diff options
Diffstat (limited to 'tests')
-rw-r--r-- | tests/helpers/bonafide_helper.rb | 190 | ||||
-rw-r--r-- | tests/helpers/couchdb_helper.rb | 36 | ||||
-rw-r--r-- | tests/helpers/http_helper.rb | 27 | ||||
-rw-r--r-- | tests/helpers/smtp_helper.rb | 45 | ||||
-rw-r--r-- | tests/helpers/srp_helper.rb | 4 | ||||
-rw-r--r-- | tests/order.rb | 7 | ||||
-rw-r--r-- | tests/white-box/couchdb.rb | 27 | ||||
-rw-r--r-- | tests/white-box/mx.rb | 99 | ||||
-rw-r--r-- | tests/white-box/webapp.rb | 18 |
9 files changed, 386 insertions, 67 deletions
diff --git a/tests/helpers/bonafide_helper.rb b/tests/helpers/bonafide_helper.rb index 20c3ca8d..95e3e3b7 100644 --- a/tests/helpers/bonafide_helper.rb +++ b/tests/helpers/bonafide_helper.rb @@ -17,58 +17,53 @@ class LeapTest raise exc end - def api_url(path) - api = property('api') - "https://%{domain}:%{port}#{path}" % { - :domain => api['domain'], - :port => api['port'] - } - end - # # attempts to create a user account via the API, # returning the user object if successful. # - def assert_create_user - user = SRP::User.new - url = api_url("/1/users.json") - + def assert_create_user(username=nil, auth=nil) + user = SRP::User.new(username) + url = api_url("/users.json") params = user.to_params - - if property('webapp.invite_required') - @invite_code = generate_invite_code - params['user[invite_code]'] = @invite_code + if auth + options = api_options(:auth => auth) + else + options = api_options + if property('webapp.invite_required') + @invite_code = generate_invite_code + params['user[invite_code]'] = @invite_code + end end - assert_post(url, params) do |body| + assert_post(url, params, options) do |body| assert response = JSON.parse(body), 'response should be JSON' assert response['ok'], "Creating a user should be successful, got #{response.inspect} instead." + user.ok = true + user.id = response['id'] end - user.ok = true return user end + # TODO: use the api for this instead. def generate_invite_code `cd /srv/leap/webapp/ && sudo -u leap-webapp RAILS_ENV=production bundle exec rake generate_invites[1]`.gsub(/\n/, "") end - # # attempts to authenticate user. if successful, # user object is updated with id and session token. # def assert_authenticate_user(user) - url = api_url("/1/sessions.json") + url = api_url("/sessions.json") session = SRP::Session.new(user) params = {'login' => user.username, 'A' => session.aa} - assert_post(url, params) do |response, body| + assert_post(url, params, api_options) do |body, response| cookie = response['Set-Cookie'].split(';').first assert(response = JSON.parse(body), 'response should be JSON') assert(session.bb = response["B"], 'response should include "B"') - url = api_url("/1/sessions/login.json") + url = api_url("/sessions/login.json") params = {'client_auth' => session.m, 'A' => session.aa} - options = {:headers => {'Cookie' => cookie}} - assert_put(url, params, options) do |body| + assert_put(url, params, api_options('Cookie' => cookie)) do |body| assert(response = JSON.parse(body), 'response should be JSON') assert(response['M2'], 'response should include M2') user.session_token = response['token'] @@ -83,16 +78,146 @@ class LeapTest # attempts to destroy a user account via the API. # def assert_delete_user(user) - if user && user.ok && user.id && user.session_token && !user.deleted - url = api_url("/1/users/#{user.id}.json") - options = {:headers => { - "Authorization" => "Token token=\"#{user.session_token}\"" - }} - params = { - :identities => 'destroy' + if user.is_a? String + assert_delete_user_by_login(user) + elsif user.is_a? SRP::User + assert_delete_srp_user(user) + end + end + + # + # returns true if the identity exists, uses monitor token auth + # + def identity_exists?