@Test
public void testProvider() {
CurrentStepRunIndexProvider provider = new CurrentStepRunIndexProvider();
TestStep mockStep1 = Mockito.mock(TestStep.class);
Mockito.when(mockStep1.getId()).thenReturn("1234");
TestStep mockStep2 = Mockito.mock(TestStep.class);
Mockito.when(mockStep2.getId()).thenReturn("2345");
TestStepResult mockResult1 = Mockito.mock(TestStepResult.class);
Mockito.when(mockResult1.getTestStep()).thenReturn(mockStep1);
TestStepResult mockResult2 = Mockito.mock(TestStepResult.class);
Mockito.when(mockResult2.getTestStep()).thenReturn(mockStep2);
List<TestStepResult> resultList = new ArrayList<TestStepResult>();
resultList.add(mockResult1);
resultList.add(mockResult2);
resultList.add(mockResult2);
resultList.add(mockResult1);
resultList.add(mockResult2);
WsdlTestRunContext context = Mockito.mock(WsdlTestRunContext.class);
AbstractTestCaseRunner runner = Mockito.mock(AbstractTestCaseRunner.class);
Mockito.when(context.getTestRunner()).thenReturn(runner);
Mockito.when(runner.getResults()).thenReturn(resultList);
Mockito.when(context.getCurrentStep()).thenReturn(mockStep1);
Assert.assertEquals("2", provider.getValue(context));
Mockito.when(context.getCurrentStep()).thenReturn(mockStep2);
Assert.assertEquals("3", provider.getValue(context));
}
@Override
public void afterRun(TestCaseRunner testRunner, SecurityTestRunContext runContext) {
TestCase testCase = testRunner.getTestCase();
SecurityTest securityTest = ((SecurityTestRunner) testRunner).getSecurityTest();
JUnitReport report = new JUnitReport();
report.setIncludeTestProperties(includeTestPropertiesInReport);
String reportName = securityTest.getName();
report.setTestSuiteName(reportName);
report.setPackage(testCase.getTestSuite().getProject().getName());
int errorCount = 0;
for (TestStep ts : testCase.getTestStepList()) {
SecurityTestStepResult secuTestStepResult =
securityTest.getSecurityTestStepResultMap().get(ts);
if (secuTestStepResult != null) {
for (SecurityScanResult scanResult : secuTestStepResult.getSecurityScanResultList()) {
HashMap<String, String> testProperties = getTestPropertiesAsHashMap(securityTest);
List<SecurityScanRequestResult> resultList = scanResult.getSecurityRequestResultList();
Testcase secTestCase =
report.addTestCase(
ts.getName() + " - " + scanResult.getSecurityScanName(),
scanResult.getTimeTaken(),
testProperties);
secTestCase.setPackage(testCase.getTestSuite().getProject().getName());
for (int i = 0; i < resultList.size(); i++) {
SecurityScanRequestResult scanRequestResult = resultList.get(i);
if (scanRequestResult.getStatus() == ResultStatus.FAILED) {
StringBuffer result = new StringBuffer();
result
.append("<pre>")
.append(XmlUtils.entitize(scanRequestResult.getChangedParamsInfo(i + 1)))
.append("</pre>");
for (String message : scanRequestResult.getMessages()) {
result.append("<pre>").append(XmlUtils.entitize(message)).append("</pre>");
}
secTestCase.addNewError().setStringValue(result.toString());
errorCount++;
}
}
}
}
report.setNoofErrorsInTestSuite(errorCount);
report.setTotalTime(testRunner.getTimeTaken());
reports.put(reportName, report);
}
}
@Override
public void testStepAdded(TestStep testStep, int arg1) {
if (Utils.DISABLE_REPORTING) {
testStep.getTestCase().getTestSuite().removeTestSuiteListener(this);
return;
}
Utils.log("Adding TestStep \"" + testStep.getLabel() + "\" to model");
getBridge(testStep).cacheTestStep(null, testStep);
}
protected void createTransfer(StringToStringMap values) {
