beenull/tellform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fixed security flaw with removeSensitiveModelData

Browse source
This commit is contained in:
David Baldwynn 2017-11-21 17:26:52 -08:00
parent bd4af8aa7c
commit 784ae9011e
13 changed files with 829 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
app/controllers/forms.server.controller.js
View file

@ -308,7 +308,7 @@ exports.create = function(req, res) {
});
}
createdForm = helpers.removeSensitiveModelData('private_form', createdForm);
createdForm = helpers.removeSensitiveModelData('private_form', createdForm.toJSON());
return res.json(createdForm);
});
};
@ -326,13 +326,8 @@ exports.read = function(req, res) {
});
}
var newForm = req.form.toJSON();
if(newForm.admin === req.user._id){
return res.json(newForm);
}
newForm = helpers.removeSensitiveModelData('private_form', newForm);
newForm = helpers.removeSensitiveModelData('private_form', req.form.toJSON());
return res.json(newForm);
}
};
@ -348,7 +343,7 @@ var readForRender = exports.readForRender = function(req, res) {
});
}
newForm = helpers.removeSensitiveModelData('public_form', newForm);
newForm = helpers.removeSensitiveModelData('public_form', newForm.toJSON());
if(newForm.startPage && !newForm.startPage.showStart){
delete newForm.startPage;
@ -413,7 +408,7 @@ exports.update = function(req, res) {
message: errorHandler.getErrorMessage(err)
});
} else {
savedForm = helpers.removeSensitiveModelData('private_form', savedForm);
savedForm = helpers.removeSensitiveModelData('private_form', savedForm.toJSON());
res.json(savedForm);
}
});
@ -526,7 +521,7 @@ exports.formByID = function(req, res, next, id) {
}
else {
//Remove sensitive information from User object
req.form = helpers.removeSensitiveModelData('private_form', form);
req.form = helpers.removeSensitiveModelData('private_form', form.toJSON());
return next();
}
});

32
app/controllers/helpers.server.controller.js
View file

@ -1,6 +1,7 @@
'use strict';
const constants = require('../libs/constants');
const _ = require('lodash');
module.exports = {
removeKeysFromDict: function(dict, keys){
@ -10,29 +11,18 @@ module.exports = {
delete dict[curr_key];
}
}
return dict;
},
removeSensitiveModelData: function(type, object){
switch(type){
case 'private_form':
this.removeKeysFromDict(object, constants.privateFields[type]);
if(object.admin){
this.removeKeysFromDict(object.admin, constants.privateFields.private_user);
}
break;
removeSensitiveModelData: function(type, actual_object){
var object = _.cloneDeep(actual_object);
case 'public_form':
this.removeKeysFromDict(object, constants.privateFields[type]);
if(object.admin){
this.removeKeysFromDict(object.admin, constants.privateFields.public_user);
}
break;
default:
if(constants.privateFields.hasOwnProperty(type)){
this.removeKeysFromDict(object, constants.privateFields[type]);
}
break;
}
if(constants.privateFields.hasOwnProperty(type)) {
object = this.removeKeysFromDict(object, constants.privateFields[type]);
}
if(object.admin){
object.admin = this.removeKeysFromDict(object.admin, constants.privateFields.private_user);
}
debugger;
return object;
}

2
app/controllers/users/users.authentication.server.controller.js
View file

@ -180,7 +180,7 @@ exports.signin = function(req, res, next) {
res.cookie('langCookie', user.language, { maxAge: 90000, httpOnly: true });
user = helpers.removeSensitiveModelData('private_user', user);
user = helpers.removeSensitiveModelData('private_user', user.toJSON());
return res.json(user);
});
}

6
app/controllers/users/users.profile.server.controller.js
View file

@ -18,6 +18,8 @@ exports.update = function(req, res) {
// To improve security we remove the roles from the req.body object
delete req.body.roles;
debugger;
// Merge existing user
user = _.extend(user, req.body);
user.updated = Date.now();
@ -32,7 +34,7 @@ exports.update = function(req, res) {
if (err) {
res.status(500).send(loginErr);
} else {
user = helpers.removeSensitiveModelData('private_user', user);
user = helpers.removeSensitiveModelData('private_user', user.toJSON());
res.json(user);
}
});
@ -44,7 +46,7 @@ exports.update = function(req, res) {
* Send User
*/
exports.getUser = function(req, res) {
var user = helpers.removeSensitiveModelData('private_user', req.user);
var user = helpers.removeSensitiveModelData('private_user', req.user.toJSON());
return res.json(user);
};