(address) + url = api_url("/identities/#{URI.encode(address)}.json") + get(url, nil, api_options(:auth => :monitor)) do |body, response| + return response.code == "200" + end + end + + def upload_public_key(user_id, public_key) + url = api_url("/users/#{user_id}.json") + params = {"user[public_key]" => public_key} + assert_put(url, params, api_options(:auth => :monitor)) + end + + # + # return user document as a Hash. uses monitor token auth + # + def find_user_by_id(user_id) + url = api_url("/users/#{user_id}.json") + assert_get(url, nil, api_options(:auth => :monitor)) do |body| + return JSON.parse(body) + end + end + + # + # return user document as a Hash. uses monitor token auth + # NOTE: this relies on deprecated behavior of the API + # and will not work when multi-domain support is added. + # + def find_user_by_login(login) + url = api_url("/users/0.json?login=#{login}") + options = {:ok_codes => [200, 404]}.merge(api_options(:auth => :monitor)) + assert_get(url, nil, options) do |body, response| + if response.code == "200" + return JSON.parse(body) + else + return nil + end + end + end + + private + + def api_url(path) + unless path =~ /^\// + path = '/' + path + end + if property('testing.api_uri') + return property('testing.api_uri') + path + elsif property('api') + api = property('api') + return "https://%{domain}:%{port}/%{version}#{path}" % { + :domain => api['domain'], + :port => api['port'], + :version => api['version'] || 1 } + else + fail 'This node needs to have either testing.api_url or api.{domain,port} configured.' + end + end + + # + # produces an options hash used for api http requests. + # + # argument options hash gets added to "headers" + # of the http request. + # + # special :auth key in argument will expand to + # add api_token_auth header. + # + # if you want to try manually: + # + # export API_URI=`grep api_uri /etc/leap/hiera.yaml | cut -d\" -f2` + # export TOKEN=`grep monitor_auth_token /etc/leap/hiera.yaml | awk '{print $2}'` + # curl -H "Accept: application/json" -H "Token: $TOKEN" $API_URI + # + def api_options(options={}) + # note: must be :headers, not "headers" + hsh = { + :headers => { + "Accept" => "application/json" + } + } + if options[:auth] + hsh[:headers].merge!(api_token_auth(options.delete(:auth))) + end + hsh[:headers].merge!(options) + return hsh + end + + # + # add token authentication to a http request. + # + # returns a hash suitable for adding to the 'headers' option + # of an http function. + # + def api_token_auth(token) + if token.is_a?(Symbol) && property('testing') + if token == :monitor + token_str = property('testing.monitor_auth_token') + else + raise ArgumentError.new 'no such token' + end + else + token_str = token + end + {"Authorization" => "Token token=\"#{token_str}\""} + end + + # + # not actually used in any test, but useful when + # writing new tests. + # + def assert_delete_user_by_login(login_name) + user = find_user_by_login(login_name) + url = api_url("/users/#{user['id']}.json") + params = {:identities => 'destroy'} + delete(url, params, api_options(:auth => :monitor)) do |body, response, error| + assert error.nil?, "Error deleting user: #{error}" + assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}" + assert(response = JSON.parse(body), 'Delete response should be JSON') + assert(response["success"], 'Deleting user should be a success') + end + end + + def assert_delete_srp_user(user) + if user && user.ok && user.id && user.session_token && !user.deleted + url = api_url("users/#{user.id}.json") + params = {:identities => 'destroy'} user.deleted = true - delete(url, params, options) do |body, response, error| + delete(url, params, api_options(:auth => user.session_token)) do |body, response, error| assert error.nil?, "Error deleting user: #{error}" assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}" assert(response = JSON.parse(body), 'Delete response should be JSON') @@ -101,4 +226,5 @@ class LeapTest end end + end diff --git a/tests/helpers/couchdb_helper.rb b/tests/helpers/couchdb_helper.rb index 27dabfcb..b9085c1e 100644 --- a/tests/helpers/couchdb_helper.rb +++ b/tests/helpers/couchdb_helper.rb @@ -103,4 +103,40 @@ class LeapTest end end + def assert_destroy_user_db(user_id, options=nil) + db_name = "user-#{user_id}" + url = couchdb_url("/#{db_name}", options) + http_options = {:ok_codes => [200, 404]} # ignore missing dbs + assert_delete(url, nil, http_options) + end + + def assert_create_user_db(user_id, options=nil) + db_name = "user-#{user_id}" + url = couchdb_url("/#{db_name}", options) + http_options = {:ok_codes => [200, 404]} # ignore missing dbs + assert_put(url, nil, :format => :json) do |body| + assert response = JSON.parse(body), "PUT response should be JSON" + assert response["ok"], "PUT response should be OK" + end + end + + # + # returns true if the per-user db created by soledad-server exists. + # + def user_db_exists?(user_id, options=nil) + db_name = "user-#{user_id}" + url = couchdb_url("/#{db_name}", options) + get(url) do |body, response, error| + if response.nil? + fail "could not query couchdb #{url}: #{error}\n#{body}" + elsif response.code.to_i == 200 + return true + elsif response.code.to_i == 404 + return false + else + fail ["could not query couchdb #{url}: expected response code 200 or 404, but got #{response.code}.", error, body].compact.join("\n") + end + end + end + end
\ No newline at end of file diff --git a/tests/helpers/http_helper.rb b/tests/helpers/http_helper.rb index 2fcdc910..0d0bb7d5 100644 --- a/tests/helpers/http_helper.rb +++ b/tests/helpers/http_helper.rb @@ -81,20 +81,31 @@ class LeapTest # # calls http_send, yielding results if successful or failing with - # descriptive infor otherwise. + # descriptive info otherwise. + # + # options: + # - error_msg: custom error message to display. + # - ok_codes: in addition to 2xx, codes in this array will not produce an error. # def assert_http_send(method, url, params=nil, options=nil, &block) options ||= {} error_msg = options[:error_msg] || (url.respond_to?(:memo) ? url.memo : nil) http_send(method, url, params, options) do |body, response, error| - ok = response && response.code.to_i >= 200 && response.code.to_i < 300 - if body && ok - if block - yield(body) if block.arity == 1 - yield(response, body) if block.arity == 2 + if response + code = response.code.to_i + ok = code >= 200 && code < 300 + if options[:ok_codes] + ok ||= options[:ok_codes].include?(code) + end + if ok + if block + yield(body) if block.arity == 1 + yield(body, response) if block.arity == 2 + yield(body, response, error) if block.arity == 3 + end + else + fail ["Expected success code from #{method} #{url}, but got #{response.code} instead.", error_msg, body].compact.join("\n") end - elsif response && !ok - fail ["Expected a 200 status code from #{method} #{url}, but got #{response.code} instead.", error_msg, body].compact.join("\n") else fail ["Expected a response from #{method} #{url}, but got \"#{error}\" instead.", error_msg, body].compact.join("\n"), error end diff --git a/tests/helpers/smtp_helper.rb b/tests/helpers/smtp_helper.rb new file mode 100644 index 00000000..ea7fb9fa --- /dev/null +++ b/tests/helpers/smtp_helper.rb @@ -0,0 +1,45 @@ +require 'net/smtp' + +class LeapTest + + TEST_EMAIL_USER = "test_user_email" + TEST_BAD_USER = "test_user_bad" + + MSG_BODY = %(Since it seems that any heart which beats for freedom has the right only to a +lump of lead, I too claim my share. If you let me live, I shall never stop +crying for revenge and I shall avenge my brothers. I have finished. If you are +not cowards, kill me! + +--Louise Michel) + + def send_email(recipient, options={}) + sender = options[:sender] || recipient + helo_domain = property('domain.full_suffix') + headers = { + "Date" => Time.now.utc, + "From" => sender, + "To" => recipient, + "Subject" => "Test Message", + "X-LEAP-TEST" => "true" + }.merge(options[:headers]||{}) + message = [] + headers.each do |key, value| + message << "#{key}: #{value}" + end + message << "" + message << MSG_BODY + Net::SMTP.start('localhost', 25, helo_domain) do |smtp| + smtp.send_message message.join("\n"), recipient, sender + end + end + + def assert_send_email(recipient, options={}) + begin + send_email(recipient, options) + rescue IOError, Net::OpenTimeout, + Net::ReadTimeout, Net::SMTPError => e + fail "Could not send mail to #{recipient} (#{e})" + end + end + +end
