fix tests that check cron expression. Do javascript-based validation of an empty...

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1178288 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/RepositoryTest.java b/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/RepositoryTest.java
index 94db3f39c6d07666cf25264cdba3ec4e3f96d425..b51bc0694461e31d7d8e56188e3dc8a2b8ca359d 100644 (file)
--- a/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/RepositoryTest.java
+++ b/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/RepositoryTest.java
@@ -38,7 +38,7 @@ public class RepositoryTest
         assertRepositoriesPage();
     }
 
-    @Test( dependsOnMethods = { "testAddManagedRepoValidValues" }, enabled = false )
+    @Test( dependsOnMethods = { "testAddManagedRepoValidValues" } )
     public void testAddManagedRepoInvalidValues()
     {
         getSelenium().open( "/archiva/admin/addRepository.action" );
@@ -55,8 +55,7 @@ public class RepositoryTest
             "Index directory must only contain alphanumeric characters, equals(=), question-marks(?), exclamation-points(!), ampersands(&), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), tildes(~), and dashes(-)." );
         assertTextPresent( "Repository Purge By Retention Count needs to be between 1 and 100." );
         assertTextPresent( "Repository Purge By Days Older Than needs to be larger than 0." );
-        // FIXME: broken
-        assertTextPresent( "Invalid cron expression." );
+        assertTextPresent( "Cron expression is required." );
     }
 
     @Test
@@ -123,7 +122,7 @@ public class RepositoryTest
         assertTextPresent( "Repository Purge By Days Older Than needs to be larger than 0." );
     }
 
-    @Test( enabled = false )
+    @Test
     public void testAddManagedRepoBlankValues()
     {
         getSelenium().open( "/archiva/admin/addRepository.action" );
@@ -132,8 +131,7 @@ public class RepositoryTest
         assertTextPresent( "You must enter a repository identifier." );
         assertTextPresent( "You must enter a repository name." );
         assertTextPresent( "You must enter a directory." );
-        // FIXME: broken
-        assertTextPresent( "Invalid cron expression." );
+        assertTextPresent( "Cron expression is required." );
     }
 
     @Test
@@ -165,15 +163,14 @@ public class RepositoryTest
         assertTextPresent( "You must enter a directory." );
     }
 
-    @Test( enabled = false )
+    @Test
     public void testAddManagedRepoNoCron()
     {
         getSelenium().open( "/archiva/admin/addRepository.action" );
 
         addManagedRepository( "identifier", "name", "/home", "/.index", "Maven 2.x Repository", "", "", "", false );
 
-        // FIXME: broken
-        assertTextPresent( "Invalid cron expression." );
+        assertTextPresent( "Cron expression is required." );
     }
 
     @Test
@@ -186,7 +183,7 @@ public class RepositoryTest
         assertTextPresent( "Managed Repository Sample" );
     }
 
-    @Test( dependsOnMethods = { "testAddManagedRepoForEdit" }, enabled = false )
+    @Test( dependsOnMethods = { "testAddManagedRepoForEdit" } )
     public void testEditManagedRepoInvalidValues()
     {
         editManagedRepository( "<>\\~+[]'\"", "<> ~+[ ]'\"", "<> ~+[ ]'\"", "Maven 2.x Repository", "", "-1", "101" );
@@ -198,8 +195,7 @@ public class RepositoryTest
             "Index directory must only contain alphanumeric characters, equals(=), question-marks(?), exclamation-points(!), ampersands(&), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), tildes(~), and dashes(-)." );
         assertTextPresent( "Repository Purge By Retention Count needs to be between 1 and 100." );
         assertTextPresent( "Repository Purge By Days Older Than needs to be larger than 0." );
-        // FIXME: broken
-        assertTextPresent( "Invalid cron expression." );
+        assertTextPresent( "Cron expression is required." );
     }
 
     @Test( dependsOnMethods = { "testAddManagedRepoForEdit" } )
@@ -226,11 +222,24 @@ public class RepositoryTest
             "Index directory must only contain alphanumeric characters, equals(=), question-marks(?), exclamation-points(!), ampersands(&), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), tildes(~), and dashes(-)." );
     }
 
-    @Test( dependsOnMethods = { "testAddManagedRepoForEdit" }, enabled = false )
-    public void testEditManagedRepoInvalidCron()
+    @Test( dependsOnMethods = { "testAddManagedRepoForEdit" } )
+    public void testEditManagedRepoInvalidCronBadText()
+    {
+        editManagedRepository( "name", "/home", "/.index", "Maven 2.x Repository", "asdf", "1", "1" );
+        assertTextPresent( "Invalid cron expression." );
+    }
+
+    @Test( dependsOnMethods = { "testAddManagedRepoForEdit" } )
+    public void testEditManagedRepoInvalidCronBadValue()
+    {
+        editManagedRepository( "name", "/home", "/.index", "Maven 2.x Repository", "60 0 * * * ?", "1", "1" );
+        assertTextPresent( "Invalid cron expression." );
+    }
+
+    @Test( dependsOnMethods = { "testAddManagedRepoForEdit" } )
+    public void testEditManagedRepoInvalidCronTooManyElements()
     {
-        editManagedRepository( "name", "/home", "/.index", "Maven 2.x Repository", "", "1", "1" );
-        // FIXME: broken
+        editManagedRepository( "name", "/home", "/.index", "Maven 2.x Repository", "* * * * * * * *", "1", "1" );
         assertTextPresent( "Invalid cron expression." );
     }
 
@@ -342,4 +351,4 @@ public class RepositoryTest
         assertPage( "Collection: /" );
         assertTextPresent( "Collection: /" );
     }
-}
\ No newline at end of file
+}

diff --git a/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java b/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java
index fe868956a158525e6d958f258dc961d9837a07ed..0f05752c9d19ba6e442d85c7fcf69c54a06422f0 100644 (file)
--- a/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java
+++ b/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java
@@ -154,9 +154,10 @@ public class XSSSecurityTest
         assertTextPresent( "Possible CSRF attack detected! Invalid token found in the request." );
     }
 
