Commit 1a4c9acf authored by Piotr Gawron's avatar Piotr Gawron
Browse files

check posting json nd form-ncoded data

parent e0272103
Pipeline #45305 failed with stage
in 63 minutes and 8 seconds
...@@ -2,24 +2,37 @@ package lcsb.mapviewer.web; ...@@ -2,24 +2,37 @@ package lcsb.mapviewer.web;
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail; import static org.junit.Assert.fail;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import java.net.URI; import java.net.URI;
import java.util.*; import java.util.ArrayList;
import java.util.Arrays;
import java.util.Comparator;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.*; import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.core.LoggerContext; import org.apache.logging.log4j.core.LoggerContext;
import org.apache.logging.log4j.core.config.Configurator; import org.apache.logging.log4j.core.config.Configurator;
import org.junit.*; import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.mock.web.MockHttpSession; import org.springframework.mock.web.MockHttpSession;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.web.servlet.RequestBuilder; import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo; import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
...@@ -56,6 +69,7 @@ public class EndPointsInputValidationTests extends ControllerIntegrationTest { ...@@ -56,6 +69,7 @@ public class EndPointsInputValidationTests extends ControllerIntegrationTest {
public void testResponseStatusCodeFromEndpoints() throws Exception { public void testResponseStatusCodeFromEndpoints() throws Exception {
List<Pair<String, RequestMethod>> urls = new ArrayList<>(); List<Pair<String, RequestMethod>> urls = new ArrayList<>();
for (RequestMappingInfo t : requestMappingHandlerMapping.getHandlerMethods().keySet()) { for (RequestMappingInfo t : requestMappingHandlerMapping.getHandlerMethods().keySet()) {
for (String url : t.getPatternsCondition().getPatterns()) { for (String url : t.getPatternsCondition().getPatterns()) {
for (RequestMethod method : t.getMethodsCondition().getMethods()) { for (RequestMethod method : t.getMethodsCondition().getMethods()) {
urls.add(new Pair<>(url, method)); urls.add(new Pair<>(url, method));
...@@ -76,28 +90,34 @@ public class EndPointsInputValidationTests extends ControllerIntegrationTest { ...@@ -76,28 +90,34 @@ public class EndPointsInputValidationTests extends ControllerIntegrationTest {
private void testUrl(String url, RequestMethod method) throws Exception { private void testUrl(String url, RequestMethod method) throws Exception {
for (String urlWithData : getAllPossibleUrls(url)) { for (String urlWithData : getAllPossibleUrls(url)) {
RequestBuilder request = null; List<MockHttpServletRequestBuilder> requests = new ArrayList<>();
switch (method) { switch (method) {
case GET: case GET:
request = get(urlWithData).session(new MockHttpSession()); requests.add(get(urlWithData).session(new MockHttpSession()));
break; break;
case PATCH: case PATCH:
request = patch(urlWithData).content("XX=YY").session(new MockHttpSession()); requests.add(patch(urlWithData).content("XX=YY").session(new MockHttpSession()).contentType(MediaType.APPLICATION_FORM_URLENCODED));
break; requests.add(patch(urlWithData).content("{\"XX\":\"YY\"}").session(new MockHttpSession()).contentType(MediaType.APPLICATION_JSON));
case POST: break;
request = post(urlWithData).content("XX=YY").session(new MockHttpSession()); case POST:
break; requests.add(post(urlWithData).content("XX=YY").session(new MockHttpSession()).contentType(MediaType.APPLICATION_FORM_URLENCODED));
case DELETE: requests.add(post(urlWithData).content("{\"XX\":\"YY\"}").session(new MockHttpSession()).contentType(MediaType.APPLICATION_JSON));
request = delete(urlWithData).session(new MockHttpSession()); break;
break; case DELETE:
default: requests.add(delete(urlWithData).session(new MockHttpSession()));
fail(method.toString()); break;
default:
fail(method.toString());
}
boolean validResponse = false;
HttpStatus status = HttpStatus.I_AM_A_TEAPOT;
for (MockHttpServletRequestBuilder request : requests) {
HttpServletResponse response = mockMvc.perform(request).andReturn().getResponse();
status = HttpStatus.valueOf(response.getStatus());
validResponse |= validResponses.contains(status);
} }
HttpServletResponse response = mockMvc.perform(request).andReturn().getResponse();
HttpStatus status = HttpStatus.valueOf(response.getStatus()); assertTrue("[" + method + " \"" + urlWithData + "\"]\tInvalid response: " + status.name(), validResponse);
assertTrue("[" + method + " \"" + urlWithData + "\"]\tInvalid response: " + status.name(),
validResponses.contains(status));
} }
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment