/*
* Copyright (C) 2008-2017, Juick
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see .
*/
package com.juick.server.tests;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.juick.ExternalToken;
import com.juick.Message;
import com.juick.Tag;
import com.juick.User;
import com.juick.server.EmailManager;
import com.juick.server.XMPPBot;
import com.juick.server.XMPPServer;
import com.juick.server.configuration.ApiAppConfiguration;
import com.juick.server.configuration.ApiSecurityConfig;
import com.juick.server.helpers.TagStats;
import com.juick.service.*;
import com.juick.service.security.NotAuthorizedAuthenticationEntryPoint;
import com.juick.util.DateFormattersHolder;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.http.MediaType;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.AbstractJUnit4SpringContextTests;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;
import rocks.xmpp.addr.Jid;
import rocks.xmpp.core.stanza.model.Stanza;
import rocks.xmpp.core.stanza.model.server.ServerMessage;
import javax.inject.Inject;
import java.lang.reflect.InvocationTargetException;
import java.text.ParseException;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Scanner;
import java.util.stream.IntStream;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.*;
import static org.junit.Assert.assertEquals;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
/**
* Created by vitalyster on 25.11.2016.
*/
@RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
@TestPropertySource(properties = {"broken_ssl_hosts=localhost,serverstorageisfull.tld", "xmpp_disabled=true"})
@AutoConfigureMockMvc
public class ServerTests extends AbstractJUnit4SpringContextTests {
@Inject
private MockMvc mockMvc;
@Inject
private MessagesService messagesService;
@Inject
private UserService userService;
@Inject
private TagService tagService;
@Inject
private ObjectMapper jsonMapper;
@Inject
private ImagesService imagesService;
@Inject
private WebApplicationContext wac;
@Inject
private XMPPServer server;
@Inject
private XMPPBot bot;
@Inject
private SubscriptionService subscriptionService;
@Inject
private JdbcTemplate jdbcTemplate;
@Value("${hostname:localhost}")
private Jid jid;
private static User ugnich, freefd, juick;
static String ugnichName, ugnichPassword, freefdName, freefdPassword, juickName, juickPassword;
static Message msg;
static int juickTagId;
private static boolean isSetUp = false;
@Before
public void setUp() {
if (!isSetUp) {
ugnichName = "ugnich";
ugnichPassword = "secret";
freefdName = "freefd";
freefdPassword = "MyPassw0rd!";
juickName = "juick";
juickPassword = "demo";
int ugnichId = userService.createUser(ugnichName, ugnichPassword);
ugnich = userService.getUserByUID(ugnichId).orElseThrow(IllegalStateException::new);
int freefdId = userService.createUser(freefdName, freefdPassword);
freefd = userService.getUserByUID(freefdId).orElseThrow(IllegalStateException::new);
int juickId = userService.createUser(juickName, juickPassword);
juick = userService.getUserByUID(juickId).orElseThrow(IllegalStateException::new);
String msgText = "Привет, я - Угнич";
int mid = messagesService.createMessage(ugnich.getUid(), msgText, "png", null);
msg = messagesService.getMessage(mid);
tagService.createTag("тест");
juickTagId = tagService.createTag("juick");
isSetUp = true;
}
}
@Test
public void testAllUnAuthorized() throws Exception {
mockMvc.perform(get("/"))
.andExpect(status().isMovedPermanently());
mockMvc.perform(get("/auth"))
.andExpect(status().isUnauthorized());
mockMvc.perform(get("/home"))
.andExpect(status().isUnauthorized());
mockMvc.perform(get("/messages/recommended"))
