r3453 - trunk/pollen-ui-struts2-test/src/test/java/org/chorem/pollen/ui/security - Pollen-commits

12 Jun 2012

Author: ymartel
Date: 2012-06-12 16:25:28 +0200 (Tue, 12 Jun 2012)
New Revision: 3453

Url: http://chorem.org/repositories/revision/pollen/3453

Log:
refs #606 : add tests for security access

Added:
   trunk/pollen-ui-struts2-test/src/test/java/org/chorem/pollen/ui/security/SecurityAccessSIT.java

Added: trunk/pollen-ui-struts2-test/src/test/java/org/chorem/pollen/ui/security/SecurityAccessSIT.java
===================================================================

--- trunk/pollen-ui-struts2-test/src/test/java/org/chorem/pollen/ui/security/SecurityAccessSIT.java	                        (rev 0)
+++ trunk/pollen-ui-struts2-test/src/test/java/org/chorem/pollen/ui/security/SecurityAccessSIT.java	2012-06-12 14:25:28 UTC (rev 3453)
@@ -0,0 +1,244 @@
+package org.chorem.pollen.ui.security;
+
+import org.chorem.pollen.ui.PollenBaseWebDriverIT;
+import org.junit.Assert;
+import org.junit.Test;
+import org.openqa.selenium.By;
+import org.openqa.selenium.WebDriver;
+import org.openqa.selenium.WebElement;
+
+/**
+ * Test the security on some restricted pages :
+ *
+ * <ul>
+ * <li>Access to "connected pages" when connected (OK)</li>
+ * <li>Access to "connected pages" when not connected (KO)</li>
+ * <li>Access to "admin pages" when not connected (KO)</li>
+ * <li>Access to "admin pages" when not connected as admin (KO)</li>
+ * <li>Access to "admin pages" when connected as admin (OK)</li>
+ * </ul>
+ *
+ * TODO ymartel 2012/06/12
+ * Should check those security access to :
+ * <ul>
+ * <li>Access to "poll page" with a good pollId (OK)</li>
+ * <li>Access to "poll page" with a bad pollId (KO)</li>
+ * <li>Access to "restricted poll page" with a good accountId (OK)</li>
+ * <li>Access to "restricted poll page" with a bad accountId (KO)</li>
+ * </ul>
+ *
+ * @author ymartel <martel@codelutin.com>
+ */
+public class SecurityAccessSIT extends PollenBaseWebDriverIT {
+
+    public SecurityAccessSIT(Class<? extends WebDriver> driverType) {
+        super(driverType);
+    }
+
+    protected final String CREATEDLIST_URL = "http://localhost:8080/pollen/user/createdList";
+    protected final String INVITEDLIST_URL = "http://localhost:8080/pollen/user/invitedList";
+    protected final String PARTICIPATEDLIST_URL = "http://localhost:8080/pollen/user/participatedList";
+    protected final String FAVORITELIST_URL = "http://localhost:8080/pollen/user/favoriteLists";
+    protected final String ADMIN_POLLSLIST_URL = "http://localhost:8080/pollen/admin/pollsList";
+    protected final String ADMIN_USERSLIST_URL = "http://localhost:8080/pollen/admin/usersList";
+    protected final String CONNECTEDREQUIRED_URL = "http://localhost:8080/pollen/security/connected_required";
+    protected final String ADMINREQUIRED_URL = "http://localhost:8080/pollen/security/admin_required";
+
+    /**
+     * This test :
+     * <ol>
+     * <li>Connect the user "user"</li>
+     * <li>Try to access to createdList page</li>
+     * <li>Try to access to invitedList page</li>
+     * <li>Try to access to participatedList page</li>
+     * <li>Try to access to favoriteLists page</li>
+     * </ol>
+     *
+     * All the page should be accessed.
+     *
+     * @throws Exception
+     */
+    @Test
+    public void accessConnectedPageAsUser() throws Exception {
+
+        WebDriver driver = getDriver();
+
+        if (log.isInfoEnabled()) {
+            log.info("Login url : " + driver.getCurrentUrl());
+        }
+        // login as user
+        connect(driver, "user", "user");
+
+        // try to access to createdList page, current url should be good one
+        driver.get(CREATEDLIST_URL);
+        Assert.assertEquals(CREATEDLIST_URL, driver.getCurrentUrl());
+
+        // try to access to participatedList page, current url should be good one
+        driver.get(PARTICIPATEDLIST_URL);
+        Assert.assertEquals(PARTICIPATEDLIST_URL, driver.getCurrentUrl());
+
+        // try to access to invitedList page, current url should be good one
+        driver.get(INVITEDLIST_URL);
+        Assert.assertEquals(INVITEDLIST_URL, driver.getCurrentUrl());
+
+        // try to access to favoriteLists page, current url should be good one
+        driver.get(FAVORITELIST_URL);
+        Assert.assertEquals(FAVORITELIST_URL, driver.getCurrentUrl());
+        
+    }
+
+    /**
+     * This test :
+     * <ol>
+     * <li>Don't login</li>
+     * <li>Try to access to createdList page</li>
+     * <li>Try to access to invitedList page</li>
+     * <li>Try to access to participatedList page</li>
+     * <li>Try to access to favoriteLists page</li>
+     * </ol>
+     *
+     * All the page should be redirected to connected_required page.
+     *
+     * @throws Exception
+     */
+    @Test
+    public void accessConnectedPageAsAnonymous() throws Exception {
+
