER_TOKEN")
+COUNT=$(echo "$response" | grep -o "\"id\"" | wc -l)
+log_success "Other user sees $COUNT calendars"
+
+echo ""
+log_info "============================================================"
+log_info "TEST 5: Get calendar by ID (owner)"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/v1/calendars/$CALENDAR_ID" "$OWNER_TOKEN")
+if echo "$response" | grep -q "My Personal Calendar"; then
+    log_success "Owner can access personal calendar"
+else
+    log_error "Owner cannot access calendar: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 6: Get personal calendar (other user - denied)"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/v1/calendars/$CALENDAR_ID" "$OTHER_TOKEN")
+if echo "$response" | grep -q "Access denied"; then
+    log_success "Other user correctly denied access to personal calendar"
+else
+    log_error "Access control failed: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 7: Get commercial calendar (other user - allowed)"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/v1/calendars/$COMMERCIAL_ID" "$OTHER_TOKEN")
+if echo "$response" | grep -q "Commercial Calendar"; then
+    log_success "Other user can access commercial calendar"
+else
+    log_error "Other user cannot access commercial calendar: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 8: Update calendar (owner)"
+log_info "============================================================"
+
+response=$(http_put "$BASE_URL/v1/calendars/$CALENDAR_ID" "{\"title\":\"Updated Calendar\"}" "$OWNER_TOKEN")
+if echo "$response" | grep -q "Updated Calendar"; then
+    log_success "Calendar updated successfully"
+else
+    log_error "Calendar update failed: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 9: Update calendar (other user - denied)"
+log_info "============================================================"
+
+response=$(http_put "$BASE_URL/v1/calendars/$CALENDAR_ID" "{\"title\":\"Hacked\"}" "$OTHER_TOKEN")
+if echo "$response" | grep -q "Access denied"; then
+    log_success "Other user correctly denied update"
+else
+    log_error "Access control failed: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 10: Delete calendar (owner)"
+log_info "============================================================"
+
+response=$(http_delete "$BASE_URL/v1/calendars/$CALENDAR_ID" "$OWNER_TOKEN")
+if echo "$response" | grep -q "deleted"; then
+    log_success "Calendar deleted"
+else
+    log_error "Calendar deletion failed: $response"
+fi
+
+echo ""
+log_info "============================================================"
+log_info "TEST 11: Get deleted calendar (should be denied)"
+log_info "============================================================"
+
+response=$(http_get "$BASE_URL/v1/calendars/$CALENDAR_ID" "$OWNER_TOKEN")
+if echo "$response" | grep -q "Access denied"; then
+    log_success "Deleted calendar not accessible"
+else
+    log_error "Deleted calendar still accessible: $response"
+fi
+
+echo ""
+echo "============================================================"
+log_success "CALENDAR API TESTS COMPLETED!"
+echo "============================================================"