.andExpect(status().isUnauthorized());
mockMvc.perform(get("/messages/set_privacy"))
.andExpect(status().isUnauthorized());
}
@Test
public void homeTestWithMessages() throws Exception {
mockMvc.perform(
get("/home")
.with(httpBasic(ugnichName, ugnichPassword)))
.andExpect(status().isOk())
.andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8))
.andExpect(jsonPath("$[-1].mid", is(msg.getMid())))
.andExpect(jsonPath("$[-1].timestamp",
is(DateFormattersHolder.getMessageFormatterInstance().format(msg.getTimestamp()))))
.andExpect(jsonPath("$[-1].body", is(msg.getText())))
.andExpect(jsonPath("$[-1].attachment.url", is("https://i.juick.com/p/1.png")))
.andExpect(jsonPath("$[-1].attachment.small.url", is("https://i.juick.com/photos-512/1.png")));
}
@Test
public void homeTestWithMessagesAndRememberMe() throws Exception {
String ugnichHash = userService.getHashByUID(ugnich.getUid());
mockMvc.perform(
get("/home")
.with(httpBasic(ugnichName, ugnichPassword)))
.andExpect(status().isOk())
.andReturn();
mockMvc.perform(get("/home")
.param("hash", ugnichHash))
.andExpect(status().isOk());
}
@Test
public void homeTestWithMessagesAndSimpleCors() throws Exception {
mockMvc.perform(
get("/home")
.with(httpBasic(ugnichName, ugnichPassword))
.header("Origin", "http://api.example.net"))
.andExpect(status().isOk())
.andExpect(header().string("Access-Control-Allow-Origin", "*"));
}
@Test
public void homeTestWithPreflightCors() throws Exception {
mockMvc.perform(
options("/home")
.with(httpBasic(ugnichName, ugnichPassword))
.header("Origin", "http://api.example.net")
.header("Access-Control-Request-Method", "POST")
.header("Access-Control-Request-Headers", "X-PINGOTHER, Content-Type"))
.andExpect(status().isOk())
.andExpect(header().string("Access-Control-Allow-Origin", "*"))
.andExpect(header().string("Access-Control-Allow-Methods", "POST,GET,PUT,OPTIONS,DELETE"))
.andExpect(header().string("Access-Control-Allow-Headers", "X-PINGOTHER, Content-Type"));
}
@Test
public void anonymousApis() throws Exception {
mockMvc.perform(get("/messages"))
.andExpect(status().isOk());
mockMvc.perform(get("/users")
.param("uname", "ugnich")
.param("uname", "freefd"))
.andExpect(status().isOk())
.andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8))
.andExpect(jsonPath("$", hasSize(2)));
}
@Test
public void tags() throws Exception {
Tag weather = tagService.getTag("weather", true);
Tag yo = tagService.getTag("yo", true);
messagesService.createMessage(ugnich.getUid(), "text", null, Arrays.asList(yo, weather));
messagesService.createMessage(freefd.getUid(), "text2", null, Collections.singletonList(yo));
MvcResult result = mockMvc.perform(get("/tags"))
.andExpect(status().isOk())
.andReturn();
List tagsFromApi = jsonMapper.readValue(result.getResponse().getContentAsString(),
new TypeReference>(){});
TagStats yoStats = tagsFromApi.stream().filter(t -> t.getTag().getName().equals("yo")).findFirst().get();
assertThat(yoStats.getUsageCount(), is(2));
MvcResult result2 = mockMvc.perform(get("/tags")
.param("user_id", String.valueOf(ugnich.getUid())))
.andExpect(status().isOk())
.andReturn();
List ugnichTagsFromApi = jsonMapper.readValue(result2.getResponse().getContentAsString(),
new TypeReference>(){});
TagStats yoUgnichStats = ugnichTagsFromApi.stream().filter(t -> t.getTag().getName().equals("yo")).findFirst().get();
assertThat(yoUgnichStats.getUsageCount(), is(1));
}
@Test
public void postWithReferer() throws Exception {
mockMvc.perform(post("/post")
.param("body", "yo")
.with(httpBasic(ugnichName, ugnichPassword)))
.andExpect(status().isOk());
}
@Test
