v-wordpress-plugin-updater/tests/PluginModelDbTest.php

<?php

namespace App\Models {
    function move_uploaded_file($from, $to)
    {
        return copy($from, $to);
    }

    function ini_get($varname)
    {
        global $test_ini_values;
        if (isset($test_ini_values[$varname])) {
            return $test_ini_values[$varname];
        }
        return \ini_get($varname);
    }
}

namespace Tests {

require_once __DIR__ . '/../update-api/vendor/autoload.php';

use PHPUnit\Framework\TestCase;
use App\Core\DatabaseManager;
use App\Models\PluginModel;

class PluginModelDbTest extends TestCase
{
    protected function setUp(): void
    {
        if (!defined('DB_FILE')) {
            define('DB_FILE', sys_get_temp_dir() . '/test.sqlite');
        }
        if (!defined('PLUGINS_DIR')) {
            define('PLUGINS_DIR', sys_get_temp_dir() . '/plugins');
        }
        if (!is_dir(PLUGINS_DIR)) {
            mkdir(PLUGINS_DIR, 0777, true);
        }
        if (file_exists(DB_FILE)) {
            unlink(DB_FILE);
        }
        $ref = new \ReflectionClass(DatabaseManager::class);
        $prop = $ref->getProperty('connection');
        $prop->setAccessible(true);
        $prop->setValue(null, null);
        $conn = DatabaseManager::getConnection();
        $conn->executeStatement('CREATE TABLE plugins (slug TEXT PRIMARY KEY, version TEXT)');
    }

    protected function tearDown(): void
    {
        $conn = DatabaseManager::getConnection();
        $conn->executeStatement('DROP TABLE IF EXISTS plugins');
        if (file_exists(DB_FILE)) {
            unlink(DB_FILE);
        }
        array_map('unlink', glob(PLUGINS_DIR . '/*.zip'));
    }

    public function testUploadValidZipInsertsRecord(): void
    {
        $tmp = tempnam(sys_get_temp_dir(), 'pl');
        $zip = new \ZipArchive();
        $zip->open($tmp, \ZipArchive::CREATE | \ZipArchive::OVERWRITE);
        $zip->addFromString('readme.txt', 'placeholder');
        $zip->close();
        $files = [
            'name'     => ['sample1_test_1.0.zip'],
            'tmp_name' => [$tmp],
            'error'    => [UPLOAD_ERR_OK],
            'size'     => [filesize($tmp)],
        ];
        $messages = PluginModel::uploadFiles($files);
        $this->assertStringContainsString('uploaded successfully', $messages[0]);
        $conn = DatabaseManager::getConnection();
        $row = $conn->fetchAssociative('SELECT * FROM plugins WHERE slug = ?', ['sample1_test']);
        $this->assertSame('1.0', $row['version']);
    }

    public function testUploadFileTooLargeReturnsError(): void
    {
        global $test_ini_values;
        $test_ini_values = [
            'upload_max_filesize' => '1K',
            'post_max_size' => '1K',
        ];
        $tmp = tempnam(sys_get_temp_dir(), 'pl');
        file_put_contents($tmp, str_repeat('a', 2048));
        $files = [
            'name'     => ['big_1.0.zip'],
            'tmp_name' => [$tmp],
            'error'    => [UPLOAD_ERR_OK],
            'size'     => [filesize($tmp)],
        ];
        $messages = PluginModel::uploadFiles($files);
        $this->assertStringContainsString('File size exceeds', $messages[0]);
        $test_ini_values = [];
    }

    public function testUploadNonZipReturnsError(): void
    {
        $tmp = tempnam(sys_get_temp_dir(), 'pl');
        file_put_contents($tmp, 'data');
        $files = [
            'name'     => ['bad.txt'],
            'tmp_name' => [$tmp],
            'error'    => [UPLOAD_ERR_OK],
            'size'     => [filesize($tmp)],
        ];
        $messages = PluginModel::uploadFiles($files);
        $this->assertStringContainsString('Only .zip files are allowed', $messages[0]);
    }

    public function testDeletePluginReturnsFalseForInvalidFile(): void
    {
        $this->assertFalse(PluginModel::deletePlugin('missing.zip'));

        $outsideDir = sys_get_temp_dir() . '/outside';
        if (!is_dir($outsideDir)) {
            mkdir($outsideDir);
        }
        $outside = $outsideDir . '/evil.zip';
        file_put_contents($outside, 'data');
        symlink($outside, PLUGINS_DIR . '/evil.zip');
        $this->assertFalse(PluginModel::deletePlugin('evil.zip'));
        unlink(PLUGINS_DIR . '/evil.zip');
        unlink($outside);
    }

    public function testDeletePluginUsesRegexSlugWithUnderscore(): void
    {
        $conn = DatabaseManager::getConnection();
        $conn->insert('plugins', ['slug' => 'sample1_test', 'version' => '1.0']);
        $path = PLUGINS_DIR . '/sample1_test_1.0.zip';
        file_put_contents($path, 'zip');

        $this->assertTrue(PluginModel::deletePlugin('sample1_test_1.0.zip'));
        $this->assertFileDoesNotExist($path);
        $this->assertSame(0, (int) $conn->fetchOne('SELECT COUNT(*) FROM plugins WHERE slug = ?', ['sample1_test']));
    }

    public function testDeletePluginReturnsFalseWhenFilenameDoesNotMatchExpectedPattern(): void
    {
        $conn = DatabaseManager::getConnection();
        $conn->insert('plugins', ['slug' => 'sample1_test', 'version' => '1.0']);
        $path = PLUGINS_DIR . '/sample1_test_latest.zip';
        file_put_contents($path, 'zip');

        $this->assertFalse(PluginModel::deletePlugin('sample1_test_latest.zip'));
        $this->assertFileExists($path);
        $this->assertSame('1.0', $conn->fetchOne('SELECT version FROM plugins WHERE slug = ?', ['sample1_test']));

        unlink($path);
    }
}

}