4
config/env/all.js vendored
View file

@ -15,8 +15,8 @@ module.exports = {
},
admin: {
email: process.env.ADMIN_EMAIL || 'admin@admin.com',
username: process.env.ADMIN_USERNAME || 'admin',
password: process.env.ADMIN_PASSWORD || 'admin',
username: process.env.ADMIN_USERNAME || 'root',
password: process.env.ADMIN_PASSWORD || 'root',
roles: ['user', 'admin']
},

3
scripts/create_admin.js
View file

@ -7,9 +7,6 @@ exports.run = function(app, db, cb) {
var User = mongoose.model('User');
var username = config.admin.username;
console.log('username: ' + config.admin.username);
console.log('password: ' + config.admin.password);
var newUserObj = {
firstName: 'Admin',

4
selenium/config.json
View file

@ -5,8 +5,8 @@
"browsers": "chrome"
},
"vars": {
"LoginUsername": "admin",
"LoginPassword": "admin",
"LoginUsername": "root",
"LoginPassword": "root",
"ShortTextTitle": "SeleniumShortText",
"Profile_NewFirstName": "SeleniumUser_FirstName",
"Profile_NewLastName": "SeleniumUser_LastName",

3
selenium/package.json
View file

@ -12,8 +12,7 @@
"resemblejs-node": "1.0.0",
"selenium-standalone": "6.x.x"
},
"devDependencies": {
},
"devDependencies": {},
"scripts": {
"installdriver": "./node_modules/.bin/selenium-standalone install --drivers.firefox.baseURL=http://npm.taobao.org/mirrors/geckodriver --baseURL=http://npm.taobao.org/mirrors/selenium --drivers.chrome.baseURL=http://npm.taobao.org/mirrors/chromedriver --drivers.ie.baseURL=http://npm.taobao.org/mirrors/selenium",
"server": "./node_modules/.bin/selenium-standalone start",

