On Thu, May 13, 2010 at 22:51, sdumitriu <enterprise-notifications(a)xwiki.org
wrote:
Author: sdumitriu
Date: 2010-05-13 22:51:35 +0200 (Thu, 13 May 2010)
New Revision: 28862
Added:
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/TemplateTest.java
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/elements/WikiEditPage.java
Log:
XWIKI-2580: Improve file access sandboxing
Added some more tests.
Patch from Alex Busenius applied with minor changes.
Added:
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/TemplateTest.java
===================================================================
---
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/TemplateTest.java
(rev 0)
+++
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/TemplateTest.java
2010-05-13 20:51:35 UTC (rev 28862)
@@ -0,0 +1,135 @@
+/*
+ * See the NOTICE file distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.xwiki.it.ui;
+
+import junit.framework.Assert;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.openqa.selenium.By;
+import org.xwiki.it.ui.elements.WikiEditPage;
+import org.xwiki.it.ui.framework.AbstractAdminAuthenticatedTest;
+
+
+/**
+ * Test template handling
+ *
+ * @version $Id$
+ * @since 2.4M1
+ */
+public class TemplateTest extends AbstractAdminAuthenticatedTest
+{
+ /** Page used for testing: Main.TemplateTest */
+ private WikiEditPage editPage;
+
+
+ @Before
+ @Override
+ public void setUp()
+ {
+ super.setUp();
+
+ editPage = new WikiEditPage(getDriver());
+ }
+
+ /**
+ * Test that velocity is rendered
+ */
+ @Test
+ public void testHelloVelocity()
+ {
+ String hello = "Hello Velocity Test Test Test";
+ saveVelocity(hello);
+
Assert.assertTrue(getDriver().findElement(By.id("xwikicontent")).getText().contains(hello));
+ }
+
+ /**
+ * Test that an included existing template is displayed correctly
+ */
+ @Test
+ public void testCorrectTemplate()
+ {
+ saveVelocity(includeTemplate("code.vm"), true);
+ Assert.assertNotNull(getDriver().findElement(
+
By.xpath("//div[@id='xwikicontent']//textarea[@class='wiki-code']")));
+ }
+
+ /**
+ * See XWIKI-2580
+ */
+ @Test
+ public void testWrongTemplate()
+ {
+ saveVelocity(includeTemplate("../../"));
+ Assert.assertTrue("root directory",
+
getDriver().findElement(By.id("xwikicontent")).getText().isEmpty());
String#isEmpty is JAVA 6 API so that will fail to build with our maven
configuration.
+
+ saveVelocity(includeTemplate("asdfasdf"));
+ Assert.assertTrue("not existing template",
+
getDriver().findElement(By.id("xwikicontent")).getText().isEmpty());
+
+ saveVelocity(includeTemplate("../redirect"));
+ Assert.assertTrue("file in the parent directory",
+
getDriver().findElement(By.id("xwikicontent")).getText().isEmpty());
+
+ saveVelocity(includeTemplate("../WEB-INF/version.properties"));
+ Assert.assertTrue("file in the wrong directory",
+
getDriver().findElement(By.id("xwikicontent")).getText().isEmpty());
+
+
saveVelocity(includeTemplate("/chw/../../WEB-INF/../WEB-INF/lib/../version.properties"));
+ Assert.assertTrue("file in the wrong directory, not normalized
path",
+
getDriver().findElement(By.id("xwikicontent")).getText().isEmpty());
+ }
+
+ /**
+ * @see #saveVelocity(String, boolean)
+ */
+ private void saveVelocity(String code)
+ {
+ saveVelocity(code, false);
+ }
+
+ /**
+ * Save a page with given velocity code and switch to view. Encloses
<code>code</code>
+ * into the {{velocity}} macro and optionally also {{html}} macro.
+ *
+ * @param code velocity code to save
+ * @param html additionally enclose <code>code</code> in {{html}} if
true
+ */
+ private void saveVelocity(String code, boolean html)
+ {
+ editPage.switchToEdit("Main", "TemplateTest");
+ if (html) {
+ code = "{{html wiki=\"false\"}}\n" + code +
"\n{{/html}}";
+ }
+ editPage.setContent("{{velocity filter=\"none\"}}\n" + code
+
"\n{{/velocity}}\n");
+ editPage.clickSaveAndView();
+ }
+
+ /**
+ * Return velocity code to include a velocity template
<code>name</code>
+ *
+ * @param name template to use
+ */
+ private String includeTemplate(String name)
+ {
+ return "#template(\"" + name + "\")\n";
+ }
+}
Property changes on:
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/TemplateTest.java
___________________________________________________________________
Name: svn:keywords
+ Author Id Revision HeadURL
Name: svn:eol-style
+ native
Added:
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/elements/WikiEditPage.java
===================================================================
---
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/elements/WikiEditPage.java
(rev 0)
+++
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/elements/WikiEditPage.java
2010-05-13 20:51:35 UTC (rev 28862)
@@ -0,0 +1,108 @@
+/*
+ * See the NOTICE file distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.xwiki.it.ui.elements;
+
+import org.openqa.selenium.WebDriver;
+import org.openqa.selenium.WebElement;
+import org.openqa.selenium.support.FindBy;
+import org.xwiki.it.ui.framework.TestUtils;
+
+/**
+ * Represents the common actions possible on all Pages when using the
"edit" action with "wiki"
+ * editor
+ *
+ * @version $Id$
+ * @since 2.4M1
+ */
+public class WikiEditPage extends EditPage
+{
+ @FindBy(id = "xwikidoctitleinput")
+ private WebElement titleInput;
+
+ @FindBy(id = "content")
+ private WebElement contentText;
+
+ @FindBy(name = "minorEdit")
+ private WebElement minorEditCheckBox;
+
+ @FindBy(name = "comment")
+ private WebElement commentInput;
+
+
+ public WikiEditPage(WebDriver driver)
+ {
+ super(driver);
+ }
+
+ /**
+ * Set the <code>title</code> of the page
+ *
+ * @param title
+ */
+ public void setTitle(String title)
+ {
+ titleInput.clear();
+ titleInput.sendKeys(title);
+ }
+
+ /**
+ * Set the <code>content</code> of the page
+ *
+ * @param content
+ */
+ public void setContent(String content)
+ {
+ contentText.clear();
+ contentText.sendKeys(content);
+ }
+
+ /**
+ * Set the minor edit check box value
+ *
+ * @param value
+ */
+ public void setMinorEdit(boolean value)
+ {
+ if (minorEditCheckBox.isSelected() != value)
+ minorEditCheckBox.toggle();
+ }
+
+ /**
+ * Set <code>comment</code> for this change
+ *
+ * @param comment
+ */
+ public void setEditComment(String comment)
+ {
+ commentInput.clear();
+ commentInput.sendKeys(comment);
+ }
+
+ /**
+ * Start editing page, create first if needed
+ *
+ * @param space
+ * @param page
+ */
+ public void switchToEdit(String space, String page)
+ {
+ TestUtils.gotoPage(space, page, "edit", "editor=wiki",
getDriver());
+ }
+}
Property changes on:
enterprise/trunk/distribution-test/ui-tests/src/test/it/org/xwiki/it/ui/elements/WikiEditPage.java
___________________________________________________________________
Name: svn:keywords
+ Author Id Revision HeadURL
Name: svn:eol-style
+ native
_______________________________________________
notifications mailing list
notifications(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/notifications
--
Thomas Mortagne