tests/org/cacert/gigi/pages/wot/TestAssurance.java

   1 package org.cacert.gigi.pages.wot;
   2
   3 import static org.hamcrest.CoreMatchers.*;
   4 import static org.junit.Assert.*;
   5
   6 import java.io.IOException;
   7 import java.io.UnsupportedEncodingException;
   8 import java.net.HttpURLConnection;
   9 import java.net.MalformedURLException;
  10 import java.net.URLConnection;
  11 import java.net.URLEncoder;
  12 import java.sql.SQLException;
  13 import java.text.SimpleDateFormat;
  14 import java.util.Calendar;
  15 import java.util.Date;
  16 import java.util.regex.Pattern;
  17
  18 import org.cacert.gigi.pages.account.MyDetails;
  19 import org.cacert.gigi.testUtils.IOUtils;
  20 import org.cacert.gigi.testUtils.ManagedTest;
  21 import org.junit.Before;
  22 import org.junit.Test;
  23
  24 public class TestAssurance extends ManagedTest {
  25
  26     private String assurerM;
  27
  28     private String assureeM;
  29
  30     private String cookie;
  31
  32     @Before
  33     public void setup() throws IOException {
  34         assurerM = createUniqueName() + "@cacert-test.org";
  35         assureeM = createUniqueName() + "@cacert-test.org";
  36
  37         createAssuranceUser("a", "b", assurerM, TEST_PASSWORD);
  38         createVerifiedUser("a", "c", assureeM, TEST_PASSWORD);
  39
  40         cookie = login(assurerM, TEST_PASSWORD);
  41     }
  42
  43     @Test
  44     public void testAssureSearch() throws IOException {
  45         String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910");
  46         assertTrue(loc, loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  47     }
  48
  49     @Test
  50     public void testAssureSearchEmail() throws IOException {
  51         String loc = search("email=1" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910");
  52         assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  53     }
  54
  55     @Test
  56     public void testAssureSearchDob() throws IOException {
  57         String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=2&month=1&year=1910");
  58         assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  59         loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=2&year=1910");
  60         assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  61         loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1911");
  62         assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  63     }
  64
  65     private String search(String query) throws MalformedURLException, IOException, UnsupportedEncodingException {
  66         URLConnection uc = get(cookie, AssurePage.PATH);
  67         uc.setDoOutput(true);
  68         uc.getOutputStream().write(("search&" + query).getBytes("UTF-8"));
  69         uc.getOutputStream().flush();
  70
  71         return IOUtils.readURL(uc);
  72     }
  73
  74     @Test
  75     public void testAssureForm() throws IOException {
  76         String error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
  77         assertNull(error);
  78     }
  79
  80     @Test
  81     public void testAssureFormContanisData() throws IOException {
  82         URLConnection uc = buildupAssureFormConnection(true);
  83         uc.getOutputStream().write(("date=2000-01-01&location=testcase&rules=1&CCAAgreed=1&assertion=1&points=10").getBytes("UTF-8"));
  84         uc.getOutputStream().flush();
  85         String data = IOUtils.readURL(uc);
  86         assertThat(data, containsString("2000-01-01"));
  87         assertThat(data, containsString("testcase"));
  88     }
  89
  90     @Test
  91     public void testAssureFormNoCSRF() throws IOException {
  92         // override csrf
  93         HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false);
  94         uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10").getBytes("UTF-8"));
  95         uc.getOutputStream().flush();
  96         assertEquals(500, uc.getResponseCode());
  97     }
  98
  99     @Test
 100     public void testAssureFormWrongCSRF() throws IOException {
 101         // override csrf
 102         HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false);
 103         uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10&csrf=aragc").getBytes("UTF-8"));
 104         uc.getOutputStream().flush();
 105         assertEquals(500, uc.getResponseCode());
 106     }
 107
 108     @Test
 109     public void testAssureFormRaceName() throws IOException, SQLException {
 110         testAssureFormRace(true, false);
 111     }
 112
 113     @Test
 114     public void testAssureFormRaceDoB() throws IOException, SQLException {
 115         testAssureFormRace(false, false);
 116     }
 117
 118     @Test
 119     public void testAssureFormRaceNameBlind() throws IOException, SQLException {
 120         testAssureFormRace(true, true);
 121     }
 122
 123     @Test
 124     public void testAssureFormRaceDoBBlind() throws IOException, SQLException {
 125         testAssureFormRace(false, true);
 126     }
 127
 128     public void testAssureFormRace(boolean name, boolean succeed) throws IOException, SQLException {
 129         URLConnection uc = buildupAssureFormConnection(true);
 130
 131         String assureeCookie = login(assureeM, TEST_PASSWORD);
 132         String newName = "lname=" + (name && !succeed ? "a" : "c") + "&fname=a&mname=&suffix=";
 133         String newDob = "day=1&month=1&year=" + ( !name && !succeed ? 1911 : 1910);
 134
 135         assertNull(executeBasicWebInteraction(assureeCookie, MyDetails.PATH, newName + "&" + newDob + "&processDetails", 0));
