This presentation introduces PHP unit testing in Yii. It covers test-driven development (TDD) principles, the different types of tests like unit tests and integration tests, how to set up PHPUnit and write tests in Yii, using fixtures to test database interactions, and invoking tests from the command line. Examples are provided of writing unit tests for models and using fixtures to load test data.
Slides done for the talk on CodeCeption given during the April London Yii Meetup.
The full screencast of the talk can be viewed here: https://www.youtube.com/watch?v=FclV9ML7bH4
An Overview of Deserialization Vulnerabilities in the Java Virtual Machine (J...joaomatosf_
Slides of the talk presented in the Hackers to Hackers Conference 2017 (H2HC 2017)
This talk discussed (a little bit deep) the root cause of these vulnerabilities in the context of the JVM
Building and deploying PHP applications with PhingMichiel Rook
Slides for my talk at the PHP UK Conference 2012.
Some of the examples discussed during the talk can be found at http://www.touchdownconsulting.nl/conferences/phing-phpuk2012-examples.tgz
If you attended, please leave me some feedback at http://joind.in/4954 - thanks!
Docker Security: Are Your Containers Tightly Secured to the Ship?Michael Boelen
Docker is hot, Docker security is not? In this talk the risks, benefits and defenses of Docker are discussed. They are followed up by some best practices, which can you use in your daily activities. What is clear is that there is still a lot to do to get your containers secured.
Event: Docker Amsterdam Meetup - January 2015
This presentation was given by Michael Boelen, January 23rd at Schuberg Philis. The event was organized by Mark Robert Coleman with help of Harm Boertien. With a full house of people, Docker security was discussed.
About the author:
Michael Boelen is founder of CISOfy and researches Linux security to build tools and documentation, to simplify it for others. Examples are tools like Rootkit Hunter and Lynis, blog posts and presentations.
Slides done for the talk on CodeCeption given during the April London Yii Meetup.
The full screencast of the talk can be viewed here: https://www.youtube.com/watch?v=FclV9ML7bH4
An Overview of Deserialization Vulnerabilities in the Java Virtual Machine (J...joaomatosf_
Slides of the talk presented in the Hackers to Hackers Conference 2017 (H2HC 2017)
This talk discussed (a little bit deep) the root cause of these vulnerabilities in the context of the JVM
Building and deploying PHP applications with PhingMichiel Rook
Slides for my talk at the PHP UK Conference 2012.
Some of the examples discussed during the talk can be found at http://www.touchdownconsulting.nl/conferences/phing-phpuk2012-examples.tgz
If you attended, please leave me some feedback at http://joind.in/4954 - thanks!
Docker Security: Are Your Containers Tightly Secured to the Ship?Michael Boelen
Docker is hot, Docker security is not? In this talk the risks, benefits and defenses of Docker are discussed. They are followed up by some best practices, which can you use in your daily activities. What is clear is that there is still a lot to do to get your containers secured.
Event: Docker Amsterdam Meetup - January 2015
This presentation was given by Michael Boelen, January 23rd at Schuberg Philis. The event was organized by Mark Robert Coleman with help of Harm Boertien. With a full house of people, Docker security was discussed.
About the author:
Michael Boelen is founder of CISOfy and researches Linux security to build tools and documentation, to simplify it for others. Examples are tools like Rootkit Hunter and Lynis, blog posts and presentations.
Anonymous club of BMSCE, Talk and Demo on exploits on the Metasploit Framework and building Trojans using Msfvenom . By Siddharth.K (tech Head of anonymous club BMSCE)
OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...Christopher Frohoff
Object deserialization is an established but poorly understood attack vector in applications that is disturbingly prevalent across many languages, platforms, formats, and libraries.
In January 2015 at AppSec California, Chris Frohoff and Gabe Lawrence gave a talk on this topic, covering deserialization vulnerabilities across platforms, the many forms they take, and places they can be found. It covered, among other things, somewhat novel techniques using classes in commonly used libraries for attacking Java serialization that were subsequently released in the form of the ysoserial tool. Few people noticed until late 2015, when other researchers used these techniques/tools to exploit well known products such as Bamboo, WebLogic, WebSphere, ApacheMQ, and Jenkins, and then services such as PayPal. Since then, the topic has gotten some long-overdue attention and great work is being done by many to improve our understanding and developer awareness on the subject.
