Skip to content

Commit

Permalink
fixed tests in functional/test_source.py
Browse files Browse the repository at this point in the history
  • Loading branch information
zenmonkeykstop committed Jun 13, 2022
1 parent 459893f commit 6e5cb05
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 99 deletions.
13 changes: 6 additions & 7 deletions securedrop/tests/functional/app_navigators.py
Original file line number Diff line number Diff line change
Expand Up @@ -178,12 +178,11 @@ def source_clicks_submit_documents_on_homepage(self) -> None:
assert self._is_on_lookup_page()

def source_continues_to_submit_page(self) -> None:
self.nav_helper.safe_click_by_css_selector("#create-form button")

def submit_page_loaded() -> None:
if not self.accept_languages:
headline = self.driver.find_element_by_id("submit-heading")
assert "Submit Files or Messages" == headline.text
headline = self.driver.find_element_by_id("welcome-heading")
assert "Welcome!" == headline.text

self.nav_helper.wait_for(submit_page_loaded)

Expand All @@ -198,11 +197,11 @@ def source_logs_out(self) -> None:

def source_retrieves_codename_from_hint(self) -> str:
# We use inputs to change CSS states for subsequent elements in the DOM, if it is unchecked
# the codename is hidden
content = self.driver.find_element_by_id("codename-show-checkbox")
assert content.get_attribute("checked") is None

self.nav_helper.safe_click_by_id("codename-show")
# TODO: should the codename be hidden by default under inverted flow?
# assert content.get_attribute("checked") is None
# self.nav_helper.safe_click_by_id("codename-show")

assert content.get_attribute("checked") is not None
content_content = self.driver.find_element_by_css_selector("#codename span")
Expand All @@ -218,7 +217,7 @@ def _is_logged_in(self) -> WebElement:
return self.nav_helper.wait_for(lambda: self.driver.find_element_by_id("logout"))

def source_proceeds_to_login(self, codename: str) -> None:
self.nav_helper.safe_send_keys_by_id("codename", codename)
self.nav_helper.safe_send_keys_by_id("passphrase", codename)
self.nav_helper.safe_click_by_css_selector(".form-controls button")

# Check that we've logged in
Expand Down
110 changes: 18 additions & 92 deletions securedrop/tests/functional/test_source.py
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
import requests
import werkzeug

from tests.functional.app_navigators import SourceAppNagivator
from ..test_journalist import VALID_PASSWORD
from tests.functional import tor_utils


Expand All @@ -17,10 +15,11 @@ def test_no_codename_hint_on_second_login(self, sd_servers_v2, tor_browser_web_d
)

# Given a source user who creates an account
# When they first login
# When they first submit a message
navigator.source_visits_source_homepage()
navigator.source_clicks_submit_documents_on_homepage()
navigator.source_continues_to_submit_page()
navigator.source_submits_a_message("they're here")

# Then they are able to retrieve their codename from the UI
source_codename = navigator.source_retrieves_codename_from_hint()
Expand Down Expand Up @@ -72,10 +71,16 @@ def test_submission_notifications_on_second_login(self, sd_servers_v2, tor_brows
web_driver=tor_browser_web_driver,
)

# Given a source user who creates an account
# Given a source user who creates an account by submitting a
# message on first login
navigator.source_visits_source_homepage()
navigator.source_clicks_submit_documents_on_homepage()
navigator.source_continues_to_submit_page()
confirmation_text_first_submission = navigator.source_submits_a_message()

# And they see the expected confirmation messages for a first submission on second login
assert self.FIRST_SUBMISSION_TEXT in confirmation_text_first_submission

source_codename = navigator.source_retrieves_codename_from_hint()
assert source_codename

Expand All @@ -85,12 +90,6 @@ def test_submission_notifications_on_second_login(self, sd_servers_v2, tor_brows
navigator.source_chooses_to_login()
navigator.source_proceeds_to_login(codename=source_codename)

# Then it succeeds
confirmation_text_first_submission = navigator.source_submits_a_message()

# And they see the expected confirmation messages for a first submission on second login
assert self.FIRST_SUBMISSION_TEXT in confirmation_text_first_submission

# And when they submit a second message
confirmation_text_second_submission = navigator.source_submits_a_message()

Expand Down Expand Up @@ -127,110 +126,37 @@ def test_generate_codenames_in_multiple_tabs(self, sd_servers_v2, tor_browser_we
web_driver=tor_browser_web_driver,
)

# Given a user who generated a codename in Tab A
# Given a user who opens /lookup in tab A
tab_a = navigator.driver.window_handles[0]
navigator.source_visits_source_homepage()
navigator.source_clicks_submit_documents_on_homepage()
codename_a = self._extract_generated_codename(navigator)
navigator.source_continues_to_submit_page()

