From 8a084b1f2eb03d4d3e76a9606ac7524fb8f0076d Mon Sep 17 00:00:00 2001
From: Denis Natusch <denis.natusch@mailbox.tu-dresden.de>
Date: Thu, 23 Nov 2023 23:31:50 +0100
Subject: [PATCH] Add test for form validator

The validator requires some changes to already existing tests.

Co-authored-by: Simon Bruder <simon.bruder@mailbox.tu-dresden.de>
---
 src/main/java/catering/users/User.java        |  21 ++
 .../users/UserControllerIntegrationTests.java | 224 ++++++++++++++++--
 2 files changed, 231 insertions(+), 14 deletions(-)

diff --git a/src/main/java/catering/users/User.java b/src/main/java/catering/users/User.java
index 3ca5caa..fb3213c 100644
--- a/src/main/java/catering/users/User.java
+++ b/src/main/java/catering/users/User.java
@@ -71,4 +71,25 @@ public class User {
 	public boolean hasRole(String role) {
 		return userAccount.getRoles().stream().toList().contains(Role.of(role));
 	}
+
+	// Der Ficker muss so. -- sbruder
+	@Override
+	public int hashCode() {
+		final int prime = 31;
+		int result = 1;
+		result = prime * result + ((id == null) ? 0 : id.hashCode());
+		result = prime * result + ((address == null) ? 0 : address.hashCode());
+		result = prime * result + ((fullName == null) ? 0 : fullName.hashCode());
+		result = prime * result + ((userAccount == null) ? 0 : userAccount.getId().hashCode());
+		return result;
+	}
+
+	@Override
+	public boolean equals(Object obj) {
+		if (obj instanceof User other) {
+			return address.equals(other.address) && fullName.equals(other.fullName)
+					&& userAccount.getPassword().equals(other.userAccount.getPassword());
+		}
+		return false;
+	}
 }
diff --git a/src/test/java/catering/users/UserControllerIntegrationTests.java b/src/test/java/catering/users/UserControllerIntegrationTests.java
index d4cd6c1..6f81ebc 100644
--- a/src/test/java/catering/users/UserControllerIntegrationTests.java
+++ b/src/test/java/catering/users/UserControllerIntegrationTests.java
@@ -1,16 +1,26 @@
 package catering.users;
 
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.tuple;
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
+import org.salespointframework.useraccount.UserAccountManagement;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
-
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
+import org.springframework.security.test.context.support.WithAnonymousUser;
 
 @AutoConfigureMockMvc
 @SpringBootTest
@@ -18,25 +28,211 @@ class UserControllerIntegrationTests {
 	@Autowired
 	MockMvc mvc;
 
+	@Autowired
+	private UserManagement userManagement;
+
+	@Autowired
+	private UserAccountManagement userAccountManagement;
+
+	void createTestUser(String name) {
+		if (userAccountManagement.findByUsername(name).isEmpty()) {
+			userManagement.createCustomer(name, "Baum Weg", "123",
+					name.substring(0, 1).toUpperCase() + name.substring(1) + " Klaus");
+		}
+	}
+
 	@BeforeEach
-	void init() throws Exception {
-		MockHttpServletRequestBuilder createCustomer = post("/register")
-			.param("username", "dieter")
-			.param("password", "123")
-			.param("fullName", "Dieter")
-			.param("address", "Baum Weg");
-		mvc.perform(createCustomer);
+	void setup() throws Exception {
+		createTestUser("dieter");
+		createTestUser("hans");
+		createTestUser("tim");
+		createTestUser("gina");
+		createTestUser("mona");
+		createTestUser("john");
+		createTestUser("stefan");
+	}
+
+	@Test
+	@WithMockUser(username = "john", password = "123")
+	void profileLoadsProperly() throws Exception {
+		mvc.perform(get("/profile"))
+				.andExpect(status().isOk())
+				.andExpect(content().string(containsString("john")))
+				.andExpect(content().string(containsString("John Klaus")))
+				.andExpect(content().string(containsString("Baum Weg")));
 	}
 
