tests/club/wpia/gigi/pages/wot/TestAssurance.java

   1 package club.wpia.gigi.pages.wot;
   2
   3 import static org.hamcrest.CoreMatchers.*;
   4 import static org.junit.Assert.*;
   5
   6 import java.io.IOException;
   7 import java.io.UnsupportedEncodingException;
   8 import java.net.HttpURLConnection;
   9 import java.net.MalformedURLException;
  10 import java.net.URLConnection;
  11 import java.net.URLEncoder;
  12 import java.sql.SQLException;
  13 import java.sql.Timestamp;
  14 import java.text.SimpleDateFormat;
  15 import java.util.Calendar;
  16 import java.util.Date;
  17 import java.util.regex.Pattern;
  18
  19 import org.hamcrest.Matcher;
  20 import org.junit.Before;
  21 import org.junit.Test;
  22
  23 import club.wpia.gigi.GigiApiException;
  24 import club.wpia.gigi.database.GigiPreparedStatement;
  25 import club.wpia.gigi.dbObjects.Country;
  26 import club.wpia.gigi.dbObjects.Group;
  27 import club.wpia.gigi.dbObjects.User;
  28 import club.wpia.gigi.pages.account.MyDetails;
  29 import club.wpia.gigi.pages.wot.AssurePage;
  30 import club.wpia.gigi.pages.wot.Points;
  31 import club.wpia.gigi.testUtils.IOUtils;
  32 import club.wpia.gigi.testUtils.ManagedTest;
  33 import club.wpia.gigi.testUtils.TestEmailReceiver.TestMail;
  34 import club.wpia.gigi.util.DayDate;
  35 import club.wpia.gigi.util.Notary;
  36
  37 public class TestAssurance extends ManagedTest {
  38
  39     private String assurerM;
  40
  41     private String assureeM;
  42
  43     private int assureeName;
  44
  45     private String cookie;
  46
  47     @Before
  48     public void setup() throws IOException {
  49         clearCaches();
  50         assurerM = createUniqueName() + "@example.org";
  51         assureeM = createUniqueName() + "@example.org";
  52
  53         createAssuranceUser("a", "b", assurerM, TEST_PASSWORD);
  54         int assureeId = createVerifiedUser("a", "c", assureeM, TEST_PASSWORD);
  55         assureeName = User.getById(assureeId).getPreferredName().getId();
  56
  57         cookie = login(assurerM, TEST_PASSWORD);
  58     }
  59
  60     private Matcher<String> isAssuranceForm() {
  61         return containsString("<select name=\"assuranceType\">");
  62     }
  63
  64     @Test
  65     public void testAssureSearch() throws IOException {
  66         String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910");
  67         assertThat(loc, isAssuranceForm());
  68     }
  69
  70     @Test
  71     public void testAssureSearchEmail() throws IOException {
  72         String loc = search("email=1" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910");
  73         assertThat(loc, not(isAssuranceForm()));
  74     }
  75
  76     @Test
  77     public void testAssureSearchDobInvalid() throws IOException {
  78         String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=mal");
  79         assertThat(loc, not(isAssuranceForm()));
  80     }
  81
  82     @Test
  83     public void testAssureSearchDob() throws IOException {
  84         String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=2&month=1&year=1910");
  85         assertThat(loc, not(isAssuranceForm()));
  86         loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=2&year=1910");
  87         assertThat(loc, not(isAssuranceForm()));
  88         loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1911");
  89         assertThat(loc, not(isAssuranceForm()));
  90     }
  91
  92     private String search(String query) throws MalformedURLException, IOException, UnsupportedEncodingException {
  93         URLConnection uc = get(cookie, AssurePage.PATH);
  94         uc.setDoOutput(true);
  95         uc.getOutputStream().write(("search&" + query).getBytes("UTF-8"));
  96         uc.getOutputStream().flush();
  97
  98         return IOUtils.readURL(uc);
  99     }
 100
 101     @Test
 102     public void testAssureForm() throws IOException {
 103         executeSuccess("date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 104     }
 105
 106     @Test
 107     public void testAssureFormEmpty() throws IOException {
 108         URLConnection uc = buildupAssureFormConnection(true);
 109         uc.getOutputStream().write(("date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&rules=1&assertion=1&points=10").getBytes("UTF-8"));