65
selenium/test/loginAndChangeProfile.js
View file

@ -49,13 +49,8 @@ module.exports = function(){
});
it('click: Sign in ( button, 174, 18, 0 )', async function(){
await driver.sleep(300).wait('button', 30000)
.sleep(300).mouseMove(174, 18).click(0);
});
it('mouseDown: My Settings ( a > span.ng-binding, 41.375, 12, 0 )', async function(){
await driver.sleep(300).wait('a > span.ng-binding', 30000)
.sleep(300).mouseMove(41.375, 12).mouseDown(0);
await driver.sleep(300).wait('button.btn-signup', 30000)
.sleep(300).click();
});
it('expect: displayed, div.new-button, equal, true', async function(){
@ -72,33 +67,28 @@ module.exports = function(){
.should.equal(_(true));
});
it('click: My Settings ( a.dropdown-toggle, 95, 29, 0 )', async function(){
it('click: My Settings ( a.dropdown-toggle )', async function(){
await driver.sleep(300).wait('a.dropdown-toggle', 30000)
.sleep(300).mouseMove(95, 29).click(0);
.sleep(300).click();
});
it('× expect: display, li:nth-child(1) > a.ng-binding, equal, true', async function(){
await driver.sleep(300).wait('li:nth-child(1) > a.ng-binding', 30000)
it('× expect: display, ul.dropdown-menu > li:nth-child(1) > a.ng-binding, equal, true', async function(){
await driver.sleep(300).wait('ul.dropdown-menu > li:nth-child(1) > a.ng-binding', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('× expect: display, li:nth-child(3) > a.ng-binding, equal, true', async function(){
await driver.sleep(300).wait('li:nth-child(3) > a.ng-binding', 30000)
it('× expect: display, ul.dropdown-menu > li:nth-child(3) > a.ng-binding, equal, true', async function(){
await driver.sleep(300).wait('ul.dropdown-menu > li:nth-child(3) > a.ng-binding', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('mouseDown: Edit Profile ( li:nth-child(1) > a.ng-binding, 54.59375, 14, 0 )', async function(){
await driver.sleep(300).wait('li:nth-child(1) > a.ng-binding', 30000)
.sleep(300).mouseMove(54.59375, 14).mouseDown(0);
});
it('click: Edit Profile ( li:nth-child(1) > a.ng-binding, 52, 13, 0 )', async function(){
await driver.sleep(300).wait('li:nth-child(1) > a.ng-binding', 30000)
.sleep(300).mouseMove(52, 13).click(0);
it('click: Edit Profile ( ul.dropdown-menu > li:nth-child(1) > a.ng-binding )', async function(){
await driver.sleep(300).wait('ul.dropdown-menu > li:nth-child(1) > a.ng-binding', 30000)
.sleep(300).click();
});
it('waitBody: ', async function(){
@ -117,14 +107,9 @@ module.exports = function(){
.val(_(`{{Profile_NewLastName}}`));
});
it('× click: Save Changes ( button.btn-signup, 95, 10, 0 )', async function(){
it('× click: Save Changes ( button.btn-signup )', async function(){
await driver.sleep(300).wait('button.btn-signup', 30000)
.sleep(300).mouseMove(95, 10).click(0);
});
it('× mouseUp: Profile saved succes... ( section.row, 333, 78, 0 )', async function(){
await driver.sleep(300).wait('section.row', 30000)
.sleep(300).mouseMove(333, 78).mouseMove(333, 78).mouseUp(0);
.sleep(300).click();
});
it('× expect: displayed, div.text-success, equal, true', async function(){
@ -157,7 +142,7 @@ module.exports = function(){
it('× click: Save Changes ( button.btn-signup, 95, 10, 0 )', async function(){
await driver.sleep(300).wait('button.btn-signup', 30000)
.sleep(300).mouseMove(95, 10).click(0);
.sleep(300).click();
});
it('× expect: displayed, .text-danger, notEqual, true', async function(){
@ -174,13 +159,9 @@ module.exports = function(){
.val(_(`{{Profile_NewInvalidEmail}}`));
});
it('× click: Save Changes ( button.btn-signup, 90, 16, 0 )', async function(){
it('× click: Save Changes ( button.btn-signup )', async function(){
await driver.sleep(300).wait('button.btn-signup', 30000)
.sleep(300).mouseMove(90, 16).click(0);
});
it('url: http://localhost:5000/#!/settings/profile', async function(){
await driver.url(_(`http://localhost:5000/#!/settings/profile`));
.sleep(300).click();
});
it('url: http://localhost:5000/#!/settings/profile', async function(){
@ -193,20 +174,6 @@ module.exports = function(){
});
});
it('scrollTo: 0, 114', async function(){
await driver.scrollTo(0, 114);
});
it('click: Email ( div:nth-child(8) > div.field-title, 352, 0, 0 )', async function(){
await driver.sleep(300).wait('div:nth-child(8) > div.field-title', 30000)
.sleep(300).mouseMove(352, 0).click(0);
});
it('click: Email ( //h4[text()="Email"], 323, 5, 0 )', async function(){
await driver.sleep(300).wait('//h4[text()="Email"]', 30000)
.sleep(300).mouseMove(323, 5).click(0);
});
it('expect: text, #email, notEqual, {{Profile_NewInvalidEmail}}', async function(){
await driver.sleep(300).wait('#email', 300)
.text()

23
selenium_config.json Normal file
View file

@ -0,0 +1,23 @@
{
"webdriver": {
"host": "127.0.0.1",
"port": "4444",
"browsers": "chrome"
},
"vars": {
"LoginUsername": "root",
"LoginPassword": "root",
"ShortTextTitle": "SeleniumShortText",
"Profile_NewFirstName": "SeleniumUser_FirstName",
"Profile_NewLastName": "SeleniumUser_LastName",
"Profile_OldFirstName": "Admin",
"Profile_OldLastName": "Account",
"Profile_NewInvalidEmail": "SeleniumInvalidEmail"
},
"recorder": {
"pathAttrs": "data-id,data-name,type,data-type,role,data-role,data-value",
"attrValueBlack": "",
"classValueBlack": "",
"hideBeforeExpect": ""
}
}

