From c2d5c2f02ba92380ce823b0597647742d2c7d812 Mon Sep 17 00:00:00 2001 From: qvalentin Date: Sun, 15 Nov 2020 16:06:32 +0100 Subject: [PATCH 1/3] added the steps FF-104 --- .../rest/RestApplicationIntegrationTest.java | 28 +++- .../rest/cucumber/CommonCucumberSteps.java | 11 ++ .../cucumber/UserEditInformationSteps.java | 17 +-- .../rest/cucumber/UserRegistrationSteps.java | 31 +++++ src/test/resources/UserRegistration.feature | 122 +++++++++--------- 5 files changed, 134 insertions(+), 75 deletions(-) create mode 100644 src/test/java/de/filefighter/rest/cucumber/UserRegistrationSteps.java diff --git a/src/test/java/de/filefighter/rest/RestApplicationIntegrationTest.java b/src/test/java/de/filefighter/rest/RestApplicationIntegrationTest.java index 318c042b..df2a492a 100644 --- a/src/test/java/de/filefighter/rest/RestApplicationIntegrationTest.java +++ b/src/test/java/de/filefighter/rest/RestApplicationIntegrationTest.java @@ -16,6 +16,7 @@ import org.springframework.web.client.RestTemplate; import java.io.IOException; +import java.util.Arrays; import java.util.HashMap; import java.util.Map; @@ -108,4 +109,29 @@ public void handleError(@NotNull ClientHttpResponse response) throws IOException results = new ResponseResults(response); } } -} \ No newline at end of file + + protected static String serializeUser(String confirmationPassword,int[] groupIds, String password, String username){ + StringBuilder jsonString=new StringBuilder("{"); + + if (confirmationPassword != null){ + jsonString.append("\"confirmationPassword\": \"").append(confirmationPassword).append("\","); + } + if (groupIds!=null && groupIds.length>0){ + jsonString.append("\"groupIds\": ").append(Arrays.toString(groupIds)).append(","); + } + if (password != null){ + jsonString.append("\"password\": \"").append(password).append("\","); + } + if (username != null){ + jsonString.append("\"username\": \"").append(username).append("\","); + } + + jsonString.append("}"); + + return jsonString.toString(); + } + + + + +} diff --git a/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java b/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java index db4f297b..3bed0818 100644 --- a/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java +++ b/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java @@ -166,4 +166,15 @@ public void responseContainsKeyAndValueOfAtLeast(String key, int value) throws J assertTrue(actualValue >= value); } + + @And("user with id {long} is in group with id {long}") + public void userWithIdIsInGroupWithId(long userId, long groupId) { + UserEntity userEntity=userRepository.findByUserId(userId); + long[] groudIds=new long[1]; + groudIds[0]=groupId; + + //userEntity.setGroupIds(groudIds); + + + } } diff --git a/src/test/java/de/filefighter/rest/cucumber/UserEditInformationSteps.java b/src/test/java/de/filefighter/rest/cucumber/UserEditInformationSteps.java index b27dd37a..179db20b 100644 --- a/src/test/java/de/filefighter/rest/cucumber/UserEditInformationSteps.java +++ b/src/test/java/de/filefighter/rest/cucumber/UserEditInformationSteps.java @@ -21,12 +21,8 @@ public void userRequestsChangeOfUsernameWithValueAndAccessTokenAndId(String newU - String postBody="{" + - " \"groupIds\": [" + - " 0" + - " ]," + - " \"username\": \""+newUsername+"\"" + - "}"; + String postBody=serializeUser(null,null,null,newUsername); + executeRestApiCall(HttpMethod.PUT, url, authHeader,postBody); } @@ -40,13 +36,8 @@ public void userRequestsChangeOfPasswordWithValueAndAccessTokenAndId(String newP authHeader.put("Authorization", authHeaderString); - String postBody="{\n" + - " \"confirmationPassword\": \""+newPassword+"\"," + - " \"groupIds\": [" + - " 0" + - " ]," + - " \"password\": \""+newPassword+"\"," + - "}"; + String postBody=serializeUser(newPassword,null,newPassword,null); + executeRestApiCall(HttpMethod.GET, url, authHeader,postBody); } diff --git a/src/test/java/de/filefighter/rest/cucumber/UserRegistrationSteps.java b/src/test/java/de/filefighter/rest/cucumber/UserRegistrationSteps.java new file mode 100644 index 00000000..df5de343 --- /dev/null +++ b/src/test/java/de/filefighter/rest/cucumber/UserRegistrationSteps.java @@ -0,0 +1,31 @@ +package de.filefighter.rest.cucumber; + +import de.filefighter.rest.RestApplicationIntegrationTest; +import io.cucumber.java.en.When; +import org.springframework.http.HttpMethod; + +import java.util.HashMap; + +import static de.filefighter.rest.configuration.RestConfiguration.*; + +public class UserRegistrationSteps extends RestApplicationIntegrationTest { + @When("user requests registration with username {string}, password {string} and password confirmation {string} with accessToken {string}") + public void userRequestsRegistrationWithUsernamePasswordAndPasswordConfirmationWithAccessToken(String username, String password, String passwordConfirmation, String accessToken) { + + String authHeaderString = AUTHORIZATION_BEARER_PREFIX + accessToken; + String url = BASE_API_URI + USER_BASE_URI + "register"; + + + HashMap authHeader = new HashMap<>(); + authHeader.put("Authorization", authHeaderString); + + + + + String postBody=serializeUser(password,null,password,username); + + executeRestApiCall(HttpMethod.POST, url, authHeader,postBody); + + + } +} diff --git a/src/test/resources/UserRegistration.feature b/src/test/resources/UserRegistration.feature index a574bed5..0c9fc3f9 100644 --- a/src/test/resources/UserRegistration.feature +++ b/src/test/resources/UserRegistration.feature @@ -1,61 +1,61 @@ -#Feature: User Registration -# As a user (/admin) -# I