diff --git a/src/org/labkey/test/tests/InvalidateSessionTest.java b/src/org/labkey/test/tests/InvalidateSessionTest.java index da15af2632..1320cdbeda 100644 --- a/src/org/labkey/test/tests/InvalidateSessionTest.java +++ b/src/org/labkey/test/tests/InvalidateSessionTest.java @@ -20,9 +20,9 @@ import java.io.IOException; import java.util.Arrays; import java.util.List; +import java.util.Set; import static org.junit.Assert.fail; -import static org.labkey.test.WebTestHelper.getCookies; @Category({Daily.class}) public class InvalidateSessionTest extends BaseWebDriverTest @@ -61,23 +61,16 @@ private void doSetup() Regression coverage for Secure Issue 51523: Invalidate sessions on password change */ @Test - public void testSessionInvalidatesAfterPasswordChange() throws IOException + public void testSessionInvalidatesAfterPasswordChange() throws IOException, CommandException { signOut(); signIn(USER); Connection cn = createDefaultConnection(); SelectRowsResponse response; SelectRowsCommand selectCmd = new SelectRowsCommand("auditLog", "UserAuditEvent"); - try - { - response = selectCmd.execute(cn, "Home"); - Assert.assertEquals("Did not establish the database connection before the password change", 200, - response.getStatusCode()); - } - catch (IOException | CommandException e) - { - throw new RuntimeException(e); - } + response = selectCmd.execute(cn, "Home"); + Assert.assertEquals("Did not establish the database connection before the password change", 200, + response.getStatusCode()); log("Changing the user password"); String newPassword = PasswordUtil.getPassword() + "&*&*"; @@ -104,25 +97,18 @@ public void testSessionInvalidatesAfterPasswordChange() throws IOException Regression coverage for Secure Issue 31493: Test for session and cookie persistence through login and logout */ @Test - public void testCookieAndSessionFromLogout() throws IOException + public void testCookieAndSessionFromLogout() throws IOException, CommandException { log("Capture the cookie after login"); - Cookie beforeCookie = getCookies(getCurrentUser()).get(Connection.JSESSIONID); + Set beforeCookie = getDriver().manage().getCookies(); log("Establish the connection"); Connection cn = createDefaultConnection(); SelectRowsResponse response; SelectRowsCommand selectCmd = new SelectRowsCommand("auditLog", "UserAuditEvent"); - try - { - response = selectCmd.execute(cn, getProjectName()); - Assert.assertEquals("Did not establish the database connection before the password change", 200, - response.getStatusCode()); - } - catch (CommandException e) - { - throw new RuntimeException(e); - } + response = selectCmd.execute(cn, getProjectName()); + Assert.assertEquals("Did not establish the database connection before the password change", 200, + response.getStatusCode()); log("Sign out"); signOut(); @@ -139,8 +125,13 @@ public void testCookieAndSessionFromLogout() throws IOException } log("Capture the cookie after logout"); - Cookie afterCookie = getCookies(getCurrentUser()).get(Connection.JSESSIONID); - Assert.assertFalse("Before and after log out cookie should be different", beforeCookie.equals(afterCookie)); + Set afterCookie = getDriver().manage().getCookies(); + Assert.assertFalse("Before and after log out cookie should be different", getJSessionIdValue(beforeCookie).equals(getJSessionIdValue(afterCookie))); + } + + private String getJSessionIdValue(Set cookies) + { + return cookies.stream().toList().get(1).getValue(); } @Override diff --git a/src/org/labkey/test/tests/UserPermissionsTest.java b/src/org/labkey/test/tests/UserPermissionsTest.java index ce52536fc4..fff70ffd1a 100644 --- a/src/org/labkey/test/tests/UserPermissionsTest.java +++ b/src/org/labkey/test/tests/UserPermissionsTest.java @@ -16,12 +16,17 @@ package org.labkey.test.tests; +import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.Test; import org.junit.experimental.categories.Category; import org.labkey.test.BaseWebDriverTest; import org.labkey.test.Locator; import org.labkey.test.TestTimeoutException; import org.labkey.test.categories.Daily; +import org.labkey.test.pages.core.admin.ShowAuditLogPage; +import org.labkey.test.util.ApiPermissionsHelper; +import org.labkey.test.util.DataRegionTable; import org.labkey.test.util.LogMethod; import org.labkey.test.util.PortalHelper; import org.openqa.selenium.WebElement; @@ -36,14 +41,13 @@ @BaseWebDriverTest.ClassTimeout(minutes = 7) public class UserPermissionsTest extends BaseWebDriverTest { - PortalHelper portalHelper = new PortalHelper(this); protected static final String PERM_PROJECT_NAME = "PermissionCheckProject"; protected static final String DENIED_SUB_FOLDER_NAME = "UnlinkedFolder"; protected static final String GAMMA_SUB_FOLDER_NAME = "GammaFolder"; protected static final String GAMMA_EDITOR_GROUP_NAME = "GammaEditor"; protected static final String GAMMA_AUTHOR_GROUP_NAME = "GammaAuthor"; protected static final String GAMMA_READER_GROUP_NAME = "GammaReader"; -// protected static final String GAMMA_RESTRICTED_READER_GROUP_NAME = "GammaRestrictedReader"; + // protected static final String GAMMA_RESTRICTED_READER_GROUP_NAME = "GammaRestrictedReader"; protected static final String GAMMA_SUBMITTER_GROUP_NAME = "GammaSubmitter"; protected static final String GAMMA_ADMIN_GROUP_NAME = "GammaAdmin"; //permissions @@ -54,11 +58,20 @@ public class UserPermissionsTest extends BaseWebDriverTest protected static final String GAMMA_AUTHOR_PAGE_TITLE = "This is a Test Message from : " + GAMMA_AUTHOR_USER; protected static final String GAMMA_READER_USER = "gammareader@security.test"; protected static final String GAMMA_PROJECT_ADMIN_USER = "gammaadmin@security.test"; + protected static final String GAMMA_SUBMITTER_USER = "gammasubmitter@security.test"; + PortalHelper portalHelper = new PortalHelper(this); //I can't really find any docs on what this is exactly? // protected static final String GAMMA_RESTRICTED_READER_USER = "gammarestricted@security.test"; // protected static final String GAMMA_SUBMITTER_USER = "gammasubmitter@security.test"; + @BeforeClass + public static void setupProject() + { + UserPermissionsTest init = getCurrentTest(); + init.doSetup(); + } + @Override public List getAssociatedModules() { @@ -83,23 +96,10 @@ protected void doCleanup(boolean afterTest) throws TestTimeoutException log(this.getClass().getName() + " Cleaning Up"); _containerHelper.deleteProject(PERM_PROJECT_NAME, afterTest); - deleteUsersIfPresent(GAMMA_EDITOR_USER, GAMMA_AUTHOR_USER, GAMMA_READER_USER, GAMMA_PROJECT_ADMIN_USER); + deleteUsersIfPresent(GAMMA_EDITOR_USER, GAMMA_AUTHOR_USER, GAMMA_READER_USER, GAMMA_PROJECT_ADMIN_USER, GAMMA_SUBMITTER_USER); } - @Test - public void testSteps() - { - enableEmailRecorder(); - userPermissionRightsTest(); - } - - /** - * Create some projects, create some groups, permissions for those groups - * Create some users, assign to groups and validate the permissions by - * impersonating the user. - */ - @LogMethod - private void userPermissionRightsTest() + private void doSetup() { _containerHelper.createProject(PERM_PROJECT_NAME, null); _permissionsHelper.createPermissionsGroup(GAMMA_EDITOR_GROUP_NAME); @@ -107,8 +107,8 @@ private void userPermissionRightsTest() _permissionsHelper.setPermissions(GAMMA_EDITOR_GROUP_NAME, "Editor"); createUserInProjectForGroup(GAMMA_EDITOR_USER, PERM_PROJECT_NAME, GAMMA_EDITOR_GROUP_NAME, false); - _containerHelper.createSubfolder(PERM_PROJECT_NAME, PERM_PROJECT_NAME, DENIED_SUB_FOLDER_NAME, "None", new