+        WebDriver driver = getDriver();
+
+        // try to access to createdList page, current url should be the connected_required one
+        driver.get(CREATEDLIST_URL);
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(CONNECTEDREQUIRED_URL));
+
+        // try to access to participatedList page, current url should be the connected_required one
+        driver.get(PARTICIPATEDLIST_URL);
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(CONNECTEDREQUIRED_URL));
+
+        // try to access to invitedList page, current url should be the connected_required one
+        driver.get(INVITEDLIST_URL);
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(CONNECTEDREQUIRED_URL));
+
+        // try to access to favoriteLists page, current url should be the connected_required one
+        driver.get(FAVORITELIST_URL);
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(CONNECTEDREQUIRED_URL));
+
+    }
+
+    /**
+     * This test :
+     * <ol>
+     * <li>Don't login</li>
+     * <li>Try to access to admin polls list page</li>
+     * <li>Try to access to admin users list page</li>
+     * </ol>
+     *
+     * All the page should be redirected to connected_required page.
+     *
+     * @throws Exception
+     */
+    @Test
+    public void accessAdminPageAsAnonymous() throws Exception {
+
+        WebDriver driver = getDriver();
+
+        // try to access to admin polls list page, current url should be the connected_required one
+        driver.get(ADMIN_POLLSLIST_URL);
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(CONNECTEDREQUIRED_URL));
+
+        // try to access to admin users list page, current url should be the connected_required one
+        driver.get(ADMIN_USERSLIST_URL);
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(CONNECTEDREQUIRED_URL));
+
+    }
+
+    /**
+     * This test :
+     * <ol>
+     * <li>Login as lambda user</li>
+     * <li>Try to access to admin polls list page</li>
+     * <li>Try to access to admin users list page</li>
+     * </ol>
+     *
+     * All the page should be redirected to admin_required page.
+     *
+     * @throws Exception
+     */
+    @Test
+    public void accessAdminPageAsUser() throws Exception {
+
+        WebDriver driver = getDriver();
+
+        // login as user
+        connect(driver, "user", "user");
+
+        // try to access to admin polls list page, current url should be the admin_required one
+        driver.get(ADMIN_POLLSLIST_URL);
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(ADMINREQUIRED_URL));
+
+        // try to access to admin users list page, current url should be the admin_required one
+        driver.get(ADMIN_USERSLIST_URL);
+        Assert.assertTrue(driver.getCurrentUrl().startsWith(ADMINREQUIRED_URL));
+
+    }
+
+    /**
+     * This test :
+     * <ol>
+     * <li>Login as admin</li>
+     * <li>Try to access to admin polls list page</li>
+     * <li>Try to access to admin users list page</li>
+     * </ol>
+     *
+     * All the page should be accessed.
+     *
+     * @throws Exception
+     */
+    @Test
+    public void accessAdminPageAsAdmin() throws Exception {
+
+        WebDriver driver = getDriver();
+
+        // login as user
+        connect(driver, "admin", "admin");
+
+        // try to access to admin polls list page, current url should be good one
+        driver.get(ADMIN_POLLSLIST_URL);
+        Assert.assertEquals(ADMIN_POLLSLIST_URL, driver.getCurrentUrl());
+
+        // try to access to admin users list page, current url should be good one
+        driver.get(ADMIN_USERSLIST_URL);
+        Assert.assertEquals(ADMIN_USERSLIST_URL, driver.getCurrentUrl());
+
+    }
+
+    /**
+     * Connect as the user named "user"
+     * 
+     * @param driver : the {@link WebDriver} of the current test
+     */
+    protected void connect(WebDriver driver, String username, String pwd) {
+
+        // Go on home page
+        driver.get("http://localhost:8080/pollen/home");
+
+        // click on tologin element (display the login form)
+        WebElement loginClick = driver.findElement(By.id("tologin"));
+        Assert.assertNotNull(loginClick);
+        loginClick.click();
+
+        // Find the text input element by its name
+        WebElement login = driver.findElement(By.name("login"));
+        Assert.assertEquals("input", login.getTagName());
+        Assert.assertTrue(login.isDisplayed());
+        login.sendKeys(username);
+
+        WebElement password = driver.findElement(By.name("password"));
+        Assert.assertTrue(password.isDisplayed());
+        Assert.assertEquals("input", password.getTagName());
+        password.sendKeys(pwd);
+
+        WebElement submit = driver.findElement(By.name("action:login"));
+        submit.click();
+    }
+
+}

    

r3453 - trunk/pollen-ui-struts2-test/src/test/java/org/chorem/pollen/ui/security

ymartel＠users.chorem.org

tags

participants (1)