forked from DefectDojo/django-DefectDojo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuser_test.py
289 lines (260 loc) · 14.1 KB
/
user_test.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
import unittest
import sys
from base_test_class import BaseTestCase
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import Select
from selenium.common.exceptions import NoSuchElementException
class UserTest(BaseTestCase):
def test_create_user(self):
# Login to the site.
driver = self.driver
# Navigate to the User managegement page
driver.get(self.base_url + "user")
# "Click" the dropdown button to see options
driver.find_element(By.ID, "dropdownMenu1").click()
# "Click" the add prodcut button
driver.find_element(By.LINK_TEXT, "New User").click()
# Fill in the Necessary User Details
# username, first name, last name, email, and permissions
# Don't forget to clear before inserting
# username
driver.find_element(By.ID, "id_username").clear()
driver.find_element(By.ID, "id_username").send_keys("propersahm")
# password
driver.find_element(By.ID, "id_password").clear()
driver.find_element(By.ID, "id_password").send_keys("Def3ctD0jo&")
# First Name
driver.find_element(By.ID, "id_first_name").clear()
driver.find_element(By.ID, "id_first_name").send_keys("Proper")
# Last Name
driver.find_element(By.ID, "id_last_name").clear()
driver.find_element(By.ID, "id_last_name").send_keys("Samuel")
# Email Address
driver.find_element(By.ID, "id_email").clear()
driver.find_element(By.ID, "id_email").send_keys("[email protected]")
# "Click" the submit button to complete the transaction
driver.find_element(By.CSS_SELECTOR, "input.btn.btn-primary").click()
# Query the site to determine if the user has been created
# Assert ot the query to dtermine status of failure
self.assertTrue(self.is_success_message_present(text='User added successfully.')
or self.is_help_message_present(text='A user with that username already exists.'))
def test_create_user_with_writer_global_role(self):
# Login to the site.
driver = self.driver
# Navigate to the User managegement page
driver.get(f"{self.base_url}user")
# "Click" the dropdown button to see options
driver.find_element(By.ID, "dropdownMenu1").click()
# "Click" the add prodcut button
driver.find_element(By.LINK_TEXT, "New User").click()
# Fill in the Necessary User Details
# username, first name, last name, email, and permissions
# Don't forget to clear before inserting
# username
driver.find_element(By.ID, "id_username").clear()
driver.find_element(By.ID, "id_username").send_keys("userWriter")
# First Name
driver.find_element(By.ID, "id_first_name").clear()
driver.find_element(By.ID, "id_first_name").send_keys("Writer")
# Last Name
driver.find_element(By.ID, "id_last_name").clear()
driver.find_element(By.ID, "id_last_name").send_keys("Permission")
# Email Address
driver.find_element(By.ID, "id_email").clear()
driver.find_element(By.ID, "id_email").send_keys("[email protected]")
# Select the role 'Reader'
Select(driver.find_element(By.ID, "id_role")).select_by_visible_text("Writer")
# "Click" the submit button to complete the transaction
driver.find_element(By.CSS_SELECTOR, "input.btn.btn-primary").click()
# Query the site to determine if the user has been created
# Assert ot the query to determine status of failure
self.assertTrue(self.is_success_message_present(text='User added successfully.')
or self.is_help_message_present(text='A user with that username already exists.'))