398
selenium_test/loginAndChangeProfile.js Normal file
View file

@ -0,0 +1,398 @@
const fs = require('fs');
const path = require('path');
const chai = require("chai");
const should = chai.should();
const JWebDriver = require('jwebdriver');
chai.use(JWebDriver.chaiSupportChainPromise);
const resemble = require('resemblejs-node');
resemble.outputSettings({
errorType: 'flatDifferenceIntensity'
});
const rootPath = getRootPath();
module.exports = function(){
let driver, testVars;
before(function(){
let self = this;
driver = self.driver;
testVars = self.testVars;
});
it('url: http://localhost:5000', async function(){
await driver.url(_(`http://localhost:5000`));
});
it('waitBody: ', async function(){
await driver.sleep(500).wait('body', 30000).html().then(function(code){
isPageError(code).should.be.false;
});
});
it('insertVar: username ( #username, {{LoginUsername}} )', async function(){
await driver.sleep(300).wait('#username', 30000)
.val(_(`{{LoginUsername}}`));
});
it('insertVar: password ( #password, {{LoginUsername}} )', async function(){
await driver.sleep(300).wait('#password', 30000)
.val(_(`{{LoginUsername}}`));
});
it('expect: displayed, .btn-signup, equal, true', async function(){
await driver.sleep(300).wait('.btn-signup', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('click: Sign in ( button, 174, 18, 0 )', async function(){
await driver.sleep(300).wait('button.btn-signup', 30000)
.sleep(300).click();
});
it('expect: displayed, div.new-button, equal, true', async function(){
await driver.sleep(300).wait('div.new-button', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('expect: displayed, a.dropdown-toggle, equal, true', async function(){
await driver.sleep(300).wait('a.dropdown-toggle', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('click: My Settings ( a.dropdown-toggle )', async function(){
await driver.sleep(300).wait('a.dropdown-toggle', 30000)
.sleep(300).click();
});
it('× expect: display, li:nth-child(1) > a.ng-binding, equal, true', async function(){
await driver.sleep(300).wait('li:nth-child(1) > a.ng-binding', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('× expect: display, li:nth-child(3) > a.ng-binding, equal, true', async function(){
await driver.sleep(300).wait('li:nth-child(3) > a.ng-binding', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('click: Edit Profile ( li:nth-child(1) > a.ng-binding)', async function(){
await driver.sleep(300).wait('li:nth-child(1) > a.ng-binding', 30000)
.sleep(300).mouseMove(54.59375, 14).mouseDown(0);
});
it('click: Edit Profile ( li:nth-child(1) > a.ng-binding, 52, 13, 0 )', async function(){
await driver.sleep(300).wait('li:nth-child(1) > a.ng-binding', 30000)
.sleep(300).mouseMove(52, 13).click(0);
});
it('waitBody: ', async function(){
await driver.sleep(500).wait('body', 30000).html().then(function(code){
isPageError(code).should.be.false;
});
});
it('× insertVar: firstName ( #firstName, {{Profile_NewFirstName}} )', async function(){
await driver.sleep(300).wait('#firstName', 30000)
.val(_(`{{Profile_NewFirstName}}`));
});
it('× insertVar: lastName ( #lastName, {{Profile_NewLastName}} )', async function(){
await driver.sleep(300).wait('#lastName', 30000)
.val(_(`{{Profile_NewLastName}}`));
});
it('× click: Save Changes ( button.btn-signup, 95, 10, 0 )', async function(){
await driver.sleep(300).wait('button.btn-signup', 30000)
.sleep(300).mouseMove(95, 10).click(0);
});
it('× mouseUp: Profile saved succes... ( section.row, 333, 78, 0 )', async function(){
