View Javadoc
1   /**
2    * Copyright 2005-2013 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package edu.samplu.krad.demo.travel.account;
17  
18  import edu.samplu.common.SmokeTestBase;
19  import org.junit.Test;
20  
21  /**
22   * @author Kuali Rice Team (rice.collab@kuali.org)
23   */
24  public class DemoTravelAccountLookUpSmokeTest extends SmokeTestBase {
25  
26      /**
27       * /kr-krad/lookup?methodToCall=start&dataObjectClassName=org.kuali.rice.krad.demo.travel.account.TravelAccount&hideReturnLink=true&showMaintenanceLinks=true
28       */
29      public static final String BOOKMARK_URL = "/kr-krad/lookup?methodToCall=start&dataObjectClassName=org.kuali.rice.krad.demo.travel.account.TravelAccount&hideReturnLink=true&showMaintenanceLinks=true";
30      
31      /**
32       * Search
33       */
34      public static final String SEARCH = "Search";
35      
36      /**
37       * Clear Values
38       */
39      public static final String CLEAR_VALUES = "Clear Values";
40  
41      /**
42       * Travel account number field
43       */
44      public static final String TRAVEL_ACCOUNT_NUMBER_FIELD = "lookupCriteria[number]";
45  
46      /**
47       * Travel account name field
48       */
49      public static final String TRAVEL_ACCOUNT_NAME_FIELD = "lookupCriteria[name]";
50  
51      /**
52       * Sub account field
53       */
54      public static final String SUB_ACCOUNT_FIELD = "lookupCriteria[subAccount]";
55  
56      /**
57       * Sub account name field
58       */
59      public static final String SUB_ACCOUNT_NAME_FIELD = "lookupCriteria[subAccountName]";
60  
61      /**
62       * Fiscal officer user id
63       */
64      public static final String FISCCAL_OFFICER_USER_ID = "lookupCriteria[fiscalOfficer.principalName]";
65  
66      @Override
67      public String getBookmarkUrl() {
68          return BOOKMARK_URL;
69      }
70  
71      @Override
72      protected void navigate() throws Exception {
73          waitAndClickById("Demo-DemoLink", "");
74          waitAndClickByLinkText("Account Lookup");
75      }
76  
77      protected void testTravelAccountLookUp() throws Exception {
78          waitAndTypeByName(TRAVEL_ACCOUNT_NUMBER_FIELD,"a1");
79          waitAndClickButtonByText(SEARCH);
80          waitForElementPresentByXpath("//a[contains(text(), 'a1')]");
81          waitAndClickButtonByText(CLEAR_VALUES);
82          Thread.sleep(3000);
83          waitAndClickButtonByText(SEARCH);
84          Thread.sleep(3000);
85          assertElementPresentByXpath("//a[contains(text(), 'a1')]");
86          assertElementPresentByXpath("//a[contains(text(), 'a2')]");
87      }
88  
89      protected void testTravelAccountLookUpXss(String fieldName) throws Exception {
90          waitAndTypeByName(fieldName,"\"/><script>alert('!')</script>");
91          waitAndClickButtonByText(SEARCH);
92          Thread.sleep(1000);
93          if(isAlertPresent())    {
94              fail(fieldName + " caused XSS.");
95          }
96          waitAndClickButtonByText(CLEAR_VALUES);
97          Thread.sleep(1000);
98      }
99  
100     public boolean isAlertPresent()
101     {
102         try
103         {
104             driver.switchTo().alert();
105             return true;
106         }   // try
107         catch (Exception Ex)
108         {
109             return false;
110         }   // catch
111     }   // isAlertPresent()
112 
113 
114     @Test
115     public void testTravelAccountLookUpBookmark() throws Exception {
116         testTravelAccountLookUp();
117         testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NUMBER_FIELD);
118 //        testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NAME_FIELD); // in 2.3 this is readonly (and masked)
119         testTravelAccountLookUpXss(SUB_ACCOUNT_FIELD);
120 //        testTravelAccountLookUpXss(SUB_ACCOUNT_NAME_FIELD);  // in 2.3 this is readonly (and masked)
121         testTravelAccountLookUpXss("lookupCriteria[foId]"); // in 2.3 this has a different name
122         passed();
123     }
124 
125     @Test
126     public void testTravelAccountLookUpNav() throws Exception {
127         testTravelAccountLookUp();
128         testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NUMBER_FIELD);
129 //        testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NAME_FIELD); // in 2.3 this is readonly (and masked)
130         testTravelAccountLookUpXss(SUB_ACCOUNT_FIELD);
131 //        testTravelAccountLookUpXss(SUB_ACCOUNT_NAME_FIELD);  // in 2.3 this is readonly (and masked)
132         testTravelAccountLookUpXss("lookupCriteria[foId]"); // in 2.3 this has a different name
133         passed();
134     }
135 }