 136
 137         uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10").getBytes("UTF-8"));
 138         uc.getOutputStream().flush();
 139         String error = fetchStartErrorMessage(IOUtils.readURL(uc));
 140         if (succeed) {
 141             assertNull(error);
 142         } else {
 143             assertTrue(error, !error.startsWith("</div>"));
 144             assertThat(error, containsString("changed his personal details"));
 145         }
 146     }
 147
 148     @Test
 149     public void testAssureFormFuture() throws IOException {
 150         SimpleDateFormat sdf = new SimpleDateFormat("yyyy");
 151         int year = Integer.parseInt(sdf.format(new Date(System.currentTimeMillis()))) + 2;
 152         String error = getError("date=" + year + "-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 153         assertTrue(error, !error.startsWith("</div>"));
 154     }
 155
 156     @Test
 157     public void testAssureFormFutureOK() throws IOException {
 158         SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
 159         Calendar c = Calendar.getInstance();
 160         c.setTimeInMillis(System.currentTimeMillis());
 161         c.add(Calendar.HOUR_OF_DAY, 12);
 162
 163         String error = getError("date=" + sdf.format(new Date(c.getTimeInMillis())) + "&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 164         assertNull(error);
 165     }
 166
 167     @Test
 168     public void testAssureFormNoLoc() throws IOException {
 169         String error = getError("date=2000-01-01&location=a&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 170         assertTrue(error, !error.startsWith("</div>"));
 171         error = getError("date=2000-01-01&location=&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 172         assertTrue(error, !error.startsWith("</div>"));
 173     }
 174
 175     @Test
 176     public void testAssureFormInvalDate() throws IOException {
 177         String error = getError("date=20000101&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 178         assertTrue(error, !error.startsWith("</div>"));
 179         error = getError("date=&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 180         assertTrue(error, !error.startsWith("</div>"));
 181     }
 182
 183     @Test
 184     public void testAssureFormBoxes() throws IOException {
 185         String error = getError("date=2000-01-01&location=testcase&certify=0&rules=1&CCAAgreed=1&assertion=1&points=10");
 186         assertTrue(error, !error.startsWith("</div>"));
 187         error = getError("date=2000-01-01&location=testcase&certify=1&rules=&CCAAgreed=1&assertion=1&points=10");
 188         assertTrue(error, !error.startsWith("</div>"));
 189         error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=a&assertion=1&points=10");
 190         assertTrue(error, !error.startsWith("</div>"));
 191         error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=z&points=10");
 192         assertTrue(error, !error.startsWith("</div>"));
 193     }
 194
 195     @Test
 196     public void testAssureListingValid() throws IOException {
 197         String uniqueLoc = createUniqueName();
 198         String error = getError("date=2000-01-01&location=" + uniqueLoc + "&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 199         assertNull(error);
 200         String cookie = login(assureeM, TEST_PASSWORD);
 201         URLConnection url = get(cookie, MyPoints.PATH);
 202         String resp = IOUtils.readURL(url);
 203         resp = resp.split(Pattern.quote("</table>"))[0];
 204         assertThat(resp, containsString(uniqueLoc));
 205     }
 206
 207     @Test
 208     public void testAssurerListingValid() throws IOException {
 209         String uniqueLoc = createUniqueName();
 210         String error = getError("date=2000-01-01&location=" + uniqueLoc + "&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 211         assertNull(error);
 212         String cookie = login(assurerM, TEST_PASSWORD);
 213         URLConnection url = get(cookie, MyPoints.PATH);
 214         String resp = IOUtils.readURL(url);
 215         resp = resp.split(Pattern.quote("</table>"))[1];
 216         assertThat(resp, containsString(uniqueLoc));
 217     }
 218
 219     private String getError(String query) throws MalformedURLException, IOException {
 220         URLConnection uc = buildupAssureFormConnection(true);
 221         uc.getOutputStream().write((query).getBytes("UTF-8"));
 222         uc.getOutputStream().flush();
 223         String error = fetchStartErrorMessage(IOUtils.readURL(uc));
 224         return error;
 225     }
 226
 227     private URLConnection buildupAssureFormConnection(boolean doCSRF) throws MalformedURLException, IOException {
 228         return buildupAssureFormConnection(cookie, assureeM, doCSRF);
 229     }
 230
 231     public static URLConnection buildupAssureFormConnection(String cookie, String email, boolean doCSRF) throws MalformedURLException, IOException {
 232         URLConnection uc = get(cookie, AssurePage.PATH);
 233         uc.setDoOutput(true);
 234         uc.getOutputStream().write(("email=" + URLEncoder.encode(email, "UTF-8") + "&day=1&month=1&year=1910&search").getBytes("UTF-8"));
 235
 236         String csrf = getCSRF(uc);
 237         uc = get(cookie, AssurePage.PATH);
 238         uc.setDoOutput(true);
 239         if (doCSRF) {
 240             uc.getOutputStream().write(("csrf=" + csrf + "&").getBytes("UTF-8"));
 241         }
 242         return uc;
 243     }
 244
 245 }