Update tests

Author: pls78

tests/Unit/AI/Consent/Application/Consent_Handler/Abstract_Consent_Handler_Test.php

@@ -4,9 +4,14 @@
 // phpcs:disable Yoast.NamingConventions.NamespaceName.MaxExceeded
 namespace Yoast\WP\SEO\Tests\Unit\AI\Consent\Application\Consent_Handler;
 
+use Brain\Monkey;
 use Mockery;
+use WP_User;
+use Yoast\WP\SEO\AI\Authorization\Application\Token_Manager;
 use Yoast\WP\SEO\AI\Consent\Application\Consent_Handler;
+use Yoast\WP\SEO\AI\HTTP_Request\Application\Request_Handler;
 use Yoast\WP\SEO\Helpers\User_Helper;
+use Yoast\WP\SEO\Loggers\Logger;
 use Yoast\WP\SEO\Tests\Unit\TestCase;
 
 /**
@@ -24,12 +29,33 @@ abstract class Abstract_Consent_Handler_Test extends TestCase {
 	protected $instance;
 
 	/**
-	 * The options helper instance.
+	 * The user helper instance.
 	 *
 	 * @var Mockery\MockInterface|User_Helper
 	 */
 	protected $user_helper;
 
+	/**
+	 * The token manager instance.
+	 *
+	 * @var Mockery\MockInterface|Token_Manager
+	 */
+	protected $token_manager;
+
+	/**
+	 * The request handler instance.
+	 *
+	 * @var Mockery\MockInterface|Request_Handler
+	 */
+	protected $request_handler;
+
+	/**
+	 * The logger instance.
+	 *
+	 * @var Mockery\MockInterface|Logger
+	 */
+	protected $logger;
+
 	/**
 	 * Setup the test.
 	 *
@@ -38,8 +64,35 @@ abstract class Abstract_Consent_Handler_Test extends TestCase {
 	protected function setUp(): void {
 		parent::setUp();
 
-		$this->user_helper = Mockery::mock( User_Helper::class );
+		$this->user_helper     = Mockery::mock( User_Helper::class );
+		$this->token_manager   = Mockery::mock( Token_Manager::class );
+		$this->request_handler = Mockery::mock( Request_Handler::class );
+		$this->logger          = Mockery::mock( Logger::class );
+
+		$this->instance = new Consent_Handler(
+			$this->user_helper,
+			$this->token_manager,
+			$this->request_handler,
+			$this->logger,
+		);
+	}
+
+	/**
+	 * Stubs WordPress's `get_user_by( 'id', $user_id )` to return a mock WP_User with the given ID.
+	 *
+	 * @param int $user_id The user ID to set on the mock WP_User.
+	 *
+	 * @return WP_User|Mockery\MockInterface The mock WP_User returned by the stubbed `get_user_by`.
+	 */
+	protected function stub_get_user_by( int $user_id ) {
+		$user     = Mockery::mock( WP_User::class );
+		$user->ID = $user_id;
+
+		Monkey\Functions\expect( 'get_user_by' )
+			->once()
+			->with( 'id', $user_id )
+			->andReturn( $user );
 
-		$this->instance = new Consent_Handler( $this->user_helper );
+		return $user;
 	}
 }

tests/Unit/AI/Consent/Application/Consent_Handler/Constructor_Test.php

@@ -4,7 +4,10 @@
 // phpcs:disable Yoast.NamingConventions.NamespaceName.MaxExceeded
 namespace Yoast\WP\SEO\Tests\Unit\AI\Consent\Application\Consent_Handler;
 
+use Yoast\WP\SEO\AI\Authorization\Application\Token_Manager;
+use Yoast\WP\SEO\AI\HTTP_Request\Application\Request_Handler;
 use Yoast\WP\SEO\Helpers\User_Helper;
+use Yoast\WP\SEO\Loggers\Logger;
 
 /**
  * Tests the Consent_Handler constructor.
@@ -25,5 +28,17 @@ public function test_constructor() {
 			User_Helper::class,
 			$this->getPropertyValue( $this->instance, 'user_helper' ),
 		);
+		$this->assertInstanceOf(
+			Token_Manager::class,
+			$this->getPropertyValue( $this->instance, 'token_manager' ),
+		);
+		$this->assertInstanceOf(
+			Request_Handler::class,
+			$this->getPropertyValue( $this->instance, 'request_handler' ),
+		);
+		$this->assertInstanceOf(
+			Logger::class,
+			$this->getPropertyValue( $this->instance, 'logger' ),
+		);
 	}
 }

tests/Unit/AI/Consent/Application/Consent_Handler/Grant_Consent_Test.php

@@ -4,6 +4,11 @@
 // phpcs:disable Yoast.NamingConventions.NamespaceName.MaxExceeded
 namespace Yoast\WP\SEO\Tests\Unit\AI\Consent\Application\Consent_Handler;
 