await driver.sleep(300).wait('section.row', 30000)
.sleep(300).mouseMove(333, 78).mouseMove(333, 78).mouseUp(0);
});
it('× expect: displayed, div.text-success, equal, true', async function(){
await driver.sleep(300).wait('div.text-success', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('× expect: displayed, .text-danger, notEqual, true', async function(){
await driver.sleep(300).wait('.text-danger', 300)
.displayed()
.should.not.be.a('error')
.should.not.equal(_(true));
});
/*
** Revert back to expected names
*/
it('× insertVar: firstName ( #firstName, {{Profile_OldFirstName}} )', async function(){
await driver.sleep(300).wait('#firstName', 30000)
.val(_(`{{Profile_OldFirstName}}`));
});
it('× insertVar: lastName ( #lastName, {{Profile_OldLastName}} )', async function(){
await driver.sleep(300).wait('#lastName', 30000)
.val(_(`{{Profile_OldLastName}}`));
});
it('× click: Save Changes ( button.btn-signup, 95, 10, 0 )', async function(){
await driver.sleep(300).wait('button.btn-signup', 30000)
.sleep(300).click(0);
});
it('× expect: displayed, .text-danger, notEqual, true', async function(){
await driver.sleep(300).wait('.text-danger', 300)
.displayed()
.should.not.be.a('error')
.should.not.equal(_(true));
});
//Check that we can't save an invalid email
it('× insertVar: email ( #email, {{Profile_NewInvalidEmail}} )', async function(){
await driver.sleep(300).wait('#email', 30000)
.val(_(`{{Profile_NewInvalidEmail}}`));
});
it('× click: Save Changes ( button.btn-signup, 90, 16, 0 )', async function(){
await driver.sleep(300).wait('button.btn-signup', 30000)
.sleep(300).click(0);
});
it('url: http://localhost:5000/#!/settings/profile', async function(){
await driver.url(_(`http://localhost:5000/#!/settings/profile`));
});
it('waitBody: ', async function(){
await driver.sleep(500).wait('body', 30000).html().then(function(code){
isPageError(code).should.be.false;
});
});
it('click: Email ( div:nth-child(8) > div.field-title, 352, 0, 0 )', async function(){
await driver.sleep(300).wait('div:nth-child(8) > div.field-title', 30000)
.sleep(300).click(0);
});
it('click: Email ( //h4[text()="Email"], 323, 5, 0 )', async function(){
await driver.sleep(300).wait('//h4[text()="Email"]', 30000)
.sleep(300).click(0);
});
it('expect: text, #email, notEqual, {{Profile_NewInvalidEmail}}', async function(){
await driver.sleep(300).wait('#email', 300)
.text()
.should.not.be.a('error')
.should.not.equal(_(`{{Profile_NewInvalidEmail}}`));
});
/*
** Logout
*/
it('click: Signout ( //a[text()="Signout"], 31, 31, 0 )', async function(){
await driver.sleep(300).wait('//a[text()="Signout"]', 30000)
.sleep(300).mouseMove(31, 31).click(0);
});
it('expect: displayed, button.btn-signup, equal, true', async function(){
await driver.sleep(300).wait('button.btn-signup', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
function _(str){
if(typeof str === 'string'){
return str.replace(/\{\{(.+?)\}\}/g, function(all, key){
return testVars[key] || '';
});
}
else{
return str;
}
}
};
if(module.parent && /mocha\.js/.test(module.parent.id)){
runThisSpec();
}
function runThisSpec(){
// read config
let webdriver = process.env['webdriver'] || '';
let proxy = process.env['wdproxy'] || '';
let config = require(rootPath + '/config.json');
let webdriverConfig = Object.assign({},config.webdriver);
let host = webdriverConfig.host;
let port = webdriverConfig.port || 4444;
let match = webdriver.match(/([^\:]+)(?:\:(\d+))?/);
if(match){
host = match[1] || host;
port = match[2] || port;
