From 41189175b3393c25e5f4f735903fd4def9598b39 Mon Sep 17 00:00:00 2001 From: KristofferHaakonsen Date: Mon, 8 Mar 2021 18:26:30 +0100 Subject: [PATCH 1/4] WIP --- backend/secfit/users/tests.py | 56 ++++++++++++++++++++++++++++++++++- 1 file changed, 55 insertions(+), 1 deletion(-) diff --git a/backend/secfit/users/tests.py b/backend/secfit/users/tests.py index 3271727..de5e615 100644 --- a/backend/secfit/users/tests.py +++ b/backend/secfit/users/tests.py @@ -581,7 +581,7 @@ class CityBoundaryTestCase(TestCase): @skip("Skip so pipeline will pass") def test_numbers(self): - defaultDataRegister["city"]="Oslo!" + defaultDataRegister["city"]="Oslo1" response = self.client.post("/api/users/", defaultDataRegister) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) @@ -665,3 +665,57 @@ class Street_AdressBoundaryTestCase(TestCase): defaultDataRegister["city"]=x+"Strandveien" response = self.client.post("/api/users/", defaultDataRegister) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) + + + +''' + 2-way domain testing + + We will do the following: + 1. Define data, we will reuse the same data as in boundary values (ideally this could be automated so that all the data is only stored in one place, the validity could be set from the tests themselfs) + 2. Do several loops to test the data togheter + 3. Return results +''' + +twoWayDomainData = [ +[("", False), ("johnDoe", True), ("johnDoe7653", True), ("23165484", True), ("John!#¤%&/<>|§()=?`^*_:;", False) ], +[("", False), ("kkkk", False), ("johnDoe@webmail.com", True), ("johnDoe@web#%¤&/&.com", False)], +[("", False), ("short", False), ("passwordpassword", True), ("123346)(%y#(%¨>l<][475", True)], +[("", False), ("1234", False), ("1122334455", True), ("phonenumber", False), ("=?`^*_:;,.-'¨\+@£$", False)], +[("", False), ("Chad", True), ("Norway1", False), ("=?`^*_:;,.-'¨\+@£$", False)], +[("", False), ("Oslo", True), ("Oslo1", False), ("Oslo=?`^*_:;,.-'¨\+@£$", False)], +[("", False), ("Strandveien", True), ("Strandveien1", True), ("Kongens gate", True), ("Oslo=?`^*_:;,.-'¨\+@£$", False)]] + + + + +class two_way_domain_test(TestCase): + def setUp(self): + # Adds some randomness + global counter + defaultDataRegister["username"]= "johnDoe" + str(counter) + counter += 1 + + def check(self, value1, value2): + #Todo: This method will check the input + print("todo") + + + def test_two_way_domain(self): + defaultDataRegister["street_adress"]="" + response = self.client.post("/api/users/", defaultDataRegister) + + print("\n") + for y1 in range(0, len(twoWayDomainData)): + for x1 in range(0, len(twoWayDomainData[y1])): + print("y1,x1: {}, {} = {}".format(y1, x1, twoWayDomainData[y1][x1])) + for y2 in range(y1+1, len(twoWayDomainData)): + for x2 in range(0, len(twoWayDomainData[y2])): + print("y2,x2: {}, {} = {}".format(y2, x2, twoWayDomainData[y2][x2])) + # Add check method + # Store result and return when y1 goes to next + # Print/return some data + + + + -- GitLab From 3f59ba6031a13393f3f22654a96e42ca89db6dc8 Mon Sep 17 00:00:00 2001 From: KristofferHaakonsen Date: Tue, 9 Mar 2021 20:46:34 +0100 Subject: [PATCH 2/4] remove comment --- backend/secfit/workouts/tests.py | 7 ------- 1 file changed, 7 deletions(-) diff --git a/backend/secfit/workouts/tests.py b/backend/secfit/workouts/tests.py index f02993d..c314461 100644 --- a/backend/secfit/workouts/tests.py +++ b/backend/secfit/workouts/tests.py @@ -270,13 +270,6 @@ class WorkoutPermissionsTestCases(TestCase): defaultDataWorkout = {"name": "workoutname","date": "2021-01-1T13:29:00.000Z","notes": "notes","visibility":"PU","planned": "false","exercise_instances": [],"filename": []} counter = 0 -''' - def test_simple(self): - response = self.client.post('http://testserver/api/workouts/', json.dumps(defaultDataWorkout), content_type='application/json') - self.assertEqual(response.status_code, status.HTTP_201_CREATED) - -''' - class WorkoutnameBoundaryTestCase(TestCase): def setUp(self): User.objects.create(id="999",username="JohnDoe",password="JohnDoePassword") -- GitLab From ba48d0e4967ad7fa94cd155f341de3b3eb62b687 Mon Sep 17 00:00:00 2001 From: KristofferHaakonsen Date: Tue, 9 Mar 2021 20:50:24 +0100 Subject: [PATCH 3/4] add 2-way testing --- backend/secfit/users/tests.py | 84 ++++++++++++++++++++++++----------- 1 file changed, 58 insertions(+), 26 deletions(-) diff --git a/backend/secfit/users/tests.py b/backend/secfit/users/tests.py index de5e615..32d68c2 100644 --- a/backend/secfit/users/tests.py +++ b/backend/secfit/users/tests.py @@ -1,7 +1,7 @@ from django.contrib.auth import get_user_model, password_validation from django.test import TestCase from users.serializers import UserSerializer -from rest_framework.test import APIRequestFactory, APITestCase +from rest_framework.test import APIRequestFactory, APITestCase, APIClient from rest_framework.request import Request from random import choice from string import ascii_uppercase @@ -678,44 +678,76 @@ class Street_AdressBoundaryTestCase(TestCase): ''' twoWayDomainData = [ -[("", False), ("johnDoe", True), ("johnDoe7653", True), ("23165484", True), ("John!