String propertyTransfer = values.get(TRANSFER_STEP);
WsdlTestCase testCase = (WsdlTestCase) request.getTestCase();
TransferResponseValuesTestStep transferStep =
(TransferResponseValuesTestStep) testCase.getTestStepByName(propertyTransfer);
if (transferStep == null) {
int index = testCase.getIndexOfTestStep(request.getRequestStep());
transferStep =
(TransferResponseValuesTestStep)
testCase.insertTestStep(
TransferValuesStepFactory.TRANSFER_TYPE, propertyTransfer, index);
}
if (transferStep == null) {
UISupport.showErrorMessage("Missing transfer step [" + propertyTransfer + "]");
return;
}
PropertyTransfer transfer = transferStep.getTransferByName(values.get(TRANSFER_NAME));
if (transfer == null) transfer = transferStep.addTransfer(values.get(TRANSFER_NAME));
transfer.setTargetStepName(request.getRequestStep().getName());
transfer.setTargetPropertyName("Request");
transfer.setTargetPath(values.get(TARGET_XPATH));
String sourceStepName = values.get(SOURCE_STEP);
transfer.setSourceStepName(sourceStepName);
TestStep sourceStep = testCase.getTestStepByName(sourceStepName);
if (sourceStep == null) {
sourceStep =
(WsdlPropertiesTestStep)
testCase.insertTestStep(PropertiesStepFactory.PROPERTIES_TYPE, sourceStepName, 0);
}
String sourcePropertyName = values.get(SOURCE_PROPERTY);
if (sourceStep.getProperty(sourcePropertyName) == null
&& sourceStep instanceof WsdlPropertiesTestStep) {
((WsdlPropertiesTestStep) sourceStep).addProperty(sourcePropertyName);
}
transfer.setSourcePropertyName(sourcePropertyName);
if (values.getBoolean(OPEN_EDITOR)) {
TransferResponseValuesDesktopPanel panel =
(TransferResponseValuesDesktopPanel) UISupport.showDesktopPanel(transferStep);
panel.selectTransfer(transfer);
}
}
private Object[] getPropertyTransferSteps() {
List<TestStep> steps = request.getTestCase().getTestStepList();
List<String> result = new ArrayList<String>();
result.add(null);
for (TestStep step : steps) {
if (step instanceof TransferResponseValuesTestStep) result.add(step.getName());
}
return result.toArray();
}
private Object[] getSourceProperties() {
if (dialog == null) return new Object[] {null};
String sourceStep = dialog.getValues().get(SOURCE_STEP);
TestStep testStep = request.getTestCase().getTestStepByName(sourceStep);
if (testStep == null) return new Object[] {null};
StringList result = new StringList();
result.addAll(testStep.getPropertyNames());
if (testStep instanceof WsdlPropertiesTestStep) {
result.add(0, null);
}
return result.toArray();
}
@Override
public void beforeStep(
TestCaseRunner testRunner, TestCaseRunContext runContext, TestStep currentStep) {
super.beforeStep(testRunner, runContext, currentStep);
if (currentStep != null) {
log.info("running step [" + currentStep.getName() + "]");
}
}
@Override
protected void execute(
SecurityTestRunner securityTestRunner, TestStep testStep, SecurityTestRunContext context) {
scriptEngine.setScript(groovyscc.getExecuteScript().getStringValue());
scriptEngine.setVariable("context", context);
scriptEngine.setVariable("testStep", testStep);
scriptEngine.setVariable("securityScan", this);
scriptEngine.setVariable("parameters", parameters);
scriptEngine.setVariable("log", SoapUI.ensureGroovyLog());
try {
scriptResult = scriptEngine.run();
hasNext = castResultToBoolean(scriptResult);
XmlObjectTreeModel model = null;
for (SecurityCheckedParameter scp : getParameterHolder().getParameterList()) {
if (parameters.containsKey(scp.getLabel()) && parameters.get(scp.getLabel()) != null) {
if (scp.isChecked() && scp.getXpath().trim().length() > 0) {