 	@Test
 	@WithMockUser(username = "dieter", password = "123")
 	void redirectAfterChangingOwnUsernameWithDifferentUsername() throws Exception {
 		MockHttpServletRequestBuilder createMessage = post("/profile")
-			.param("username", "diete")
-			.param("password", "123")
-			.param("fullName", "Dieter")
-			.param("address", "Baum Weg");
+				.param("username", "diete")
+				.param("password", "123")
+				.param("fullName", "Dieter")
+				.param("address", "Baum Weg");
 		mvc.perform(createMessage).andExpect(redirectedUrl("/logout"));
+		assertTrue(userAccountManagement.findByUsername("diete").isPresent());
+		assertFalse(userAccountManagement.findByUsername("dieter").isPresent());
 	}
 
+	@Test
+	@WithMockUser(username = "hans", password = "123")
+	void profileRefuseNullByte() throws Exception {
+		User pre = userManagement.getUserByName("hans").get();
+
+		mvc.perform(post("/profile")
+				.param("username", "hansi")
+				.param("password", "\0")
+				.param("fullName", "Hans Klaus")
+				.param("address", "Baum Weg"))
+				.andExpect(status().isOk())
+				.andExpect(content().string(containsString("Ungültiges Passwort")));
+
+		User post = userManagement.getUserByName("hans").get();
+
+		assertThat(pre).isEqualTo(post);
+	}
+
+	@Test
+	@WithMockUser(username = "tim", password = "123")
+	void allowEmptyPasswordInProfile() throws Exception {
+		String streetPre = userManagement.getUserByName("tim").get().getAddress();
+
+		MockHttpServletRequestBuilder createMessage = post("/profile")
+				.param("username", "tim")
+				.param("password", "")
+				.param("fullName", "Tim Klaus")
+				.param("address", "Baum Straße");
+		mvc.perform(createMessage)
+				.andExpect(status().is3xxRedirection())
+				.andExpect(redirectedUrl("/profile"));
+
+		String streetPost = userManagement.getUserByName("tim").get().getAddress();
+
+		assertThat(streetPost).isNotEqualTo(streetPre);
+	}
+
+	// This test is necessary, because the password in the profile form is not
+	// valided by "validationutils"
+	@Test
+	@WithMockUser(username = "mona", password = "123")
+	void refuseNullPasswordInProfile() throws Exception {
+		assertTrue(userManagement.getUserByName("mona").isPresent());
+		assertFalse(userManagement.getUserByName("mon").isPresent());
+		MockHttpServletRequestBuilder createMessage = post("/profile")
+				.param("username", "mon")
+				// .param("password", null) can be achieved by simply not setting the password
+				// parameter
+				.param("fullName", "Mona Klaus")
+				.param("address", "Baum Straße");
+		mvc.perform(createMessage)
+				.andExpect(status().isOk())
+				.andExpect(content().string(containsString("Ungültiges Passwort")));
+		assertTrue(userAccountManagement.findByUsername("mona").isPresent());
+		assertFalse(userAccountManagement.findByUsername("mon").isPresent());
+
+	}
+
+	@Test
+	@WithMockUser(username = "gina", password = "123")
+	void updateEverythingInProfile() throws Exception {
+		assertTrue(userManagement.getUserByName("gina").isPresent());
+		assertFalse(userManagement.getUserByName("giina").isPresent());
+		MockHttpServletRequestBuilder createMessage = post("/profile")
+				.param("username", "giina")
+				.param("password", "gina")
+				.param("fullName", "Gina")
+				.param("address", "Hotel");
+		mvc.perform(createMessage)
+				.andExpect(status().is3xxRedirection())
+				.andExpect(redirectedUrl("/logout"));
+		assertFalse(userAccountManagement.findByUsername("gina").isPresent());