String[] {"Messages", "Wiki"}, true); - _containerHelper.createSubfolder(PERM_PROJECT_NAME, DENIED_SUB_FOLDER_NAME, GAMMA_SUB_FOLDER_NAME, "None", new String[] {"Messages", "Wiki"}, true); + _containerHelper.createSubfolder(PERM_PROJECT_NAME, PERM_PROJECT_NAME, DENIED_SUB_FOLDER_NAME, "None", new String[]{"Messages", "Wiki"}, true); + _containerHelper.createSubfolder(PERM_PROJECT_NAME, DENIED_SUB_FOLDER_NAME, GAMMA_SUB_FOLDER_NAME, "None", new String[]{"Messages", "Wiki"}, true); portalHelper.addWebPart("Messages"); assertElementPresent(Locator.linkWithText("Messages")); portalHelper.addWebPart("Wiki"); @@ -123,6 +123,7 @@ private void userPermissionRightsTest() _permissionsHelper.assertPermissionSetting(GAMMA_READER_GROUP_NAME, "No Permissions"); _permissionsHelper.setPermissions(GAMMA_READER_GROUP_NAME, "Reader"); createUserInProjectForGroup(GAMMA_READER_USER, PERM_PROJECT_NAME, GAMMA_READER_GROUP_NAME, false); + //Create Author User clickProject(PERM_PROJECT_NAME); _permissionsHelper.enterPermissionsUI(); @@ -130,17 +131,36 @@ private void userPermissionRightsTest() _permissionsHelper.assertPermissionSetting(GAMMA_AUTHOR_GROUP_NAME, "No Permissions"); _permissionsHelper.setPermissions(GAMMA_AUTHOR_GROUP_NAME, "Author"); createUserInProjectForGroup(GAMMA_AUTHOR_USER, PERM_PROJECT_NAME, GAMMA_AUTHOR_GROUP_NAME, false); + //Create the Submitter User clickProject(PERM_PROJECT_NAME); _permissionsHelper.enterPermissionsUI(); _permissionsHelper.createPermissionsGroup(GAMMA_SUBMITTER_GROUP_NAME); _permissionsHelper.assertPermissionSetting(GAMMA_SUBMITTER_GROUP_NAME, "No Permissions"); _permissionsHelper.setPermissions(GAMMA_SUBMITTER_GROUP_NAME, "Submitter"); + // TODO: Add submitter to a group /* * I need a way to test submitter, I can't even view a folder where submitter has permissions when * impersonating on my local labkey, so may require special page? */ + } + + @Test + public void testSteps() + { + enableEmailRecorder(); + userPermissionRightsTest(); + } + + /** + * Create some projects, create some groups, permissions for those groups + * Create some users, assign to groups and validate the permissions by + * impersonating the user. + */ + @LogMethod + private void userPermissionRightsTest() + { //Make sure the Editor can edit impersonate(GAMMA_EDITOR_USER); @@ -236,6 +256,33 @@ private void userPermissionRightsTest() signIn(); } + /* + Regression for Secure Issue 51187: Additional automation testing for group audit logs + */ + @Test + public void testAuditLogForGroupUpdates() + { + ApiPermissionsHelper permissionsHelper = new ApiPermissionsHelper(this); + + log("Add user to the group and verify logs"); + _userHelper.createUser(GAMMA_SUBMITTER_USER); + permissionsHelper.addUserToProjGroup(GAMMA_SUBMITTER_USER, getProjectName(), GAMMA_SUBMITTER_GROUP_NAME); + verifyAuditLog("User: " + GAMMA_SUBMITTER_USER + " was added as a member to Group: " + GAMMA_SUBMITTER_GROUP_NAME); + + log("Remove user from group and verify logs"); + goToProjectHome(); + permissionsHelper.removeUserFromGroup(GAMMA_SUBMITTER_GROUP_NAME, GAMMA_SUBMITTER_USER); + verifyAuditLog("User: " + GAMMA_SUBMITTER_USER + " was deleted from Group: " + GAMMA_SUBMITTER_GROUP_NAME); + } + + private void verifyAuditLog(String expectedComment) + { + ShowAuditLogPage showAuditLogPage = goToAdminConsole().clickAuditLog(); + showAuditLogPage.selectView("Group and role events"); + DataRegionTable table = showAuditLogPage.getLogTable(); + Assert.assertEquals("Incorrect audit log record for user getting added to group", expectedComment, table.getDataAsText(0, "Comment")); + } + private void clickLinkWithTextNoTarget(String text) { String href = getAttribute(Locator.linkWithText(text), "href");