I'm at the point where I need to write unit tests for a REST API written using CakePHP 1.3. The API supports GET, POST and PUT requests for querying and manipulating data.
Is there any established way to test the correct input/output of an API simulating an HTTP request, using fixtures? I do not want to run actual POST/PUT requests against the live (dev) database. How can I best mock out the system to use temporary models, yet test the rest of the stack as-is?
Testing GET requests is easy enough with controller tests. However, for data manipulation the API uses HTTP headers quite extensively and also parses raw XML and JSON POST/PUT data. The controller unit test methods only mock POST data by setting $this->data in the controller, which does not allow me to properly test the API.
You should either create Mocks or use Isolation Framework in order to simulate API environment. Unit tests should not depend on resources like internet connections, network, endpoints etc.
If you intend to test real API calls you should create integration test project and use it for this purpose. But be aware integration tests are mostly not repeatable and would give you different results on each run.
I'd recommend starting with a little research. These articles should help:
Unit Testing CakePHP Shells
Testing CakePHP controllers - Mock Objects edition
Testing Models with CakePHP 1.2 test suite
Looks like you might be able to test the raw XML PUT and POST data without too much trouble. The CakePHP REST documentation says this:
If a POST or PUT request has an XML content-type, then the input is taken and passed to an instance of Cake's Xml object, which is assigned to the $data property of the controller. Because of this feature, handling XML and POST data in parallel is seamless: no changes are required to the controller or model code. Everything you need should end up in $this->data.
Try stepping through your controller code in debug mode to see what actually comes in through $this->data during an XML request.
As for avoiding the live database, would a SQLite in-memory database be any easier?
Related
I have FastAPI project which does the following:
Register users(unauthenticated)
CRUD operations on user resources(authenticated)
What I want to do:
Develop an automated testing framework to unit test all the APIs
Run that on a devops platform like jenkins regularly
Run it locally before deployment
Some specific doubts I have:
For testing, should I use the OpenAPI generated client sdk or the FastAPI client or use the python requests module?
Authentication should happen only once and reuse the JWT token or fresh authentication for each API test ?
Should I use the same pydantic modules for dev and testing or re-write them to ensure that no issues were introduced in case of updated models ?
How to do proper unit testing when one API requires result from multiple other APIs?
Use the built-in TestClient
Use a fixture and let pytest sort it out for you; if it's too slow to reauthenticate each time, change the scope of the fixture to a larger scope (i.e. class, module, session, etc.). You can also use FastAPI's dependency_overrides to let your tests run with static authentication configured (so that you can skip actually authenticating in most of your tests).
You should test what you use in your application. Nothing specific written for your tests, except if necessary to make your application testable in a better way.
The only "proper" thing is that your API has been tested to work as you expect it to work. Do multiple API calls if necessary, but move them into fixtures to get composable sets of dependencies for tests (i.e. the result of the fixture can be cached and re-used for all tests in a test class if necessary). If you have tests that depend on a customer being created, create a fixture that creates a customer and use that fixture in the tests where a created customer is necessary.
I write a lot of apps that end up integrating with Google Drive for one reason or another. It's such a useful cloud based storage utility that it's got integrations all over the place.
So many of my integration tests are needing to call the actual Google API. Such a waste.
You can use Mockito to mock it, but that's a ton of work. And it's only for unit testing that has stubbed out mocks.
Has anyone made a mock HTTP web service that can mock the Google drive api?
I was hoping to find someone who created a Docker container that fires up a mock Google drive api that you can point the Google-drive-sdk to and have it work from a linux filesystem backend.
S3 has this. Example: https://hub.docker.com/r/lphoward/fake-s3/
I'm pretty sure no such docker container exists. Is there there anything in the makes at Google? Thanks for your time!
Here's what I have found:
For JAVA:
Please try checking HTTP Unit Testing. As mentioned in the documentation:
When writing unit tests using this HTTP framework, don't make requests to a real server. Instead, mock the HTTP transport and inject fake HTTP requests and responses. The pluggable HTTP transport layer of the Google HTTP Client Library for Java makes this flexible and simple to do.