want to be able to register (users) with username and password -# -# Background: -# Given database is empty -# And user with id 1234 exists and has username "user", password "secure_password" -# And accessToken with value "accessToken" exists for user 1234 -# And user with id 1234 is in group with id 1 -# -# Scenario: Successful registration with username, password and password confirmation. -# When user requests registration with username "kangaroo", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken" -# Then response status code is 201 -# And response contains key "message" and value "User successfully created." -# And response contains key "status" and value "created" -# -# Scenario: Successful registration with username, password and password confirmation; password matches password of other users. -# When user requests registration with username "kangaroo", password "secure_password" and password confirmation "secure_password" with accessToken "accessToken" -# Then response status code is 201 -# And response contains key "message" and value "User successfully created." -# And response contains key "status" and value "created" -# -# Scenario: Failed registration with used username, arbitrary password and password confirmation. -# When user requests registration with username "user", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken" -# Then response status code is 409 -# And response contains key "message" and value "User already exists." -# And response contains key "status" and value "conflict" -# -# Scenario: Failed registration with used username (other case), arbitrary password and password confirmation. -# When user requests registration with username "User", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken" -# Then response status code is 409 -# And response contains key "message" and value "User already exists." -# And response contains key "status" and value "conflict" -# -# Scenario: Failed registration with username, password and deviating password confirmation. -# When user requests registration with username "kangaroo", password "pig-system" and password confirmation "i-love-capitalism" with accessToken "accessToken" -# Then response status code is 409 -# And response contains key "message" and value "Passwords do not match." -# And response contains key "status" and value "conflict" -# -# Scenario: Failed registration with username, password and password confirmation; username is part of password. -# When user requests registration with username "kangaroo", password "kangaroo-system" and password confirmation "kangaroo-system" with accessToken "accessToken" -# Then response status code is 409 -# And response contains key "message" and value "Username must not appear in password." -# And response contains key "status" and value "conflict" -# -# Scenario: Failed registration with username, password and password confirmation; password appears in list of top 10k passwords -# When user requests registration with username "kangaroo", password "vietnam" and password confirmation "vietnam" with accessToken "accessToken" -# Then response status code is 409 -# And response contains key "message" and value "Password must not appear in the top 10000 most common passwords." -# And response contains key "status" and value "conflict" -# #https://github.com/iryndin/10K-Most-Popular-Passwords/blob/master/passwords.txt -# -# Scenario: Failed registration with username, password and password confirmation; not in group ADMIN -# Given user with id 1236 exists -# And user with id 1236 is in group with id -1 -# And accessToken with value "wrongAccessToken" exists for user 1236 -# When user requests registration with username "kangaroo", password "pig-system" and password confirmation "pig-system" with accessToken "wrongAccessToken" -# Then response status code is 401 -# And response contains key "message" and value "User must not register new users." -# And response contains key "status" and value "unauthorized" \ No newline at end of file +Feature: User Registration + As a user (/admin) + I want to be able to register (users) with username and password + + Background: + Given database is empty + And user with id 1234 exists and has username "user", password "secure_password" + And accessToken with value "accessToken" exists for user 1234 + And user with id 1234 is in group with id 1 + + Scenario: Successful registration with username, password and password confirmation. + When user requests registration with username "kangaroo", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken" + Then response status code is 201 + And response contains key "message" and value "User successfully created." + And response contains key "status" and value "created" + + Scenario: Successful registration with username, password and password confirmation; password matches password of other users. + When user requests registration with username "kangaroo", password "secure_password" and password confirmation "secure_password" with accessToken "accessToken" + Then response status code is 201 + And response contains key "message" and value "User successfully created." + And response contains key "status" and value "created" + + Scenario: Failed registration with used username, arbitrary password and password confirmation. + When user requests registration with username "user", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken" + Then response status code is 409 + And response contains key "message" and value "User already exists." + And response