-    @Test( enabled = false )
+    @Test
     public void testAddManagedRepositoryImmunityToInputFieldCrossSiteScripting()
     {
+        // TODO: these are evaluated client side now - we should force it to do server-side to make sure (though this could probably be tested in the webapp tests instead)
         getSelenium().open( "/archiva/admin/addRepository.action" );
         addManagedRepository( "test\"><script>alert('xss')</script>", "test\"><script>alert('xss')</script>",
                               "test\"><script>alert('xss')</script>", "test\"><script>alert('xss')</script>",
@@ -172,7 +173,16 @@ public class XSSSecurityTest
             "Index directory must only contain alphanumeric characters, equals(=), question-marks(?), exclamation-points(!), ampersands(&), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), tildes(~), and dashes(-)." );
         assertTextPresent( "Repository Purge By Retention Count needs to be between 1 and 100." );
         assertTextPresent( "Repository Purge By Days Older Than needs to be larger than 0." );
-        // FIXME: broken
+        assertTextPresent( "Cron expression is required." );
+    }
+
+    @Test
+    public void testAddManagedRepositoryImmunityToInputFieldCrossSiteScriptingCron()
+    {
+        // separate test because cron is evaluated server side, not client side
+        getSelenium().open( "/archiva/admin/addRepository.action" );
+        addManagedRepository( "id", "name", "/home", "/.index", "Maven 2.x Repository",
+                              "<test\"><script>alert('xss')</script>", "1", "1", true );
         assertTextPresent( "Invalid cron expression." );
     }
 
@@ -241,4 +251,4 @@ public class XSSSecurityTest
         assertTextPresent(
             "Username must only contain alphanumeric characters, at's(@), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), and dashes(-)." );
     }
-}
\ No newline at end of file
+}

diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/repositories/AddManagedRepositoryAction.java b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/repositories/AddManagedRepositoryAction.java
index 885079818e10be49504ca698a5fd84aefb357283..488db6c68707374cc066f0c67443f7b711d6ce9d 100644 (file)
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/repositories/AddManagedRepositoryAction.java
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/repositories/AddManagedRepositoryAction.java
@@ -24,6 +24,7 @@ import com.opensymphony.xwork2.Validateable;
 import org.apache.archiva.admin.model.RepositoryAdminException;
 import org.apache.archiva.admin.model.beans.ManagedRepository;
 import org.apache.commons.lang.StringUtils;
+import org.codehaus.redback.components.scheduler.CronExpressionValidator;
 import org.springframework.context.annotation.Scope;
 import org.springframework.stereotype.Controller;
 
@@ -102,6 +103,13 @@ public class AddManagedRepositoryAction
     @Override
     public void validate()
     {
+        CronExpressionValidator validator = new CronExpressionValidator();
+
+        if ( !validator.validate( repository.getCronExpression() ) )
+        {
+            addFieldError( "repository.cronExpression", "Invalid cron expression." );
+        }
+
         // trim all unecessary trailing/leading white-spaces; always put this statement before the closing braces(after all validation).
         trimAllRequestParameterValues();
     }

diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/repositories/EditManagedRepositoryAction.java b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/repositories/EditManagedRepositoryAction.java
index e4a9dbfd0e2ceb4e317c33032d2408c16cf6d511..f28047afee462bf659e10aaea06b13d1f714d28c 100644 (file)
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/repositories/EditManagedRepositoryAction.java
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/repositories/EditManagedRepositoryAction.java
@@ -135,7 +135,7 @@ public class EditManagedRepositoryAction
 
         if ( !validator.validate( repository.getCronExpression() ) )
         {
-            addFieldError( "repository.refreshCronExpression", "Invalid cron expression." );
+            addFieldError( "repository.cronExpression", "Invalid cron expression." );
         }
 
         trimAllRequestParameterValues();

diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/archiva/web/action/admin/repositories/AddManagedRepositoryAction-validation.xml b/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/archiva/web/action/admin/repositories/AddManagedRepositoryAction-validation.xml
index 8c951cbd10143afc00ac4bb4c924c35bbee54838..68ffb6cf772f1e15a82ae6151c0326a194901950 100644 (file)
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/archiva/web/action/admin/repositories/AddManagedRepositoryAction-validation.xml
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/archiva/web/action/admin/repositories/AddManagedRepositoryAction-validation.xml
@@ -73,4 +73,9 @@
       <message>Repository Purge By Days Older Than needs to be larger than ${min}.</message>
     </field-validator>    
   </field>
+  <field name="repository.cronExpression">
+    <field-validator type="requiredstring">
+      <message>Cron expression is required.</message>
+    </field-validator>
+  </field>
 </validators>

diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/archiva/web/action/admin/repositories/EditManagedRepositoryAction-validation.xml b/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/archiva/web/action/admin/repositories/EditManagedRepositoryAction-validation.xml
index abc9e5526caa8b6818b8e6a047177f169e804d41..9f82c37bd897e1336386de526c8b949f4c532af9 100644 (file)
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/archiva/web/action/admin/repositories/EditManagedRepositoryAction-validation.xml
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/archiva/web/action/admin/repositories/EditManagedRepositoryAction-validation.xml
@@ -73,4 +73,9 @@
       <message>Repository Purge By Days Older Than needs to be larger than ${min}.</message>
     </field-validator>
   </field>
+  <field name="repository.cronExpression">
+    <field-validator type="requiredstring">
+      <message>Cron expression is required.</message>
+    </field-validator>
+  </field>
 </validators>