gitmedia/presseportale
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
presseportale/tests/Feature/LegacyApiAccessLogAnalyzerTest.php
Kevin Adametz 5b8bdf4182
Some checks are pending
linter / quality (push) Waiting to run
Details
tests / ci (push) Waiting to run
Details
12-05-2026 Frontend dev
2026-05-12 18:32:33 +02:00

51 lines
2.3 KiB
PHP
Raw Blame History

<?php
use App\Services\Api\LegacyApiAccessLogAnalyzer;
use Tests\TestCase;
test('it summarizes legacy api access log entries without exposing api keys', function () {
$logPath = storage_path('framework/testing/legacy-api-access.log');
if (! is_dir(dirname($logPath))) {
mkdir(dirname($logPath), 0775, true);
}
file_put_contents($logPath, implode(PHP_EOL, [
'203.0.113.10 - - [28/Apr/2026:10:00:00 +0200] "GET /pressrelease/list?api_key=secret-one HTTP/1.1" 200 123 "-" "Client A"',
'203.0.113.10 - - [28/Apr/2026:10:01:00 +0200] "POST /pressrelease/create?api_key=secret-one HTTP/1.1" 201 456 "-" "Client A"',
'198.51.100.20 - - [28/Apr/2026:10:02:00 +0200] "GET /company/list?api_key=secret-two HTTP/1.1" 200 321 "-" "Client B"',
'198.51.100.20 - - [28/Apr/2026:10:03:00 +0200] "GET /preise HTTP/1.1" 200 999 "-" "Browser"',
]));
$report = app(LegacyApiAccessLogAnalyzer::class)->analyze([$logPath]);
expect($report['summary']['total_lines'])->toBe(4)
->and($report['summary']['matched_requests'])->toBe(3)
->and($report['summary']['legacy_key_requests'])->toBe(3)
->and($report['summary']['unique_client_ips'])->toBe(2)
->and($report['summary']['unique_api_key_fingerprints'])->toBe(2)
->and($report['endpoints'])->toHaveKey('pressrelease/list')
->and($report['endpoints'])->toHaveKey('pressrelease/create')
->and($report['endpoints'])->toHaveKey('company/list')
->and(json_encode($report))->not->toContain('secret-one');
});
test('legacy api access log command renders a summary', function () {
/** @var TestCase $this */
$logPath = storage_path('framework/testing/legacy-api-access-command.log');
if (! is_dir(dirname($logPath))) {
mkdir(dirname($logPath), 0775, true);
}
file_put_contents($logPath, '203.0.113.10 - - [28/Apr/2026:10:00:00 +0200] "GET /newsletter/subscribe?api_key=secret-one HTTP/1.1" 200 123 "-" "Client A"');
$this->artisan('api:analyze-legacy-access-logs', [
'paths' => [$logPath],
'--no-report' => true,
])
->expectsOutput('Legacy-API-Access-Log-Auswertung')
->expectsOutput('Legacy-API-Requests: 1')
->expectsOutput('Requests mit api_key: 1')
->assertSuccessful();
});
Reference in a new issue View git blame Copy permalink