 110         uc.getOutputStream().flush();
 111         String data = IOUtils.readURL(uc);
 112         assertThat(data, hasError());
 113     }
 114
 115     @Test
 116     public void testAssureFormContanisData() throws IOException {
 117         URLConnection uc = buildupAssureFormConnection(true);
 118         uc.getOutputStream().write(("assuredName=" + assureeName + "&date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&rules=1&assertion=1&points=10").getBytes("UTF-8"));
 119         uc.getOutputStream().flush();
 120         String data = IOUtils.readURL(uc);
 121         assertThat(data, containsString(validVerificationDateString()));
 122         assertThat(data, containsString("testcase"));
 123     }
 124
 125     @Test
 126     public void testAssureFormNoCSRF() throws IOException {
 127         // override csrf
 128         HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false);
 129         uc.getOutputStream().write(("date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10").getBytes("UTF-8"));
 130         uc.getOutputStream().flush();
 131         assertEquals(500, uc.getResponseCode());
 132     }
 133
 134     @Test
 135     public void testAssureFormWrongCSRF() throws IOException {
 136         // override csrf
 137         HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false);
 138         uc.getOutputStream().write(("date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10&csrf=aragc").getBytes("UTF-8"));
 139         uc.getOutputStream().flush();
 140         assertEquals(500, uc.getResponseCode());
 141     }
 142
 143     @Test
 144     public void testAssureFormRaceDoB() throws IOException, SQLException {
 145         testAssureFormRace(false);
 146     }
 147
 148     @Test
 149     public void testAssureFormRaceDoBBlind() throws IOException, SQLException {
 150         testAssureFormRace(true);
 151     }
 152
 153     public void testAssureFormRace(boolean succeed) throws IOException, SQLException {
 154         URLConnection uc = buildupAssureFormConnection(true);
 155
 156         String assureeCookie = login(assureeM, TEST_PASSWORD);
 157         String newDob = "day=1&month=1&year=" + ( !succeed ? 1911 : 1910);
 158
 159         assertNull(executeBasicWebInteraction(assureeCookie, MyDetails.PATH, newDob + "&action=updateDoB", 0));
 160
 161         uc.getOutputStream().write(("assuredName=" + assureeName + "&date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10").getBytes("UTF-8"));
 162         uc.getOutputStream().flush();
 163         String error = fetchStartErrorMessage(IOUtils.readURL(uc));
 164         if (succeed) {
 165             assertNull(error);
 166         } else {
 167             assertTrue(error, !error.startsWith("</div>"));
 168             assertThat(error, containsString("changed his personal details"));
 169         }
 170     }
 171
 172     @Test
 173     public void testAssureFormFuture() throws IOException {
 174         SimpleDateFormat sdf = new SimpleDateFormat("yyyy");
 175         int year = Integer.parseInt(sdf.format(new Date(System.currentTimeMillis()))) + 2;
 176         executeFails("date=" + year + "-01-01&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 177     }
 178
 179     @Test
 180     public void testAssureFormFutureOK() throws IOException {
 181         SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
 182         Calendar c = Calendar.getInstance();
 183         c.setTimeInMillis(System.currentTimeMillis());
 184         c.add(Calendar.HOUR_OF_DAY, 12);
 185
 186         executeSuccess("date=" + sdf.format(new Date(c.getTimeInMillis())) + "&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 187     }
 188
 189     @Test
 190     public void testAssureFormPastInRange() throws IOException {
 191         executeSuccess("date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 192     }
 193
 194     @Test
 195     public void testAssureFormPastOnLimit() throws IOException {
 196         SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
 197         Calendar c = Calendar.getInstance();
 198         c.setTimeInMillis(System.currentTimeMillis());
 199         c.add(Calendar.MONTH, -Notary.LIMIT_MAX_MONTHS_VERIFICATION);
 200         c.add(Calendar.DAY_OF_MONTH, 1);
 201
