tests/org/cacert/gigi/pages/wot/TestAssurance.java

   1 package org.cacert.gigi.pages.wot;
   2
   3 import static org.hamcrest.CoreMatchers.*;
   4 import static org.junit.Assert.*;
   5
   6 import java.io.IOException;
   7 import java.io.UnsupportedEncodingException;
   8 import java.net.HttpURLConnection;
   9 import java.net.MalformedURLException;
  10 import java.net.URLConnection;
  11 import java.net.URLEncoder;
  12 import java.sql.SQLException;
  13 import java.text.SimpleDateFormat;
  14 import java.util.Calendar;
  15 import java.util.Date;
  16 import java.util.regex.Pattern;
  17
  18 import org.cacert.gigi.pages.account.MyDetails;
  19 import org.cacert.gigi.testUtils.IOUtils;
  20 import org.cacert.gigi.testUtils.ManagedTest;
  21 import org.junit.Before;
  22 import org.junit.Test;
  23
  24 public class TestAssurance extends ManagedTest {
  25
  26     private String assurerM;
  27
  28     private String assureeM;
  29
  30     private String cookie;
  31
  32     @Before
  33     public void setup() throws IOException {
  34         assurerM = createUniqueName() + "@cacert-test.org";
  35         assureeM = createUniqueName() + "@cacert-test.org";
  36
  37         createAssuranceUser("a", "b", assurerM, TEST_PASSWORD);
  38         createVerifiedUser("a", "c", assureeM, TEST_PASSWORD);
  39
  40         cookie = login(assurerM, TEST_PASSWORD);
  41     }
  42
  43     @Test
  44     public void testAssureSearch() throws IOException {
  45         String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910");
  46         assertTrue(loc, loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  47     }
  48
  49     @Test
  50     public void testAssureSearchEmail() throws IOException {
  51         String loc = search("email=1" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910");
  52         assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  53     }
  54
  55     @Test
  56     public void testAssureSearchDob() throws IOException {
  57         String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=2&month=1&year=1910");
  58         assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  59         loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=2&year=1910");
  60         assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  61         loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1911");
  62         assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\""));
  63     }
  64
  65     private String search(String query) throws MalformedURLException, IOException, UnsupportedEncodingException {
  66         URLConnection uc = get(cookie, AssurePage.PATH);
  67         uc.setDoOutput(true);
  68         uc.getOutputStream().write(("search&" + query).getBytes("UTF-8"));
  69         uc.getOutputStream().flush();
  70
  71         return IOUtils.readURL(uc);
  72     }
  73
  74     @Test
  75     public void testAssureForm() throws IOException {
  76         String error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
  77         assertNull(error);
  78     }
  79
  80     @Test
  81     public void testAssureFormContanisData() throws IOException {
  82         URLConnection uc = buildupAssureFormConnection(true);
  83         uc.getOutputStream().write(("date=2000-01-01&location=testcase&rules=1&CCAAgreed=1&assertion=1&points=10").getBytes("UTF-8"));
  84         uc.getOutputStream().flush();
  85         String data = IOUtils.readURL(uc);
  86         assertThat(data, containsString("2000-01-01"));
  87         assertThat(data, containsString("testcase"));
  88     }
  89
  90     @Test
  91     public void testAssureFormNoCSRF() throws IOException {
  92         // override csrf
  93         HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false);
  94         uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10").getBytes("UTF-8"));
  95         uc.getOutputStream().flush();
  96         assertEquals(500, uc.getResponseCode());
  97     }
  98
  99     @Test
 100     public void testAssureFormWrongCSRF() throws IOException {
 101         // override csrf
 102         HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false);
 103         uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10&csrf=aragc").getBytes("UTF-8"));
 104         uc.getOutputStream().flush();
 105         assertEquals(500, uc.getResponseCode());
 106     }
 107
 108     @Test
 109     public void testAssureFormRaceName() throws IOException, SQLException {
 110         testAssureFormRace(true);
 111     }
 112
 113     @Test
 114     public void testAssureFormRaceDoB() throws IOException, SQLException {
 115         testAssureFormRace(false);
 116     }
 117
 118     public void testAssureFormRace(boolean name) throws IOException, SQLException {
 119         URLConnection uc = buildupAssureFormConnection(true);
 120
 121         String assureeCookie = login(assureeM, TEST_PASSWORD);
 122         String newName = "lname=" + (name ? "c" : "a") + "&fname=a&mname=&suffix=";
 123         String newDob = "day=1&month=1&year=" + (name ? 1910 : 1911);
 124
 125         assertNull(executeBasicWebInteraction(assureeCookie, MyDetails.PATH, newName + "&" + newDob + "&processDetails", 0));
 126
 127         uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10").getBytes("UTF-8"));
