From bd29181dd25c089dbe62d0d6b9eff8a8061bfe8f Mon Sep 17 00:00:00 2001
From: Pekka Helenius <fincer89@hotmail.com>
Date: Wed, 14 Oct 2020 13:04:14 +0300
Subject: [PATCH] Add BookController end point tests

Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
---
 .../web/webform/endpoint/ApirefTest.java      |  57 +++++++
 .../web/webform/endpoint/BookaddTest.java     |  96 +++++++++++
 .../web/webform/endpoint/BookdeleteTest.java  |  51 ++++++
 .../web/webform/endpoint/BookeditTest.java    |  99 +++++++++++
 .../web/webform/endpoint/BooklistTest.java    | 161 ++++++++++++++++++
 .../web/webform/endpoint/IndexTest.java       |  30 ++++
 6 files changed, 494 insertions(+)
 create mode 100644 bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/ApirefTest.java
 create mode 100644 bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookaddTest.java
 create mode 100644 bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookdeleteTest.java
 create mode 100644 bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookeditTest.java
 create mode 100644 bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BooklistTest.java
 create mode 100644 bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/IndexTest.java

diff --git a/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/ApirefTest.java b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/ApirefTest.java
new file mode 100644
index 0000000..8c5f457
--- /dev/null
+++ b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/ApirefTest.java
@@ -0,0 +1,57 @@
+// Pekka Helenius <fincer89@hotmail.com>, Fjordtek 2020
+
+package com.fjordtek.bookstore.web.webform.endpoint;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.junit.Test;
+import org.junit.jupiter.api.MethodOrderer.Alphanumeric;
+import org.junit.jupiter.api.TestMethodOrder;
+import org.springframework.security.test.context.support.WithUserDetails;
+
+import com.fjordtek.bookstore.web.BookStoreTestWebContextBuilder;
+
+/**
+ * Web application end point test
+ * <p>
+ * <b>Test target</b>: list page, apiref page
+ *
+ * @author Pekka Helenius
+ */
+
+@TestMethodOrder(Alphanumeric.class)
+public class ApirefTest extends BookStoreTestWebContextBuilder {
+
+	@Test
+	public void testA_ApirefLinkNotPresentAsNormalUser() throws Exception {
+		assertThat(
+				pageContentsList().contains("href=\"" + env.getProperty("page.url.apiref") )
+				).isEqualTo(false);
+	}
+
+	@Test
+	@WithUserDetails("admin")
+	public void testB_ApirefLinkPresentAsAdminUser() throws Exception {
+		assertThat(
+				pageContentsList().contains("href=\"" + env.getProperty("page.url.apiref") )
+				).isEqualTo(true);
+	}
+
+	@Test
+	@WithUserDetails("admin")
+	public void testC_ApirefFormFieldsExistAsAdminUser() throws Exception {
+		assertThat(
+				pageContentsApiref().contains("id=\"apireftable\"")
+				).isEqualTo(true);
+	}
+
+	@Test
+	public void testD_ApirefFormNotPresentAsNologin() throws Exception {
+		/*
+		 * Expect redirect, not 403
+		 * Unauthorized users: we pretend the resource (end point) does not exist at all
+		 */
+		loadPageGet(env.getProperty("page.url.apiref"), 302);
+	}
+
+}
diff --git a/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookaddTest.java b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookaddTest.java
new file mode 100644
index 0000000..984dac2
--- /dev/null
+++ b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookaddTest.java
@@ -0,0 +1,96 @@
+// Pekka Helenius <fincer89@hotmail.com>, Fjordtek 2020
+
+package com.fjordtek.bookstore.web.webform.endpoint;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.junit.Test;
+import org.junit.jupiter.api.MethodOrderer.Alphanumeric;
+import org.junit.jupiter.api.TestMethodOrder;
+import org.springframework.security.test.context.support.WithUserDetails;
+
+import com.fjordtek.bookstore.web.BookStoreTestWebContextBuilder;
+
+/**
+ * Web application end point test
+ * <p>
+ * <b>Test target</b>: list page, add page
+ *
+ * @author Pekka Helenius
+ */