This talk will review the details of Java deserialization exploit techniques and mitigations, as well as report on some of the recent (and future) activity in this area.
http://www.meetup.com/Open-Web-Application-Security-Project-San-Diego-OWASP-SD/events/226242635/
Practical SAP pentesting workshop (NullCon Goa)ERPScan
All business processes are generally contained in ERP systems. Any information an attacker might want is stored in a company’s ERP. This information can include financial, customer or public relations, intellectual property, personally identifiable information and more. And SAP is the most popular business application vendor with more than 250000 customers worldwide.
The workshop conducted by Alexander Polyakov, CTO of ERPScan, at NullCon Goa Conference is a practical SAP pentesting guide.
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
https://dockercon19.smarteventscloud.com/connect/sessionDetail.ww?SESSION_ID=281879
Docker CE 19.03 is going to support "Rootless mode", which allows running the entire Docker daemon and its dependencies as a non-root user on the host, so as to protect the host from malicious containers in a simple but very strong way. Rootless mode is also attractive for users who cannot get `sudo` permission for installing Docker on shared computing machines. e.g. HPC users. In this talk, Akihiro Suda, the author of the Rootless mode (PR: moby#38050), will explain how users can get started with Rootless mode. He will also explain the implementation details of Rootless mode and planned enhancements such as LDAP integration.
Multi-Tenancy is a critical component of any Software as a Service (SaaS) application, which enables one application instance to serve multiple organizations, or tenants. This presentation by Scott Crespo covers the basics of multi-tenant architectures, and how to implement multi-tenancy using Python, Django, and the open-source project known as Django Tenant Schemas.
Maven is a build automation tool used primarily for Java projects. This presentation will cover the basics of Maven and its usage while developing Java application.This is for anyone interested to learn Maven especially the Java developers.
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourSoroush Dalili
Although web application firewall (WAF) solutions are very useful to prevent common or automated attacks, most of them are based on blacklist approaches and are still far from perfect. This talk illustrates a number of creative techniques to smuggle and reshape HTTP requests using the strange behaviour of web servers and features such as request encoding or HTTP pipelining. These methods can come in handy when testing a website behind a WAF and can help penetration testers and bug bounty hunters to avoid drama and pain! Knowing these techniques is also beneficial for the defence team in order to design appropriate mitigation techniques. Additionally, it shows why developers should not solely rely on WAFs as the defence mechanism.
Finally, an open source Burp Suite extension will be introduced that can be used to assess or bypass a WAF solution using some of the techniques discussed in this talk. The plan is to keep improving this extension with the help of the http.ninja project.
Spring Framework Petclinic sample applicationAntoine Rey
Spring Petclinic is a sample application that has been designed to show how the Spring Framework can be used to build simple but powerful database-oriented applications.
The fork named Spring Framework Petclinic maintains a version both with a plain old Spring Framework configuration and a 3-layer architecture (i.e. presentation --> service --> repository).
Anonymous club of BMSCE, Talk and Demo on exploits on the Metasploit Framework and building Trojans using Msfvenom . By Siddharth.K (tech Head of anonymous club BMSCE)
OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...Christopher Frohoff
Object deserialization is an established but poorly understood attack vector in applications that is disturbingly prevalent across many languages, platforms, formats, and libraries.
In January 2015 at AppSec California, Chris Frohoff and Gabe Lawrence gave a talk on this topic, covering deserialization vulnerabilities across platforms, the many forms they take, and places they can be found. It covered, among other things, somewhat novel techniques using classes in commonly used libraries for attacking Java serialization that were subsequently released in the form of the ysoserial tool. Few people noticed until late 2015, when other researchers used these techniques/tools to exploit well known products such as Bamboo, WebLogic, WebSphere, ApacheMQ, and Jenkins, and then services such as PayPal. Since then, the topic has gotten some long-overdue attention and great work is being done by many to improve our understanding and developer awareness on the subject.
This talk will review the details of Java deserialization exploit techniques and mitigations, as well as report on some of the recent (and future) activity in this area.
http://www.meetup.com/Open-Web-Application-Security-Project-San-Diego-OWASP-SD/events/226242635/
Practical SAP pentesting workshop (NullCon Goa)ERPScan
All business processes are generally contained in ERP systems. Any information an attacker might want is stored in a company’s ERP. This information can include financial, customer or public relations, intellectual property, personally identifiable information and more. And SAP is the most popular business application vendor with more than 250000 customers worldwide.
The workshop conducted by Alexander Polyakov, CTO of ERPScan, at NullCon Goa Conference is a practical SAP pentesting guide.
