@Test
public void testConfigurationAuthentication() throws Exception {
prepareSecurity();
FreeStyleProject p = j.createFreeStyleProject();
WebClient wc = j.createWebClient();
wc.login("test1");
// Reauthentication is not required if No need for re-authentication is checked
p.addProperty(
new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("admin", true)));
j.submit(wc.getPage(p, "configure").getFormByName("config"));
// Reauthentication is required if No need for re-authentication is checked
p.removeProperty(AuthorizeProjectProperty.class);
p.addProperty(
new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("admin", false)));
try {
j.submit(wc.getPage(p, "configure").getFormByName("config"));
fail();
} catch (FailingHttpStatusCodeException e) {
assertEquals(400, e.getStatusCode());
}
// No authentication is required if oneself.
{
HtmlPage page = wc.getPage(p, "configure");
HtmlTextInput userid =
page.<HtmlTextInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'userid') and @type='text']");
userid.setValueAttribute("test1");
j.submit(page.getFormByName("config"));
assertEquals(
"test1",
((SpecificUsersAuthorizationStrategy)
p.getProperty(AuthorizeProjectProperty.class).getStrategy())
.getUserid());
}
// Reauthentication is required to change userid even if No need for re-authentication is
// checked
p.addProperty(
new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("admin", true)));
{
HtmlPage page = wc.getPage(p, "configure");
HtmlTextInput userid =
page.<HtmlTextInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'userid') and @type='text']");
userid.setValueAttribute("test2");
try {
j.submit(page.getFormByName("config"));
fail();
} catch (FailingHttpStatusCodeException e) {
assertEquals(400, e.getStatusCode());
}
}
}
@Test public void deleteView() throws Exception {
WebClient wc = j.createWebClient();
ListView v = listView("list");
HtmlPage delete = wc.getPage(v, "delete");
j.submit(delete.getFormByName("delete"));
assertNull(j.jenkins.getView("list"));
User user = User.get("user", true);
MyViewsProperty p = user.getProperty(MyViewsProperty.class);
v = new ListView("list", p);
p.addView(v);
delete = wc.getPage(v, "delete");
j.submit(delete.getFormByName("delete"));
assertNull(p.getView("list"));
}
@Test
public void testRestInterfaceSuccess() throws Exception {
prepareSecurity();
FreeStyleProject srcProject = j.createFreeStyleProject();
srcProject.addProperty(
new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("test1", false)));
srcProject.save();
WebClient wc = j.createWebClient();
wc.login("test1", "test1");
// GET config.xml of srcProject (userid is set to test1)
String configXml =
getConfigXml(wc.goToXml(String.format("%s/config.xml", srcProject.getUrl())));
// POST config.xml of srcProject (userid is set to test1) to a new project.
// This should success.
FreeStyleProject destProject = j.createFreeStyleProject();
destProject.save();
String projectName = destProject.getFullName();
WebRequestSettings req =
new WebRequestSettings(
wc.createCrumbedUrl(String.format("%s/config.xml", destProject.getUrl())),
HttpMethod.POST);
req.setRequestBody(configXml);
wc.getPage(req);
{
FreeStyleProject p = j.jenkins.getItemByFullName(projectName, FreeStyleProject.class);
assertNotNull(p);
AuthorizeProjectProperty prop = p.getProperty(AuthorizeProjectProperty.class);
assertNotNull(prop);
assertEquals(SpecificUsersAuthorizationStrategy.class, prop.getStrategy().getClass());
SpecificUsersAuthorizationStrategy strategy =
(SpecificUsersAuthorizationStrategy) prop.getStrategy();
assertEquals("test1", strategy.getUserid());
}
j.jenkins.reload();
{
FreeStyleProject p = j.jenkins.getItemByFullName(projectName, FreeStyleProject.class);
assertNotNull(p);
AuthorizeProjectProperty prop = p.getProperty(AuthorizeProjectProperty.class);
assertNotNull(prop);
assertEquals(SpecificUsersAuthorizationStrategy.class, prop.getStrategy().getClass());
SpecificUsersAuthorizationStrategy strategy =
(SpecificUsersAuthorizationStrategy) prop.getStrategy();
assertEquals("test1", strategy.getUserid());
}
}
@Test
public void testRestInterfaceFailure() throws Exception {
prepareSecurity();
FreeStyleProject srcProject = j.createFreeStyleProject();
srcProject.addProperty(
new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("admin", false)));
srcProject.save();
WebClient wc = j.createWebClient();
wc.login("test1", "test1");
// GET config.xml of srcProject (userid is set to admin)
String configXml =
getConfigXml(wc.goToXml(String.format("%s/config.xml", srcProject.getUrl())));
// POST config.xml of srcProject (userid is set to admin) to a new project.
// This should fail.