+		assertThat(userManagement.getUsers().findAll())
+				.extracting("username", "fullName", "address")
+				.contains(tuple("giina", "Gina", "Hotel"));
+		MockHttpServletRequestBuilder login = post("/login")
+				.param("username", "giina")
+				.param("password", "gina");
+		mvc.perform(login)
+				.andExpect(status().is3xxRedirection())
+				.andExpect(redirectedUrl("/"));
+	}
+
+	@Test
+	@WithMockUser(username = "stefan", password = "123")
+	void updateEverythingInProfileWrong() throws Exception {
+		assertTrue(userManagement.getUserByName("stefan").isPresent());
+		mvc.perform(post("/profile"))
+				.andExpect(status().isOk())
+				.andExpect(content().string(containsString("Ungültiger Nutzername")))
+				.andExpect(content().string(containsString("Ungültiges Passwort")))
+				.andExpect(content().string(containsString("Ungültiger Name")))
+				.andExpect(content().string(containsString("Ungültige Addresse")));
+		assertFalse(userAccountManagement.findByUsername("steafan").isPresent());
+		assertThat(userManagement.getUsers().findAll())
+				.extracting("username", "fullName", "address")
+				.contains(tuple("stefan", "Stefan Klaus", "Baum Weg"));
+	}
+
+	@Test
+	@WithAnonymousUser
+	void refuseEmptyPasswordDuringRegistration() throws Exception {
+		MockHttpServletRequestBuilder createEmptyCustomer = post("/register")
+				.param("username", "emptyCustomer")
+				.param("password", "")
+				.param("fullName", "Dieter")
+				.param("address", "Baum Weg");
+		mvc.perform(createEmptyCustomer)
+				.andExpect(status().isOk())
+				.andExpect(content().string(containsString("Ungültiges Passwort")));
+		assertFalse(userAccountManagement.findByUsername("emptyCustomer").isPresent());
+	}
+
+	@Test
+	@WithAnonymousUser
+	void createCustomer() throws Exception {
+		assertFalse(userAccountManagement.findByUsername("tom").isPresent());
+		MockHttpServletRequestBuilder createCustomer = post("/register")
+				.param("username", "tom")
+				.param("password", "123")
+				.param("fullName", "Tom Klaus")
+				.param("address", "Baum Weg");
+		mvc.perform(createCustomer);
+		assertTrue(userAccountManagement.findByUsername("tom").isPresent());
+		assertThat(userManagement.getUsers().findAll())
+				.extracting("username", "fullName", "address")
+				.contains(tuple("tom", "Tom Klaus", "Baum Weg"));
+	}
+
+	@Test
+	@WithAnonymousUser
+	void registrationRefuseNullByte() throws Exception {
+		MockHttpServletRequestBuilder createNullCustomer = post("/register")
+				.param("username", "didi")
+				.param("password", "\0")
+				.param("fullName", "Dieter")
+				.param("address", "Baum Weg");
+		mvc.perform(createNullCustomer)
+				.andExpect(status().isOk())
+				.andExpect(content().string(containsString("Ungültiges Passwort")));
+		assertFalse(userAccountManagement.findByUsername("didi").isPresent());
+	}
+
+	@Test
+	@WithAnonymousUser
+	void registrationFormLoadsProperly() throws Exception {
+		mvc.perform(get("/register"))
+				.andExpect(status().isOk());
+	}
+
+	@Test
+	@WithAnonymousUser
+	void registerTotallyWrong() throws Exception {
+		mvc.perform(post("/register"))
+				.andExpect(status().isOk())
+				.andExpect(content().string(containsString("Ungültiger Nutzername")))
+				.andExpect(content().string(containsString("Ungültiges Passwort")))
+				.andExpect(content().string(containsString("Ungültiger Name")))
+				.andExpect(content().string(containsString("Ungültige Addresse")));
+	}
 }