phpList · samtuke · Feb 2, 2018 · Jan 31, 2018
diff --git a/Classes/Controller/ListController.php b/Classes/Controller/ListController.php
@@ -6,6 +6,7 @@
 use FOS\RestBundle\Controller\FOSRestController;
 use FOS\RestBundle\Routing\ClassResourceInterface;
 use FOS\RestBundle\View\View;
+use PhpList\PhpList4\Domain\Model\Messaging\SubscriberList;
 use PhpList\PhpList4\Domain\Repository\Messaging\SubscriberListRepository;
 use PhpList\PhpList4\Security\Authentication;
 use PhpList\RestBundle\Controller\Traits\AuthenticationTrait;
@@ -48,4 +49,19 @@ public function cgetAction(Request $request): View
 
         return View::create()->setData($this->subscriberListRepository->findAll());
     }
+
+    /**
+     * Gets a list of all subscribers (members) of a subscriber list.
+     *
+     * @param Request $request
+     * @param SubscriberList $list
+     *
+     * @return View
+     */
+    public function getMembersAction(Request $request, SubscriberList $list): View
+    {
+        $this->requireAuthentication($request);
+
+        return View::create()->setData($list->getSubscribers());
+    }
 }
diff --git a/Tests/Integration/Controller/AbstractControllerTest.php b/Tests/Integration/Controller/AbstractControllerTest.php
@@ -273,7 +273,7 @@ protected function assertHttpOkay()
     }
 
     /**
-     * Asserts that the current client response has a HTTP CREATED status  (and the application/json content type).
+     * Asserts that the current client response has a HTTP CREATED status (and the application/json content type).
      *
      * @return void
      */
@@ -283,7 +283,7 @@ protected function assertHttpCreated()
     }
 
     /**
-     * Asserts that the current client response has a HTTP BAD REQUEST status  (and the application/json content type).
+     * Asserts that the current client response has a HTTP BAD REQUEST status (and the application/json content type).
      *
      * @return void
      */
@@ -293,7 +293,7 @@ protected function assertHttpBadRequest()
     }
 
     /**
-     * Asserts that the current client response has a HTTP UNAUTHORIZED status  (and the application/json content type).
+     * Asserts that the current client response has a HTTP UNAUTHORIZED status (and the application/json content type).
      *
      * @return void
      */
@@ -302,6 +302,16 @@ protected function assertHttpUnauthorized()
         $this->assertHttpStatusWithJsonContentType(Response::HTTP_UNAUTHORIZED);
     }
 
+    /**
+     * Asserts that the current client response has a HTTP NOT FOUND status (and the application/json content type).
+     *
+     * @return void
+     */
+    protected function assertHttpNotFound()
+    {
+        $this->assertHttpStatusWithJsonContentType(Response::HTTP_NOT_FOUND);
+    }
+
     /**
      * Asserts that the current client response has a HTTP FORBIDDEN status and the corresponding error message
      * provided in the JSON response.

diff --git a/Tests/Integration/Controller/Fixtures/Subscription.csv b/Tests/Integration/Controller/Fixtures/Subscription.csv
@@ -0,0 +1,5 @@
+userid,listid,entered,modified
+1,2,"2016-07-22 15:01:17","2016-08-23 19:50:43"
+2,2,"2016-08-22 15:01:17","2016-09-23 19:50:43"
+2,1,"2016-09-22 15:01:17","2016-10-23 19:50:43"
+3,1,"2017-09-22 15:01:17","2017-10-23 19:50:43"
diff --git a/Tests/Integration/Controller/ListControllerTest.php b/Tests/Integration/Controller/ListControllerTest.php
@@ -17,6 +17,16 @@ class ListControllerTest extends AbstractControllerTest
      */
     const LISTS_TABLE_NAME = 'phplist_list';
 
