X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=tests%2Forg%2Fcacert%2Fgigi%2Fpages%2Fwot%2FTestAssurance.java;h=6a585abd4e1dc64acdae125289cc8bcb596be2b1;hp=03e499df6143e903ca0707897b6c295994758338;hb=a8a6c492e30d4202e499778b69a5354494f86f84;hpb=b2e7c5e9f23632503e7a6ec7f86e6d8279a39c93 diff --git a/tests/org/cacert/gigi/pages/wot/TestAssurance.java b/tests/org/cacert/gigi/pages/wot/TestAssurance.java index 03e499df..6a585abd 100644 --- a/tests/org/cacert/gigi/pages/wot/TestAssurance.java +++ b/tests/org/cacert/gigi/pages/wot/TestAssurance.java @@ -7,16 +7,15 @@ import java.io.IOException; import java.io.UnsupportedEncodingException; import java.net.HttpURLConnection; import java.net.MalformedURLException; -import java.net.URL; import java.net.URLConnection; import java.net.URLEncoder; -import java.sql.PreparedStatement; import java.sql.SQLException; import java.text.SimpleDateFormat; +import java.util.Calendar; import java.util.Date; import java.util.regex.Pattern; -import org.cacert.gigi.database.DatabaseConnection; +import org.cacert.gigi.pages.account.MyDetails; import org.cacert.gigi.testUtils.IOUtils; import org.cacert.gigi.testUtils.ManagedTest; import org.junit.Before; @@ -28,50 +27,52 @@ public class TestAssurance extends ManagedTest { private String assureeM; - private int assurer; - - private int assuree; - private String cookie; @Before public void setup() throws IOException { + clearCaches(); assurerM = createUniqueName() + "@cacert-test.org"; assureeM = createUniqueName() + "@cacert-test.org"; - assurer = createAssuranceUser("a", "b", assurerM, TEST_PASSWORD); - assuree = createAssuranceUser("a", "c", assureeM, TEST_PASSWORD); - cookie = login(assurerM, TEST_PASSWORD); + createAssuranceUser("a", "b", assurerM, TEST_PASSWORD); + createVerifiedUser("a", "c", assureeM, TEST_PASSWORD); + + cookie = login(assurerM, TEST_PASSWORD); } @Test public void testAssureSearch() throws IOException { String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910"); - assertTrue(loc, loc.contains("type=\"checkbox\" name=\"CCAAgreed\"")); + assertTrue(loc, loc.contains("type=\"checkbox\" name=\"tos_agree\"")); } @Test public void testAssureSearchEmail() throws IOException { String loc = search("email=1" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910"); - assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\"")); + assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"tos_agree\"")); + } + + @Test + public void testAssureSearchDobInvalid() throws IOException { + String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=mal"); + assertNotNull(fetchStartErrorMessage(loc)); } @Test public void testAssureSearchDob() throws IOException { String loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=2&month=1&year=1910"); - assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\"")); + assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"tos_agree\"")); loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=2&year=1910"); - assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\"")); + assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"tos_agree\"")); loc = search("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1911"); - assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"CCAAgreed\"")); + assertTrue(loc, !loc.contains("type=\"checkbox\" name=\"tos_agree\"")); } private String search(String query) throws MalformedURLException, IOException, UnsupportedEncodingException { - URL u = new URL("https://" + getServerName() + AssurePage.PATH); - URLConnection uc = u.openConnection(); + URLConnection uc = get(cookie, AssurePage.PATH); uc.setDoOutput(true); - uc.addRequestProperty("Cookie", cookie); - uc.getOutputStream().write(("search&" + query).getBytes()); + uc.getOutputStream().write(("search&" + query).getBytes("UTF-8")); uc.getOutputStream().flush(); return IOUtils.readURL(uc); @@ -79,15 +80,25 @@ public class TestAssurance extends ManagedTest { @Test public void testAssureForm() throws IOException { - String error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10"); + String error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&tos_agree=1&assertion=1&points=10"); assertNull(error); } + @Test + public void testAssureFormContanisData() throws IOException { + URLConnection uc = buildupAssureFormConnection(true); + uc.getOutputStream().write(("date=2000-01-01&location=testcase&rules=1&tos_agree=1&assertion=1&points=10").getBytes("UTF-8")); + uc.getOutputStream().flush(); + String