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
https://dockercon19.smarteventscloud.com/connect/sessionDetail.ww?SESSION_ID=281879
Docker CE 19.03 is going to support "Rootless mode", which allows running the entire Docker daemon and its dependencies as a non-root user on the host, so as to protect the host from malicious containers in a simple but very strong way. Rootless mode is also attractive for users who cannot get `sudo` permission for installing Docker on shared computing machines. e.g. HPC users. In this talk, Akihiro Suda, the author of the Rootless mode (PR: moby#38050), will explain how users can get started with Rootless mode. He will also explain the implementation details of Rootless mode and planned enhancements such as LDAP integration.
Multi-Tenancy is a critical component of any Software as a Service (SaaS) application, which enables one application instance to serve multiple organizations, or tenants. This presentation by Scott Crespo covers the basics of multi-tenant architectures, and how to implement multi-tenancy using Python, Django, and the open-source project known as Django Tenant Schemas.
Maven is a build automation tool used primarily for Java projects. This presentation will cover the basics of Maven and its usage while developing Java application.This is for anyone interested to learn Maven especially the Java developers.
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourSoroush Dalili
Although web application firewall (WAF) solutions are very useful to prevent common or automated attacks, most of them are based on blacklist approaches and are still far from perfect. This talk illustrates a number of creative techniques to smuggle and reshape HTTP requests using the strange behaviour of web servers and features such as request encoding or HTTP pipelining. These methods can come in handy when testing a website behind a WAF and can help penetration testers and bug bounty hunters to avoid drama and pain! Knowing these techniques is also beneficial for the defence team in order to design appropriate mitigation techniques. Additionally, it shows why developers should not solely rely on WAFs as the defence mechanism.
Finally, an open source Burp Suite extension will be introduced that can be used to assess or bypass a WAF solution using some of the techniques discussed in this talk. The plan is to keep improving this extension with the help of the http.ninja project.
Spring Framework Petclinic sample applicationAntoine Rey
Spring Petclinic is a sample application that has been designed to show how the Spring Framework can be used to build simple but powerful database-oriented applications.
The fork named Spring Framework Petclinic maintains a version both with a plain old Spring Framework configuration and a 3-layer architecture (i.e. presentation --> service --> repository).
Simple slide about introduction to yii. I used it in knowledge sharing session with my teammates.
Cover why yii, what rocks on yii, and dark sides of yii.
Yii Framework is one of the fastest and easiest to learn PHP MVC frameworks. It has a great generator to help you build applications easier and faster. A course curriculum for Developing Web 2.0 Applications at SiliconGulf Campus - www.silicongulf.com
This ppt contains the matter on yii framework.
introduction to yii framework
history behind this yii framework
developer of yii framework
technologies integrated&used in yii framework
how to install yii framework ?,
yii framework features,
performance
license terms
about mudule
MVC design pattern
advantages and disadvantages of yii framework.
yii is pronounced as yee0r ji;,acronym for it is "Yes It Is".
this is the answer for several questions
is it efficient?
is it easy to use?
is it professional?
is it right for my next project?
...
yes it is
yii is a component-based php framework for developing web applications.
it has been built with sophisticated,enterprise applications in mind
Oh so you test? - A guide to testing on Android from Unit to MutationPaul Blundell
Everyone knows you need testing, but what are the different types of testing, how will each type benefit you and what libraries are available to ease the pain? This talk will run through an explanation of each type of testing (unit, integration, functional, acceptance, fuzz, mutation...) explaining upon each level of an Android app, the testing involved, how this will benefit you and how it will benefit your users. It will also explain the architecture of a well tested app. Finally ending with some examples and libraries that ease your accessibility into testing and help with faster more descriptive feedback.
Software should be perfect, but it isn't! Bugs in the software ranges from small "inoffensive ones" to the ones that makes the news when a bunch of credit card data is stole.
On this talk we will review different testing methodologies and tools, and we will focus on using PHPUnit to assert how your software works and how to exterminate your bugs.
A brief introduction to javascript test driven development (TDD) towards several point of views by using qUnit, Karma & Jasmine, NodeJS tape module and custom frameworks.
V1.0
How often do you get a bug report that you can’t reproduce?
How often do you struggle to find the source of the bug in your code?
How can you streamline the testing process and make sure you don’t repeat the same bugs?
With Visual Studio 2010 & Team Foundation Server (TFS) 2010 there are a lot of new features for testers and developers that will solve these problems.
In this session you will learn how to: automate more, reproduce bugs easier, maintain your tests and configuration and discover problems sooner.
from Peter Gfader
Stopping the Rot - Putting Legacy C++ Under TestSeb Rose
Presentation given at the ACCU 2011 Conference in Oxford, UK.
Case study of applying unit test to the DOORS codebase. Includes a quick overview of unit test & the Google Test and Mock libraries. Also 3 specific refactoring examples shown.
