Skip to content

Commit

Permalink
[JENKINS-15757] Add tests
Browse files Browse the repository at this point in the history
A new test for the existing 'Remember me' functionality that verifies that
the cookie is set, and a new test showing that, even if requested by the
user, no cookie will be set, if 'Remember me' is disabled in the security
configuration.
  • Loading branch information
daniel-beck committed Nov 6, 2013
1 parent 2d9dec9 commit 9ed2ed5
Show file tree
Hide file tree
Showing 5 changed files with 101 additions and 0 deletions.
Expand Up @@ -62,6 +62,8 @@ enum DataSet {
* and any logged in user has a full access.
*/
ANONYMOUS_READONLY,

SECURED_ACEGI,
}

class RunnerImpl extends Recipe.Runner<PresetData> {
Expand Down
16 changes: 16 additions & 0 deletions test/src/main/preset-data/secured-acegi/config.xml
@@ -0,0 +1,16 @@
<?xml version='1.0' encoding='UTF-8'?>
<hudson>
<numExecutors>2</numExecutors>
<mode>NORMAL</mode>
<useSecurity>true</useSecurity>
<authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy"/>
<securityRealm class="hudson.security.HudsonPrivateSecurityRealm">
<disableSignup>true</disableSignup>
<enableCaptcha>false</enableCaptcha>
</securityRealm>
<jdks/>
<slaves/>
<quietPeriod>5</quietPeriod>
<slaveAgentPort>0</slaveAgentPort>
<secretKey>ed2e66995bec739c0ec71c260bd75be6918ff28b0f1b33d67e205297629a6264</secretKey>
</hudson>
3 changes: 3 additions & 0 deletions test/src/main/preset-data/secured-acegi/readme.txt
@@ -0,0 +1,3 @@
Anonymous users have no permissions, logged in users can do anything.

Uses Jenkins user database, because 'Remember me' functionality requires non-legacy security realm to be enabled.
29 changes: 29 additions & 0 deletions test/src/main/preset-data/secured-acegi/users/alice/config.xml
@@ -0,0 +1,29 @@
<?xml version='1.0' encoding='UTF-8'?>
<user>
<fullName>Alice</fullName>
<properties>
<jenkins.security.ApiTokenProperty>
<apiToken>0K7w+E0Bi/rJt1lombWFDYtw0/KLFHwBjJqN8tUd2QO4tzVXKCPuIq2uWlTUdeBd</apiToken>
</jenkins.security.ApiTokenProperty>
<hudson.model.MyViewsProperty>
<views>
<hudson.model.AllView>
<owner class="hudson.model.MyViewsProperty" reference="../../.."/>
<name>All</name>
<filterExecutors>false</filterExecutors>
<filterQueue>false</filterQueue>
<properties class="hudson.model.View$PropertyList"/>
</hudson.model.AllView>
</views>
</hudson.model.MyViewsProperty>
<hudson.search.UserSearchProperty>
<insensitiveSearch>false</insensitiveSearch>
</hudson.search.UserSearchProperty>
<hudson.security.HudsonPrivateSecurityRealm_-Details>
<passwordHash>#jbcrypt:$2a$10$9m4niaJ3tOglIM22Yd.LdOwuU9RcD9FpuXlqlJhQHKt5Qx2mh.2/i</passwordHash>
</hudson.security.HudsonPrivateSecurityRealm_-Details>
<hudson.tasks.Mailer_-UserProperty plugin="mailer@1.5">
<emailAddress>alice@example.org</emailAddress>
</hudson.tasks.Mailer_-UserProperty>
</properties>
</user>
51 changes: 51 additions & 0 deletions test/src/test/java/hudson/security/LoginTest.java
@@ -1,11 +1,16 @@
package hudson.security;

import com.gargoylesoftware.htmlunit.html.HtmlPage;
import com.gargoylesoftware.htmlunit.html.HtmlForm;
import com.gargoylesoftware.htmlunit.html.HtmlCheckBoxInput;

import org.jvnet.hudson.test.HudsonTestCase;
import org.jvnet.hudson.test.recipes.PresetData;
import org.jvnet.hudson.test.recipes.PresetData.DataSet;
import org.xml.sax.SAXException;

import static org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY;

import java.io.IOException;
import java.net.URL;

Expand Down Expand Up @@ -41,4 +46,50 @@ public void testLoginErrorRedirect2() throws Exception {
// but not once the user logs in.
verifyNotError(wc.login("alice"));
}

private HtmlForm prepareLoginFormWithRememberMeChecked(WebClient wc) throws IOException, org.xml.sax.SAXException {
wc.getCookieManager().setCookiesEnabled(true);
HtmlPage page = wc.goTo("login");

HtmlForm form = page.getFormByName("login");
form.getInputByName("j_username").setValueAttribute("alice");
form.getInputByName("j_password").setValueAttribute("alice");
((HtmlCheckBoxInput)form.getInputByName("remember_me")).setChecked(true);
return form;
}

/**
* Returns the 'remember me' cookie if set, otherwise return null. We don't care about the type, only whether it's null
*/
private Object getRememberMeCookie(WebClient wc) {
return wc.getCookieManager().getCookie(ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
}

/**
* Test 'remember me' cookie
*/
@PresetData(DataSet.SECURED_ACEGI)
public void testLoginRememberMe() throws Exception {
WebClient wc = createWebClient();

prepareLoginFormWithRememberMeChecked(wc).submit(null);

assertNotNull(getRememberMeCookie(wc));
}


/**
* Test that 'remember me' cookie will not be set if disabled even if requested by user.
* This models the case when the feature is disabled between another user loading and submitting the login page.
*/
@PresetData(DataSet.SECURED_ACEGI)
public void testLoginDisabledRememberMe() throws Exception {
WebClient wc = createWebClient();

HtmlForm form = prepareLoginFormWithRememberMeChecked(wc);
jenkins.setDisableRememberMe(true);
form.submit(null);

assertNull(getRememberMeCookie(wc));
}
}

0 comments on commit 9ed2ed5

Please sign in to comment.