+
+@TestMethodOrder(Alphanumeric.class)
+public class BookaddTest extends BookStoreTestWebContextBuilder {
+
+	@Test
+	@WithUserDetails("user")
+	public void testA_AddLinkNotPresentAsNormalUser() throws Exception {
+		assertThat(
+				pageContentsList().contains("href=\"" + env.getProperty("page.url.add") )
+				).isEqualTo(false);
+	}
+
+	@Test
+	@WithUserDetails("admin")
+	public void testB_AddLinkPresentAsAdminUser() throws Exception {
+		assertThat(
+				pageContentsList().contains("href=\"" + env.getProperty("page.url.add") )
+				).isEqualTo(true);
+	}
+
+	@Test
+	@WithUserDetails("admin")
+	public void testC_AddFormFieldsExistAsAdminUser() throws Exception {
+		loadPageGet(env.getProperty("page.url.add"), 200);
+	}
+
+	@Test
+	public void testD_AddFormNotPresentAsNologin() throws Exception {
+		/*
+		 * Expect redirect, not 403
+		 * Unauthorized users: we pretend the resource (end point) does not exist at all
+		 */
+		loadPageGet(env.getProperty("page.url.add"), 302);
+	}
+
+	@Test
+	@WithUserDetails("salesmanager")
+	public void testE_AddPriceIsPresentAsMarketingUser() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("id=\"price")
+				).isEqualTo(true);
+	}
+
+	@Test
+	@WithUserDetails("salesmanager")
+	public void testF_AddPublishIsPresentAsMarketingUser() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("id=\"publish")
+				).isEqualTo(true);
+	}
+
+	@Test
+	@WithUserDetails("helpdesk")
+	public void testG_AddPriceNotPresentAsHelpDeskUser() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("id=\"price")
+				).isEqualTo(false);
+	}
+
+	@Test
+	@WithUserDetails("helpdesk")
+	public void testH_AddPublishNotPresentAsHelpDeskUser() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("id=\"publish")
+				).isEqualTo(false);
+	}
+
+	@Test
+	@WithUserDetails("admin")
+	public void testI_EditFormLoginoutFormIsPresentAsAdmin() throws Exception {
+		assertThat(
+				pageContentsAdd().contains("id=\"bookstore-loginout\"")
+				).isEqualTo(true);
+	}
+
+}
diff --git a/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookdeleteTest.java b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookdeleteTest.java
new file mode 100644
index 0000000..9ac7d5b
--- /dev/null
+++ b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookdeleteTest.java
@@ -0,0 +1,51 @@
+// Pekka Helenius <fincer89@hotmail.com>, Fjordtek 2020
+
+package com.fjordtek.bookstore.web.webform.endpoint;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.junit.Test;
+import org.junit.jupiter.api.MethodOrderer.Alphanumeric;
+import org.junit.jupiter.api.TestMethodOrder;
+import org.springframework.security.test.context.support.WithUserDetails;
+
+import com.fjordtek.bookstore.web.BookStoreTestWebContextBuilder;
+
+/**
+ * Web application end point test
+ * <p>
+ * <b>Test target</b>: list page, delete page
+ *
+ * @author Pekka Helenius
+ */
+
+@TestMethodOrder(Alphanumeric.class)
+public class BookdeleteTest extends BookStoreTestWebContextBuilder {
+
+	@Test
+	@WithUserDetails("helpdesk")
+	public void testA_DeleteLinkNotPresentAsHelpdeskUser() throws Exception {
+		assertThat(
+				pageContentsList().contains("href=\"/bookdelete")
+				).isEqualTo(false);
+	}
+
+	@Test
+	@WithUserDetails("user")
+	public void testB_DeleteFailsAsNormalUser() throws Exception {
+		loadPageGet(env.getProperty("page.url.delete") + "/" + hashId, 302);
+		if (bookHashRepository.findByHashId(hashId) == null) {
+			throw new Exception();
+		}
+	}
+
+	@Test
+	@WithUserDetails("admin")
+	public void testC_DeleteSucceedsAsAdminUser() throws Exception {
+		loadPageGet(env.getProperty("page.url.delete") + "/" + hashId, 302);
+		if (bookHashRepository.findByHashId(hashId) != null) {
+			throw new Exception();
+		}
+	}
+
+}
\ No newline at end of file
diff --git a/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookeditTest.java b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookeditTest.java
new file mode 100644
index 0000000..d302c5b
--- /dev/null
