2026-03-18 22:50:23 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Tests\Controller;
|
|
|
|
|
|
2026-03-20 11:00:08 +01:00
|
|
|
use App\Entity\User;
|
|
|
|
|
use Doctrine\ORM\EntityManagerInterface;
|
2026-03-18 22:50:23 +01:00
|
|
|
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
|
|
|
|
|
|
|
|
|
|
class SitemapControllerTest extends WebTestCase
|
|
|
|
|
{
|
|
|
|
|
public function testSitemapIndexReturnsXml(): void
|
|
|
|
|
{
|
|
|
|
|
$client = static::createClient();
|
|
|
|
|
$client->request('GET', '/sitemap.xml');
|
|
|
|
|
|
|
|
|
|
self::assertResponseIsSuccessful();
|
2026-03-18 23:04:31 +01:00
|
|
|
self::assertStringContainsString('text/xml', $client->getResponse()->headers->get('Content-Type'));
|
2026-03-18 22:50:23 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testSitemapMainReturnsXml(): void
|
|
|
|
|
{
|
|
|
|
|
$client = static::createClient();
|
|
|
|
|
$client->request('GET', '/sitemap-main.xml');
|
|
|
|
|
|
|
|
|
|
self::assertResponseIsSuccessful();
|
2026-03-18 23:04:31 +01:00
|
|
|
self::assertStringContainsString('text/xml', $client->getResponse()->headers->get('Content-Type'));
|
Add homepage, tarifs, legal pages, navbar, footer and full test coverage
- Homepage: hero, how it works (buyer/organizer), features, CTA
- Tarifs: 3 plans (Gratuit, Basique 10€, Sur-mesure), JSON-LD Product
- Legal pages: mentions legales, CGU (tabs buyer/organizer), CGV, RGPD, cookies, hosting
- Navbar: neubrutalism style, logo liip, mobile menu, SEO attributes
- Footer: contact, description, legal links, tarifs
- Sitemap: add /tarifs and /sitemap-orgas-{page}.xml
- Liip Imagine: remove S3, webp format on all filters
- Tests: full coverage for all controllers, services, repositories
- Fix CSP: replace inline onclick with data-tab JS
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 00:01:58 +01:00
|
|
|
self::assertStringContainsString('/tarifs', $client->getResponse()->getContent());
|
2026-03-18 22:50:23 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testSitemapEventsReturnsXml(): void
|
|
|
|
|
{
|
|
|
|
|
$client = static::createClient();
|
|
|
|
|
$client->request('GET', '/sitemap-events-1.xml');
|
|
|
|
|
|
|
|
|
|
self::assertResponseIsSuccessful();
|
2026-03-18 23:04:31 +01:00
|
|
|
self::assertStringContainsString('text/xml', $client->getResponse()->headers->get('Content-Type'));
|
2026-03-18 22:50:23 +01:00
|
|
|
}
|
Add homepage, tarifs, legal pages, navbar, footer and full test coverage
- Homepage: hero, how it works (buyer/organizer), features, CTA
- Tarifs: 3 plans (Gratuit, Basique 10€, Sur-mesure), JSON-LD Product
- Legal pages: mentions legales, CGU (tabs buyer/organizer), CGV, RGPD, cookies, hosting
- Navbar: neubrutalism style, logo liip, mobile menu, SEO attributes
- Footer: contact, description, legal links, tarifs
- Sitemap: add /tarifs and /sitemap-orgas-{page}.xml
- Liip Imagine: remove S3, webp format on all filters
- Tests: full coverage for all controllers, services, repositories
- Fix CSP: replace inline onclick with data-tab JS
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 00:01:58 +01:00
|
|
|
|
|
|
|
|
public function testSitemapOrgasReturnsXml(): void
|
|
|
|
|
{
|
|
|
|
|
$client = static::createClient();
|
|
|
|
|
$client->request('GET', '/sitemap-orgas-1.xml');
|
|
|
|
|
|
|
|
|
|
self::assertResponseIsSuccessful();
|
|
|
|
|
self::assertStringContainsString('text/xml', $client->getResponse()->headers->get('Content-Type'));
|
|
|
|
|
}
|
2026-03-20 11:00:08 +01:00
|
|
|
|
|
|
|
|
public function testSitemapOrgasIncludesLogoImage(): void
|
|
|
|
|
{
|
|
|
|
|
$client = static::createClient();
|
|
|
|
|
$em = static::getContainer()->get(EntityManagerInterface::class);
|
|
|
|
|
|
|
|
|
|
$organizer = new User();
|
|
|
|
|
$organizer->setEmail('test-sitemap-logo-'.uniqid().'@example.com');
|
|
|
|
|
$organizer->setFirstName('Logo');
|
|
|
|
|
$organizer->setLastName('Test');
|
|
|
|
|
$organizer->setPassword('hashed');
|
|
|
|
|
$organizer->setRoles(['ROLE_ORGANIZER']);
|
|
|
|
|
$organizer->setIsApproved(true);
|
|
|
|
|
$organizer->setIsVerified(true);
|
|
|
|
|
$organizer->setCompanyName('Asso Logo');
|
|
|
|
|
$organizer->setLogoName('test-logo.png');
|
|
|
|
|
$em->persist($organizer);
|
|
|
|
|
$em->flush();
|
|
|
|
|
|
|
|
|
|
$client->request('GET', '/sitemap-orgas-1.xml');
|
|
|
|
|
|
|
|
|
|
self::assertResponseIsSuccessful();
|
|
|
|
|
$content = $client->getResponse()->getContent();
|
|
|
|
|
self::assertStringContainsString('image:image', $content);
|
|
|
|
|
self::assertStringContainsString('test-logo.png', $content);