}
let testVars = config.vars;
let browsers = webdriverConfig.browsers;
browsers = browsers.replace(/^\s+|\s+$/g, '');
delete webdriverConfig.host;
delete webdriverConfig.port;
delete webdriverConfig.browsers;
// read hosts
let hostsPath = rootPath + '/hosts';
let hosts = '';
if(fs.existsSync(hostsPath)){
hosts = fs.readFileSync(hostsPath).toString();
}
let specName = path.relative(rootPath, __filename).replace(/\\/g,'/').replace(/\.js$/,'');
browsers.split(/\s*,\s*/).forEach(function(browserName){
let caseName = specName + ' : ' + browserName;
let browserInfo = browserName.split(' ');
browserName = browserInfo[0];
let browserVersion = browserInfo[1];
describe(caseName, function(){
this.timeout(600000);
this.slow(1000);
let driver;
before(function(){
let self = this;
let driver = new JWebDriver({
'host': host,
'port': port
});
let sessionConfig = Object.assign({}, webdriverConfig, {
'browserName': browserName,
'version': browserVersion,
'ie.ensureCleanSession': true,
'chromeOptions': {
'args': ['--enable-automation']
}
});
if(proxy){
sessionConfig.proxy = {
'proxyType': 'manual',
'httpProxy': proxy,
'sslProxy': proxy
}
}
else if(hosts){
sessionConfig.hosts = hosts;
}
self.driver = driver.session(sessionConfig).maximize().config({
pageloadTimeout: 30000, // page onload timeout
scriptTimeout: 5000, // sync script timeout
asyncScriptTimeout: 10000 // async script timeout
});
self.testVars = testVars;
let casePath = path.dirname(caseName);
self.screenshotPath = rootPath + '/screenshots/' + casePath;
self.diffbasePath = rootPath + '/diffbase/' + casePath;
self.caseName = caseName.replace(/.*\//g, '').replace(/\s*[:\.\:\-\s]\s*/g, '_');
mkdirs(self.screenshotPath);
mkdirs(self.diffbasePath);
self.stepId = 0;
return self.driver;
});
module.exports();
beforeEach(function(){
let self = this;
self.stepId ++;
if(self.skipAll){
self.skip();
}
});
afterEach(async function(){
let self = this;
let currentTest = self.currentTest;
let title = currentTest.title;
if(currentTest.state === 'failed' && /^(url|waitBody|switchWindow|switchFrame):/.test(title)){
self.skipAll = true;
}
if(!/^(closeWindow):/.test(title)){
let filepath = self.screenshotPath + '/' + self.caseName + '_' + self.stepId;
let driver = self.driver;
try{
// catch error when get alert msg
await driver.getScreenshot(filepath + '.png');
let url = await driver.url();
let html = await driver.source();
html = '<!--url: '+url+' -->\n' + html;
fs.writeFileSync(filepath + '.html', html);
let cookies = await driver.cookies();
fs.writeFileSync(filepath + '.cookie', JSON.stringify(cookies));
}
catch(e){}
}
});
after(function(){
return this.driver.close();
});
});
});
}
function getRootPath(){
let rootPath = path.resolve(__dirname);
while(rootPath){
if(fs.existsSync(rootPath + '/config.json')){
break;
}
rootPath = rootPath.substring(0, rootPath.lastIndexOf(path.sep));
}
return rootPath;
}
function mkdirs(dirname){
if(fs.existsSync(dirname)){
return true;
}else{
if(mkdirs(path.dirname(dirname))){
fs.mkdirSync(dirname);
return true;
}
}
}
function callSpec(name){
try{
require(rootPath + '/' + name)();
}
catch(e){
console.log(e)
process.exit(1);
}
}
function isPageError(code){
return code == '' || / jscontent="errorCode" jstcache="\d+"|diagnoseConnectionAndRefresh|dnserror_unavailable_header|id="reportCertificateErrorRetry"|400 Bad Request|403 Forbidden|404 Not Found|500 Internal Server Error|502 Bad Gateway|503 Service Temporarily Unavailable|504 Gateway Time-out/i.test(code);
}
function catchError(error){
}