#¤%&/<>|§()=?`^*_:;", False) ], -[("", False), ("kkkk", False), ("johnDoe@webmail.com", True), ("johnDoe@web#%¤&/&.com", False)], -[("", False), ("short", False), ("passwordpassword", True), ("123346)(%y#(%¨>l<][475", True)], -[("", False), ("1234", False), ("1122334455", True), ("phonenumber", False), ("=?`^*_:;,.-'¨\+@£$", False)], -[("", False), ("Chad", True), ("Norway1", False), ("=?`^*_:;,.-'¨\+@£$", False)], -[("", False), ("Oslo", True), ("Oslo1", False), ("Oslo=?`^*_:;,.-'¨\+@£$", False)], -[("", False), ("Strandveien", True), ("Strandveien1", True), ("Kongens gate", True), ("Oslo=?`^*_:;,.-'¨\+@£$", False)]] - +[("username", "", False), ("username", "johny", True), ("username", "johnDoe7653", True), ("username", "23165484", True), ("username", "John!#¤%&/<>|§()=?`^*_:;", False) ], +[("email", "", False), ("email", "kkkk", False), ("email", "johnDoe@webmail.com", True), ("email", "johnDoe@web#%¤&/&.com", False)], +[("password", "", False), ("password","short", False), ("password","passwordpassword", True), ("password","123346)(%y#(%¨>l<][475", True)], +[("phone_number","", False), ("phone_number","1234", False), ("phone_number","1122334455", True), ("phone_number","phonenumber", False), ("phone_number","=?`^*_:;,.-'¨\+@£$", False)], +[("country","", False), ("country", "Chad", True), ("country", "Norway1", False), ("country", "=?`^*_:;,.-'¨\+@£$", False)], +[("city","", False), ("city", "Oslo", True), ("city", "Oslo1", False), ("city", "Oslo=?`^*_:;,.-'¨\+@£$", False)], +[("street_adress","", False), ("street_adress", "Strandveien", True), ("street_adress", "Strandveien1", True), ("street_adress", "Kongens gate", True), ("street_adress", "Oslo=?`^*_:;,.-'¨\+@£$", False)]] class two_way_domain_test(TestCase): def setUp(self): - # Adds some randomness + self.failedCounter = 0 + self.testsRunned = 0 + self.failures_400 = [] + self.failures_201 = [] + self.client = APIClient() + + def check(self, value1, value2): + # Iterate + self.testsRunned += 1 global counter - defaultDataRegister["username"]= "johnDoe" + str(counter) counter += 1 - def check(self, value1, value2): - #Todo: This method will check the input - print("todo") + # Set data + self.defaultDataRegister = { + "username": "johnDoe"+str(counter), "email": "johnDoe@webserver.com", "password": "johnsPassword", "password1": "johnsPassword", "phone_number": "11223344", "country": "Norway", "city": "Trondheim", "street_address": "Kongens gate 33"} + self.defaultDataRegister[value1[0]] = value1[1] + self.defaultDataRegister[value2[0]] = value2[1] + + # Make sure that password == password1, we do not check for this + if value1[0] == "password": + self.defaultDataRegister["password1"] = value1[1] + elif value2[0] == "password": + self.defaultDataRegister["password1"] = value2[1] + + # Get result + response = self.client.post("/api/users/", self.defaultDataRegister) + + # If the result should be 201 + if value1[2] and value2[2]: + if response.status_code != status.HTTP_201_CREATED: + self.failures_201.append({"type1": value1[0], "value1":value1[1], "type2":value2[0], "value2":value2[1]}) + self.failedCounter +=1 + + # If the result should be 400 + else: + if response.status_code != status.HTTP_400_BAD_REQUEST: + self.failures_400.append({"type1": value1[0], "value1":value1[1], "type2":value2[0], "value2":value2[1]}) + self.failedCounter +=1 + + # Delete the created user to prevent errors when we test the same value of username several times + if response.status_code == status.HTTP_201_CREATED: + # Authenticate so we can delete + self.client.force_authenticate(user=User.objects.get(id = response.data['id'])) + response2 = self.client.delete('/api/users/'+str(response.data['id'])+'/') def test_two_way_domain(self): - defaultDataRegister["street_adress"]="" - response = self.client.post("/api/users/", defaultDataRegister) - - print("\n") + # For each element, try all other elements once for y1 in range(0, len(twoWayDomainData)): for x1 in range(0, len(twoWayDomainData[y1])): - print("y1,x1: {}, {} = {}".format(y1, x1, twoWayDomainData[y1][x1])) for y2 in range(y1+1, len(twoWayDomainData)): for x2 in