model = SecurityScanUtil.getXmlObjectTreeModel(testStep, scp);
XmlTreeNode[] treeNodes = null;
treeNodes = model.selectTreeNodes(context.expand(scp.getXpath()));
if (treeNodes.length > 0) {
XmlTreeNode mynode = treeNodes[0];
mynode.setValue(1, parameters.get(scp.getLabel()));
}
updateRequestProperty(testStep, scp.getName(), model.getXmlObject().toString());
} else {
updateRequestProperty(testStep, scp.getName(), parameters.get(scp.getLabel()));
}
} else if (parameters.containsKey(scp.getLabel())
&& parameters.get(scp.getLabel()) == null) { // clears null values form parameters
parameters.remove(scp.getLabel());
}
}
MessageExchange message =
(MessageExchange) testStep.run((TestCaseRunner) securityTestRunner, context);
createMessageExchange(clearNullValues(parameters), message, context);
} catch (Exception e) {
SoapUI.logError(e);
hasNext = false;
} finally {
// if( scriptResult != null )
// {
// getTestStep().getProperty( "Request" ).setValue( ( String
// )scriptResult );
//
// getTestStep().run( ( TestCaseRunner )securityTestRunner,
// ( TestCaseRunContext )securityTestRunner.getRunContext() );
// }
}
}
public String assertResult(
LoadTestRunner loadTestRunner,
LoadTestRunContext context,
TestStepResult result,
TestCaseRunner testRunner,
TestCaseRunContext runContext) {
WsdlLoadTest loadTest = (WsdlLoadTest) loadTestRunner.getLoadTest();
LoadTestStatistics statisticsModel = loadTest.getStatisticsModel();
TestStep step = result.getTestStep();
if (targetStepMatches(step)) {
int index = step.getTestCase().getIndexOfTestStep(step);
long average = statisticsModel.getStatistic(index, Statistic.AVERAGE);
long count = statisticsModel.getStatistic(index, Statistic.AVERAGE);
if (count > minRequests && (count % sampleInterval == 0) && average >= maxAverage) {
return returnErrorOrFail(
"Average [" + average + "] exceeds limit [" + maxAverage + "]",
maxErrors,
loadTestRunner,
context);
}
} else if (ALL_TEST_STEPS.equals(getTargetStep())) {
long average = statisticsModel.getStatistic(LoadTestStatistics.TOTAL, Statistic.AVERAGE);
long count = statisticsModel.getStatistic(LoadTestStatistics.TOTAL, Statistic.COUNT);
if (count > minRequests && (count % sampleInterval == 0) && average >= maxAverage) {
return returnErrorOrFail(
"Average [" + average + "] exceeds limit [" + maxAverage + "]",
maxErrors,
loadTestRunner,
context);
}
}
return null;
}
@Override
protected void execute(
SecurityTestRunner securityTestRunner, TestStep testStep, SecurityTestRunContext context) {
try {
StringToStringMap updatedParams = update(testStep, context);
addAttachement(testStep);
WsdlTestRequestStepResult message =
(WsdlTestRequestStepResult) testStep.run((TestCaseRunner) securityTestRunner, context);
message.setRequestContent("", false);
createMessageExchange(updatedParams, message, context);
} catch (XmlException e) {
SoapUI.logError(e, "[XmlBombSecurityScan]XPath seems to be invalid!");
reportSecurityScanException("Property value is not XML or XPath is wrong!");
} catch (Exception e) {
SoapUI.logError(e, "[XmlBombSecurityScan]Property value is not valid xml!");
reportSecurityScanException("Property value is not XML or XPath is wrong!");
}
}
private StringToStringMap update(TestStep testStep, SecurityTestRunContext context)
throws XmlException, Exception {
StringToStringMap params = new StringToStringMap();
if (parameterMutations.size() == 0) mutateParameters(testStep, context);
/*
* Idea is to drain for each parameter mutations.