363
selenium_test/loginAndCreateForm.spec.js Normal file
View file

@ -0,0 +1,363 @@
const fs = require('fs');
const path = require('path');
const chai = require("chai");
const should = chai.should();
const JWebDriver = require('jwebdriver');
chai.use(JWebDriver.chaiSupportChainPromise);
const resemble = require('resemblejs-node');
resemble.outputSettings({
errorType: 'flatDifferenceIntensity'
});
const rootPath = getRootPath();
module.exports = function(){
let driver, testVars;
before(function(){
let self = this;
driver = self.driver;
testVars = self.testVars;
});
it('url: http://localhost:5000', async function(){
await driver.url(_(`http://localhost:5000`));
});
it('waitBody: ', async function(){
await driver.sleep(500).wait('body', 30000).html().then(function(code){
isPageError(code).should.be.false;
});
});
it('insertVar: username ( #username, {{LoginUsername}} )', async function(){
await driver.sleep(300).wait('#username', 30000)
.val(_(`{{LoginUsername}}`));
});
it('insertVar: password ( #password, {{LoginPassword}} )', async function(){
await driver.sleep(300).wait('#password', 30000)
.val(_(`{{LoginPassword}}`));
});
it('mouseUp: Sign in ( button, 375, 45, 0 )', async function(){
await driver.sleep(300).wait('button', 30000)
.sleep(300).mouseMove(375, 45).mouseMove(375, 45).mouseUp(0);
});
it('expect: displayed, button.btn.btn-signup, equal, true', async function(){
await driver.sleep(300).wait('button.btn.btn-signup', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('click: Sign in ( button, 217, 21, 0 )', async function(){
await driver.sleep(300).wait('button', 30000)
.sleep(300).mouseMove(217, 21).click(0);
});
it('expect: displayed, div.new-button, equal, true', async function(){
await driver.sleep(500).wait('div.new-button', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('expect: displayed, section.navbar.navbar-inverse, equal, true', async function(){
await driver.sleep(300).wait('section.navbar.navbar-inverse', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('click: h4.fa, 76, 96, 0', async function(){
await driver.sleep(300).wait('h4.fa', 30000)
.sleep(300).mouseMove(76, 96).click(0);
});
it('sleep: 100', async function(){
await driver.sleep(100);
});
it('expect: displayed, form[name="forms.createForm"], equal, true', async function(){
await driver.sleep(300).wait('form[name="forms.createForm"]', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('× click: title ( input[name="title"], 115, 12, 0 )', async function(){
await driver.sleep(300).wait('input[name="title"]', 30000)
.sleep(300).mouseMove(115, 12).click(0);
});
it('× expect: attr, .form-item.create-new.new-form button.btn,disabled, equal, true', async function(){
await driver.sleep(300).wait('.form-item.create-new.new-form button.btn', 30000)
.attr('disabled')
.should.not.be.a('error')
.should.equal(_(`true`));
});
it('sendKeys: aeoaoe', async function(){
await driver.sendKeys('aeoaoe');
});
it('× expect: attr, .form-item.create-new.new-form button.btn,disabled, equal, undefined', async function(){
await driver.sleep(300).wait('.form-item.create-new.new-form button.btn', 30000)
.attr('disabled')
.should.not.be.a('error')
.should.equal(_(null));
});
it('× click: Create this TellForm ( button, 57, 16, 0 )', async function(){
await driver.sleep(300).wait('button', 30000)
.sleep(300).mouseMove(57, 16).click(0);
});
it('× expect: displayed, i.status-light.status-light-on, equal, true', async function(){
await driver.sleep(300).wait('i.status-light.status-light-on', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('× expect: displayed, .btn.btn-danger > .fa.fa-trash-o, equal, true', async function(){
await driver.sleep(300).wait('.btn.btn-danger > .fa.fa-trash-o', 30000)
.displayed()
.should.not.be.a('error')
.should.equal(_(true));
});
it('× click: Create ( //a[text()="Create"], 163, 25, 2 )', async function(){
await driver.sleep(300).wait('//a[text()="Create"]', 30000)
.sleep(300).mouseMove(163, 25).click(2);
});
it('× mouseUp: aeoaoe ( section.admin-form, 467, 53, 0 )', async function(){
await driver.sleep(300).wait('section.admin-form', 30000)
.sleep(300).mouseMove(467, 53).mouseMove(467, 53).mouseUp(0);
});
it('× click: Short Text ( div:nth-child(1) > div.panel-default > div.panel-heading > span.ng-binding, 39, 4, 0 )', async function(){
await driver.sleep(300).wait('div:nth-child(1) > div.panel-default > div.panel-heading > span.ng-binding', 30000)
.sleep(300).mouseMove(39, 4).click(0);
});
it('× insertVar: title ( input[name="title"], {{ShortTextTitle}} )', async function(){
await driver.sleep(300).wait('input[name="title"]', 30000)
.val(_(`{{ShortTextTitle}}`));
});
it('mouseUp: 1 SeleniumShortText... ( body, 740, 97, 0 )', async function(){
await driver.sleep(300).wait('body', 30000)
.sleep(300).mouseMove(740, 97).mouseMove(740, 97).mouseUp(0);
});
it('× expect: text, field-directive .field-title h3, equal, 1 {{ShortTextTitle}}', async function(){
await driver.sleep(300).wait('field-directive .field-title h3', 30000)
.text()
.should.not.be.a('error')
.should.equal(_(`1 {{ShortTextTitle}}`));
});