 202         executeSuccess("date=" + sdf.format(new Date(c.getTimeInMillis())) + "&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 203     }
 204
 205     @Test
 206     public void testAssureFormPastOutOfRange() throws IOException {
 207         SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
 208         Calendar c = Calendar.getInstance();
 209         c.setTimeInMillis(System.currentTimeMillis());
 210         c.add(Calendar.MONTH, -Notary.LIMIT_MAX_MONTHS_VERIFICATION);
 211
 212         executeFails("date=" + sdf.format(new Date(c.getTimeInMillis())) + "&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 213     }
 214
 215     @Test
 216     public void testAssureFormNoLoc() throws IOException {
 217         executeFails("date=" + validVerificationDateString() + "&location=a&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 218         executeFails("date=" + validVerificationDateString() + "&location=&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 219     }
 220
 221     @Test
 222     public void testAssureFormInvalDate() throws IOException {
 223         executeFails("date=20000101&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 224         executeFails("date=&location=testcase&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 225     }
 226
 227     @Test
 228     public void testAssureFormBoxes() throws IOException {
 229         executeFails("date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&certify=0&rules=1&assertion=1&points=10");
 230         executeFails("date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&certify=1&rules=&assertion=1&points=10");
 231         executeFails("date=" + validVerificationDateString() + "&location=testcase&countryCode=DE&certify=1&rules=1&assertion=z&points=10");
 232     }
 233
 234     @Test
 235     public void testAssureListingValid() throws IOException, GigiApiException {
 236         String uniqueLoc = createUniqueName();
 237         execute("date=" + validVerificationDateString() + "&location=" + uniqueLoc + "&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 238
 239         String cookie = login(assureeM, TEST_PASSWORD);
 240         URLConnection url = get(cookie, Points.PATH);
 241         String resp = IOUtils.readURL(url);
 242         resp = resp.split(Pattern.quote("</table>"))[1];
 243         assertThat(resp, containsString(uniqueLoc));
 244         assertThat(resp, containsString(Country.getCountryByCode("DE", Country.CountryCodeType.CODE_2_CHARS).getName()));
 245     }
 246
 247     @Test
 248     public void testAssurerListingValid() throws IOException, GigiApiException {
 249         String uniqueLoc = createUniqueName();
 250         executeSuccess("date=" + validVerificationDateString() + "&location=" + uniqueLoc + "&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 251         String cookie = login(assurerM, TEST_PASSWORD);
 252         URLConnection url = get(cookie, Points.PATH);
 253         String resp = IOUtils.readURL(url);
 254         resp = resp.split(Pattern.quote("</table>"))[2];
 255         assertThat(resp, containsString(uniqueLoc));
 256         assertThat(resp, containsString(Country.getCountryByCode("DE", Country.CountryCodeType.CODE_2_CHARS).getName()));
 257     }
 258
 259     private void executeFails(String query) throws MalformedURLException, IOException {
 260         assertThat(execute(query), hasError());
 261
 262     }
 263
 264     private void executeSuccess(String query) throws MalformedURLException, IOException {
 265         assertThat(execute(query), hasNoError());
 266
 267     }
 268
 269     private String execute(String query) throws MalformedURLException, IOException {
 270         URLConnection uc = buildupAssureFormConnection(true);
 271         uc.getOutputStream().write(("assuredName=" + assureeName + "&" + query).getBytes("UTF-8"));
 272         uc.getOutputStream().flush();
 273         return IOUtils.readURL(uc);
 274     }
 275
 276     private URLConnection buildupAssureFormConnection(boolean doCSRF) throws MalformedURLException, IOException {
 277         return buildupAssureFormConnection(cookie, assureeM, doCSRF);
 278     }
 279
 280     public static URLConnection buildupAssureFormConnection(String cookie, String email, boolean doCSRF) throws MalformedURLException, IOException {
