]> WPIA git - gigi.git/blob - tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java
projects / gigi.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add: defense-in-depth mechanism to prevent unauthorized adding of groups
[gigi.git] / tests / org / cacert / gigi / pages / admin / TestSEAdminPageUserMailSearch.java
1 package org.cacert.gigi.pages.admin;
2
3 import static org.hamcrest.CoreMatchers.*;
4 import static org.junit.Assert.*;
5
6 import java.io.IOException;
7 import java.io.UnsupportedEncodingException;
8 import java.net.MalformedURLException;
9 import java.net.URLConnection;
10 import java.net.URLEncoder;
11
12 import org.cacert.gigi.GigiApiException;
13 import org.cacert.gigi.dbObjects.Group;
14 import org.cacert.gigi.dbObjects.User;
15 import org.cacert.gigi.pages.admin.support.FindUserByEmailPage;
16 import org.cacert.gigi.pages.admin.support.SupportEnterTicketPage;
17 import org.cacert.gigi.pages.admin.support.SupportUserDetailsPage;
18 import org.cacert.gigi.testUtils.ClientTest;
19 import org.cacert.gigi.testUtils.IOUtils;
20 import org.cacert.gigi.util.ServerConstants;
21 import org.junit.Test;
22
23 public class TestSEAdminPageUserMailSearch extends ClientTest {
24
25     public TestSEAdminPageUserMailSearch() throws IOException, GigiApiException {
26         grant(u, Group.SUPPORTER);
27         cookie = login(email, TEST_PASSWORD);
28         assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=a20140808.8&setTicket=action", 0).getResponseCode());
29     }
30
31     @Test
32     public void testFulltextMailSearch() throws MalformedURLException, UnsupportedEncodingException, IOException {
33         String mail = createUniqueName() + "@example.com";
34         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
35
36         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode(mail, "UTF-8"), 0);
37         assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id + "/", uc.getHeaderField("Location"));
38     }
39
40     @Test
41     public void testWildcardMailSearchSingle() throws MalformedURLException, UnsupportedEncodingException, IOException {
42         String mail = createUniqueName() + "@example.tld";
43         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
44
45         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example.tld", "UTF-8"), 0);
46         assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id + "/", uc.getHeaderField("Location"));
47     }
48
49     @Test
50     public void testWildcardMailSearchMultiple() throws MalformedURLException, UnsupportedEncodingException, IOException {
51         String mail = createUniqueName() + "@example.org";
52         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
53         String mail2 = createUniqueName() + "@example.org";
54         int id2 = createVerifiedUser("Först", "Secönd", mail2, TEST_PASSWORD);
55         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example.org", "UTF-8"), 0);
56
57         String res = IOUtils.readURL(uc);
58         assertThat(res, containsString(SupportUserDetailsPage.PATH + id + "/"));
59         assertThat(res, containsString(SupportUserDetailsPage.PATH + id2 + "/"));
60     }
61
62     @Test
63     public void testWildcardMailSearchSingleChar() throws MalformedURLException, UnsupportedEncodingException, IOException {
64         String mail = createUniqueName() + "@example.org";
65         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
66         String mail2 = createUniqueName() + "@fxample.org";
67         int id2 = createVerifiedUser("Först", "Secönd", mail2, TEST_PASSWORD);
68
69         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@_xample.org", "UTF-8"), 0);
70
71         String res = IOUtils.readURL(uc);
72         assertThat(res, containsString(SupportUserDetailsPage.PATH + id + "/"));
73         assertThat(res, containsString(SupportUserDetailsPage.PATH + id2 + "/"));
74     }
75
76     @Test
77     public void testWildcardMailSearchNoRes() throws MalformedURLException, UnsupportedEncodingException, IOException {
78         URLConnection uc = post(FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@_humpfelkumpf.org", "UTF-8"));
79         assertNotNull(fetchStartErrorMessage(IOUtils.readURL(uc)));
80     }
81
82     @Test
83     public void testFulltextMailSearchNoRes() throws MalformedURLException, UnsupportedEncodingException, IOException {
84         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode(createUniqueName() + "@example.org", "UTF-8"), 0);
85
86         assertNotNull(fetchStartErrorMessage(IOUtils.readURL(uc)));
87     }
88
89     @Test
90     public void testSearchSecondEmailAddress() throws MalformedURLException, UnsupportedEncodingException, IOException, InterruptedException, GigiApiException {
91         String mail = createUniqueName() + "@example1.org";
92         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
93         User testuser = User.getById(id);
94         String mail2 = createUniqueName() + "@example1.org";
95         createVerifiedEmail(testuser, mail2);
96
97         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode(mail2, "UTF-8"), 0);
98         assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id + "/", uc.getHeaderField("Location"));
99     }
100
101     @Test
102     public void testWildcardMailSearchSecondEmailAddress() throws MalformedURLException, UnsupportedEncodingException, IOException, InterruptedException, GigiApiException {
103         clearCaches();
104         String mail = createUniqueName() + "@example2.org";
105         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
106         User testuser = User.getById(id);
107         String mail2 = createUniqueName() + "@example2.org";
108         createVerifiedEmail(testuser, mail2);
109
110         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example2.org", "UTF-8"), 0);
111
112         String res = IOUtils.readURL(uc);
113         assertThat(res, containsString(mail));
114         assertThat(res, containsString(mail2));
115     }
116
117     @Test
118     public void testWildcardMailSearchMultipleEmailAddressOneAccount() throws MalformedURLException, UnsupportedEncodingException, IOException, InterruptedException, GigiApiException {
119         clearCaches();
120         String mail = createUniqueName() + "@example3.org";
121         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
122         User testuser = User.getById(id);
123         String mail2 = createUniqueName() + "@test3.org";
124         createVerifiedEmail(testuser, mail2);
125         String mail3 = createUniqueName() + "@test3.org";
126         createVerifiedEmail(testuser, mail3);
127
128         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example3.org", "UTF-8"), 0);
129         assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id + "/", uc.getHeaderField("Location"));
130
131         uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@test3.org", "UTF-8"), 0);
132
133         String res = IOUtils.readURL(uc);
134         assertThat(res, not(containsString(mail)));
135         assertThat(res, containsString(mail2));
136         assertThat(res, containsString(mail3));
137     }
138
139     @Test
140     public void testWildcardMailSearchMultipleEmailAddressMultipleAccounts() throws MalformedURLException, UnsupportedEncodingException, IOException, InterruptedException, GigiApiException {
141         String mail = createUniqueName() + "1@example4.org";
142         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
143         User testuser = User.getById(id);
144         String mail2 = createUniqueName() + "@test4.org";
145         createVerifiedEmail(testuser, mail2);
146
147         String mail3 = createUniqueName() + "2@example4.org";
148         int id2 = createVerifiedUser("Först", "Secönd", mail3, TEST_PASSWORD);
149         User testuser2 = User.getById(id2);
150         String mail4 = createUniqueName() + "@test4.org";
151         createVerifiedEmail(testuser2, mail4);
152
153         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example4.org", "UTF-8"), 0);
154
155         String res = IOUtils.readURL(uc);
156         assertThat(res, containsString(mail));
157         assertThat(res, not(containsString(mail2)));
158         assertThat(res, containsString(mail3));
159         assertThat(res, not(containsString(mail4)));
160
161         uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@test4.org", "UTF-8"), 0);
162
163         res = IOUtils.readURL(uc);
164         assertThat(res, not(containsString(mail)));
165         assertThat(res, containsString(mail2));
166         assertThat(res, not(containsString(mail3)));
167         assertThat(res, containsString(mail4));
168     }
169 }
WPIA Certificate Web Issuance Platform