*/
for (SecurityCheckedParameter param : getParameterHolder().getParameterList()) {
ArrayList<String> mutations = parameterMutations.get(param);
if (mutations != null && !mutations.isEmpty()) {
testStep.getProperties().get(param.getName()).setValue(mutations.get(0));
params.put(param.getLabel(), mutations.get(0));
mutations.remove(0);
break;
}
}
return params;
}
@Override
public void testStepRemoved(TestStep testStep, int index) {
if (testStep.getTestCase() == testCase) updateLabel();
}
private static ModelBridge getBridge(final TestStep ts) {
return ModelBridge.getOrCreateEnvBridge(ts.getTestCase().getTestSuite().getProject());
}
@Override
public void afterStep(
TestCaseRunner testRunner, TestCaseRunContext runContext, TestStepResult result) {
super.afterStep(testRunner, runContext, result);
TestStep currentStep = runContext.getCurrentStep();
if (currentStep instanceof Assertable) {
Assertable requestStep = (Assertable) currentStep;
for (int c = 0; c < requestStep.getAssertionCount(); c++) {
TestAssertion assertion = requestStep.getAssertionAt(c);
log.info("Assertion [" + assertion.getName() + "] has status " + assertion.getStatus());
if (assertion.getStatus() == AssertionStatus.FAILED) {
for (AssertionError error : assertion.getErrors()) {
log.error("ASSERTION FAILED -> " + error.getMessage());
}
assertions.add(assertion);
assertionResults.put(assertion, (WsdlTestStepResult) result);
}
testAssertionCount++;
}
}
String countPropertyName = currentStep.getName() + " run count";
Long count = (Long) runContext.getProperty(countPropertyName);
if (count == null) {
count = new Long(0);
}
runContext.setProperty(countPropertyName, new Long(count.longValue() + 1));
if (result.getStatus() == TestStepStatus.FAILED || exportAll) {
try {
String exportSeparator = System.getProperty(SOAPUI_EXPORT_SEPARATOR, "-");
TestCase tc = currentStep.getTestCase();
String nameBase =
StringUtils.createFileName(tc.getTestSuite().getName(), '_')
+ exportSeparator
+ StringUtils.createFileName(tc.getName(), '_')
+ exportSeparator
+ StringUtils.createFileName(currentStep.getName(), '_')
+ "-"
+ count.longValue()
+ "-"
+ result.getStatus();
WsdlTestCaseRunner callingTestCaseRunner =
(WsdlTestCaseRunner) runContext.getProperty("#CallingTestCaseRunner#");
if (callingTestCaseRunner != null) {
WsdlTestCase ctc = callingTestCaseRunner.getTestCase();
WsdlRunTestCaseTestStep runTestCaseTestStep =
(WsdlRunTestCaseTestStep) runContext.getProperty("#CallingRunTestCaseStep#");
nameBase =
StringUtils.createFileName(ctc.getTestSuite().getName(), '_')
+ exportSeparator
+ StringUtils.createFileName(ctc.getName(), '_')
+ exportSeparator
+ StringUtils.createFileName(runTestCaseTestStep.getName(), '_')
+ exportSeparator
+ StringUtils.createFileName(tc.getTestSuite().getName(), '_')
+ exportSeparator
+ StringUtils.createFileName(tc.getName(), '_')
+ exportSeparator
+ StringUtils.createFileName(currentStep.getName(), '_')
+ "-"
+ count.longValue()
+ "-"
+ result.getStatus();
}
String absoluteOutputFolder = getAbsoluteOutputFolder(ModelSupport.getModelItemProject(tc));
String fileName = absoluteOutputFolder + File.separator + nameBase + ".txt";
if (result.getStatus() == TestStepStatus.FAILED) {
log.error(currentStep.getName() + " failed, exporting to [" + fileName + "]");
}
new File(fileName).getParentFile().mkdirs();
PrintWriter writer = new PrintWriter(fileName);
result.writeTo(writer);
writer.close();
// write attachments
if (result instanceof MessageExchange) {
Attachment[] attachments = ((MessageExchange) result).getResponseAttachments();
if (attachments != null && attachments.length > 0) {
for (int c = 0; c < attachments.length; c++) {
fileName = nameBase + "-attachment-" + (c + 1) + ".";
Attachment attachment = attachments[c];
String contentType = attachment.getContentType();
if (!"application/octet-stream".equals(contentType)
&& contentType != null
&& contentType.indexOf('/') != -1) {
fileName += contentType.substring(contentType.lastIndexOf('/') + 1);
} else {
fileName += "dat";
}
fileName = absoluteOutputFolder + File.separator + fileName;
FileOutputStream outFile = new FileOutputStream(fileName);
Tools.writeAll(outFile, attachment.getInputStream());
outFile.close();
}
}
}
exportCount++;
} catch (Exception e) {
log.error("Error saving failed result: " + e, e);
}
}
testStepCount++;
}
private void updateRequestProperty(TestStep testStep, String propertyName, String propertyValue) {
testStep.getProperty(propertyName).setValue(propertyValue);
}