public void threadWithEphemeralNumberShouldReturn404() throws Exception {
mockMvc.perform(get("/thread").param("mid", "999999999")
.with(httpBasic(ugnichName, ugnichPassword))).andExpect(status().is4xxClientError());
}
@Test
public void performRequestsWithIssuedToken() throws Exception {
String ugnichHash = userService.getHashByUID(ugnich.getUid());
mockMvc.perform(get("/home")).andExpect(status().isUnauthorized());
mockMvc.perform(get("/auth"))
.andExpect(status().isUnauthorized());
mockMvc.perform(get("/auth").with(httpBasic(ugnichName, "wrongpassword")))
.andExpect(status().isUnauthorized());
MvcResult result = mockMvc.perform(get("/auth").with(httpBasic(ugnichName, ugnichPassword)))
.andExpect(status().isOk())
.andReturn();
String authHash = jsonMapper.readValue(result.getResponse().getContentAsString(), String.class);
assertThat(authHash, equalTo(ugnichHash));
mockMvc.perform(get("/home").param("hash", ugnichHash)).andExpect(status().isOk());
}
@Test
public void registerForNotificationsTests() throws Exception {
String token = "123456";
ExternalToken registration = new ExternalToken(null, "apns", token, null);
mockMvc.perform(put("/notifications").with(httpBasic(ugnichName, ugnichPassword))
.contentType(MediaType.APPLICATION_JSON_UTF8)
.content(jsonMapper.writeValueAsBytes(Collections.singletonList(registration))))
.andExpect(status().isOk());
MvcResult result = mockMvc.perform(get("/notifications")
.param("uid", String.valueOf(ugnich.getUid()))
.with(httpBasic(juickName, juickPassword)))
.andExpect(status().isOk())
.andReturn();
List user = jsonMapper.readValue(result.getResponse().getContentAsString(),
new TypeReference>() {
});
assertThat(user.get(0).getTokens().get(0).getToken(), equalTo(token));
}
@Test
public void tg2juickLinks() {
UriComponents uriComponents = UriComponentsBuilder.fromUriString("http://juick.com/123456#23").build();
assertThat(uriComponents.getPath().substring(1), is("123456"));
assertThat(uriComponents.getFragment(), is("23"));
}
@Test
public void notificationsTokensTest() throws Exception {
List tokens = Collections.singletonList(new ExternalToken(null, "gcm", "123456", null));
mockMvc.perform(delete("/notifications").with(httpBasic(ugnichName, ugnichPassword))
.contentType(MediaType.APPLICATION_JSON_UTF8)
.content(jsonMapper.writeValueAsBytes(tokens))).andExpect(status().isForbidden());
mockMvc.perform(delete("/notifications").with(httpBasic(juickName, juickPassword))
.contentType(MediaType.APPLICATION_JSON_UTF8)
.content(jsonMapper.writeValueAsBytes(tokens))).andExpect(status().isOk());
}
@Test
public void notificationsSettingsAllowedOnlyForServiceUser() throws Exception {
mockMvc.perform(get("/notifications").with(httpBasic(juickName, juickPassword))
.param("mid", "1").param("uid", String.valueOf(ugnich.getUid()))).andExpect(status().isOk());
mockMvc.perform(get("/notifications")
.param("mid", "1").param("uid", String.valueOf(ugnich.getUid()))).andExpect(status().isUnauthorized());
}
@Test
public void topTest() throws Exception {
int topmid = messagesService.createMessage(ugnich.getUid(), "top message", null, null);
IntStream.rangeClosed(6, 12).forEach(i -> {
messagesService.createReply(topmid, 0, i, "yo", null);
});
assertThat(messagesService.getPopularCandidates().get(0), is(topmid));
Tag juickTag = tagService.getTag(juickTagId);
assertThat(juickTag.TID, is(2));
tagService.updateTags(topmid, Collections.singletonList(juickTag));
assertThat(messagesService.getPopularCandidates().isEmpty(), is(true));
}
@Test
public void inReplyToScannerTest() {
String header = "<123456.56@juick.com>";