+    /**
+     * @var string
+     */
+    const SUBSCRIBER_TABLE_NAME = 'phplist_user_user';
+
+    /**
+     * @var string
+     */
+    const SUBSCRIPTION_TABLE_NAME = 'phplist_listuser';
+
     /**
      * @test
      */
@@ -100,4 +110,99 @@ public function getListsWithCurrentSessionKeyReturnsListData()
             ]
         );
     }
+
+    /**
+     * @test
+     */
+    public function getListMembersWithoutSessionKeyReturnsForbiddenStatus()
+    {
+        $this->client->request('get', '/api/v2/lists/1/members');
+
+        $this->assertHttpForbidden();
+    }
+
+    /**
+     * @test
+     */
+    public function getListMembersWithExpiredSessionKeyReturnsForbiddenStatus()
+    {
+        $this->getDataSet()->addTable(self::ADMINISTRATOR_TABLE_NAME, __DIR__ . '/Fixtures/Administrator.csv');
+        $this->getDataSet()->addTable(self::TOKEN_TABLE_NAME, __DIR__ . '/Fixtures/AdministratorToken.csv');
+        $this->applyDatabaseChanges();
+
+        $this->client->request(
+            'get',
+            '/api/v2/lists/1/members',
+            [],
+            [],
+            ['PHP_AUTH_USER' => 'unused', 'PHP_AUTH_PW' => 'cfdf64eecbbf336628b0f3071adba763']
+        );
+
+        $this->assertHttpForbidden();
+    }
+
+    /**
+     * @test
+     */
+    public function getListMembersWithCurrentSessionKeyForInexistentListReturnsNotFoundStatus()
+    {
+        $this->authenticatedJsonRequest('get', '/api/v2/lists/999/members');
+
+        $this->assertHttpNotFound();
+    }
+
+    /**
+     * @test
+     */
+    public function getListMembersWithCurrentSessionKeyForExistingListReturnsOkayStatus()
+    {
+        $this->getDataSet()->addTable(self::LISTS_TABLE_NAME, __DIR__ . '/Fixtures/SubscriberList.csv');
+        $this->applyDatabaseChanges();
+
+        $this->authenticatedJsonRequest('get', '/api/v2/lists/1/members');
+
+        $this->assertHttpOkay();
+    }
+
+    /**
+     * @test
+     */
+    public function getListMembersWithCurrentSessionKeyForExistingListWithoutSubscribersReturnsEmptyArray()
+    {
+        $this->getDataSet()->addTable(self::LISTS_TABLE_NAME, __DIR__ . '/Fixtures/SubscriberList.csv');
+        $this->applyDatabaseChanges();
+
+        $this->authenticatedJsonRequest('get', '/api/v2/lists/1/members');
+
+        $this->assertJsonResponseContentEquals([]);
+    }
+
+    /**
+     * @test
+     */
+    public function getListMembersWithCurrentSessionKeyForExistingListWithSubscribersReturnsSubscribers()
+    {
+        $this->getDataSet()->addTable(self::LISTS_TABLE_NAME, __DIR__ . '/Fixtures/SubscriberList.csv');
+        $this->getDataSet()->addTable(self::SUBSCRIBER_TABLE_NAME, __DIR__ . '/Fixtures/Subscriber.csv');
+        $this->getDataSet()->addTable(self::SUBSCRIPTION_TABLE_NAME, __DIR__ . '/Fixtures/Subscription.csv');
+        $this->applyDatabaseChanges();
+
+        $this->authenticatedJsonRequest('get', '/api/v2/lists/2/members');
+
+        $this->assertJsonResponseContentEquals(
+            [
+                [
+                    'creation_date' => '2016-07-22T15:01:17+00:00',
+                    'email' => '[email protected]',
+                    'confirmed' => true,
+                    'blacklisted' => true,
+                    'bounce_count' => 17,
+                    'unique_id' => '95feb7fe7e06e6c11ca8d0c48cb46e89',
+                    'html_email' => true,
+                    'disabled' => true,
+                    'id' => 1,
+                ]
+            ]
+        );
+    }
 }