From 8a084b1f2eb03d4d3e76a9606ac7524fb8f0076d Mon Sep 17 00:00:00 2001 From: Denis Natusch Date: Thu, 23 Nov 2023 23:31:50 +0100 Subject: [PATCH] Add test for form validator The validator requires some changes to already existing tests. Co-authored-by: Simon Bruder --- src/main/java/catering/users/User.java | 21 ++ .../users/UserControllerIntegrationTests.java | 224 ++++++++++++++++-- 2 files changed, 231 insertions(+), 14 deletions(-) diff --git a/src/main/java/catering/users/User.java b/src/main/java/catering/users/User.java index 3ca5caa..fb3213c 100644 --- a/src/main/java/catering/users/User.java +++ b/src/main/java/catering/users/User.java @@ -71,4 +71,25 @@ public class User { public boolean hasRole(String role) { return userAccount.getRoles().stream().toList().contains(Role.of(role)); } + + // Der Ficker muss so. -- sbruder + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((id == null) ? 0 : id.hashCode()); + result = prime * result + ((address == null) ? 0 : address.hashCode()); + result = prime * result + ((fullName == null) ? 0 : fullName.hashCode()); + result = prime * result + ((userAccount == null) ? 0 : userAccount.getId().hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (obj instanceof User other) { + return address.equals(other.address) && fullName.equals(other.fullName) + && userAccount.getPassword().equals(other.userAccount.getPassword()); + } + return false; + } } diff --git a/src/test/java/catering/users/UserControllerIntegrationTests.java b/src/test/java/catering/users/UserControllerIntegrationTests.java index d4cd6c1..6f81ebc 100644 --- a/src/test/java/catering/users/UserControllerIntegrationTests.java +++ b/src/test/java/catering/users/UserControllerIntegrationTests.java @@ -1,16 +1,26 @@ package catering.users; +import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.tuple; +import static org.hamcrest.CoreMatchers.containsString; +import static org.junit.jupiter.api.Assertions.assertFalse; +import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; + import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; +import org.salespointframework.useraccount.UserAccountManagement; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.security.test.context.support.WithMockUser; import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder; - -import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl; +import org.springframework.security.test.context.support.WithAnonymousUser; @AutoConfigureMockMvc @SpringBootTest @@ -18,25 +28,211 @@ class UserControllerIntegrationTests { @Autowired MockMvc mvc; + @Autowired + private UserManagement userManagement; + + @Autowired + private UserAccountManagement userAccountManagement; + + void createTestUser(String name) { + if (userAccountManagement.findByUsername(name).isEmpty()) { + userManagement.createCustomer(name, "Baum Weg", "123", + name.substring(0, 1).toUpperCase() + name.substring(1) + " Klaus"); + } + } + @BeforeEach - void init() throws Exception { - MockHttpServletRequestBuilder createCustomer = post("/register") - .param("username", "dieter") - .param("password", "123") - .param("fullName", "Dieter") - .param("address", "Baum Weg"); - mvc.perform(createCustomer); + void setup() throws Exception { + createTestUser("dieter"); + createTestUser("hans"); + createTestUser("tim"); + createTestUser("gina"); + createTestUser("mona"); + createTestUser("john"); + createTestUser("stefan"); + } + + @Test + @WithMockUser(username = "john", password = "123") + void profileLoadsProperly() throws Exception { + mvc.perform(get("/profile")) + .andExpect(status().isOk()) + .andExpect(content().string(containsString("john"))) + .andExpect(content().string(containsString("John Klaus"))) + .andExpect(content().string(containsString("Baum Weg"))); } @Test @WithMockUser(username = "dieter", password = "123") void redirectAfterChangingOwnUsernameWithDifferentUsername() throws Exception { MockHttpServletRequestBuilder createMessage = post("/profile") - .param("username", "diete") - .param("password", "123") - .param("fullName", "Dieter") - .param("address", "Baum Weg"); + .param("username", "diete") + .param("password", "123") + .param("fullName", "Dieter") + .param("address", "Baum Weg"); mvc.perform(createMessage).andExpect(redirectedUrl("/logout")); + assertTrue(userAccountManagement.findByUsername("diete").isPresent()); + assertFalse(userAccountManagement.findByUsername("dieter").isPresent()); } + @Test + @WithMockUser(username = "hans", password = "123") + void profileRefuseNullByte() throws Exception { + User pre = userManagement.getUserByName("hans").get(); + + mvc.perform(post("/profile") + .param("username", "hansi") + .param("password", "\0") + .param("fullName", "Hans Klaus") + .param("address", "Baum Weg")) + .andExpect(status().isOk()) + .andExpect(content().string(containsString("Ungültiges Passwort"))); + + User post = userManagement.getUserByName("hans").get(); + + assertThat(pre).isEqualTo(post); + } + + @Test + @WithMockUser(username = "tim", password = "123") + void allowEmptyPasswordInProfile() throws Exception { + String streetPre = userManagement.getUserByName("tim").get().getAddress(); + + MockHttpServletRequestBuilder createMessage = post("/profile") + .param("username", "tim") + .param("password", "") + .param("fullName", "Tim Klaus") + .param("address", "Baum Straße"); + mvc.perform(createMessage) + .andExpect(status().is3xxRedirection()) + .andExpect(redirectedUrl("/profile")); + + String streetPost = userManagement.getUserByName("tim").get().getAddress(); + + assertThat(streetPost).isNotEqualTo(streetPre); + } + + // This test is necessary, because the password in the profile form is not + // valided by "validationutils" + @Test + @WithMockUser(username = "mona", password = "123") + void refuseNullPasswordInProfile() throws Exception { + assertTrue(userManagement.getUserByName("mona").isPresent()); + assertFalse(userManagement.getUserByName("mon").isPresent()); + MockHttpServletRequestBuilder createMessage = post("/profile") + .param("username", "mon") + // .param("password", null) can be achieved by simply not setting the password + // parameter + .param("fullName", "Mona Klaus") + .param("address", "Baum Straße"); + mvc.perform(createMessage) + .andExpect(status().isOk()) + .andExpect(content().string(containsString("Ungültiges Passwort"))); + assertTrue(userAccountManagement.findByUsername("mona").isPresent()); + assertFalse(userAccountManagement.findByUsername("mon").isPresent()); + + } + + @Test + @WithMockUser(username = "gina", password = "123") + void updateEverythingInProfile() throws Exception { + assertTrue(userManagement.getUserByName("gina").isPresent()); + assertFalse(userManagement.getUserByName("giina").isPresent()); + MockHttpServletRequestBuilder createMessage = post("/profile") + .param("username", "giina") + .param("password", "gina") + .param("fullName", "Gina") + .param("address", "Hotel"); + mvc.perform(createMessage) + .andExpect(status().is3xxRedirection()) + .andExpect(redirectedUrl("/logout")); + assertFalse(userAccountManagement.findByUsername("gina").isPresent()); + assertThat(userManagement.getUsers().findAll()) + .extracting("username", "fullName", "address") + .contains(tuple("giina", "Gina", "Hotel")); + MockHttpServletRequestBuilder login = post("/login") + .param("username", "giina") + .param("password", "gina"); + mvc.perform(login) + .andExpect(status().is3xxRedirection()) + .andExpect(redirectedUrl("/")); + } + + @Test + @WithMockUser(username = "stefan", password = "123") + void updateEverythingInProfileWrong() throws Exception { + assertTrue(userManagement.getUserByName("stefan").isPresent()); + mvc.perform(post("/profile")) + .andExpect(status().isOk()) + .andExpect(content().string(containsString("Ungültiger Nutzername"))) + .andExpect(content().string(containsString("Ungültiges Passwort"))) + .andExpect(content().string(containsString("Ungültiger Name"))) + .andExpect(content().string(containsString("Ungültige Addresse"))); + assertFalse(userAccountManagement.findByUsername("steafan").isPresent()); + assertThat(userManagement.getUsers().findAll()) + .extracting("username", "fullName", "address") + .contains(tuple("stefan", "Stefan Klaus", "Baum Weg")); + } + + @Test + @WithAnonymousUser + void refuseEmptyPasswordDuringRegistration() throws Exception { + MockHttpServletRequestBuilder createEmptyCustomer = post("/register") + .param("username", "emptyCustomer") + .param("password", "") + .param("fullName", "Dieter") + .param("address", "Baum Weg"); + mvc.perform(createEmptyCustomer) + .andExpect(status().isOk()) + .andExpect(content().string(containsString("Ungültiges Passwort"))); + assertFalse(userAccountManagement.findByUsername("emptyCustomer").isPresent()); + } + + @Test + @WithAnonymousUser + void createCustomer() throws Exception { + assertFalse(userAccountManagement.findByUsername("tom").isPresent()); + MockHttpServletRequestBuilder createCustomer = post("/register") + .param("username", "tom") + .param("password", "123") + .param("fullName", "Tom Klaus") + .param("address", "Baum Weg"); + mvc.perform(createCustomer); + assertTrue(userAccountManagement.findByUsername("tom").isPresent()); + assertThat(userManagement.getUsers().findAll()) + .extracting("username", "fullName", "address") + .contains(tuple("tom", "Tom Klaus", "Baum Weg")); + } + + @Test + @WithAnonymousUser + void registrationRefuseNullByte() throws Exception { + MockHttpServletRequestBuilder createNullCustomer = post("/register") + .param("username", "didi") + .param("password", "\0") + .param("fullName", "Dieter") + .param("address", "Baum Weg"); + mvc.perform(createNullCustomer) + .andExpect(status().isOk()) + .andExpect(content().string(containsString("Ungültiges Passwort"))); + assertFalse(userAccountManagement.findByUsername("didi").isPresent()); + } + + @Test + @WithAnonymousUser + void registrationFormLoadsProperly() throws Exception { + mvc.perform(get("/register")) + .andExpect(status().isOk()); + } + + @Test + @WithAnonymousUser + void registerTotallyWrong() throws Exception { + mvc.perform(post("/register")) + .andExpect(status().isOk()) + .andExpect(content().string(containsString("Ungültiger Nutzername"))) + .andExpect(content().string(containsString("Ungültiges Passwort"))) + .andExpect(content().string(containsString("Ungültiger Name"))) + .andExpect(content().string(containsString("Ungültige Addresse"))); + } }