|
|
|
|
|
self::assertStringContainsString('Asso Logo', $content);
|
|
|
|
|
}
|
Complete TASK_CHECKUP: security, UX, tests, coverage, accessibility, config externalization
Billetterie:
- Partial refund support (STATUS_PARTIALLY_REFUNDED, refundedAmount field, migration)
- Race condition fix: PESSIMISTIC_WRITE lock on stock decrement in transaction
- Idempotency key on PaymentIntent::create, reuse existing PI if stripeSessionId set
- Disable checkout when event ended (server 400 + template hide)
- Webhook deduplication via cache (24h TTL on stripe event.id)
- Email validation (filter_var) in OrderController guest flow
- JSON cart validation (structure check before processing)
- Invitation expiration after 7 days (isExpired method + landing page message)
- Stripe Checkout fallback when JS fails to load (noscript + redirect)
Config externalization:
- Move Stripe fees (STRIPE_FEE_RATE, STRIPE_FEE_FIXED) and admin email (ADMIN_EMAIL) to .env/services.yaml
- Replace all hardcoded contact@e-cosplay.fr across 13 files
- MailerService: getAdminEmail()/getAdminFrom(), default $from=null resolves to admin
UX & Accessibility:
- ARIA tabs: role=tablist/tab/tabpanel, aria-selected, keyboard nav (arrows, Home, End)
- aria-label on cart +/- buttons and editor toolbar buttons
- tabindex=0 on editor toolbar buttons for keyboard access
- data-confirm handler in app.js (was only in admin.js)
- Cart error feedback on checkout failure
- Billet designer save feedback (loading/success/error states)
- Stock polling every 30s with rupture/low stock badges
- Back to event link on payment page
Security:
- HTML sanitizer: BLOCKED_TAGS list (script, style, iframe, svg, etc.) - content fully removed
- Stripe polling timeout (15s max) with fallback redirect
- Rate limiting on public order access (20/5min)
- .catch() on all fetch() calls (sortable, billet-designer)
Tests (92% PHP, 100% JS lines):
- PCOV added to dev Dockerfile
- Test DB setup: .env.test with DATABASE_URL, Redis auth, Meilisearch key
- Rate limiter disabled in test env
- Makefile: test_db_setup, test_db_reset, run_test_php, run_test_coverage_php/js
- New tests: InvitationFlowTest (21), AuditServiceTest (4), ExportServiceTest (9), InvoiceServiceTest (4)
- New tests: SuspendedUserSubscriberTest, RateLimiterSubscriberTest, MeilisearchServiceTest
- New tests: Stripe webhook payment_failed (6) + charge.refunded (6)
- New tests: BilletBuyer refund, User suspended, OrganizerInvitation expiration
- JS tests: stock polling (6), data-confirm (2), copy-url restore (1), editor ARIA (2), XSS (9), tabs keyboard (9)
- ESLint + PHP CS Fixer: 0 errors
- SonarQube exclusions aligned with vitest coverage config
Infra:
- Meilisearch consistency command (app:meilisearch:check-consistency --fix) + cron daily 3am
- MeilisearchService: getAllDocumentIds(), listIndexes()
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-23 11:14:06 +01:00
|
|
|
|
|
|
|
|
public function testSitemapEventsIncludesEventImage(): void
|
|
|
|
|
{
|
|
|
|
|
$client = static::createClient();
|
|
|
|
|
$em = static::getContainer()->get(EntityManagerInterface::class);
|
|
|
|
|
|
|
|
|
|
$organizer = new User();
|
|
|
|
|
$organizer->setEmail('test-sitemap-event-img-'.uniqid().'@example.com');
|
|
|
|
|
$organizer->setFirstName('Img');
|
|
|
|
|
$organizer->setLastName('Event');
|
|
|
|
|
$organizer->setPassword('hashed');
|
|
|
|
|
$organizer->setRoles(['ROLE_ORGANIZER']);
|
|
|
|
|
$organizer->setIsApproved(true);
|
|
|
|
|
$organizer->setIsVerified(true);
|
|
|
|
|
$organizer->setCompanyName('Asso Img');
|
|
|
|
|
$em->persist($organizer);
|
|
|
|
|
|
|
|
|
|
$event = new \App\Entity\Event();
|
|
|
|
|
$event->setAccount($organizer);
|
|
|
|
|
$event->setTitle('Event With Image');
|
|
|
|
|
$event->setStartAt(new \DateTimeImmutable('2026-08-01 10:00'));
|
|
|
|
|
$event->setEndAt(new \DateTimeImmutable('2026-08-01 18:00'));
|
|
|
|
|
$event->setAddress('1 rue');
|
|
|
|
|
$event->setZipcode('75001');
|
|
|
|
|
$event->setCity('Paris');
|
|
|
|
|
$event->setIsOnline(true);
|
|
|
|
|
$event->setEventMainPictureName('event-poster.jpg');
|
|
|
|
|
$em->persist($event);
|
|
|
|
|
$em->flush();
|
|
|
|
|
|
|
|
|
|
$client->request('GET', '/sitemap-events-1.xml');
|
|
|
|
|
|
|
|
|
|
self::assertResponseIsSuccessful();
|
|
|
|
|
$content = $client->getResponse()->getContent();
|
|
|
|
|
self::assertStringContainsString('image:image', $content);
|
|
|
|
|
self::assertStringContainsString('event-poster.jpg', $content);
|
|
|
|
|
}
|
2026-03-18 22:50:23 +01:00
|
|
|
}
|