add: defense-in-depth mechanism to prevent unauthorized adding of groups

[gigi.git] / tests / org / cacert / gigi / pages / wot / TestTTP.java

diff --git a/tests/org/cacert/gigi/pages/wot/TestTTP.java b/tests/org/cacert/gigi/pages/wot/TestTTP.java
index f1180800419ba663acca8a0aa5a477c2658f1d8d..0d3763868fd25b15383ef4fa833394b4e2c2b8d5 100644 (file)
--- a/tests/org/cacert/gigi/pages/wot/TestTTP.java
+++ b/tests/org/cacert/gigi/pages/wot/TestTTP.java
@@ -1,36 +1,29 @@
 package org.cacert.gigi.pages.wot;
 
+import static org.hamcrest.CoreMatchers.*;
+import static org.junit.Assert.*;
+
 import java.io.IOException;
-import java.net.URL;
 
 import org.cacert.gigi.GigiApiException;
 import org.cacert.gigi.dbObjects.Group;
 import org.cacert.gigi.dbObjects.ObjectCache;
 import org.cacert.gigi.dbObjects.User;
+import org.cacert.gigi.testUtils.ClientTest;
 import org.cacert.gigi.testUtils.IOUtils;
-import org.cacert.gigi.testUtils.ManagedTest;
 import org.junit.Test;
 
-import static org.junit.Assert.*;
-import static org.hamcrest.CoreMatchers.*;
-
-public class TestTTP extends ManagedTest {
-
-    User u = User.getById(createVerifiedUser("fn", "ln", "test-" + createUniqueName() + "@example.org", TEST_PASSWORD));
-
-    String cookie = login(u.getEmail(), TEST_PASSWORD);
-
-    URL ttpPage = new URL("https://" + getServerName() + RequestTTPPage.PATH);
+public class TestTTP extends ClientTest {
 
     public TestTTP() throws IOException {}
 
     @Test
     public void testTTPApply() throws IOException {
-        String ttp = IOUtils.readURL(cookie(ttpPage.openConnection(), cookie));
+        String ttp = IOUtils.readURL(get(RequestTTPPage.PATH));
         assertThat(ttp, containsString("<form"));
-        executeBasicWebInteraction(cookie, RequestTTPPage.PATH, "country=0");
+        assertNull(executeBasicWebInteraction(cookie, RequestTTPPage.PATH, "country=0"));
 
-        ttp = IOUtils.readURL(cookie(new URL("https://" + getServerName() + RequestTTPPage.PATH).openConnection(), cookie));
+        ttp = IOUtils.readURL(get(RequestTTPPage.PATH));
         assertThat(ttp, not(containsString("<form")));
         ObjectCache.clearAllCaches();
         u = User.getById(u.getId());
@@ -42,7 +35,7 @@ public class TestTTP extends ManagedTest {
         User u = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@example.org", TEST_PASSWORD));
         cookie = login(u.getEmail(), TEST_PASSWORD);
 
-        String ttp = IOUtils.readURL(cookie(new URL("https://" + getServerName() + RequestTTPPage.PATH).openConnection(), cookie));
+        String ttp = IOUtils.readURL(get(RequestTTPPage.PATH));
         assertThat(ttp, not(containsString("<form")));
     }
 }