Adding a modern twist to legacy web applicationsJeff Durta
Avoid misery of working with legacy code
We will see how you can add independent and isolated components to existing pages; pages that may be difficult to change
React and Flux allow you to make self-contained additions that handle their own data access/persistence
This workshop is about testing the right way. Get a clear view on how to test your code in an efficient and useful way!
This first testing-related workshop is about all aspects of unit testing. Integration testing and TDD will have their own dedicated workshops.
GlobalLogic Test Automation Online TechTalk “Test Driven Development as a Per...GlobalLogic Ukraine
16 грудня 2021 року відбувся GlobalLogic Test Automation Online TechTalk “Test Driven Development as a Personal Skill”! Анатолій Сахно (Software Testing Consultant, GlobalLogic) розібрав принципи TDD (розробки, керованої тестами) та приклади їх застосування. Крім того, поговорили про:
- Ефективне використання модульних тестів у повсякденних задачах;
- Використання TDD при розробці тестових фреймворків;
- Застосування принципів TDD при написанні функціональних автотестів.
Більше про захід: https://www.globallogic.com/ua/about/events/globallogic-test-automation-online-techtalk-test-driven-development-as-a-personal-skill/
Приємного перегляду і не забудьте залишити коментар про враження від TechTalk!
Ця активність — частина заходів в рамках GlobalLogic Test Automation Advent Calendar, ще більше заходів та цікавинок за посиланням: https://bit.ly/AdventCalendar_fb
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Mission to Decommission: Importance of Decommissioning Products to Increase E...
PHP Unit Testing in Yii
1. PHP Unit Testing
in Yii
How to start with TDD in Yii
by Matteo 'Peach' Pescarin
Twitter: @ilPeach
13/06/2013 - Yii London Meetup
2. What is this presentation about?
● Quick introduction to TDD and Unit Testing
● How to Unit Test? Types of Tests
● PHPUnit and Yii
● Write tests and Database interactions
● Fixtures
● Other features
● Command line use
● Few links.
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
3. Test Driven Development (TDD)
"encourages simple design and inspires
confidence" - Kent Beck
Re-discovered in 2004, is related to the test-
first concept from eXtreme Programming.
Works with any Agile methodology, but can be
applied in any context.
Also useful when dealing with legacy code that
wasn't developed with such ideas in mind.
Used as a way to document code by examples.
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
4. What is Unit Testing?
It's not about bug finding (there's no way this
can be proved to be true).
It's about designing software components
robustly.
The behaviour of the units is specified through
the tests.
A set of good unit tests is extremely valuable!
A set of bad unit tests is a terrible pain!
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
5. Some tips to write Unit Tests
They must be isolated from each other:
● Every behaviour should be covered by one test.
● No unnecessary assertions (TDD: one logical assertion
per test)
● Test one code-unit at a time (this should force you write
non-overlapping code, or use IoC, Inversion of Control)
● Mock external services and states (without abusing)
● Avoid preconditions (although it might be useful
sometimes)
Don't test configuration settings.
Name your tests clearly and consistently.
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
6. Types of tests
Unit test 1 Unit test 2
Integration test 1 Integration test 2
Unit test 3
Functional test 1
Unit test 4
Code
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
7. Types of tests in MVC frameworks
Unit test 1 Unit test 2
Integration test 1 Integration test 2
Unit test 3
Functional test 1
Unit test 4
Controllers/Views
Models
The states and the dependencies in controllers/views makes unit testing completely useless from a
server-side point of view.
Not true when considering javascript testing and other front-end behaviour/functionality which can
be done in other ways
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
8. Enters PHPUnit
PHPUnit help you deal with unit and
integration tests. http://www.phpunit.de/
Provides everything needed for any type of
test.
Produces reports in different formats (also for
code coverage).
Yii provides the functionality to integrate and
automate PHPUnit without worrying too much
about configuration.
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
9. Configuring tests in Yii
Have PHPUnit installed and a Yii app ready.
Directory structure available:
protected/tests/ main directory for all tests
unit/ unit tests directory
fixtures/ fixtures directory
phpunit.xml main phpunit config file
bootstrap.php Yii related configuration
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
10. Setup a test DB
In protected/tests/bootstrap.php :
$config=dirname(__FILE__).'/../config/test.php';
In protected/config/test.php :
'db'=>array(
'connectionString' => 'mysql:host=localhost;
dbname=myproject_test',
),
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
11. // tests/unit/doodleTest.php
class DoodleTest extends DBbTestCase
{
//...
