Author: vrockai
Date: 2009-05-27 06:33:48 -0400 (Wed, 27 May 2009)
New Revision: 13416
Added:
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/selenium/XssTestCase.java
Modified:
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/ant/FileCreate.java
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/selenium/JBossPortalSeleniumTestCase.java
Log:
[selenium] - ajax timeout, ant task javadoc, xss testcase preview
Modified:
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/ant/FileCreate.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/ant/FileCreate.java 2009-05-27
09:11:34 UTC (rev 13415)
+++
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/ant/FileCreate.java 2009-05-27
10:33:48 UTC (rev 13416)
@@ -6,6 +6,38 @@
import org.apache.tools.ant.Project;
import org.apache.tools.ant.Task;
+/**
+ * @author vrockai
+ * FileCreate task is responsible for creating specified number of files of random
content and of specified name and size.
+ * <h2>Parameters</h2>
+ * <table>
+ * <thead>
+ * <tr>
+ * <th>Attribute</th>
+ * <th>Description</th>
+ * </tr>
+ * </thead>
+ * <tbody>
+ * <tr>
+ * <td>filename</td>
+ * <td>The prefix of name of file(s) to be generated.</td>
+ * </tr>
+ * <tr>
+ * <td>suffix</td>
+ * <td>When more then one file is about to be created (set by the count attribute)
the filename then consist of the string set by the filename attribe + "[i]"
string + the suffix string set by the suffix attribute.</td>
+ * </tr>
+ * <tr>
+ * <td>size</td>
+ * <td>The size of individual file to be generated in bytes. When more files are
generated (set by count attribute), each file has specified size.</td>
+ * </tr>
+ * <tr>
+ * <td>count</td>
+ * <td>The number of files to be generated. The filename then consist of the string
set by the filename attribe + "[i]" string + the suffix string set by the suffix
attribute.</td>
+ * </tr>
+ * </tbody>
+ * </table>
+ *
+ */
public class FileCreate extends Task {
String filename;
Modified:
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/selenium/JBossPortalSeleniumTestCase.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/selenium/JBossPortalSeleniumTestCase.java 2009-05-27
09:11:34 UTC (rev 13415)
+++
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/selenium/JBossPortalSeleniumTestCase.java 2009-05-27
10:33:48 UTC (rev 13416)
@@ -57,7 +57,7 @@
*/
public static String PAGE_LOAD = "180000";
/** Generic timeout in miliseconds used for AJAX timeouts } */
- public static long AJAX_LOAD = 3000;
+ public static long AJAX_LOAD = 6000;
// protected static final String PAGE_LOAD = "60000";
// protected static final long AJAX_LOAD = 2000;
Added:
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/selenium/XssTestCase.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/selenium/XssTestCase.java
(rev 0)
+++
branches/JBoss_Portal_Branch_2_7/testsuite/ui-tests/src/org/jboss/portal/test/selenium/XssTestCase.java 2009-05-27
10:33:48 UTC (rev 13416)
@@ -0,0 +1,142 @@
+package org.jboss.portal.test.selenium;
+
+import java.text.MessageFormat;
+
+import org.testng.Assert;
+import org.testng.annotations.AfterMethod;
+import org.testng.annotations.BeforeMethod;
+import org.testng.annotations.Test;
+
+/**
+ * XssTestCase is responsible for testing the security of JBoss Portal related
+ * to XSS attacks. Each test is running with user "admin" logged in.
+ *
+ * @author <a href="mailto:vrockai@redhat.com">Viliam Rockai</a>
+ */
+@Test(groups = { "xss" }, enabled = true, description = "XSS issues test
case.")
+public class XssTestCase extends JBossPortalSeleniumTestCase {
+
+ /** prefix for locator properties = dash. */
+ public String casePfx = "xss.";
+
+ private final String TAB_PORTALOBJ_ID = getLoc("portal.admin."
+ + "tab.portalobj.id", "Link=Admin");
+ private final String LINK_PORTALS_ID = getLoc("portal.admin."