data = IOUtils.readURL(uc); + assertThat(data, containsString("2000-01-01")); + assertThat(data, containsString("testcase")); + } + @Test public void testAssureFormNoCSRF() throws IOException { // override csrf HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false); - uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10").getBytes()); + uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&tos_agree=1&assertion=1&points=10").getBytes("UTF-8")); uc.getOutputStream().flush(); assertEquals(500, uc.getResponseCode()); } @@ -96,67 +107,105 @@ public class TestAssurance extends ManagedTest { public void testAssureFormWrongCSRF() throws IOException { // override csrf HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false); - uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10&csrf=aragc").getBytes()); + uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&tos_agree=1&assertion=1&points=10&csrf=aragc").getBytes("UTF-8")); uc.getOutputStream().flush(); assertEquals(500, uc.getResponseCode()); } @Test - public void testAssureFormRace() throws IOException, SQLException { + public void testAssureFormRaceName() throws IOException, SQLException { + testAssureFormRace(true, false); + } + + @Test + public void testAssureFormRaceDoB() throws IOException, SQLException { + testAssureFormRace(false, false); + } + + @Test + public void testAssureFormRaceNameBlind() throws IOException, SQLException { + testAssureFormRace(true, true); + } + + @Test + public void testAssureFormRaceDoBBlind() throws IOException, SQLException { + testAssureFormRace(false, true); + } + + public void testAssureFormRace(boolean name, boolean succeed) throws IOException, SQLException { URLConnection uc = buildupAssureFormConnection(true); - PreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE `users` SET email='changed' WHERE id=?"); - ps.setInt(1, assuree); - ps.execute(); - uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10").getBytes()); + + String assureeCookie = login(assureeM, TEST_PASSWORD); + String newName = "lname=" + (name && !succeed ? "a" : "c") + "&fname=a&mname=&suffix="; + String newDob = "day=1&month=1&year=" + ( !name && !succeed ? 1911 : 1910); + + assertNull(executeBasicWebInteraction(assureeCookie, MyDetails.PATH, newName + "&" + newDob + "&processDetails", 0)); + + uc.getOutputStream().write(("date=2000-01-01&location=testcase&certify=1&rules=1&tos_agree=1&assertion=1&points=10").getBytes("UTF-8")); uc.getOutputStream().flush(); String error = fetchStartErrorMessage(IOUtils.readURL(uc)); - assertTrue(error, !error.startsWith("")); + if (succeed) { + assertNull(error); + } else { + assertTrue(error, !error.startsWith("")); + assertThat(error, containsString("changed his personal details")); + } } @Test public void testAssureFormFuture() throws IOException { - SimpleDateFormat sdf = new SimpleDateFormat("YYYY"); + SimpleDateFormat sdf = new SimpleDateFormat("yyyy"); int year = Integer.parseInt(sdf.format(new Date(System.currentTimeMillis()))) + 2; - String error = getError("date=" + year + "-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10"); + String error = getError("date=" + year + "-01-01&location=testcase&certify=1&rules=1&tos_agree=1&assertion=1&points=10"); assertTrue(error, !error.startsWith("")); } + @Test + public void testAssureFormFutureOK() throws IOException { + SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); + Calendar c = Calendar.getInstance(); + c.setTimeInMillis(System.currentTimeMillis()); + c.add(Calendar.HOUR_OF_DAY, 12); + + String error = getError("date=" + sdf.format(new Date(c.getTimeInMillis())) + "&location=testcase&certify=1&rules=1&tos_agree=1&assertion=1&points=10"); + assertNull(error); + } + @Test public void testAssureFormNoLoc() throws IOException { - String error = getError("date=2000-01-01&location=a&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10"); + String error = getError("date=2000-01-01&location=a&certify=1&rules=1&tos_agree=1&assertion=1&points=10"); assertTrue(error, !error.startsWith("")); - error = getError("date=2000-01-01&location=&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10"); + error = getError("date=2000-01-01&location=&certify=1&rules=1&tos_agree=1&assertion=1&points=10"); assertTrue(error, !error.startsWith("")); } @Test public void testAssureFormInvalDate() throws IOException { - String error = getError("date=20000101&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10"); + String error = getError("date=20000101&location=testcase&certify=1&rules=1&tos_agree=1&assertion=1&points=10"); assertTrue(error, !error.startsWith("")); - error = getError("date=&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10"); + error = getError("date=&location=testcase&certify=1&rules=1&tos_agree=1&assertion=1&points=10"); assertTrue(error, !error.startsWith("")); } @Test public void testAssureFormBoxes() throws IOException { - String error = getError("date=2000-01-01&location=testcase&certify=0&rules=1&CCAAgreed=1&assertion=1&points=10"); + String error = getError("date=2000-01-01&location=testcase&certify=0&rules=1&tos_agree=1&assertion=1&points=10"); assertTrue(error, !error.startsWith("")); - error = getError("date=2000-01-01&location=testcase&certify=1&rules=&CCAAgreed=1&assertion=1&points=10"); + error = getError("date=2000-01-01&location=testcase&certify=1&rules=&tos_agree=1&assertion=1&points=10"); assertTrue(error, !error.startsWith("")); - error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=a&assertion=1&points=10"); + error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&tos_agree=a&assertion=1&points=10"); assertTrue(error, !error.startsWith("")); - error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=z&points=10"); + error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&tos_agree=1&assertion=z&points=10"); assertTrue(error, !error.startsWith("")); } @Test public void testAssureListingValid() throws IOException { String uniqueLoc = createUniqueName(); - String error = getError("date=2000-01-01&location=" + uniqueLoc + "&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10"); + String error = getError("date=2000-01-01&location=" + uniqueLoc + "&certify=1&rules=1&tos_agree=1&assertion=1&points=10"); assertNull(error); String cookie = login(assureeM, TEST_PASSWORD); - URLConnection url = new URL("https://" + getServerName() + MyPoints.PATH).openConnection(); - url.setRequestProperty("Cookie", cookie); + URLConnection url = get(cookie, MyPoints.PATH); String resp = IOUtils.readURL(url); resp = resp.split(Pattern.quote(""))[0]; assertThat(resp, containsString(uniqueLoc)); @@ -165,11 +214,10 @@ public class TestAssurance extends ManagedTest { @Test public void testAssurerListingValid() throws IOException { String uniqueLoc = createUniqueName(); - String error = getError("date=2000-01-01&location=" + uniqueLoc + "&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10"); + String error = getError("date=2000-01-01&location=" + uniqueLoc + "&certify=1&rules=1&tos_agree=1&assertion=1&points=10"); assertNull(error); String cookie = login(assurerM, TEST_PASSWORD); - URLConnection url = new URL("https://" + getServerName() + MyPoints.PATH).openConnection(); - url.setRequestProperty("Cookie", cookie); + URLConnection url = get(cookie, MyPoints.PATH); String resp = IOUtils.readURL(url); resp = resp.split(Pattern.quote(""))[1]; assertThat(resp, containsString(uniqueLoc)); @@ -177,25 +225,26 @@ public class TestAssurance extends ManagedTest { private String getError(String query) throws MalformedURLException, IOException { URLConnection uc = buildupAssureFormConnection(true); - uc.getOutputStream().write((query).getBytes()); + uc.getOutputStream().write((query).getBytes("UTF-8")); uc.getOutputStream().flush(); String error = fetchStartErrorMessage(IOUtils.readURL(uc)); return error; } private URLConnection buildupAssureFormConnection(boolean doCSRF) throws MalformedURLException, IOException { - URL u = new URL("https://" + getServerName() + AssurePage.PATH); - URLConnection uc = u.openConnection(); - uc.addRequestProperty("Cookie", cookie); + return buildupAssureFormConnection(cookie, assureeM, doCSRF); + } + + public static URLConnection buildupAssureFormConnection(String cookie, String email, boolean doCSRF) throws MalformedURLException, IOException { + URLConnection uc = get(cookie, AssurePage.PATH); uc.setDoOutput(true); - uc.getOutputStream().write(("email=" + URLEncoder.encode(assureeM, "UTF-8") + "&day=1&month=1&year=1910&search").getBytes()); + uc.getOutputStream().write(("email=" + URLEncoder.encode(email, "UTF-8") + "&day=1&month=1&year=1910&search").getBytes("UTF-8")); String csrf = getCSRF(uc); - uc = u.openConnection(); - uc.addRequestProperty("Cookie", cookie); + uc = get(cookie, AssurePage.PATH); uc.setDoOutput(true); if (doCSRF) { - uc.getOutputStream().write(("csrf=" + csrf + "&").getBytes()); + uc.getOutputStream().write(("csrf=" + csrf + "&").getBytes("UTF-8")); } return uc; }