Source code

001/**
002 * Copyright 2005-2013 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package edu.samplu.krad.demo.travel.account;
017
018import edu.samplu.common.SmokeTestBase;
019import org.junit.Test;
020
021/**
022 * @author Kuali Rice Team (rice.collab@kuali.org)
023 */
024public class DemoTravelAccountLookUpSmokeTest extends SmokeTestBase {
025
026    /**
027     * /kr-krad/lookup?methodToCall=start&dataObjectClassName=org.kuali.rice.krad.demo.travel.account.TravelAccount&hideReturnLink=true&showMaintenanceLinks=true
028     */
029    public static final String BOOKMARK_URL = "/kr-krad/lookup?methodToCall=start&dataObjectClassName=org.kuali.rice.krad.demo.travel.account.TravelAccount&hideReturnLink=true&showMaintenanceLinks=true";
030    
031    /**
032     * Search
033     */
034    public static final String SEARCH = "Search";
035    
036    /**
037     * Clear Values
038     */
039    public static final String CLEAR_VALUES = "Clear Values";
040
041    /**
042     * Travel account number field
043     */
044    public static final String TRAVEL_ACCOUNT_NUMBER_FIELD = "lookupCriteria[number]";
045
046    /**
047     * Travel account name field
048     */
049    public static final String TRAVEL_ACCOUNT_NAME_FIELD = "lookupCriteria[name]";
050
051    /**
052     * Sub account field
053     */
054    public static final String SUB_ACCOUNT_FIELD = "lookupCriteria[subAccount]";
055
056    /**
057     * Sub account name field
058     */
059    public static final String SUB_ACCOUNT_NAME_FIELD = "lookupCriteria[subAccountName]";
060
061    /**
062     * Fiscal officer user id
063     */
064    public static final String FISCCAL_OFFICER_USER_ID = "lookupCriteria[fiscalOfficer.principalName]";
065
066    @Override
067    public String getBookmarkUrl() {
068        return BOOKMARK_URL;
069    }
070
071    @Override
072    protected void navigate() throws Exception {
073        waitAndClickById("Demo-DemoLink", "");
074        waitAndClickByLinkText("Account Lookup");
075    }
076
077    protected void testTravelAccountLookUp() throws Exception {
078        waitAndTypeByName(TRAVEL_ACCOUNT_NUMBER_FIELD,"a1");
079        waitAndClickButtonByText(SEARCH);
080        waitForElementPresentByXpath("//a[contains(text(), 'a1')]");
081        waitAndClickButtonByText(CLEAR_VALUES);
082        Thread.sleep(3000);
083        waitAndClickButtonByText(SEARCH);
084        Thread.sleep(3000);
085        assertElementPresentByXpath("//a[contains(text(), 'a1')]");
086        assertElementPresentByXpath("//a[contains(text(), 'a2')]");
087    }
088
089    protected void testTravelAccountLookUpXss(String fieldName) throws Exception {
090        waitAndTypeByName(fieldName,"\"/><script>alert('!')</script>");
091        waitAndClickButtonByText(SEARCH);
092        Thread.sleep(1000);
093        if(isAlertPresent())    {
094            fail(fieldName + " caused XSS.");
095        }
096        waitAndClickButtonByText(CLEAR_VALUES);
097        Thread.sleep(1000);
098    }
099
100    public boolean isAlertPresent()
101    {
102        try
103        {
104            driver.switchTo().alert();
105            return true;
106        }   // try
107        catch (Exception Ex)
108        {
109            return false;
110        }   // catch
111    }   // isAlertPresent()
112
113
114    @Test
115    public void testTravelAccountLookUpBookmark() throws Exception {
116        testTravelAccountLookUp();
117        testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NUMBER_FIELD);
118//        testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NAME_FIELD); // in 2.3 this is readonly (and masked)
119        testTravelAccountLookUpXss(SUB_ACCOUNT_FIELD);
120//        testTravelAccountLookUpXss(SUB_ACCOUNT_NAME_FIELD);  // in 2.3 this is readonly (and masked)
121        testTravelAccountLookUpXss("lookupCriteria[foId]"); // in 2.3 this has a different name
122        passed();
123    }
124
125    @Test
126    public void testTravelAccountLookUpNav() throws Exception {
127        testTravelAccountLookUp();
128        testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NUMBER_FIELD);
129//        testTravelAccountLookUpXss(TRAVEL_ACCOUNT_NAME_FIELD); // in 2.3 this is readonly (and masked)
130        testTravelAccountLookUpXss(SUB_ACCOUNT_FIELD);
131//        testTravelAccountLookUpXss(SUB_ACCOUNT_NAME_FIELD);  // in 2.3 this is readonly (and masked)
132        testTravelAccountLookUpXss("lookupCriteria[foId]"); // in 2.3 this has a different name
133        passed();
134    }
135}