range(0, len(twoWayDomainData[y2])): - print("y2,x2: {}, {} = {}".format(y2, x2, twoWayDomainData[y2][x2])) - # Add check method - # Store result and return when y1 goes to next - # Print/return some data - - - + self.check(twoWayDomainData[y1][x1], twoWayDomainData[y2][x2]) + + # Print results + print("\n-------------------------------------------------------------------------------------------------------------------------------") + print("2-Way Domain Testing:\nTotal combinations (tests): {}\nTotal failed combinations (tests): {}".format(self.testsRunned, self.failedCounter)) + print("{} combinations should work but didn't\n{} combinations should NOT work but did".format(len(self.failures_201), len(self.failures_400))) + print("The combinations that should have worked: {}\nThe combinations that should not have worked: {}".format(self.failures_201, self.failures_400)) + print("-------------------------------------------------------------------------------------------------------------------------------") -- GitLab From 04e524cf2a9d89498b3567324b06656942e76093 Mon Sep 17 00:00:00 2001 From: KristofferHaakonsen Date: Thu, 11 Mar 2021 18:18:50 +0100 Subject: [PATCH 4/4] add two way domain test for password --- backend/secfit/users/tests.py | 40 ++++++++++++++++++++++++++++++++--- 1 file changed, 37 insertions(+), 3 deletions(-) diff --git a/backend/secfit/users/tests.py b/backend/secfit/users/tests.py index 32d68c2..90329a7 100644 --- a/backend/secfit/users/tests.py +++ b/backend/secfit/users/tests.py @@ -686,7 +686,7 @@ twoWayDomainData = [ [("city","", False), ("city", "Oslo", True), ("city", "Oslo1", False), ("city", "Oslo=?`^*_:;,.-'¨\+@£$", False)], [("street_adress","", False), ("street_adress", "Strandveien", True), ("street_adress", "Strandveien1", True), ("street_adress", "Kongens gate", True), ("street_adress", "Oslo=?`^*_:;,.-'¨\+@£$", False)]] - +two_way_passwords = [['johnsPassword', 'johnsPassword'], ['johnsPassword', 'johnsPassword1'], ['', 'johnsPassword'], ['johnsPassword', '']] class two_way_domain_test(TestCase): def setUp(self): @@ -708,7 +708,7 @@ class two_way_domain_test(TestCase): self.defaultDataRegister[value1[0]] = value1[1] self.defaultDataRegister[value2[0]] = value2[1] - # Make sure that password == password1, we do not check for this + # Make sure that password == password1, we check for this below if value1[0] == "password": self.defaultDataRegister["password1"] = value1[1] elif value2[0] == "password": @@ -736,13 +736,47 @@ class two_way_domain_test(TestCase): response2 = self.client.delete('/api/users/'+str(response.data['id'])+'/') + def two_way_password(self): + global counter + counter += 1 + self.defaultDataRegister = { + "username": "johnDoe"+str(counter), "email": "johnDoe@webserver.com", "password": "johnsPassword", "password1": "johnsPassword", "phone_number": "11223344", "country": "Norway", "city": "Trondheim", "street_address": "Kongens gate 33"} + + for passwords in two_way_passwords: + self.defaultDataRegister['password'] = passwords[0] + self.defaultDataRegister['password1'] = passwords[1] + self.testsRunned += 1 + # Get result + response = self.client.post("/api/users/", self.defaultDataRegister) + + # Check + if passwords[0] is passwords[1]: + if response.status_code != status.HTTP_201_CREATED: + self.failures_201.append({"type1": 'password', "value1":passwords[0], "type2": 'password1', "value2":passwords[1]}) + self.failedCounter +=1 + else: + if response.status_code != status.HTTP_400_BAD_REQUEST: + self.failures_400.append({"type1": 'password', "value1":passwords[0], "type2": 'password1', "value2":passwords[1]}) + self.failedCounter +=1 + + # Delete the created user to prevent errors when we test the same value of username several times + if response.status_code == status.HTTP_201_CREATED: + # Authenticate so we can delete + self.client.force_authenticate(user=User.objects.get(id = response.data['id'])) + response2 = self.client.delete('/api/users/'+str(response.data['id'])+'/') + + def test_two_way_domain(self): - # For each element, try all other elements once + # For each element, try all other elements once for y1 in range(0, len(twoWayDomainData)): for x1 in range(0, len(twoWayDomainData[y1])): for y2 in range(y1+1, len(twoWayDomainData)): for x2 in range(0, len(twoWayDomainData[y2])): self.check(twoWayDomainData[y1][x1], twoWayDomainData[y2][x2]) + + # Do two way testing for passwords + self.two_way_password() + # Print results print("\n-------------------------------------------------------------------------------------------------------------------------------") -- GitLab