]> WPIA git - gigi.git/blobdiff - tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java
projects / gigi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add: defense-in-depth mechanism to prevent unauthorized adding of groups
[gigi.git] / tests / org / cacert / gigi / pages / admin / TestSEAdminPageUserMailSearch.java
diff --git a/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java b/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java
index 593d9e9c119f2a25e806e5479af7220b66d60616..29918b5a0a55c5618e940a450c21c646d586a754 100644 (file)
--- a/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java
+++ b/tests/org/cacert/gigi/pages/admin/TestSEAdminPageUserMailSearch.java
@@ -9,7 +9,9 @@ import java.net.MalformedURLException;
 import java.net.URLConnection;
 import java.net.URLEncoder;
 
+import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.dbObjects.Group;
+import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.pages.admin.support.FindUserByEmailPage;
 import org.cacert.gigi.pages.admin.support.SupportEnterTicketPage;
 import org.cacert.gigi.pages.admin.support.SupportUserDetailsPage;
@@ -20,8 +22,9 @@ import org.junit.Test;
 
 public class TestSEAdminPageUserMailSearch extends ClientTest {
 
-    public TestSEAdminPageUserMailSearch() throws IOException {
-        grant(email, Group.SUPPORTER);
+    public TestSEAdminPageUserMailSearch() throws IOException, GigiApiException {
+        grant(u, Group.SUPPORTER);
+        cookie = login(email, TEST_PASSWORD);
         assertEquals(302, post(cookie, SupportEnterTicketPage.PATH, "ticketno=a20140808.8&setTicket=action", 0).getResponseCode());
     }
 
@@ -31,7 +34,7 @@ public class TestSEAdminPageUserMailSearch extends ClientTest {
         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
 
         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode(mail, "UTF-8"), 0);
-        assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id, uc.getHeaderField("Location"));
+        assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id + "/", uc.getHeaderField("Location"));
     }
 
     @Test
@@ -40,7 +43,7 @@ public class TestSEAdminPageUserMailSearch extends ClientTest {
         int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
 
         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example.tld", "UTF-8"), 0);
-        assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id, uc.getHeaderField("Location"));
+        assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id + "/", uc.getHeaderField("Location"));
     }
 
     @Test
@@ -52,8 +55,8 @@ public class TestSEAdminPageUserMailSearch extends ClientTest {
         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example.org", "UTF-8"), 0);
 
         String res = IOUtils.readURL(uc);
-        assertThat(res, containsString(SupportUserDetailsPage.PATH + id));
-        assertThat(res, containsString(SupportUserDetailsPage.PATH + id2));
+        assertThat(res, containsString(SupportUserDetailsPage.PATH + id + "/"));
+        assertThat(res, containsString(SupportUserDetailsPage.PATH + id2 + "/"));
     }
 
     @Test
@@ -66,8 +69,8 @@ public class TestSEAdminPageUserMailSearch extends ClientTest {
         URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@_xample.org", "UTF-8"), 0);
 
         String res = IOUtils.readURL(uc);
-        assertThat(res, containsString(SupportUserDetailsPage.PATH + id));
-        assertThat(res, containsString(SupportUserDetailsPage.PATH + id2));
+        assertThat(res, containsString(SupportUserDetailsPage.PATH + id + "/"));
+        assertThat(res, containsString(SupportUserDetailsPage.PATH + id2 + "/"));
     }
 
     @Test
@@ -82,4 +85,85 @@ public class TestSEAdminPageUserMailSearch extends ClientTest {
 
         assertNotNull(fetchStartErrorMessage(IOUtils.readURL(uc)));
     }
+
+    @Test
+    public void testSearchSecondEmailAddress() throws MalformedURLException, UnsupportedEncodingException, IOException, InterruptedException, GigiApiException {
+        String mail = createUniqueName() + "@example1.org";
+        int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
+        User testuser = User.getById(id);
+        String mail2 = createUniqueName() + "@example1.org";
+        createVerifiedEmail(testuser, mail2);
+
+        URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode(mail2, "UTF-8"), 0);
+        assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id + "/", uc.getHeaderField("Location"));
+    }
+
+    @Test
+    public void testWildcardMailSearchSecondEmailAddress() throws MalformedURLException, UnsupportedEncodingException, IOException, InterruptedException, GigiApiException {
+        clearCaches();
+        String mail = createUniqueName() + "@example2.org";
+        int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
+        User testuser = User.getById(id);
+        String mail2 = createUniqueName() + "@example2.org";
+        createVerifiedEmail(testuser, mail2);
+
+        URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example2.org", "UTF-8"), 0);
+
+        String res = IOUtils.readURL(uc);
+        assertThat(res, containsString(mail));
+        assertThat(res, containsString(mail2));
+    }
+
+    @Test
+    public void testWildcardMailSearchMultipleEmailAddressOneAccount() throws MalformedURLException, UnsupportedEncodingException, IOException, InterruptedException, GigiApiException {
+        clearCaches();
+        String mail = createUniqueName() + "@example3.org";
+        int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
+        User testuser = User.getById(id);
+        String mail2 = createUniqueName() + "@test3.org";
+        createVerifiedEmail(testuser, mail2);
+        String mail3 = createUniqueName() + "@test3.org";
+        createVerifiedEmail(testuser, mail3);
+
+        URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example3.org", "UTF-8"), 0);
+        assertEquals("https://" + ServerConstants.getWwwHostNamePortSecure() + SupportUserDetailsPage.PATH + id + "/", uc.getHeaderField("Location"));
+
+        uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@test3.org", "UTF-8"), 0);
+
+        String res = IOUtils.readURL(uc);
+        assertThat(res, not(containsString(mail)));
+        assertThat(res, containsString(mail2));
+        assertThat(res, containsString(mail3));
+    }
+
+    @Test
+    public void testWildcardMailSearchMultipleEmailAddressMultipleAccounts() throws MalformedURLException, UnsupportedEncodingException, IOException, InterruptedException, GigiApiException {
+        String mail = createUniqueName() + "1@example4.org";
+        int id = createVerifiedUser("Först", "Secönd", mail, TEST_PASSWORD);
+        User testuser = User.getById(id);
+        String mail2 = createUniqueName() + "@test4.org";
+        createVerifiedEmail(testuser, mail2);
+
+        String mail3 = createUniqueName() + "2@example4.org";
+        int id2 = createVerifiedUser("Först", "Secönd", mail3, TEST_PASSWORD);
+        User testuser2 = User.getById(id2);
+        String mail4 = createUniqueName() + "@test4.org";
+        createVerifiedEmail(testuser2, mail4);
+
+        URLConnection uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@example4.org", "UTF-8"), 0);
+
+        String res = IOUtils.readURL(uc);
+        assertThat(res, containsString(mail));
+        assertThat(res, not(containsString(mail2)));
+        assertThat(res, containsString(mail3));
+        assertThat(res, not(containsString(mail4)));
+
+        uc = post(cookie, FindUserByEmailPage.PATH, "process&email=" + URLEncoder.encode("%@test4.org", "UTF-8"), 0);
+
+        res = IOUtils.readURL(uc);
+        assertThat(res, not(containsString(mail)));
+        assertThat(res, containsString(mail2));
+        assertThat(res, not(containsString(mail3)));
+        assertThat(res, containsString(mail4));
+    }
 }
WPIA Certificate Web Issuance Platform