Also, some useful testing utilities are included in the com.google.api.client.testing.http package (#Beta).
For Android:
If you're using Android Studio, the location of your test code depends on the type of test you are writing. Android Studio provides source code directories (source sets).
Local unit tests
Located at module-name/src/test/java/.
These are tests that run on your machine's local Java Virtual Machine (JVM). Use these tests to minimize execution time when your tests have no Android framework dependencies or when you can mock the Android framework dependencies.
At runtime, these tests are executed against a modified version of android.jar where all final modifiers have been stripped off. This lets you use popular mocking libraries, like Mockito.
You may want check this SO post and see if it helps.
For Python:
You may try Mocks.
The use of Mock objects is a standard testing methodology for Python and other object-oriented languages. This library defines Mock classes that simulate responses to API calls. You can use them to test how your code handles basic interactions with Google APIs.
You can use the HttpMock class which simulates the response to a single HTTP request.
Hope that helps!
For python, if you are brave, you could use vcrpy as gcsfs does. It records all requests and responses over HTTP into YAML files, which you can then test against, with complex matching (so that, for instance, etags and timestamps don't matter) and replacement rules (so that secure data isn't leaked into version control).
I see WebTestCase and Symfony come up a lot...I have some unit tests in PHPUnit already but really need higher level tests...I do not need anything fancy like Selenium (the UI is done in ExtJS but this could change entirely to Polymer in the future) I just need to post data and check the JSON results.
Can this be done via PHPUnit or do I need to bring in Symfony and it's WebTestCase?
Testing RESTful web services using PHPUnit
Note: I am actually looking to test the services -- no mocked objects desired -- I need to login when the test suite is first run -- store the SESSION ID and go through each test...
I have achieved success in writing PHP functional tests using Guzzle.
It allows you to perform HTTP requests like this:
$client = new GuzzleHttp\Client();
$response = $client->get('http://guzzlephp.org');
And the $client will maintain the PHPSESSIONID across requests, allowing you to perform authenticated requests by logging in and then performing requests with the same client.
I have a lot of webServices that I want to test with Junit. For each webService I have between 5 and 40 tests to do, and writing those tests by hand take a lot of time and it is very tedious to do because they are almost the same.
In fact, I send an xml request to my web service, get the response and compare it with the one expected. So for each test, I need only the webService URL, the body of the request and the response expected.
What is the best way to achieve this?
Thanks
I found a good way to do this. I use JUnit parameterized tests. This is a good tutorial to learn how to implement those tests.
I use also generic methods that read a WSDL file and retrieve the types needed to do my tests.
So now I have just one generic parameterized test for all my webServices, and parameters are paths of my WSDL files, input files and expected output files.
What do you use as a test client for your stateful web services? Is it possible to use SoapUI? Are there best practices in this area?
You can do what's called a "Property Transfer" in SoapUI. For example, all our web services have to first call an authentication web service and obtain an authentication token.
I've set this up in SoapUI so that the returned auth token from the auth service is passed on to subsequent requests. It seems to work pretty well, but unless I'm missing a trick I wouldn't like to set it up for a lot of web services (i.e. you have to have an entry for each call you want to transfer data to / from).
Yeah, building SoapUI tests is slow, repetitive work. We didn't discover it until rewriting the SOAP server, and it makes great unit and system tests, but is s.l.o.w to create them.
Oh, and watch out for the memory leaks. Save very frequently. When you run out of memory, you can't save anymore. That sucks a little.
The property transfer stuff is awesome - you can have different scopes (test, request, global), and you can use GroovyScript to do dynamic stuff (like look up a particular date related to today's date, and so on).
With a properly formatted WSDL file, it will generate template requests for you, but you'll still need to tweak them a fair bit - or at least, I did.
I don't know whether it's practical to do this with SoapUI, but I've done things like this with both iTKO LISA and Parasoft SOATest. It wasn't for testing stateful web services, but simply executing multiple testing steps, storing results that are used in following steps. Both LISA and SOATest have the ability to define steps in the GUI that can store pieces of responses that are used in later requests.