+ + "link.portals.id", "link=*Portal Objects*");
+ private final String LNK_PROPERTIES = getLoc("portal.admin."
+ + "lnk.properties",
+ "//a[contains(@id,'edit-context-form:object-link')]");
+ private final String INP_POR_REDIR = getLoc("portal.admin."
+ + "inp.por.redir",
+ "//input[contains(@id,'common-edit-portal-error-form:portal-res-input')]");
+ private final String SUB_POR_REDIR = getLoc("portal.admin."
+ + "sub.por.redir",
+ "//input[contains(@id,'common-edit-portal-error-form:update')]");
+ private final String INP_PAG_REDIR = getLoc("portal.admin."
+ + "inp.pag.redir",
+ "//input[contains(@id,'common-edit-page-error-form:page-res-select')]");
+ private final String SUB_PAG_REDIR = getLoc("portal.admin."
+ + "sub.pag.redir",
+ "//input[contains(@id,'common-edit-page-error-form:update')]");
+
+ private final String URL_EXC_TEST =
"/portal/auth/portal/default/Test/Exception+test";
+ private final String LNK_POR_EXC = "link=*render PortletException*";
+
+ private String XSS_S1 =
"/Dave</option><script>alert(document.cookie);</script>";
+
+ private String comm = "if(expectedAlertWarningText.contains(browser.getAlert()))
{verifyTrue(true, \"Alert/Warning: '\" + expectedAlertWarningText +
\"' is displayed\");return;}";
+
+ @BeforeMethod(groups = { "log" })
+ protected void loginBeforeTest() {
+ logoutIfPossible();
+ login("admin", "admin");
+ }
+
+ @AfterMethod(groups = { "log" })
+ protected void logoutAfterTest() {
+
+ }
+
+ @Test(enabled = true)
+ public void portalPageErrorTest() throws Exception {
+ selenium.click("link=Admin");
+ selenium.waitForPageToLoad(PAGE_LOAD);
+
+ clickIfVisible(TAB_PORTALOBJ_ID);
+ clickIfVisible(LINK_PORTALS_ID);
+
+ selenium.click(LNK_PROPERTIES);
+ selenium.waitForPageToLoad(PAGE_LOAD);
+
+ selenium.type(INP_POR_REDIR, XSS_S1);
+ selenium.click(SUB_POR_REDIR);
+ selenium.waitForPageToLoad(PAGE_LOAD);
+
+ selenium.type(INP_PAG_REDIR, XSS_S1);
+ selenium.click(SUB_PAG_REDIR);
+ selenium.waitForPageToLoad(PAGE_LOAD);
+
+ Assert.assertFalse(selenium.isAlertPresent(), "XSS alert is present!");
+
+ selenium.open(URL_EXC_TEST);
+ selenium.waitForPageToLoad(PAGE_LOAD);
+
+ selenium.click(LNK_POR_EXC);
+
+ waitFor(AJAX_LOAD);
+
+ selenium.runScript(comm);
+ System.out.println("ahoj1");
+
+ System.out.println("ahoj2");
+
+ Assert.assertFalse(selenium.isAlertPresent(), "XSS alert is present!");
+
+ selenium.open("/portal/auth/portal/default/default");
+ selenium.waitForPageToLoad(PAGE_LOAD);
+ }
+
+ private boolean hasAlert() throws Exception {
+ boolean res = false;
+ for (int second = 0; second < 60; second++) {
+
+ try {
+
+ if ((selenium.isAlertPresent())) {
+
+ res = true;
+
+ break;
+
+ }
+
+ }
+
+ catch (Exception ignore) {
+
+ }
+
+ Thread.sleep(1000);
+
+ }
+ return res ;
+ /*
+ selenium.selectFrame("index=0");
+
+ for (int second = 0;; second++) {
+ if (second >= 10){
+ res = false;
+ break;
+ }
+ try {
+ if (selenium.getAlert().startsWith("J"))
+ break;
+ } catch (Exception e) {
+ }
+ Thread.sleep(1000);
+ }
+
+ return res;
+ */
+ }
+}