diff --git a/cypress/integration/auth_spec.js b/cypress/integration/auth_spec.js new file mode 100644 index 00000000..bfed7781 --- /dev/null +++ b/cypress/integration/auth_spec.js @@ -0,0 +1,133 @@ +const indexPage = 'http://localhost:8080/exist/apps/eXide/index.html' +const loginPage = 'http://localhost:8080/exist/apps/eXide/login.html' + +describe('with guest=yes (default)', function() { + before(function () { + cy.setConf(true, true); + }) + + describe('as guest user', function() { + it('login page should redirect guest to index.html', function() { + cy.visit('/eXide/login.html') + cy.url().should('eq', indexPage) + }) + + it('index page should show editor', function () { + cy.visit('/eXide/index.html') + cy.url().should('eq', indexPage) + }) + }) + + describe('as admin user', function() { + it('login page should redirect admin to index.html', function() { + cy.loginXHR('admin', '') + cy.visit('/eXide/login.html') + cy.url().should('eq', indexPage) + }) + + it('index page should show editor', function () { + cy.loginXHR('admin', '') + cy.visit('/eXide/index.html') + cy.url().should('eq', indexPage) + }) + + it('reload after logout still shows editor', function () { + cy.loginXHR('guest', 'guest') + cy.visit('/eXide/index.html') + cy.url().should('eq', indexPage) + }) + }) +}) + +describe('with guest=no', function() { + before(function () { + cy.setConf(true, false); + }) + after(function () { + cy.setConf(true, true); + }) + + describe('as guest', function() { + before(function () { cy.loginXHR('guest', 'guest') }) + it('login page should show', function() { + cy.visit('/eXide/login.html') + // cy.reload(true) + cy.url().should('eq', loginPage) + }) + + it('index page should redirect to login', function () { + cy.visit('/eXide/index.html') + cy.url().should('eq', loginPage) + }) + }) + + describe('as admin', function() { + it('login page should redirect admin to index.html', function() { + cy.loginXHR('admin', '') + cy.visit('/eXide/login.html') + cy.url().should('eq', indexPage) + }) + + it('index page should show editor', function () { + cy.loginXHR('admin', '') + cy.visit('/eXide/index.html') + cy.url().should('eq', indexPage) + }) + }) +}) + +describe('login using form', function () { + before(function () { + cy.setConf(true, false); + }) + beforeEach(function () { + cy.loginXHR('guest', 'guest') + }) + after(function () { + cy.setConf(true, true); + cy.loginXHR('guest', 'guest') + }) + + it('login page should show', function() { + cy.visit('/eXide/login.html') + cy.url().should('eq', loginPage) + }) + + describe('with valid admin credentials', function () { + it('should login in', function() { + cy.session(['form', 'admin', ''], () => { + cy.visit('/eXide/login.html') + cy.get('[name=user]').type('admin') + // this will throw an error as .type cannot handle an empty string + // cy.get('[name=password]').type('') + cy.get('[type=submit]').click() + cy.url().should('eq', indexPage) + }) + }) + }) + describe('with invalid admin credentials', function () { + it('should not allow access', function() { + cy.session(['form', 'admin', 'nimda'], () => { + cy.visit('/eXide/login.html') + cy.get('[name=user]').type('admin') + // this will throw an error as .type cannot handle an empty string + cy.get('[name=password]').type('nimda') + cy.get('[type=submit]').click() + cy.url().should('eq', loginPage) + }) + }) + }) + describe('with valid guest credentials', function () { + it('should still not allow guest', function() { + cy.session(['form', 'guest', 'guest'], () => { + cy.visit('/eXide/login.html') + cy.get('[name=user]').type('guest') + // this will throw an error as .type cannot handle an empty string + cy.get('[name=password]').type('guest') + cy.get('[type=submit]').click() + cy.url().should('eq', loginPage) + }) + }) + }) + +}) diff --git a/cypress/support/commands.js b/cypress/support/commands.js index c1f5a772..882eda0d 100644 --- a/cypress/support/commands.js +++ b/cypress/support/commands.js @@ -10,7 +10,63 @@ // // // -- This is a parent command -- -// Cypress.Commands.add("login", (email, password) => { ... }) +// cy.login() +Cypress.Commands.add("login", (username, password) => { + cy.session(['form', username, password], () => { + cy.visit('/eXide/login.html') + cy.get('[name=user]').type(username) + if (password.length) { + cy.get('[name=password]').type(password) + } + cy.get('[type=submit]').click() + cy.url().should('contain', '/index.html') + }) +}) + +// cy.loginXHR() +Cypress.Commands.add("loginXHR", (user, password) => { + cy.session(['xhr', user, password], () => { + cy.request({ + method: 'POST', + url: '/eXide/login', + form: true, + body: { user, password }, + headers: { 'Accept': 'application/json' } + }) + }) +}) + +// cy.logout() -- does not work reliably +Cypress.Commands.add("logout", () => cy.request('/eXide/index.html', {logout: true})) + +const setBoolean = (value) => value ? 'yes' : 'no' +const getConf = function (executeQuery, restrictAccess) { + return ` + + +` +} + +Cypress.Commands.add("setConf", function (executeQuery, restrictAccess) { + cy.loginXHR('admin', '') + const body = getConf(executeQuery, restrictAccess); + const confFilePath = "/apps/eXide/configuration.xml" + cy.request({ + method: 'POST', + url: `/eXide/store/db${confFilePath}`, + headers: { + 'Content-Type': 'application/xml', + 'Content-length': body.length + }, + body + }) + .then((response) => { + const parsed = JSON.parse(response.body) + expect(parsed).to.have.property('status', 'ok') + expect(parsed).to.have.property('externalLink', `/exist${confFilePath}`) + }) +}) + // // // -- This is a child command --