1 files changed, 134 insertions, 0 deletions

diff --git a/tests/white-box/webapp.rb b/tests/white-box/webapp.rb
new file mode 100644
index 00000000..68f3dcd2
--- /dev/null
+++ b/tests/white-box/webapp.rb
@@ -0,0 +1,134 @@
+raise SkipTest unless service?(:webapp)
+
+require 'json'
+
+class Webapp < LeapTest
+  depends_on "Network"
+
+  def setup
+  end
+
+  def test_01_Can_contact_couchdb?
+    url = couchdb_url("", url_options)
+    assert_get(url) do |body|
+      assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message."
+    end
+    pass
+  end
+
+  def test_02_Can_contact_couchdb_via_haproxy?
+    if property('haproxy.couch')
+      url = couchdb_url_via_haproxy("", url_options)
+      assert_get(url) do |body|
+        assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message."
+      end
+      pass
+    end
+  end
+
+  def test_03_Are_daemons_running?
+    assert_running '^/usr/sbin/apache2'
+    assert_running '^/usr/bin/ruby /usr/bin/nickserver'
+    pass
+  end
+
+  #
+  # this is technically a black-box test. so, move this when we have support
+  # for black box tests.
+  #
+  def test_04_Can_access_webapp?
+    assert_get('https://' + $node['webapp']['domain'] + '/')
+    pass
+  end
+
+  def test_05_Can_create_and_authenticate_and_delete_user_via_API?
+    if property('webapp.allow_registration')
+      assert_tmp_user
+      pass
+    else
+      skip "New user registrations are disabled."
+    end
+  end
+
+  def test_06_Can_sync_Soledad?
+    return unless property('webapp.allow_registration')
+    soledad_config = property('definition_files.soledad_service')
+    if soledad_config && !soledad_config.empty?
+      soledad_server = pick_soledad_server(soledad_config)
+      if soledad_server
+        assert_tmp_user do |user|
+          command = File.expand_path "../../helpers/soledad_sync.py", __FILE__
+          soledad_url = "https://#{soledad_server}/user-#{user.id}"
+          soledad_cert = "/usr/local/share/ca-certificates/leap_ca.crt"
+          assert_run "#{command} #{user.id} #{user.session_token} #{soledad_url} #{soledad_cert} #{user.password}"
+          assert_user_db_exists(user)
+          pass
+        end
+      end
+    else
+      skip 'No soledad service configuration'
+    end
+  end
+
+  private
+
+  def url_options
+    {
+      :username => property('webapp.couchdb_webapp_user.username'),
+      :password => property('webapp.couchdb_webapp_user.password')
+    }
+  end
+
+  #
+  # pick a random soledad server.
+  # I am not sure why, but using IP address directly does not work.
+  #
+  def pick_soledad_server(soledad_config_json_str)
+    soledad_config = JSON.parse(soledad_config_json_str)
+    host_name = soledad_config['hosts'].keys.shuffle.first
+    if host_name
+      hostname = soledad_config['hosts'][host_name]['hostname']
+      port = soledad_config['hosts'][host_name]['port']
+      return "#{hostname}:#{port}"
+    else
+      return nil
+    end
+  end
+
+  #
+  # returns true if the per-user db created by soledad-server exists.
+  # we try three times, and give up after that.
+  #
+  def assert_user_db_exists(user)
+    db_name = "user-#{user.id}"
+    repeatedly_try("/#{db_name}") do |body, response, error|
+      assert false, "Could not find user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}"
+    end
+    repeatedly_try("/#{db_name}/_design/docs") do |body, response, error|
+      assert false, "Could not find design docs for user db `#{db_name}` for test user `#{user.username}`\nuuid=#{user.id}\nHTTP #{response.code} #{error} #{body}"
+    end
+  end
+
+  #
+  # tries the URL repeatedly, giving up and yield the last response if
+  # no try returned a 200 http status code.
+  #
+  def repeatedly_try(url, &block)
+    last_body, last_response, last_error = nil
+    3.times do
+      sleep 0.2
+      get(couchdb_url(url)) do |body, response, error|
+        last_body, last_response, last_error = body, response, error
+        # After moving to couchdb, webapp user is not allowed to Read user dbs,
+        # but the return code for non-existent databases is 404. See #7674
+        if response.code.to_i == 401
+          return
+        end
+      end
+      sleep 1
+    end
+    yield last_body, last_response, last_error
+    return
+  end
+
+end