Scanner headerScanner = new Scanner(header).useDelimiter(EmailManager.MSGID_PATTERN);
int mid = Integer.parseInt(headerScanner.next());
int rid = Integer.parseInt(headerScanner.next());
assertThat(mid, equalTo(123456));
assertThat(rid, equalTo(56));
}
@Test
public void lastMessagesTest() throws Exception {
mockMvc.perform(
get("/rss/"))
.andExpect(status().isOk())
.andExpect(content().contentType("application/rss+xml;charset=UTF-8"))
.andExpect(xpath("/rss/channel/description").string("The latest messages at Juick"));
}
@Test
public void statusPageIsUp() throws Exception {
mockMvc.perform(get("/api/status").with(httpBasic(ugnichName, ugnichPassword))).andExpect(status().isOk());
assertThat(server.getJid(), equalTo(jid));
}
@Test
public void botIsUpAndProcessingResourceConstraints() {
int renhaId;
renhaId = userService.createUser("renha", "umnnbt");
Jid from = Jid.of("renha@serverstorageisfull.tld");
jdbcTemplate.update("INSERT INTO jids(user_id,jid,active) VALUES(?,?,?)", renhaId, from.toEscapedString(), 1);
String xmlMessage = "Reply by @LexXПохоже нынче можно публично заявлять о своем веганстве. Your contact offline message queue is full. The message has been discarded.";
Stanza msg = server.parse(xmlMessage);
assertThat(from, equalTo(msg.getFrom()));
boolean isActive = jdbcTemplate.queryForObject("SELECT active FROM jids WHERE user_id=?", Integer.class, renhaId) == 1;
assertThat(isActive, equalTo(true));
bot.incomingMessage((ServerMessage)msg);
isActive = jdbcTemplate.queryForObject("SELECT active FROM jids WHERE user_id=?", Integer.class, renhaId) == 1;
assertThat(isActive, equalTo(false));
}
@Test
public void botCommandsTests() throws IllegalAccessException, NoSuchMethodException, InvocationTargetException {
assertThat(bot.processCommand(new User(), Jid.of("test@localhost"), "PING").get(), is("PONG"));
// subscription commands have two lines, others have 1
assertThat(bot.processCommand(new User(), Jid.of("test@localhost"), "help").get().split("\n").length, is(24));
}
@Test
public void protocolTests() throws IllegalAccessException, NoSuchMethodException, InvocationTargetException, ParseException, JsonProcessingException {
int uid = userService.createUser("me", "secret");
User user = userService.getUserByUID(uid).orElse(new User());
Tag yo = tagService.getTag("yo", true);
int mid = messagesService.createMessage(uid, "yoyo", null, Collections.singletonList(yo));
assertEquals("should be message", true,
bot.processCommand(user, Jid.of("test@localhost"), String.format("#%d", mid)).get().startsWith("@me"));
mid = messagesService.getUserBlog(user.getUid(), -1, 0).stream().reduce((first, second) -> second).get();
assertEquals("text should match", "yoyo",
messagesService.getMessage(mid).getText());
assertEquals("tag should match", "yo",
tagService.getMessageTags(mid).get(0).getTag().getName());
int readerUid = userService.createUser("dummyReader", "dummySecret");
User readerUser = userService.getUserByUID(readerUid).orElse(new User());
assertEquals("should be subscribed", "Subscribed",
bot.processCommand(readerUser, Jid.of("dummy@localhost"), "S #" + mid).get());
/* TODO: move from juick-legacy
assertEquals("should be favorited", "Message added to your recommendations",
juickProtocol.getReply(readerUser, "! #" + mid));
*/
assertEquals("number of subscribed users should match", 1,
subscriptionService.getUsersSubscribedToComments(mid, uid).size());
/*
assertEquals("should be subscribed", "Subscribed",
bot.processCommand(readerUser, Jid.of("dummy@localhost"), "S @" + user.getName()).get());
List friends = userService.getUserFriends(readerUid);
assertEquals("number of friend users should match", 2,