 281         URLConnection uc = get(cookie, AssurePage.PATH);
 282         uc.setDoOutput(true);
 283         uc.getOutputStream().write(("email=" + URLEncoder.encode(email, "UTF-8") + "&day=1&month=1&year=1910&search").getBytes("UTF-8"));
 284
 285         String csrf = getCSRF(uc);
 286         uc = get(cookie, AssurePage.PATH);
 287         uc.setDoOutput(true);
 288         if (doCSRF) {
 289             uc.getOutputStream().write(("csrf=" + csrf + "&").getBytes("UTF-8"));
 290         }
 291         return uc;
 292     }
 293
 294     @Test
 295     public void testMultipleAssurance() throws IOException {
 296
 297         User users[] = User.findByEmail(assurerM);
 298         int agentID = users[0].getId();
 299
 300         users = User.findByEmail(assureeM);
 301         int applicantID = users[0].getId();
 302
 303         // enter first entry 200 days in the past
 304         try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `notary` SET `from`=?, `to`=?, `points`=?, `location`=?, `date`=?, `when`=? ")) {
 305             ps.setInt(1, agentID);
 306             ps.setInt(2, applicantID);
 307             ps.setInt(3, 10);
 308             ps.setString(4, "test-location");
 309             ps.setString(5, "2010-01-01");
 310             ps.setTimestamp(6, new Timestamp(System.currentTimeMillis() - DayDate.MILLI_DAY * 200));
 311             ps.execute();
 312         }
 313
 314         // enter second entry
 315         String uniqueLoc = createUniqueName();
 316         executeSuccess("date=" + validVerificationDateString() + "&location=" + uniqueLoc + "&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 317
 318         // enter third entry on the same day
 319         URLConnection uc = get(cookie, AssurePage.PATH);
 320         uc.setDoOutput(true);
 321         uc.getOutputStream().write(("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910&search").getBytes("UTF-8"));
 322         assertThat(IOUtils.readURL(uc), hasError());
 323
 324     }
 325
 326     @Test
 327     public void testAssureFormNoCountry() throws IOException {
 328         executeFails("date=" + validVerificationDateString() + "&location=testcase&countryCode=&certify=1&rules=1&assertion=1&points=10");
 329     }
 330
 331     @Test
 332     public void testRANotificationSet() throws IOException, GigiApiException {
 333         getMailReceiver().clearMails();
 334
 335         User users[] = User.findByEmail(assurerM);
 336         assertTrue("user RA Agent not found", users != null && users.length > 0);
 337
 338         User u = users[0];
 339         u.grantGroup(u, Group.VERIFY_NOTIFICATION);
 340         clearCaches();
 341         cookie = login(assurerM, TEST_PASSWORD);
 342
 343         String targetMail = u.getEmail();
 344
 345         // enter verification
 346         String uniqueLoc = createUniqueName();
 347         executeSuccess("date=" + validVerificationDateString() + "&location=" + uniqueLoc + "&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 348         TestMail tm;
 349
 350         do {
 351             tm = getMailReceiver().receive();
 352         } while ( !tm.getTo().equals(targetMail));
 353         assertThat(tm.getMessage(), containsString("You entered a verification for the account with email address " + assureeM));
 354
 355     }
 356
 357     @Test
 358     public void testRANotificationNotSet() throws IOException, GigiApiException {
 359         getMailReceiver().clearMails();
 360
 361         User users[] = User.findByEmail(assurerM);
 362         assertTrue("user RA Agent not found", users != null && users.length > 0);
 363
 364         User u = users[0];
 365         u.revokeGroup(u, Group.VERIFY_NOTIFICATION);
 366         clearCaches();
 367         cookie = login(assurerM, TEST_PASSWORD);
 368
 369         // enter verification
 370         String uniqueLoc = createUniqueName();
 371         executeSuccess("date=" + validVerificationDateString() + "&location=" + uniqueLoc + "&countryCode=DE&certify=1&rules=1&assertion=1&points=10");
 372
 373         TestMail tm;
 374
 375         tm = getMailReceiver().receive();
 376         assertThat(tm.getMessage(), not(containsString("You entered a verification for the account with email address " + assureeM)));
 377
 378     }
 379 }