def enable_user_profile_writing(self):
self.login_page()
driver = self.driver
driver.get(self.base_url + "system_settings")
checkbox = driver.find_element(By.ID, "id_enable_user_profile_editable")
if not checkbox.is_selected():
checkbox.click()
driver.find_element(By.CSS_SELECTOR, "input.btn.btn-primary").click()
self.logout()
def disable_user_profile_writing(self):
self.login_page()
driver = self.driver
driver.get(self.base_url + "system_settings")
checkbox = driver.find_element(By.ID, "id_enable_user_profile_editable")
if checkbox.is_selected():
checkbox.click()
driver.find_element(By.CSS_SELECTOR, "input.btn.btn-primary").click()
self.logout()
def test_user_edit_permissions(self):
# Login to the site. Password will have to be modified
# to match an admin password in your own container
driver = self.driver
# Navigate to User Management page
driver.get(self.base_url + "user")
# Select the previously created user to edit
# The User name is not clickable
# so we would have to select specific user by filtering list of users
driver.find_element(By.ID, "show-filters").click() # open d filters
# Insert username to filter by into user name box
driver.find_element(By.ID, "id_username").clear()
driver.find_element(By.ID, "id_username").send_keys("propersahm")
# click on 'apply filter' button
driver.find_element(By.CSS_SELECTOR, "button.btn.btn-sm.btn-secondary").click()
# only the needed user is now available, proceed with opening the context menu and clicking 'Edit' button
driver.find_element(By.ID, "dropdownMenuUser").click()
driver.find_element(By.ID, "editUser").click()
# Select Superuser Permission
driver.find_element(By.NAME, "is_superuser").click()
# "Click" the submit button to complete the transaction
driver.find_element(By.CSS_SELECTOR, "input.btn.btn-primary").click()
# Query the site to determine if the User permission has been changed
# Assert ot the query to dtermine status of failure
self.assertTrue(self.is_success_message_present(text='User saved successfully.'))
def test_user_delete(self):
# Login to the site. Password will have to be modified
# to match an admin password in your own container
driver = self.driver
# Navigate to the product page
driver.get(self.base_url + "user")
# Select A user to edit
# The User name is not clickable
# so we would have to select specific user by filtering list of users
driver.find_element(By.ID, "show-filters").click() # open d filters
# Insert username to filter by into user name box
driver.find_element(By.ID, "id_username").clear()
driver.find_element(By.ID, "id_username").send_keys("propersahm")
# click on 'apply filter' button
driver.find_element(By.CSS_SELECTOR, "button.btn.btn-sm.btn-secondary").click()
# only the needed user is now available, proceed with clicking 'View' button
driver.find_element(By.ID, "dropdownMenuUser").click()
driver.find_element(By.ID, "viewUser").click()
# in View User dialog open the menu to click the delete entry
driver.find_element(By.ID, "dropdownMenu1").click()
driver.find_element(By.ID, "deleteUser").click()
# confirm deletion, by clicking delete a second time
driver.find_element(By.CSS_SELECTOR, "button.btn.btn-danger").click()
# Query the site to determine if the User has been deleted
# Assert ot the query to dtermine status of failure
self.assertTrue(self.is_success_message_present(text='User and relationships removed.'))
def test_user_with_writer_role_delete(self):
# Login to the site. Password will have to be modified
# to match an admin password in your own container
driver = self.driver
# Navigate to the product page
driver.get(self.base_url + "user")
# Select A user to edit
# The User name is not clickable
# so we would have to select specific user by filtering list of users
driver.find_element(By.ID, "show-filters").click() # open d filters
# Insert username to filter by into user name box
driver.find_element(By.ID, "id_username").clear()
driver.find_element(By.ID, "id_username").send_keys("userWriter")
# click on 'apply filter' button
driver.find_element(By.CSS_SELECTOR, "button.btn.btn-sm.btn-secondary").click()
# only the needed user is now available, proceed with clicking 'View' button
driver.find_element(By.ID, "dropdownMenuUser").click()
driver.find_element(By.ID, "viewUser").click()
# in View User dialog open the menu to click the delete entry
driver.find_element(By.ID, "dropdownMenu1").click()
driver.find_element(By.ID, "deleteUser").click()
# confirm deletion, by clicking delete a second time
driver.find_element(By.CSS_SELECTOR, "button.btn.btn-danger").click()
# Query the site to determine if the User has been deleted
# Assert ot the query to dtermine status of failure
self.assertTrue(self.is_success_message_present(text='User and relationships removed.'))