 128         uc.getOutputStream().flush();
 129         String error = fetchStartErrorMessage(IOUtils.readURL(uc));
 130         assertTrue(error, !error.startsWith("</div>"));
 131     }
 132
 133     @Test
 134     public void testAssureFormFuture() throws IOException {
 135         SimpleDateFormat sdf = new SimpleDateFormat("yyyy");
 136         int year = Integer.parseInt(sdf.format(new Date(System.currentTimeMillis()))) + 2;
 137         String error = getError("date=" + year + "-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 138         assertTrue(error, !error.startsWith("</div>"));
 139     }
 140
 141     @Test
 142     public void testAssureFormFutureOK() throws IOException {
 143         SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
 144         Calendar c = Calendar.getInstance();
 145         c.setTimeInMillis(System.currentTimeMillis());
 146         c.add(Calendar.HOUR_OF_DAY, 12);
 147
 148         String error = getError("date=" + sdf.format(new Date(c.getTimeInMillis())) + "&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 149         assertNull(error);
 150     }
 151
 152     @Test
 153     public void testAssureFormNoLoc() throws IOException {
 154         String error = getError("date=2000-01-01&location=a&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 155         assertTrue(error, !error.startsWith("</div>"));
 156         error = getError("date=2000-01-01&location=&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 157         assertTrue(error, !error.startsWith("</div>"));
 158     }
 159
 160     @Test
 161     public void testAssureFormInvalDate() throws IOException {
 162         String error = getError("date=20000101&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 163         assertTrue(error, !error.startsWith("</div>"));
 164         error = getError("date=&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 165         assertTrue(error, !error.startsWith("</div>"));
 166     }
 167
 168     @Test
 169     public void testAssureFormBoxes() throws IOException {
 170         String error = getError("date=2000-01-01&location=testcase&certify=0&rules=1&CCAAgreed=1&assertion=1&points=10");
 171         assertTrue(error, !error.startsWith("</div>"));
 172         error = getError("date=2000-01-01&location=testcase&certify=1&rules=&CCAAgreed=1&assertion=1&points=10");
 173         assertTrue(error, !error.startsWith("</div>"));
 174         error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=a&assertion=1&points=10");
 175         assertTrue(error, !error.startsWith("</div>"));
 176         error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=z&points=10");
 177         assertTrue(error, !error.startsWith("</div>"));
 178     }
 179
 180     @Test
 181     public void testAssureListingValid() throws IOException {
 182         String uniqueLoc = createUniqueName();
 183         String error = getError("date=2000-01-01&location=" + uniqueLoc + "&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 184         assertNull(error);
 185         String cookie = login(assureeM, TEST_PASSWORD);
 186         URLConnection url = get(cookie, MyPoints.PATH);
 187         String resp = IOUtils.readURL(url);
 188         resp = resp.split(Pattern.quote("</table>"))[0];
 189         assertThat(resp, containsString(uniqueLoc));
 190     }
 191
 192     @Test
 193     public void testAssurerListingValid() throws IOException {
 194         String uniqueLoc = createUniqueName();
 195         String error = getError("date=2000-01-01&location=" + uniqueLoc + "&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
 196         assertNull(error);
 197         String cookie = login(assurerM, TEST_PASSWORD);
 198         URLConnection url = get(cookie, MyPoints.PATH);
 199         String resp = IOUtils.readURL(url);
 200         resp = resp.split(Pattern.quote("</table>"))[1];
 201         assertThat(resp, containsString(uniqueLoc));
 202     }
 203
 204     private String getError(String query) throws MalformedURLException, IOException {
 205         URLConnection uc = buildupAssureFormConnection(true);
 206         uc.getOutputStream().write((query).getBytes("UTF-8"));
 207         uc.getOutputStream().flush();
 208         String error = fetchStartErrorMessage(IOUtils.readURL(uc));
 209         return error;
 210     }
 211
 212     private URLConnection buildupAssureFormConnection(boolean doCSRF) throws MalformedURLException, IOException {
 213         return buildupAssureFormConnection(cookie, assureeM, doCSRF);
 214     }
 215
 216     public static URLConnection buildupAssureFormConnection(String cookie, String email, boolean doCSRF) throws MalformedURLException, IOException {
 217         URLConnection uc = get(cookie, AssurePage.PATH);
 218         uc.setDoOutput(true);
 219         uc.getOutputStream().write(("email=" + URLEncoder.encode(email, "UTF-8") + "&day=1&month=1&year=1910&search").getBytes("UTF-8"));
 220
 221         String csrf = getCSRF(uc);
 222         uc = get(cookie, AssurePage.PATH);
 223         uc.setDoOutput(true);
 224         if (doCSRF) {
 225             uc.getOutputStream().write(("csrf=" + csrf + "&").getBytes("UTF-8"));
 226         }
 227         return uc;
 228     }
 229
 230 }