001    /**
002     * Copyright 2005-2013 The Kuali Foundation
003     *
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     * http://www.opensource.org/licenses/ecl2.php
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package edu.samplu.krad.demo.travel.account;
017    
018    import edu.samplu.common.SmokeTestBase;
019    import org.junit.Test;
020    
021    /**
022     * @author Kuali Rice Team (rice.collab@kuali.org)
023     */
024    public class DemoTravelAccountLookUpSmokeTest extends SmokeTestBase {
025    
026        /**
027         * /kr-krad/lookup?methodToCall=start&dataObjectClassName=org.kuali.rice.krad.demo.travel.account.TravelAccount&hideReturnLink=true&showMaintenanceLinks=true
028         */
029        public static final String BOOKMARK_URL = "/kr-krad/lookup?methodToCall=start&dataObjectClassName=org.kuali.rice.krad.demo.travel.account.TravelAccount&hideReturnLink=true&showMaintenanceLinks=true";
030        
031        /**
032         * Search
033         */
034        public static final String SEARCH = "Search";
035        
036        /**
037         * Clear Values
038         */
039        public static final String CLEAR_VALUES = "Clear Values";
040    
041        /**
042         * Travel account number field
043         */
044        public static final String TRAVEL_ACCOUNT_NUMBER_FIELD = "lookupCriteria[number]";
045    
046        /**
047         * Travel account name field
048         */
049        public static final String TRAVEL_ACCOUNT_NAME_FIELD = "lookupCriteria[name]";
050    
051        /**
052         * Sub account field
053         */
054        public static final String SUB_ACCOUNT_FIELD = "lookupCriteria[subAccount]";
055    
056        /**
057         * Sub account name field
058         */
059        public static final String SUB_ACCOUNT_NAME_FIELD = "lookupCriteria[subAccountName]";
060    
061        /**
062         * Fiscal officer user id
063         */
064        public static final String FISCCAL_OFFICER_USER_ID = "lookupCriteria[fiscalOfficer.principalName]";
065    
066        @Override
067        public String getBookmarkUrl() {
068            return BOOKMARK_URL;
069        }
070    
071        @Override
072        protected void navigate() throws Exception {
073            waitAndClickById("Demo-DemoLink", "");
074            waitAndClickByLinkText("Account Lookup");
075        }
076    
077        protected void testTravelAccountLookUp() throws Exception {
078            waitAndTypeByName(TRAVEL_ACCOUNT_NUMBER_FIELD,"a1");
079            waitAndClickButtonByText(SEARCH);
080            waitForElementPresentByXpath("//a[contains(text(), 'a1')]");
081            waitAndClickButtonByText(CLEAR_VALUES);
082            Thread.sleep(3000);
083            waitAndClickButtonByText(SEARCH);
084            Thread.sleep(3000);
085            assertElementPresentByXpath("//a[contains(text(), 'a1')]");
086            assertElementPresentByXpath("//a[contains(text(), 'a2')]");
087        }
088    
089        protected void testTravelAccountLookUpXss(String fieldName) throws Exception {
090            waitAndTypeByName(fieldName,"\"/><script>alert('!')</script>");
091            waitAndClickButtonByText(SEARCH);
092            Thread.sleep(1000);
093            if(isAlertPresent())    {
094                fail(fieldName + " caused XSS.");
095            }
096            waitAndClickButtonByText(CLEAR_VALUES);
097            Thread.sleep(1000);
098        }
099    
100        public boolean isAlertPresent()
101        {
102            try
103            {
104                driver.switchTo().alert();
105                return true;
106            }   // try
107            catch (Exception Ex)
108            {
109                return false;
110            }   // catch
111        }   // isAlertPresent()
112    
113    
114        @Test
115        public void testTravelAccountLookUpBookmark() throws Exception {
116            testTravelAccountLookUp();
117            testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NUMBER_FIELD);
118    //        testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NAME_FIELD); // in 2.3 this is readonly (and masked)
119            testTravelAccountLookUpXss(SUB_ACCOUNT_FIELD);
120    //        testTravelAccountLookUpXss(SUB_ACCOUNT_NAME_FIELD);  // in 2.3 this is readonly (and masked)
121            testTravelAccountLookUpXss("lookupCriteria[foId]"); // in 2.3 this has a different name
122            passed();
123        }
124    
125        @Test
126        public void testTravelAccountLookUpNav() throws Exception {
127            testTravelAccountLookUp();
128            testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NUMBER_FIELD);
129    //        testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NAME_FIELD); // in 2.3 this is readonly (and masked)
130            testTravelAccountLookUpXss(SUB_ACCOUNT_FIELD);
131    //        testTravelAccountLookUpXss(SUB_ACCOUNT_NAME_FIELD);  // in 2.3 this is readonly (and masked)
132            testTravelAccountLookUpXss("lookupCriteria[foId]"); // in 2.3 this has a different name
133            passed();
134        }
135    }