friends.size());
assertEquals("number of reader users should match", 1,
userService.getUserReaders(uid).size());
String expectedReply = "Reply posted.\n#" + mid + "/1 "
+ "http://juick.com/" + mid + "#1";
String expectedSecondReply = "Reply posted.\n#" + mid + "/2 "
+ "http://juick.com/" + mid + "#2";
assertEquals("should be reply", expectedReply,
bot.processCommand(user, Jid.of("test@localhost"), "#" + mid + " yoyo").get());
assertEquals("should be second reply", expectedSecondReply,
bot.processCommand(user, Jid.of("test@localhost"), "#" + mid + "/1 yoyo").get());
Message reply = messagesService.getReplies(mid).stream().filter(m -> m.getRid() == 2).findFirst()
.orElse(new Message());
assertEquals("should be reply to first comment", 1, reply.getReplyto());
assertNotEquals("tags should NOT be updated", "Tags are updated",
bot.processCommand(readerUser, Jid.of("dummy@localhost"), "#" + mid + " *yo *there").get());
assertEquals("tags should be updated", "Tags are updated",
bot.processCommand(user, Jid.of("test@localhost"), "#" + mid + " *there").get());
assertEquals("number of tags should match", 2,
tagService.getMessageTags(mid).size());
assertEquals("should be blacklisted", "Tag added to your blacklist",
bot.processCommand(readerUser, Jid.of("dummy@localhost"), "BL *there").get());
assertEquals("number of subscribed users should match", 0,
subscriptionService.getSubscribedUsers(uid, mid).size());
assertEquals("tags should be updated", "Tags are updated",
bot.processCommand(user, Jid.of("test@localhost"), "#" + mid + " *there").get());
assertEquals("number of tags should match", 1,
tagService.getMessageTags(mid).size());
int taggerUid = userService.createUser("dummyTagger", "dummySecret");
User taggerUser = userService.getUserByUID(taggerUid).orElse(new User());
assertEquals("should be subscribed", "Subscribed",
bot.processCommand(taggerUser, Jid.of("tagger@localhost"), "S *yo").get());
assertEquals("number of subscribed users should match", 2,
subscriptionService.getSubscribedUsers(uid, mid).size());
assertEquals("should be unsubscribed", "Unsubscribed from yo",
bot.processCommand(taggerUser, Jid.of("tagger@localhost"), "U *yo").get());
assertEquals("number of subscribed users should match", 1,
subscriptionService.getSubscribedUsers(uid, mid).size());
assertEquals("number of readers should match", 1,
userService.getUserReaders(uid).size());
String readerFeed = bot.processCommand(readerUser, Jid.of("dummy@localhost"), "#").get();
assertEquals("description should match", true, readerFeed.startsWith("Your feed"));
assertEquals("should be unsubscribed", "Unsubscribed from @" + user.getName(),
bot.processCommand(readerUser, Jid.of("dummy@localhost"), "U @" + user.getName()).get());
assertEquals("number of readers should match", 0,
userService.getUserReaders(uid).size());
assertEquals("number of friends should match", 1,
userService.getUserFriends(uid).size());
assertEquals("should be unsubscribed", "Unsubscribed from #" + mid,
bot.processCommand(readerUser, Jid.of("dummy@localhost"), "u #" + mid).get());
assertEquals("number of subscribed users should match", 0,
subscriptionService.getUsersSubscribedToComments(mid, uid).size());
assertNotEquals("should NOT be deleted", String.format("Message %s deleted", mid),
bot.processCommand(readerUser, Jid.of("dummy@localhost"), "D #" + mid).get());
assertEquals("should be deleted", String.format("Message %s deleted", mid),
bot.processCommand(user, Jid.of("test@localhost"), "D #" + mid).get());
assertEquals("should not have messages", 0, messagesService.getAll(user.getUid(), 0).size());
*/
}
}