contains key "status" and value "conflict" + + Scenario: Failed registration with used username (other case), arbitrary password and password confirmation. + When user requests registration with username "User", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken" + Then response status code is 409 + And response contains key "message" and value "User already exists." + And response contains key "status" and value "conflict" + + Scenario: Failed registration with username, password and deviating password confirmation. + When user requests registration with username "kangaroo", password "pig-system" and password confirmation "i-love-capitalism" with accessToken "accessToken" + Then response status code is 409 + And response contains key "message" and value "Passwords do not match." + And response contains key "status" and value "conflict" + + Scenario: Failed registration with username, password and password confirmation; username is part of password. + When user requests registration with username "kangaroo", password "kangaroo-system" and password confirmation "kangaroo-system" with accessToken "accessToken" + Then response status code is 409 + And response contains key "message" and value "Username must not appear in password." + And response contains key "status" and value "conflict" + + Scenario: Failed registration with username, password and password confirmation; password appears in list of top 10k passwords + When user requests registration with username "kangaroo", password "vietnam" and password confirmation "vietnam" with accessToken "accessToken" + Then response status code is 409 + And response contains key "message" and value "Password must not appear in the top 10000 most common passwords." + And response contains key "status" and value "conflict" + #https://github.com/iryndin/10K-Most-Popular-Passwords/blob/master/passwords.txt + + Scenario: Failed registration with username, password and password confirmation; not in group ADMIN + Given user 1236 exists + And user with id 1236 is in group with id -1 + And accessToken with value "wrongAccessToken" exists for user 1236 + When user requests registration with username "kangaroo", password "pig-system" and password confirmation "pig-system" with accessToken "wrongAccessToken" + Then response status code is 401 + And response contains key "message" and value "User must not register new users." + And response contains key "status" and value "unauthorized" \ No newline at end of file From f92fc41b106308d4c3a96724f18ec7ac24da55bb Mon Sep 17 00:00:00 2001 From: qvalentin Date: Sun, 15 Nov 2020 16:27:29 +0100 Subject: [PATCH 2/3] added repo.save --- .../java/de/filefighter/rest/cucumber/CommonCucumberSteps.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java b/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java index 3bed0818..e7c3194f 100644 --- a/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java +++ b/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java @@ -174,6 +174,7 @@ public void userWithIdIsInGroupWithId(long userId, long groupId) { groudIds[0]=groupId; //userEntity.setGroupIds(groudIds); + userRepository.save(userEntity); } From f21932073a183509934803835d4e5214966109be Mon Sep 17 00:00:00 2001 From: open-schnick Date: Mon, 16 Nov 2020 21:57:57 +0100 Subject: [PATCH 3/3] fixed "user with id is in group with id" step. --- .../domain/user/data/persistance/UserEntity.java | 14 ++++++++------ .../rest/cucumber/CommonCucumberSteps.java | 6 +----- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/src/main/java/de/filefighter/rest/domain/user/data/persistance/UserEntity.java b/src/main/java/de/filefighter/rest/domain/user/data/persistance/UserEntity.java index 7d4dc21b..031e84f8 100644 --- a/src/main/java/de/filefighter/rest/domain/user/data/persistance/UserEntity.java +++ b/src/main/java/de/filefighter/rest/domain/user/data/persistance/UserEntity.java @@ -2,6 +2,7 @@ import lombok.Builder; import lombok.Getter; +import lombok.Setter; import lombok.ToString; import org.springframework.data.mongodb.core.mapping.Document; import org.springframework.data.mongodb.core.mapping.MongoId; @@ -10,15 +11,16 @@ @Getter @ToString @Builder +@Setter public class UserEntity { @MongoId private final String _id; - private final long userId; - private final String username; - private final String lowercaseUsername; // Redundancy for performance tradeoff. - private final String password; - private final String refreshToken; //TODO: add valid_until for refreshToken - private final long[] groupIds; + private long userId; + private String username; + private String lowercaseUsername; // Redundancy for performance tradeoff. + private String password; + private String refreshToken; //TODO: add valid_until for refreshToken + private long[] groupIds; } diff --git a/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java b/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java index e7c3194f..7ced79d0 100644 --- a/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java +++ b/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java @@ -170,12 +170,8 @@ public void responseContainsKeyAndValueOfAtLeast(String key, int value) throws J @And("user with id {long} is in group with id {long}") public void userWithIdIsInGroupWithId(long userId, long groupId) { UserEntity userEntity=userRepository.findByUserId(userId); - long[] groudIds=new long[1]; - groudIds[0]=groupId; - //userEntity.setGroupIds(groudIds); + userEntity.setGroupIds(new long[]{groupId}); userRepository.save(userEntity); - - } }