/**
* Test getImageSrc returns what
* has been passed to setImageSrc
*/
public function
testGetImageSrcRerturnsWhatHasBeenPassedToSetImageSrc() {
$model = new Doodle();
$expectedImageSrc = 'Something';
$model->imageSrc = $expectedImgSrc;
$this->assertEquals(
$expectedImgSrc,
$model->imageSrc
);
}
//...
}
// models/Doodle.php
class Doodle extends CActiveRecord
{
//...
private $_imageSrc = null;
public function setImageSrc($data)
{
$this->_imageSrc = $data;
}
public function getImageSrc() {
return $this->_imageSrc;
}
//...
}
Write your tests
Tests are made of
assertions
[see full list at phpunit.de]
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
12. //...
/**
* Data Provider for getImageSrc / setImageSrc
*
* @return array
*/
public function imgSrcDataProvider() {
return array(
array(null),
array('some random text'),
array(0),
array(-1)
);
}
//...
}
// tests/unit/doodleTest.php
class DoodleTest extends DBbTestCase
{
//...
/**
* Test getImageSrc returns what has been passed to
setImageSrc
*
* @dataProvider imgSrcDataProvider
*/
public function
testGetImageSrcRerturnsWhatHasBeenPassedToSetImageSrc(
$expectedImgSrc
) {
$model = new Doodle();
if ($expectedImgSrc !== null) {
$model->imageSrc = $expectedImgSrc;
}
$this->assertEquals(
$expectedImgSrc,
$model->imageSrc
);
}
//...
Testing all cases: DataProviders
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
13. Database Interaction and AR classes
Just load the project database structure.
Fill in the tables that will not change during the
tests.
Create and save objects as needed...
(this is normally not enough)
Objects that are loaded, modified and updated
from and to the database require the use of Yii
fixtures.
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
14. public $fixtures = array(
'users' => 'User', // <generic_name> => <table_name>
);
Yii Fixtures
Flexible and useful way to deal with a mutable set of data.
Defined in protected/tests/fixtures/<lowercase-tablename>.php
Contains a return statement of an array of arrays.
Each first level array is a row. Each row can be key
indexed.
Setup at the top of the test Class with:
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
For every test in the class the fixtured tables will be
emptied and filled in with the data (this could be quite
expensive).
15. Class UserTest extends CDbTestCase
{
public $fixtures = array(
'users' => 'User',
);
/**
* @dataProvider expectancyDataProvider
*/
public function testUserExpectancyReturnsTheExpectedValue(
$expectedExpectancyValue
) {
$user = new User();
$user->setAttributes($this->users['simpleUser']);
$this->assertEquals(
$expectedExpectancyValue,
$user->calculateUserExpectancy()
);
}
Fixtures uses
This is just an example on
how you can use the data
from the fixture array.
You can always load the
same data that has been
loaded into the table and use
that.
More examples provided in
the Yii Definitive Guide.
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
16. Other important features
● testing exceptions using
@expectedException <Exception>
● Mocks and Stubs:
○ mock dependencies, injecting objects and resolve
dependencies
○ prepare stubs with methods that returns specific
values based on certain conditions
● a lot more other stuff depending on your
needs.
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
17. Command line invocation
test everything:
$ cd /path/to/project/protected/tests/
$ phpunit unit
PHPUnit 3.6.11 by Sebastian Bergmann.
Configuration read from /path/to/project/protected/tests/phpunit.xml
................................................................. 65 / 86 ( 75%)
.....................
Time: 01:02, Memory: 18.00M
OK (86 tests, 91 assertions)
$
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
18. Command line invocation (2)
test a single file:
$ phpunit unit/CustomerTest.php
Time: 1 second, Memory: 15.00Mb
OK (32 tests, 37 assertions)
or a single test method using a pattern:
$ phpunit --filter testCustomerStartEndDates unit/CustomerTest.php
Time: 1 second, Memory: 15.00Mb
OK (32 tests, 37 assertions)
for more info there's always
$ phpunit --help
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
19. More information and resources
Specific to PHPUnit and Yii Unit Testing
PHPUnit manual
http://phpunit.de/manual/current/en/index.html
Yii Guide on testing
http://www.yiiframework.com/doc/guide/1.1/en/test.overview
Generic information on TDD
Content Creation Wiki entry on TDD: http://c2.com/cgi/wiki?
TestDrivenDevelopment
Software Development Mag
http://www.methodsandtools.com/archive/archive.php?id=20
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup
20. Thank you!
Make a kitten happy and start testing today!
PHP Unit Testing in Yii - 13/06/2013 - Yii London Meetup