it('× click: Save ( button.btn-signup, 33, 23, 0 )', async function(){
await driver.sleep(300).wait('button.btn-signup', 30000)
.sleep(300).mouseMove(33, 23).click(0);
});
it('× click: Delete Form ( span.hidden-sm, 55, 8, 0 )', async function(){
await driver.sleep(300).wait('span.hidden-sm', 30000)
.sleep(300).mouseMove(55, 8).click(0);
});
it('× dblClick: aeoaoe ( //strong[text()="aeoaoe"], 26, 4, 0 )', async function(){
await driver.sleep(300).wait('//strong[text()="aeoaoe"]', 30000)
.sleep(300).mouseMove(26, 4).click(0).click(0);
});
it('× click: input.input-block, 399, 3, 0', async function(){
await driver.sleep(300).wait('input.input-block', 30000)
.sleep(300).mouseMove(399, 3).click(0);
});
function _(str){
if(typeof str === 'string'){
return str.replace(/\{\{(.+?)\}\}/g, function(all, key){
return testVars[key] || '';
});
}
else{
return str;
}
}
};
if(module.parent && /mocha\.js/.test(module.parent.id)){
runThisSpec();
}
function runThisSpec(){
// read config
let webdriver = process.env['webdriver'] || '';
let proxy = process.env['wdproxy'] || '';
let config = require(rootPath + '/config.json');
let webdriverConfig = Object.assign({},config.webdriver);
let host = webdriverConfig.host;
let port = webdriverConfig.port || 4444;
let match = webdriver.match(/([^\:]+)(?:\:(\d+))?/);
if(match){
host = match[1] || host;
port = match[2] || port;
}
let testVars = config.vars;
let browsers = webdriverConfig.browsers;
browsers = browsers.replace(/^\s+|\s+$/g, '');
delete webdriverConfig.host;
delete webdriverConfig.port;
delete webdriverConfig.browsers;
// read hosts
let hostsPath = rootPath + '/hosts';
let hosts = '';
if(fs.existsSync(hostsPath)){
hosts = fs.readFileSync(hostsPath).toString();
}
let specName = path.relative(rootPath, __filename).replace(/\\/g,'/').replace(/\.js$/,'');
browsers.split(/\s*,\s*/).forEach(function(browserName){
let caseName = specName + ' : ' + browserName;
let browserInfo = browserName.split(' ');
browserName = browserInfo[0];
let browserVersion = browserInfo[1];
describe(caseName, function(){
this.timeout(600000);
this.slow(1000);
let driver;
before(function(){
let self = this;
let driver = new JWebDriver({
'host': host,
'port': port
});
let sessionConfig = Object.assign({}, webdriverConfig, {
'browserName': browserName,
'version': browserVersion,
'ie.ensureCleanSession': true,
'chromeOptions': {
'args': ['--enable-automation']
}
});
if(proxy){
sessionConfig.proxy = {
'proxyType': 'manual',
'httpProxy': proxy,
'sslProxy': proxy
}
}
else if(hosts){
sessionConfig.hosts = hosts;
}
self.driver = driver.session(sessionConfig).maximize().config({
pageloadTimeout: 30000, // page onload timeout
scriptTimeout: 5000, // sync script timeout
asyncScriptTimeout: 10000 // async script timeout
});
self.testVars = testVars;
let casePath = path.dirname(caseName);
self.screenshotPath = rootPath + '/screenshots/' + casePath;
self.diffbasePath = rootPath + '/diffbase/' + casePath;
self.caseName = caseName.replace(/.*\//g, '').replace(/\s*[:\.\:\-\s]\s*/g, '_');
mkdirs(self.screenshotPath);
mkdirs(self.diffbasePath);
self.stepId = 0;
return self.driver;
});
module.exports();
beforeEach(function(){
let self = this;
self.stepId ++;
if(self.skipAll){
self.skip();
}
});
afterEach(async function(){
let self = this;
let currentTest = self.currentTest;
let title = currentTest.title;
if(currentTest.state === 'failed' && /^(url|waitBody|switchWindow|switchFrame):/.test(title)){
self.skipAll = true;
}
if(!/^(closeWindow):/.test(title)){
let filepath = self.screenshotPath + '/' + self.caseName + '_' + self.stepId;
let driver = self.driver;
try{
// catch error when get alert msg
await driver.getScreenshot(filepath + '.png');
let url = await driver.url();
let html = await driver.source();
html = '<!--url: '+url+' -->\n' + html;
fs.writeFileSync(filepath + '.html', html);
let cookies = await driver.cookies();
fs.writeFileSync(filepath + '.cookie', JSON.stringify(cookies));
}
catch(e){}
}
});
after(function(){
return this.driver.close();
});
});
});
}
function getRootPath(){
let rootPath = path.resolve(__dirname);
while(rootPath){
if(fs.existsSync(rootPath + '/config.json')){
break;
}
rootPath = rootPath.substring(0, rootPath.lastIndexOf(path.sep));
}
return rootPath;
}
function mkdirs(dirname){
if(fs.existsSync(dirname)){
return true;
}else{
if(mkdirs(path.dirname(dirname))){
fs.mkdirSync(dirname);
return true;
}
}
}
function callSpec(name){
try{
require(rootPath + '/' + name)();
}
catch(e){
console.log(e)
process.exit(1);
}
}
function isPageError(code){
return code == '' || / jscontent="errorCode" jstcache="\d+"|diagnoseConnectionAndRefresh|dnserror_unavailable_header|id="reportCertificateErrorRetry"|400 Bad Request|403 Forbidden|404 Not Found|500 Internal Server Error|502 Bad Gateway|503 Service Temporarily Unavailable|504 Gateway Time-out/i.test(code);
}
function catchError(error){
}

4
server.js
View file

@ -81,9 +81,9 @@ var bootstrap = function() {
return app;
}
module.exports = bootstrap();
// To maintain backwards compatibility, run bootstrap when called as a file
if(require.main === module) {
bootstrap();
} else {
module.exports = bootstrap();
}