+use Mockery;
+use Yoast\WP\SEO\AI\HTTP_Request\Domain\Exceptions\Forbidden_Exception;
+use Yoast\WP\SEO\AI\HTTP_Request\Domain\Exceptions\Internal_Server_Error_Exception;
+use Yoast\WP\SEO\AI\HTTP_Request\Domain\Request;
+
 /**
  * Tests the Consent_Handler's grant_consent method.
  *
@@ -14,19 +19,88 @@
 final class Grant_Consent_Test extends Abstract_Consent_Handler_Test {
 
 	/**
-	 * Tests granting the consent.
+	 * Tests granting the consent on the happy path: token fetched, POST succeeds, local meta updated.
 	 *
 	 * @return void
 	 */
-	public function test_grant_consent() {
-		// Current user ID is used for the consent permission.
+	public function test_grant_consent_success() {
 		$user_id = 1;
-		// Has consent.
+		$user    = $this->stub_get_user_by( $user_id );
+
+		$this->token_manager->expects( 'get_or_request_access_token' )
+			->once()
+			->with( $user )
+			->andReturn( 'jwt-token' );
+
+		$this->request_handler->expects( 'handle' )
+			->once()
+			->with(
+				Mockery::on(
+					static function ( $request ) {
+						return $request instanceof Request
+							&& $request->get_action_path() === '/user/consent'
+							&& $request->get_http_method() === Request::METHOD_POST
+							&& $request->get_headers() === [ 'Authorization' => 'Bearer jwt-token' ]
+							&& $request->get_body() === [];
+					},
+				),
+			);
+
 		$this->user_helper->expects( 'update_meta' )
 			->once()
 			->with( $user_id, '_yoast_wpseo_ai_consent', true )
 			->andReturn( true );
 
 		$this->instance->grant_consent( $user_id );
 	}
+
+	/**
+	 * Tests that grant_consent propagates a Forbidden_Exception thrown while fetching the access token
+	 * and does NOT update the local meta.
+	 *
+	 * @return void
+	 */
+	public function test_grant_consent_propagates_token_fetch_exception() {
+		$user_id = 1;
+		$user    = $this->stub_get_user_by( $user_id );
+
+		$this->token_manager->expects( 'get_or_request_access_token' )
+			->once()
+			->with( $user )
+			->andThrow( new Forbidden_Exception( 'Forbidden', 403 ) );
+
+		// Local meta must NOT be touched on failure.
+		$this->user_helper->shouldNotReceive( 'update_meta' );
+
+		$this->expectException( Forbidden_Exception::class );
+
+		$this->instance->grant_consent( $user_id );
+	}
+
+	/**
+	 * Tests that grant_consent propagates an Internal_Server_Error_Exception thrown by the POST call
+	 * and does NOT update the local meta.
+	 *
+	 * @return void
+	 */
+	public function test_grant_consent_propagates_remote_exception() {
+		$user_id = 1;
+		$user    = $this->stub_get_user_by( $user_id );
+
+		$this->token_manager->expects( 'get_or_request_access_token' )
+			->once()
+			->with( $user )
+			->andReturn( 'jwt-token' );
+
+		$this->request_handler->expects( 'handle' )
+			->once()
+			->andThrow( new Internal_Server_Error_Exception( 'Internal Server Error', 500 ) );
+
+		// Local meta must NOT be touched on failure.
+		$this->user_helper->shouldNotReceive( 'update_meta' );
+
+		$this->expectException( Internal_Server_Error_Exception::class );
+
+		$this->instance->grant_consent( $user_id );
+	}
 }

tests/Unit/AI/Consent/Application/Consent_Handler/Revoke_Consent_Test.php

@@ -4,6 +4,13 @@
 // phpcs:disable Yoast.NamingConventions.NamespaceName.MaxExceeded
 namespace Yoast\WP\SEO\Tests\Unit\AI\Consent\Application\Consent_Handler;
 
+use Mockery;
+use RuntimeException;
+use Yoast\WP\SEO\AI\HTTP_Request\Domain\Exceptions\Forbidden_Exception;
+use Yoast\WP\SEO\AI\HTTP_Request\Domain\Exceptions\Internal_Server_Error_Exception;
+use Yoast\WP\SEO\AI\HTTP_Request\Domain\Exceptions\WP_Request_Exception;
+use Yoast\WP\SEO\AI\HTTP_Request\Domain\Request;
+
 /**
  * Tests the Consent_Handler's revoke_consent method.
  *
@@ -14,13 +21,34 @@
 final class Revoke_Consent_Test extends Abstract_Consent_Handler_Test {
 
