View Javadoc
1   /**
2    * Copyright 2005-2014 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.krad.labs.transactional;
17  
18  import org.apache.commons.lang.StringUtils;
19  import org.openqa.selenium.By;
20  import org.openqa.selenium.WebElement;
21  
22  /**
23   * @author Kuali Rice Team (rice.collab@kuali.org)
24   */
25  public class LabsLookupSecurityTravelAuthorizationDocumentBase extends LabsTransactionalBase {
26  
27      /**
28       * /kr-krad/approval?methodToCall=docHandler&command=initiate&docTypeName=TravelAuthorization&viewName=LabsLookupSecurityTravelAuthorization
29       */
30      public static final String BOOKMARK_URL = "/kr-krad/approval?methodToCall=docHandler&command=initiate&docTypeName=TravelAuthorization&viewName=LabsLookupSecurityTravelAuthorization";
31  
32      private static final String PHONE_NUMBER_NAME = "document.travelerDetail.phoneNumber";
33      private static final String PHONE_NUMBER_DECRYPTED = "8005551212";
34  
35      private static final String CUSTOMER_NUMBER_NAME = "document.travelerDetail.customerNumber";
36      private static final String CUSTOMER_NUMBER_DECRYPTED = "CUST";
37  
38      private static final String EMAIL_ADDRESS_NAME = "document.travelerDetail.emailAddress";
39  
40      private static final String TRAVELER_TYPE_CODE_NAME = "travelerType.code";
41  
42      private static final String CONVERSION_FIELDS = "conversionFields=";
43      private static final String ERRANT_CONVERSION_FIELD = TRAVELER_TYPE_CODE_NAME + "%3A" + EMAIL_ADDRESS_NAME + "%2C";
44  
45      @Override
46      protected String getBookmarkUrl() {
47          return BOOKMARK_URL;
48      }
49  
50      @Override
51      protected void navigate() throws Exception {
52          navigateToTransactional("Transactional Sample - Lookup Security");
53          waitAndClickByLinkText("Travel Authorization Transactional Sample - Lookup Security");
54      }
55  
56      /**
57       * Tests the basic case in which the phone number does not appear anywhere on the page decrypted.
58       *
59       * @throws Exception
60       */
61      protected void testTransactionalLookupSecurity() throws Exception {
62          waitAndClick(By.id("travelerQuickfinder_quickfinder_act"));
63          waitAndClickSearch3();
64          waitAndClickReturnValue();
65  
66          assertElementPresentByName(PHONE_NUMBER_NAME);
67          WebElement element = findElement(By.name(PHONE_NUMBER_NAME));
68          String phoneNumber = element.getAttribute("value");
69  
70          assertTrue("Secure field phoneNumber was not empty", StringUtils.isBlank(phoneNumber));
71          assertTextNotPresent(PHONE_NUMBER_DECRYPTED);
72      }
73  
74      /**
75       * Tests the case in which the data dictionary phone number conversion field is changed to have it appear in the
76       * email address field, which is not secured.
77       *
78       * @throws Exception
79       */
80      protected void testTransactionalLookupSecurityAddDataDictionaryConversionField() throws Exception {
81          waitAndClick(By.id("travelerQuickfinder_quickfinder_act"));
82          waitForPageToLoad();
83  
84          String newUrl = StringUtils.replace(driver.getCurrentUrl(), PHONE_NUMBER_NAME, EMAIL_ADDRESS_NAME);
85          open(newUrl);
86          waitForPageToLoad();
87  
88          waitAndClickSearch3();
89          waitAndClickReturnValue();
90  
91          assertElementPresentByName(EMAIL_ADDRESS_NAME);
92          WebElement element = findElement(By.name(EMAIL_ADDRESS_NAME));
93          String emailAddress = element.getAttribute("value");
94  
95          assertTrue("Non-secure field emailAddress was not empty", StringUtils.isBlank(emailAddress));
96          assertTextNotPresent(PHONE_NUMBER_DECRYPTED);
97      }
98  
99      /**
100      * Tests the case in which the UIf customer number conversion field is changed to have it appear in the email
101      * address field, which is not secured.
102      *
103      * @throws Exception
104      */
105     protected void testTransactionalLookupSecurityAddUifConversionField() throws Exception {
106         waitAndClick(By.id("travelerQuickfinder_quickfinder_act"));
107         waitForPageToLoad();
108 
109         String newUrl = StringUtils.replace(driver.getCurrentUrl(), CUSTOMER_NUMBER_NAME, EMAIL_ADDRESS_NAME);
110         open(newUrl);
111         waitForPageToLoad();
112 
113         waitAndClickSearch3();
114         waitAndClickReturnValue();
115 
116         assertElementPresentByName(EMAIL_ADDRESS_NAME);
117         WebElement element = findElement(By.name(EMAIL_ADDRESS_NAME));
118         String emailAddress = element.getAttribute("value");
119 
120         assertTrue("Non-secure field emailAddress was not empty", StringUtils.isBlank(emailAddress));
121         assertTextNotPresent(CUSTOMER_NUMBER_DECRYPTED);
122     }
123 
124     /**
125      * Tests the case in which the a new conversion field is added so that a field that is not referenced in either the
126      * data dictionary or the Uif (the traveler type code) appears in the email address field, which is not secured.
127      *
128      * @throws Exception
129      */
130     protected void testTransactionalLookupSecurityAddHiddenConversionField() throws Exception {
131         waitAndClick(By.id("travelerQuickfinder_quickfinder_act"));
132         waitForPageToLoad();
133 
134         int splitPosition = StringUtils.indexOf(driver.getCurrentUrl(), CONVERSION_FIELDS) + CONVERSION_FIELDS.length();
135         String before = StringUtils.substring(driver.getCurrentUrl(), 0, splitPosition);
136         String after = StringUtils.substring(driver.getCurrentUrl(), splitPosition);
137         String newUrl = before + ERRANT_CONVERSION_FIELD + after;
138         open(newUrl);
139         waitForPageToLoad();
140 
141         waitAndClickSearch3();
142         waitAndClickReturnValue();
143 
144         assertElementPresentByName(EMAIL_ADDRESS_NAME);
145         WebElement element = findElement(By.name(EMAIL_ADDRESS_NAME));
146         String emailAddress = element.getAttribute("value");
147 
148         assertTrue("Non-secure field emailAddress was not empty", StringUtils.isBlank(emailAddress));
149     }
150 
151 }