+++ b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BookeditTest.java
@@ -0,0 +1,99 @@
+// Pekka Helenius <fincer89@hotmail.com>, Fjordtek 2020
+
+package com.fjordtek.bookstore.web.webform.endpoint;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.junit.Test;
+import org.junit.jupiter.api.MethodOrderer.Alphanumeric;
+import org.junit.jupiter.api.TestMethodOrder;
+import org.springframework.security.test.context.support.WithUserDetails;
+
+import com.fjordtek.bookstore.web.BookStoreTestWebContextBuilder;
+
+/**
+ * Web application end point test
+ * <p>
+ * <b>Test target</b>: list page, edit page
+ *
+ * @author Pekka Helenius
+ */
+
+@TestMethodOrder(Alphanumeric.class)
+public class BookeditTest extends BookStoreTestWebContextBuilder {
+
+
+	@Test
+	@WithUserDetails("user")
+	public void testA_EditLinkNotPresentAsNormalUser() throws Exception {
+		assertThat(
+				pageContentsList().contains("href=\"" + env.getProperty("page.url.edit") )
+				).isEqualTo(false);
+	}
+
+	@Test
+	@WithUserDetails("admin")
+	public void testB_EditLinkPresentAsAdminUser() throws Exception {
+		assertThat(
+				pageContentsList().contains("href=\"" + env.getProperty("page.url.edit") )
+				).isEqualTo(true);
+	}
+
+	@Test
+	@WithUserDetails("admin")
+	public void testC_EditFieldsExistAsAdminUser() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("class=\"bookform-section\"")
+				).isEqualTo(true);
+	}
+
+	@Test
+	public void testD_EditNotPresentAsNologin() throws Exception {
+		/*
+		 * Expect redirect, not 403
+		 * Unauthorized users: we pretend the resource (end point) does not exist at all
+		 */
+		loadPageGet(env.getProperty("page.url.edit") + "/" + hashId, 302);
+	}
+
+	@Test
+	@WithUserDetails("salesmanager")
+	public void testE_EditPriceIsPresentAsMarketingUser() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("id=\"price")
+				).isEqualTo(true);
+	}
+
+	@Test
+	@WithUserDetails("salesmanager")
+	public void testF_EditPublishIsPresentAsMarketingUser() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("id=\"publish")
+				).isEqualTo(true);
+	}
+
+	@Test
+	@WithUserDetails("helpdesk")
+	public void testG_EditPriceNotPresentAsHelpDeskUser() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("id=\"price")
+				).isEqualTo(false);
+	}
+
+	@Test
+	@WithUserDetails("helpdesk")
+	public void testH_EditPublishNotPresentAsHelpDeskUser() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("id=\"publish")
+				).isEqualTo(false);
+	}
+
+	@Test
+	@WithUserDetails("admin")
+	public void testI_EditFormLoginoutFormIsPresentAsAdmin() throws Exception {
+		assertThat(
+				pageContentsEdit().contains("id=\"bookstore-loginout\"")
+				).isEqualTo(true);
+	}
+
+}
\ No newline at end of file
diff --git a/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BooklistTest.java b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BooklistTest.java
new file mode 100644
index 0000000..2bfbf87
--- /dev/null
+++ b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/BooklistTest.java
@@ -0,0 +1,161 @@
+// Pekka Helenius <fincer89@hotmail.com>, Fjordtek 2020
+
+package com.fjordtek.bookstore.web.webform.endpoint;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.logout;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
+import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
+import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+
+import java.util.Arrays;
+
+import org.junit.Test;
+import org.junit.jupiter.api.MethodOrderer.Alphanumeric;
+import org.junit.jupiter.api.TestMethodOrder;
+import org.springframework.security.test.context.support.WithUserDetails;
+
+import com.fjordtek.bookstore.web.BookStoreTestWebContextBuilder;
+
+/**
+ * Web application end point test
+ * <p>
+ * <b>Test target</b>: list page, log in, log out
+ *
+ * @author Pekka Helenius
+ */
+
+@TestMethodOrder(Alphanumeric.class)
+public class BooklistTest extends BookStoreTestWebContextBuilder {
+
+	@Test
+	public void testA_CsrfTokenExists() throws Exception {