 	/**
-	 * Tests revoking the consent.
+	 * Tests revoking the consent on the happy path: token fetched, DELETE succeeds, local meta deleted.
 	 *
 	 * @return void
 	 */
-	public function test_revoke_consent() {
-		// Current user ID is used for the consent permission.
+	public function test_revoke_consent_success() {
 		$user_id = 1;
+		$user    = $this->stub_get_user_by( $user_id );
+
+		$this->token_manager->expects( 'get_or_request_access_token' )
+			->once()
+			->with( $user )
+			->andReturn( 'jwt-token' );
+
+		$this->request_handler->expects( 'handle' )
+			->once()
+			->with(
+				Mockery::on(
+					static function ( $request ) {
+						return $request instanceof Request
+							&& $request->get_action_path() === '/user/consent'
+							&& $request->get_http_method() === Request::METHOD_DELETE
+							&& $request->get_headers() === [ 'Authorization' => 'Bearer jwt-token' ]
+							&& $request->get_body() === [];
+					},
+				),
+			);
+
+		$this->logger->shouldNotReceive( 'warning' );
 
 		$this->user_helper->expects( 'delete_meta' )
 			->once()
@@ -29,4 +57,119 @@ public function test_revoke_consent() {
 
 		$this->instance->revoke_consent( $user_id );
 	}
+
+	/**
+	 * Tests that revoke_consent catches a Remote_Request_Exception thrown by the DELETE call,
+	 * logs a warning, and still clears the local meta (security-first).
+	 *
+	 * @return void
+	 */
+	public function test_revoke_consent_swallows_remote_exception_on_delete() {
+		$user_id = 1;
+		$user    = $this->stub_get_user_by( $user_id );
+
+		$this->token_manager->expects( 'get_or_request_access_token' )
+			->once()
+			->with( $user )
+			->andReturn( 'jwt-token' );
+
+		$this->request_handler->expects( 'handle' )
+			->once()
+			->andThrow( new Internal_Server_Error_Exception( 'Internal Server Error', 500 ) );
+
+		$this->logger->expects( 'warning' )
+			->once()
+			->with( Mockery::type( 'string' ), Mockery::type( 'array' ) );
+
+		$this->user_helper->expects( 'delete_meta' )
+			->once()
+			->with( $user_id, '_yoast_wpseo_ai_consent' )
+			->andReturn( true );
+
+		$this->instance->revoke_consent( $user_id );
+	}
+
+	/**
+	 * Tests that revoke_consent catches a Remote_Request_Exception thrown while fetching the access
+	 * token, logs a warning, and still clears the local meta.
+	 *
+	 * @return void
+	 */
+	public function test_revoke_consent_swallows_remote_exception_on_token_fetch() {
+		$user_id = 1;
+		$user    = $this->stub_get_user_by( $user_id );
+
+		$this->token_manager->expects( 'get_or_request_access_token' )
+			->once()
+			->with( $user )
+			->andThrow( new Forbidden_Exception( 'Forbidden', 403 ) );
+
+		// DELETE should not be attempted when the token fetch fails.
+		$this->request_handler->shouldNotReceive( 'handle' );
+
+		$this->logger->expects( 'warning' )
+			->once()
+			->with( Mockery::type( 'string' ), Mockery::type( 'array' ) );
+
+		$this->user_helper->expects( 'delete_meta' )
+			->once()
+			->with( $user_id, '_yoast_wpseo_ai_consent' )
+			->andReturn( true );
+
+		$this->instance->revoke_consent( $user_id );
+	}
+
+	/**
+	 * Tests that revoke_consent catches a WP_Request_Exception (transport-level error) and still
+	 * clears the local meta.
+	 *
+	 * @return void
+	 */
+	public function test_revoke_consent_swallows_wp_request_exception() {
+		$user_id = 1;
+		$user    = $this->stub_get_user_by( $user_id );
+
+		$this->token_manager->expects( 'get_or_request_access_token' )
+			->once()
+			->with( $user )
+			->andReturn( 'jwt-token' );
+
+		$this->request_handler->expects( 'handle' )
+			->once()
+			->andThrow( new WP_Request_Exception( 'WP_HTTP_REQUEST_ERROR' ) );
+
+		$this->logger->expects( 'warning' )
+			->once();
+
+		$this->user_helper->expects( 'delete_meta' )
+			->once()
+			->with( $user_id, '_yoast_wpseo_ai_consent' )
+			->andReturn( true );
+
+		$this->instance->revoke_consent( $user_id );
+	}
+
+	/**
+	 * Tests that revoke_consent does NOT swallow non-HTTP-layer exceptions: a RuntimeException from
+	 * the token manager must propagate out so that programmer errors stay visible.
+	 *
+	 * @return void
+	 */
+	public function test_revoke_consent_does_not_swallow_runtime_exception() {
+		$user_id = 1;
+		$user    = $this->stub_get_user_by( $user_id );
+
+		$this->token_manager->expects( 'get_or_request_access_token' )
+			->once()
+			->with( $user )
+			->andThrow( new RuntimeException( 'unexpected programmer error' ) );
+
+		$this->request_handler->shouldNotReceive( 'handle' );
+		$this->logger->shouldNotReceive( 'warning' );
+		$this->user_helper->shouldNotReceive( 'delete_meta' );
+
+		$this->expectException( RuntimeException::class );
+
+		$this->instance->revoke_consent( $user_id );
+	}
 }