#!/bin/bash RED='\033[0;31m' GREEN='\033[0;32m' BLUE='\033[0;34m' NC='\033[0m' BASE_URL="http://localhost:8080" log_info() { echo -e "${BLUE}[INFO]${NC} $1"; } log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; } log_error() { echo -e "${RED}[ERROR]${NC} $1"; } extract_json() { echo "$1" | grep -o "\"$2\":\"[^\"]*\"" | head -1 | sed "s/\"$2\":\"//;s/\"$//" } http_post() { local url=$1 local data=$2 local token=$3 if [ -n "$token" ]; then curl -s -X POST "$url" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $token" \ -d "$data" else curl -s -X POST "$url" \ -H "Content-Type: application/json" \ -d "$data" fi } http_get() { local url=$1 local token=$2 if [ -n "$token" ]; then curl -s -X GET "$url" \ -H "Authorization: Bearer $token" else curl -s -X GET "$url" fi } http_put() { local url=$1 local data=$2 local token=$3 curl -s -X PUT "$url" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $token" \ -d "$data" } http_delete() { local url=$1; local token=$2 curl -s -X DELETE "$url" -H "Authorization: Bearer $token" } echo "============================================================" echo " EVENTHUB CALENDAR API TEST SCRIPT" echo "============================================================" echo "" log_info "Setting up test users..." # Создаём двух пользователей OWNER_EMAIL="calendar_owner_$(date +%s)@example.com" OWNER_PASS="owner123" OTHER_EMAIL="calendar_other_$(date +%s)@example.com" OTHER_PASS="other123" # Владелец response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$OWNER_EMAIL\",\"password\":\"$OWNER_PASS\"}" "") OWNER_TOKEN=$(extract_json "$response" "token") OWNER_ID=$(extract_json "$response" "id") log_success "Owner created: $OWNER_ID" # Другой пользователь response=$(http_post "$BASE_URL/v1/register" "{\"email\":\"$OTHER_EMAIL\",\"password\":\"$OTHER_PASS\"}" "") OTHER_TOKEN=$(extract_json "$response" "token") OTHER_ID=$(extract_json "$response" "id") log_success "Other user created: $OTHER_ID" echo "" log_info "============================================================" log_info "TEST 1: Create calendar" log_info "============================================================" response=$(http_post "$BASE_URL/v1/calendars" "{\"title\":\"My Personal Calendar\",\"description\":\"Test description\"}" "$OWNER_TOKEN") CALENDAR_ID=$(extract_json "$response" "id") if [ -n "$CALENDAR_ID" ]; then log_success "Calendar created: $CALENDAR_ID" else log_error "Calendar creation failed: $response" exit 1 fi echo "" log_info "============================================================" log_info "TEST 2: Create commercial calendar" log_info "============================================================" response=$(http_post "$BASE_URL/v1/calendars" "{\"title\":\"Commercial Calendar\",\"type\":\"commercial\"}" "$OWNER_TOKEN") COMMERCIAL_ID=$(extract_json "$response" "id") log_success "Commercial calendar created: $COMMERCIAL_ID" echo "" log_info "============================================================" log_info "TEST 3: List calendars (owner)" log_info "============================================================" response=$(http_get "$BASE_URL/v1/calendars" "$OWNER_TOKEN") COUNT=$(echo "$response" | grep -o "\"id\"" | wc -l) log_success "Owner sees $COUNT calendars" echo "" log_info "============================================================" log_info "TEST 4: List calendars (other user - empty)" log_info "============================================================" response=$(http_get "$BASE_URL/v1/calendars" "$OTHER_TOKEN") COUNT=$(echo "$response" | grep -o "\"id\"" | wc -l) log_success "Other user sees $COUNT calendars" echo "" log_info "============================================================" log_info "TEST 5: Get calendar by ID (owner)" log_info "============================================================" response=$(http_get "$BASE_URL/v1/calendars/$CALENDAR_ID" "$OWNER_TOKEN") if echo "$response" | grep -q "My Personal Calendar"; then log_success "Owner can access personal calendar" else log_error "Owner cannot access calendar: $response" fi echo "" log_info "============================================================" log_info "TEST 6: Get personal calendar (other user - denied)" log_info "============================================================" response=$(http_get "$BASE_URL/v1/calendars/$CALENDAR_ID" "$OTHER_TOKEN") if echo "$response" | grep -q "Access denied"; then log_success "Other user correctly denied access to personal calendar" else log_error "Access control failed: $response" fi echo "" log_info "============================================================" log_info "TEST 7: Get commercial calendar (other user - allowed)" log_info "============================================================" response=$(http_get "$BASE_URL/v1/calendars/$COMMERCIAL_ID" "$OTHER_TOKEN") if echo "$response" | grep -q "Commercial Calendar"; then log_success "Other user can access commercial calendar" else log_error "Other user cannot access commercial calendar: $response" fi echo "" log_info "============================================================" log_info "TEST 8: Update calendar (owner)" log_info "============================================================" response=$(http_put "$BASE_URL/v1/calendars/$CALENDAR_ID" "{\"title\":\"Updated Calendar\"}" "$OWNER_TOKEN") if echo "$response" | grep -q "Updated Calendar"; then log_success "Calendar updated successfully" else log_error "Calendar update failed: $response" fi echo "" log_info "============================================================" log_info "TEST 9: Update calendar (other user - denied)" log_info "============================================================" response=$(http_put "$BASE_URL/v1/calendars/$CALENDAR_ID" "{\"title\":\"Hacked\"}" "$OTHER_TOKEN") if echo "$response" | grep -q "Access denied"; then log_success "Other user correctly denied update" else log_error "Access control failed: $response" fi echo "" log_info "============================================================" log_info "TEST 10: Delete calendar (owner)" log_info "============================================================" response=$(http_delete "$BASE_URL/v1/calendars/$CALENDAR_ID" "$OWNER_TOKEN") if echo "$response" | grep -q "deleted"; then log_success "Calendar deleted" else log_error "Calendar deletion failed: $response" fi echo "" log_info "============================================================" log_info "TEST 11: Get deleted calendar (should be denied)" log_info "============================================================" response=$(http_get "$BASE_URL/v1/calendars/$CALENDAR_ID" "$OWNER_TOKEN") if echo "$response" | grep -q "Access denied"; then log_success "Deleted calendar not accessible" else log_error "Deleted calendar still accessible: $response" fi echo "" echo "============================================================" log_success "CALENDAR API TESTS COMPLETED!" echo "============================================================"