def test_standard_user_login(self):
self.login_standard_page()
def test_admin_profile_form(self):
self.enable_user_profile_writing()
self.login_page()
self.driver.get(self.base_url + "profile")
self.assertTrue(self.driver.find_element(By.ID, 'id_first_name').is_enabled())
def test_user_profile_form_disabled(self):
self.disable_user_profile_writing()
self.login_standard_page()
self.driver.get(self.base_url + "profile")
self.assertFalse(self.driver.find_element(By.ID, 'id_first_name').is_enabled())
def test_user_profile_form_enabled(self):
self.enable_user_profile_writing()
self.login_standard_page()
self.driver.get(self.base_url + "profile")
self.assertTrue(self.driver.find_element(By.ID, 'id_first_name').is_enabled())
def test_forgot_password(self):
driver = self.driver
driver.get(self.base_url + "login")
# Click on link on login screen
driver.find_element(By.ID, "reset-password").click()
# Submit "Forgot password" form
driver.find_element(By.ID, "id_email").send_keys("[email protected]")
driver.find_element(By.ID, "reset-password").click()
self.assertTrue(self.is_text_present_on_page(text='We’ve emailed you instructions for setting your password'))
def test_user_edit_configuration(self):
# Login as standard user and check the user menu does not exist
driver = self.driver
self.login_standard_page()
with self.assertRaises(NoSuchElementException):
driver.find_element(By.ID, 'id_user_menu')
# Login as superuser and activate view user configuration for standard user
self.login_page()
# Navigate to User Management page
driver.get(self.base_url + "user")
# Select the previously created user to edit
# The User name is not clickable
# so we would have to select specific user by filtering list of users
driver.find_element(By.ID, "show-filters").click() # open d filters
# Insert username to filter by into user name box
driver.find_element(By.ID, "id_username").clear()
driver.find_element(By.ID, "id_username").send_keys("propersahm")
# click on 'apply filter' button
driver.find_element(By.CSS_SELECTOR, "button.btn.btn-sm.btn-secondary").click()
# only the needed user is now available, proceed with opening the context menu and clicking 'Edit' button
driver.find_element(By.ID, "dropdownMenuUser").click()
driver.find_element(By.ID, "viewUser").click()
# Select view user permission
driver.find_element(By.ID, "id_view_user").click()
driver.find_element(By.ID, "id_view_group").click()
# Login as standard user and check the user menu does exist now
self.login_standard_page()
driver.find_element(By.ID, 'id_user_menu')
# Navigate to User Management page
driver.get(self.base_url + "user")
# Select the previously created user to edit
# The User name is not clickable
# so we would have to select specific user by filtering list of users
driver.find_element(By.ID, "show-filters").click() # open d filters
# Insert username to filter by into user name box
driver.find_element(By.ID, "id_username").clear()
driver.find_element(By.ID, "id_username").send_keys("propersahm")
# click on 'apply filter' button
driver.find_element(By.CSS_SELECTOR, "button.btn.btn-sm.btn-secondary").click()
# only the needed user is now available, proceed with opening the context menu and clicking 'Edit' button
driver.find_element(By.ID, "dropdownMenuUser").click()
driver.find_element(By.ID, "viewUser").click()
# Check user cannot edit configuration permissions
self.assertFalse(self.driver.find_element(By.ID, 'id_add_development_environment').is_enabled())
def suite():
suite = unittest.TestSuite()
# Add each test the the suite to be run
# success and failure is output by the test
suite.addTest(BaseTestCase('test_login'))
suite.addTest(UserTest('test_create_user'))
suite.addTest(UserTest('test_create_user_with_writer_global_role'))
suite.addTest(UserTest('test_admin_profile_form'))
suite.addTest(UserTest('test_standard_user_login'))
suite.addTest(UserTest('test_user_profile_form_disabled'))
suite.addTest(UserTest('test_user_profile_form_enabled'))
suite.addTest(UserTest('test_forgot_password'))
suite.addTest(UserTest('test_user_edit_configuration'))
suite.addTest(BaseTestCase('test_login'))
suite.addTest(UserTest('test_user_edit_permissions'))
suite.addTest(UserTest('test_user_delete'))
suite.addTest(UserTest('test_user_with_writer_role_delete'))
return suite
if __name__ == "__main__":
runner = unittest.TextTestRunner(descriptions=True, failfast=True, verbosity=2)
ret = not runner.run(suite()).wasSuccessful()
BaseTestCase.tearDownDriver()
sys.exit(ret)