+		mockMvc.perform(
+				post(env.getProperty("page.url.list"))
+				.with(csrf())
+				);
+	}
+
+	@Test
+	public void testB_ExternalFooterLoads() throws Exception {
+		assertThat(pageContentsList().contains("footer-items"))
+		.isEqualTo(true);
+	}
+
+	@Test
+	public void testC_LoginFormExists() throws Exception {
+
+		String[] loginKeywords = {
+				"id=\"bookstore-loginout\"",
+				"login-submit",
+				"username",
+				"password"
+				};
+
+		assertThat(
+				Arrays.stream(loginKeywords).allMatch(pageContentsList()::contains)
+				).isEqualTo(true);
+
+	}
+
+	@Test
+	public void testD_AuthFailureOccurs() throws Exception {
+
+		mockMvc
+		.perform(
+				formLogin(env.getProperty("page.url.list"))
+				.loginProcessingUrl(env.getProperty("page.url.login"))
+				.user(
+						env.getProperty("auth.field.username"), "foo"
+						)
+				.password(
+						env.getProperty("auth.field.password"), "bar"
+						)
+				)
+		.andExpect(unauthenticated());
+	}
+/*
+	@Test
+	public void testAuthFailureOccursFormCharacterOverflow() throws Exception {
+
+		int charCount = 100000;
+		byte[] bytes = new byte[charCount];
+
+		new Random().nextBytes(bytes);
+
+		StringBuilder shaStringBuilder = new StringBuilder();
+
+		for (byte b : bytes) {
+			shaStringBuilder.append(String.format("%02x", b));
+		}
+
+		String inputString = shaStringBuilder.toString();
+
+		mockMvc
+		.perform(
+				formLogin(env.getProperty("page.url.list"))
+				.loginProcessingUrl(env.getProperty("page.url.login"))
+				.user(
+						env.getProperty("auth.field.username"), inputString
+						)
+				.password(
+						env.getProperty("auth.field.password"), inputString
+						)
+				)
+		.andExpect(unauthenticated());
+	}
+*/
+	@Test
+	public void testE_AuthSuccessOccurs() throws Exception {
+
+		mockMvc
+		.perform(
+				formLogin(env.getProperty("page.url.list"))
+				.loginProcessingUrl(env.getProperty("page.url.login"))
+				.user(
+						env.getProperty("auth.field.username"), "admin"
+						)
+				.password(
+						env.getProperty("auth.field.password"), "admin"
+						)
+				)
+		.andExpect(authenticated());
+	}
+
+	@Test
+	@WithUserDetails("salesmanager")
+	public void testF_BookListIsPresentAsMarketingUser() throws Exception {
+		assertThat(
+				pageContentsList().contains("id=\"booklist\"")
+				).isEqualTo(true);
+	}
+
+	@Test
+	@WithUserDetails("user")
+	public void testG_BookListIsPresentAsNormalUser() throws Exception {
+		assertThat(
+				pageContentsList().contains("id=\"booklist\"")
+				).isEqualTo(true);
+	}
+
+	@Test
+	public void testH_BookListIsNotPresentAsNologin() throws Exception {
+		assertThat(
+				pageContentsList().contains("id=\"booklist\"")
+				).isEqualTo(false);
+	}
+
+
+	@Test
+	@WithUserDetails("salesmanager")
+	public void testI_LogoutSucceedsAsMarketingUser() throws Exception {
+		mockMvc.perform(
+				logout()
+				.logoutUrl(env.getProperty("page.url.logout"))
+				);
+	}
+
+
+}
diff --git a/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/IndexTest.java b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/IndexTest.java
new file mode 100644
index 0000000..12e89d4
--- /dev/null
+++ b/bookstore/src/test/java/com/fjordtek/bookstore/web/webform/endpoint/IndexTest.java
@@ -0,0 +1,30 @@
+// Pekka Helenius <fincer89@hotmail.com>, Fjordtek 2020
+
+package com.fjordtek.bookstore.web.webform.endpoint;
+
+import org.junit.Test;
+import org.junit.jupiter.api.MethodOrderer.Alphanumeric;
+import org.junit.jupiter.api.TestMethodOrder;
+
+import com.fjordtek.bookstore.web.BookStoreTestWebContextBuilder;
+
+/**
+ * Web application end point test
+ * <p>
+ * <b>Test target</b>: index page, list page
+ *
+ * @author Pekka Helenius
+ */
+
+@TestMethodOrder(Alphanumeric.class)
+public class IndexTest extends BookStoreTestWebContextBuilder {
+
+	@Test
+	public void testA_RedirectFromIndexPage() throws Exception {
+		/*
+		 * Expect redirect
+		 */
+		loadPageGet(env.getProperty("page.url.index"), 302);
+	}
+
+}