# And they then opened a new tab, Tab B
navigator.driver.execute_script("window.open('about:blank', '_blank')")
tab_b = navigator.driver.window_handles[1]
navigator.driver.switch_to.window(tab_b)
assert tab_a != tab_b

# And they also generated another codename in Tab B
# And they also opened /lookup in Tab B
navigator.source_visits_source_homepage()
navigator.source_clicks_submit_documents_on_homepage()
codename_b = self._extract_generated_codename(navigator)
assert codename_a != codename_b
navigator.source_continues_to_submit_page()

# And they ended up creating their account and submitting documents in Tab A
navigator.driver.switch_to.window(tab_a)
navigator.source_continues_to_submit_page()
self._assert_is_on_lookup_page(navigator)
assert navigator.source_retrieves_codename_from_hint() == codename_a
navigator.source_submits_a_message()
passphrase_a = navigator.source_retrieves_codename_from_hint()

# When the user tries to create an account and submit documents in Tab B
navigator.driver.switch_to.window(tab_b)
navigator.source_continues_to_submit_page()

# Then the submission fails and the user sees the corresponding flash message in Tab B
self._assert_is_on_lookup_page(navigator)
notification = navigator.source_sees_flash_message()
if not navigator.accept_languages:
assert "You are already logged in." in notification.text

# And the user's actual codename is the one initially generated in Tab A
assert navigator.source_retrieves_codename_from_hint() == codename_a

def test_generate_and_refresh_codenames_in_multiple_tabs(
self, sd_servers_v2, tor_browser_web_driver
):
navigator = SourceAppNagivator(
source_app_base_url=sd_servers_v2.source_app_base_url,
web_driver=tor_browser_web_driver,
)

# Given a user who generated a codename in Tab A
tab_a = navigator.driver.window_handles[0]
navigator.source_visits_source_homepage()
navigator.source_clicks_submit_documents_on_homepage()
codename_a1 = self._extract_generated_codename(navigator)

# And they then re-generated their codename in Tab
navigator.source_visits_source_homepage()
navigator.source_clicks_submit_documents_on_homepage()
codename_a2 = self._extract_generated_codename(navigator)
assert codename_a1 != codename_a2

# And they then opened a new tab, Tab B
navigator.driver.execute_script("window.open('about:blank', '_blank')")
tab_b = navigator.driver.window_handles[1]
navigator.driver.switch_to.window(tab_b)
assert tab_a != tab_b

# And they also generated another codename in Tab B
navigator.source_visits_source_homepage()
navigator.source_clicks_submit_documents_on_homepage()
codename_b = self._extract_generated_codename(navigator)
assert codename_a2 != codename_b

# And they ended up creating their account and submitting documents in Tab A
navigator.driver.switch_to.window(tab_a)
navigator.source_continues_to_submit_page()
self._assert_is_on_lookup_page(navigator)
assert navigator.source_retrieves_codename_from_hint() == codename_a2
navigator.source_submits_a_message()
passphrase_b = navigator.source_retrieves_codename_from_hint()

# When they try to re-generate a codename in Tab B
navigator.driver.switch_to.window(tab_b)
navigator.source_visits_source_homepage()
navigator.nav_helper.safe_click_by_css_selector("#started-form button")

# Then they get redirected to /lookup with the corresponding flash message
# Then the submission succeeds
self._assert_is_on_lookup_page(navigator)
notification = navigator.source_sees_flash_message()
if not navigator.accept_languages:
assert "You were redirected because you are already logged in." in notification.text

# And the user's actual codename is the expected one
assert navigator.source_retrieves_codename_from_hint() == codename_a2

# TODO(AD): This test takes ~50s ; we could refactor it to speed it up
def test_codenames_exceed_max_cookie_size(self, sd_servers_v2, tor_browser_web_driver):
"""Test generation of enough codenames that the resulting cookie exceeds the recommended
`werkzeug.Response.max_cookie_size` = 4093 bytes. (#6043)
"""
navigator = SourceAppNagivator(
source_app_base_url=sd_servers_v2.source_app_base_url,
web_driver=tor_browser_web_driver,
)

too_many = 2 * (werkzeug.Response.max_cookie_size // len(VALID_PASSWORD))
for _ in range(too_many):
navigator.source_visits_source_homepage()
navigator.source_clicks_submit_documents_on_homepage()

navigator.source_continues_to_submit_page()
# And the user's actual codename is the one initially generated in Tab A
assert passphrase_b == passphrase_a

0 comments on commit 6e5cb05

Please sign in to comment.