FreeStyleProject destProject = j.createFreeStyleProject();
destProject.save();
String projectName = destProject.getFullName();
WebRequestSettings req =
new WebRequestSettings(
wc.createCrumbedUrl(String.format("%s/config.xml", destProject.getUrl())),
HttpMethod.POST);
req.setRequestBody(configXml);
try {
wc.getPage(req);
fail();
} catch (FailingHttpStatusCodeException e) {
}
{
FreeStyleProject p = j.jenkins.getItemByFullName(projectName, FreeStyleProject.class);
assertNotNull(p);
AuthorizeProjectProperty prop = p.getProperty(AuthorizeProjectProperty.class);
assertTrue(prop == null || prop.getStrategy() == null);
}
j.jenkins.reload();
{
FreeStyleProject p = j.jenkins.getItemByFullName(projectName, FreeStyleProject.class);
assertNotNull(p);
AuthorizeProjectProperty prop = p.getProperty(AuthorizeProjectProperty.class);
assertTrue(prop == null || prop.getStrategy() == null);
}
}
@Issue("JENKINS-17302")
@Test public void doConfigDotXml() throws Exception {
ListView view = listView("v");
view.description = "one";
WebClient wc = j.createWebClient();
String xml = wc.goToXml("view/v/config.xml").getContent();
assertTrue(xml, xml.contains("<description>one</description>"));
xml = xml.replace("<description>one</description>", "<description>two</description>");
WebRequestSettings req = new WebRequestSettings(wc.createCrumbedUrl("view/v/config.xml"), HttpMethod.POST);
req.setRequestBody(xml);
wc.getPage(req);
assertEquals("two", view.getDescription());
xml = new XmlFile(Jenkins.XSTREAM, new File(j.jenkins.getRootDir(), "config.xml")).asString();
assertTrue(xml, xml.contains("<description>two</description>"));
}
@Test
@Issue("JENKINS-11543")
public void unicodeParametersArePresetCorrectly() throws Exception {
final FreeStyleProject p = j.createFreeStyleProject();
ParametersDefinitionProperty pdb =
new ParametersDefinitionProperty(
new StringParameterDefinition("sname:a¶‱ﻷ", "svalue:a¶‱ﻷ", "sdesc:a¶‱ﻷ"),
new FileParameterDefinition("fname:a¶‱ﻷ", "fdesc:a¶‱ﻷ"));
p.addProperty(pdb);
WebClient wc = j.createWebClient();
wc.setThrowExceptionOnFailingStatusCode(false); // Ignore 405
HtmlPage page = wc.getPage(p, "build");
// java.lang.IllegalArgumentException: No such parameter definition: <gibberish>.
wc.setThrowExceptionOnFailingStatusCode(true);
final HtmlForm form = page.getFormByName("parameters");
form.submit(form.getButtonByCaption("Build"));
}
@LocalData
@Test
public void basic() throws Exception {
FreeStyleBuild build = project.scheduleBuild2(0).get(10, TimeUnit.SECONDS);
assertTestResults(build);
WebClient wc = j.new WebClient();
wc.getPage(project); // project page
wc.getPage(build); // build page
wc.getPage(build, "testReport"); // test report
wc.getPage(build, "testReport/hudson.security"); // package
wc.getPage(build, "testReport/hudson.security/HudsonPrivateSecurityRealmTest/"); // class
wc.getPage(
build,
"testReport/hudson.security/HudsonPrivateSecurityRealmTest/testDataCompatibilityWith1_282/"); // method
}
@Test
public void testConfigureApitoken() throws Exception {
prepareSecurity();
FreeStyleProject p = j.createFreeStyleProject();
p.addProperty(
new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("test2", false)));
WebClient wc = j.createWebClient();
wc.login("test1");
String apitokenForTest2 = User.get("test2").getProperty(ApiTokenProperty.class).getApiToken();
assertNotNull(apitokenForTest2);
assertNotEquals("", apitokenForTest2);
// authentication fails without apitoken
{
HtmlPage page = wc.getPage(p, "configure");
HtmlCheckBoxInput useApitoken =
page.<HtmlCheckBoxInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'useApitoken') and @type='checkbox']");
useApitoken.setChecked(true);
try {
j.submit(page.getFormByName("config"));
fail();
} catch (FailingHttpStatusCodeException e) {
assertEquals(400, e.getStatusCode());
}
}
// authentication succeeds with the good apitoken
{
HtmlPage page = wc.getPage(p, "configure");
HtmlCheckBoxInput useApitoken =
page.<HtmlCheckBoxInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'useApitoken') and @type='checkbox']");
useApitoken.setChecked(true);
HtmlTextInput apitoken =
page.<HtmlTextInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'apitoken') and @type='text']");
apitoken.setValueAttribute(apitokenForTest2);
j.submit(page.getFormByName("config"));
assertEquals(
"test2",
((SpecificUsersAuthorizationStrategy)
p.getProperty(AuthorizeProjectProperty.class).getStrategy())
.getUserid());
}
// authentication fails with a bad apitoken
{
HtmlPage page = wc.getPage(p, "configure");
HtmlCheckBoxInput useApitoken =
page.<HtmlCheckBoxInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'useApitoken') and @type='checkbox']");
useApitoken.setChecked(true);
HtmlTextInput apitoken =
page.<HtmlTextInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'apitoken') and @type='text']");
apitoken.setValueAttribute(apitokenForTest2 + "xxx");
try {
j.submit(page.getFormByName("config"));
fail();
} catch (FailingHttpStatusCodeException e) {
assertEquals(400, e.getStatusCode());
}
}
// authentication fails if the apitoken is used for password
{
HtmlPage page = wc.getPage(p, "configure");
HtmlCheckBoxInput useApitoken =
page.<HtmlCheckBoxInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'useApitoken') and @type='checkbox']");
useApitoken.setChecked(false);
HtmlPasswordInput password =
page.<HtmlPasswordInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'password') and @type='password']");
password.setValueAttribute(apitokenForTest2);
HtmlTextInput apitoken =
page.<HtmlTextInput>getFirstByXPath(
"//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'apitoken') and @type='text']");
apitoken.setValueAttribute(apitokenForTest2);
try {
j.submit(page.getFormByName("config"));
fail();
} catch (FailingHttpStatusCodeException e) {
assertEquals(400, e.getStatusCode());
}
}
}