\ No newline at end of file diff --git a/tests/helpers/srp_helper.rb b/tests/helpers/srp_helper.rb index 5d30b459..b30fa768 100644 --- a/tests/helpers/srp_helper.rb +++ b/tests/helpers/srp_helper.rb @@ -138,8 +138,8 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5 attr_accessor :username, :password, :salt, :verifier, :id, :session_token, :ok, :deleted - def initialize - @username = "test_user_" + SecureRandom.urlsafe_base64(10).downcase.gsub(/[_-]/, '') + def initialize(username=nil) + @username = username || "tmp_user_" + SecureRandom.urlsafe_base64(10).downcase.gsub(/[_-]/, '') @password = "password_" + SecureRandom.urlsafe_base64(10) @salt = bigrand(4).hex @verifier = modpow(GENERATOR, private_key) diff --git a/tests/order.rb b/tests/order.rb index 4468686f..14aad9be 100644 --- a/tests/order.rb +++ b/tests/order.rb @@ -9,11 +9,14 @@ class LeapCli::Config::Node # def test_dependencies dependents = LeapCli::Config::ObjectList.new - unless services.include?('couchdb') - if services.include?('webapp') || services.include?('mx') || services.include?('soledad') + + # webapp, mx, and soledad depend on couchdb nodes + if services.include?('webapp') || services.include?('mx') || services.include?('soledad') + if !services.include?('couchdb') dependents.merge! nodes_like_me[:services => 'couchdb'] end end + dependents.keys.delete_if {|name| self.name == name} end end
\ No newline at end of file diff --git a/tests/white-box/couchdb.rb b/tests/white-box/couchdb.rb index da226cc9..859b4745 100644 --- a/tests/white-box/couchdb.rb +++ b/tests/white-box/couchdb.rb @@ -127,6 +127,33 @@ class CouchDB < LeapTest pass end + # + # This is not really a "test", just an attempt to make sure that + # the mx tests that fire off dummy emails don't fill up the + # storage db. + # + # mx tests can't run this because they don't have access to + # the storage db. + # + # This "test" is responsible for both creating the db if it does not + # exist, and destroying if it does. + # + # Yes, this is super hacky. Properly, we should add something to + # the soledad api to support create/delete of user storage dbs. + # + def test_99_Delete_mail_storage_used_in_mx_tests + user = find_user_by_login(TEST_EMAIL_USER) + if user + if user_db_exists?(user["id"]) + # keep the test email db from filling up: + assert_destroy_user_db(user["id"], :username => 'admin') + end + # either way, make sure we leave a db for the mx tests: + assert_create_user_db(user["id"], :username => 'admin') + end + # no 'pass' at the end, since this is not a real test. + end + private def multimaster? diff --git a/tests/white-box/mx.rb b/tests/white-box/mx.rb index 57ec9117..6c0982ce 100644 --- a/tests/white-box/mx.rb +++ b/tests/white-box/mx.rb @@ -1,9 +1,11 @@ raise SkipTest unless service?(:mx) require 'json' +require 'net/smtp' class Mx < LeapTest depends_on "Network" + depends_on "Webapp" if service?(:webapp) def setup end @@ -11,7 +13,7 @@ class Mx < LeapTest def test_01_Can_contact_couchdb? dbs = ["identities"] dbs.each do |db_name| - couchdb_urls("/"+db_name, url_options).each do |url| + couchdb_urls("/"+db_name, couch_url_options).each do |url| assert_get(url) do |body| assert response = JSON.parse(body) assert_equal db_name, response['db_name'] @@ -23,7 +25,7 @@ class Mx < LeapTest def test_02_Can_contact_couchdb_via_haproxy? if property('haproxy.couch') - url = couchdb_url_via_haproxy("", url_options) + url = couchdb_url_via_haproxy("", couch_url_options) assert_get(url) do |body| assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." end @@ -36,7 +38,7 @@ class Mx < LeapTest # using the by_address view for that same document again. # def test_03_Can_query_identities_db? - assert_get(couchdb_url("/identities", url_options)) do |body| + assert_get(couchdb_url("/identities", couch_url_options)) do |body| assert response = JSON.parse(body) doc_count = response['doc_count'].to_i if doc_count <= 1 @@ -46,7 +48,7 @@ class Mx < LeapTest # try five times to get a valid doc for i in 1..5 offset = rand(doc_count) # pick a random document - count_url = couchdb_url("/identities/_all_docs?include_docs=true&limit=1&skip=#{offset}", url_options) + count_url = couchdb_url("/identities/_all_docs?include_docs=true&limit=1&skip=#{offset}", couch_url_options) assert_get(count_url) do |body| assert response = JSON.parse(body) record = response['rows'].first @@ -57,7 +59,7 @@ class Mx < LeapTest assert address, "Identity document #{record['id']} is missing an address field. #{record['doc'].inspect}" url_base = %(/identities/_design/Identity/_view/by_address) params = %(?include_docs=true&reduce=false&startkey="#{address}"&endkey="#{address}") - assert_get(couchdb_url(url_base+params, url_options)) do |body| + assert_get(couchdb_url(url_base+params, couch_url_options)) do |body| assert response = JSON.parse(body) assert record = response['rows'].first assert_equal address, record['doc']['address'] @@ -71,7 +73,7 @@ class Mx < LeapTest end end - def test_03_Are_MX_daemons_running? + def test_04_Are_MX_daemons_running? assert_running '.*/usr/bin/twistd.*mx.tac' assert_running '^/usr/lib/postfix/master$' assert_running '^/usr/sbin/postfwd' @@ -89,13 +91,96 @@ class Mx < LeapTest pass end + # + # The email sent by this test might get bounced back. + # In this case, the test will pass, but the bounce message will + # get sent to root, so the sysadmin will still figure out pretty + # quickly that something is wrong. + # + def test_05_Can_deliver_email? + addr = [TEST_EMAIL_USER, property('domain.full_suffix')].join('@') + bad_addr = [TEST_BAD_USER, property('domain.full_suffix')].join('@') + + assert !identity_exists?(bad_addr), "the address #{bad_addr} must not exist." + if !identity_exists?(addr) + user = assert_create_user(TEST_EMAIL_USER, :monitor) + upload_public_key(user.id, TEST_EMAIL_PUBLIC_KEY) + end + assert identity_exists?(addr), "The identity #{addr} should have been created, but it doesn't exist yet." + assert_send_email(addr) + assert_raises(Net::SMTPError) do + send_email(bad_addr) + end + pass + end + private - def url_options + def couch_url_options { :username => property('couchdb_leap_mx_user.username'), :password => property('couchdb_leap_mx_user.password') } end + TEST_EMAIL_PUBLIC_KEY=<<HERE +-----BEGIN PGP PUBLIC KEY BLOCK----- +mI0EVvzIKQEEAN4f8FOGntJGTTD+fFUQS6y/ihn6tYLtyGZZbCOd0t/9kHt/raoR +xEUks8rCOPMqHX+yeHsvDBtDyZYTvyhtfuWrBUbYGW+QZ4Pdvo+7NyLHPW0dKsCB +Czrx7pxqpq1oq+LpUFqpSfjJTfYaGVDNXrPK144a7Rox2+MCbgq3twnFABEBAAG0 +EiA8dGVzdF91c2VyX2VtYWlsPoi4BBMBAgAiBQJW/MgpAhsvBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRAqYf65XmeSk0orBADUXjEiGnjzyBpXqaiVmJr4MyfP +IfKTK4a+4qvR+2fseD7hteF98m26i1YRI5omLp4/MnxGSpgKFKIuWIdkEiLg7IJc +pFZVdoDVufEtzbj9gmOHlnteksbCtuESyB0Hytsba4uS9afcTJdGiPNMHeniI/SY +UKcCcIrQmpNIoOA5OLiNBFb8yCkBBAC+WMUQ+FC6GQ+pyaWlwTRsBAT4+Tp8w9jD +7PK4xeEmVZDirP0VkW18UeQEueWJ63ia7wIGf1WyVH1tbvgVyRLsjT2cpKo8c6Ok +NkhfGfjTnUJPeBNy8734UDIdqZLXJl0z6Z1R0CfOjBqvV25kWUvMkz/NEgZBhE+c +m3JuZy1k7QARAQABiQE9BBgBAgAJBQJW/MgpAhsuAKgJECph/rleZ5KTnSAEGQEC +AAYFAlb8yCkACgkQsJSYitQUOv4w1wQAn3atI5EsmRyw6iC6UVWWJv/lKi1Priyt +DsrdH5xUmHUgp6VU8Pw9Y6G+sv50KLfbVQ1l+8/3B71TjadsOxh+PBPsEyYpK6WX +TVGy44IDvFWGyOod8tmfcFN9IpU5DmSk/vny9G7RK/nbnta2VnfZOzwm5i3cNkPr +FGPL1z0K3qs0VwP+M7BXdqBRSFDDBpG1J0TrZioEjvKeOsT/Ul8mbVt7HQpcN93I +wTO4uky0Woy2nb7SbTQw6wOpU54u7+5dSQ03ltUHg1owy6Y3CMOeFL+e9ALpAZAU +aMwY7zMFhqlPVZZMfdMLRsdLin67RIM+OJ6A925AM52bEQT1YwkQlP4mvQY= +=qclE +-----END PGP PUBLIC KEY BLOCK----- +HERE + + TEST_EMAIL_PRIVATE_KEY = <<HERE +-----BEGIN PGP PRIVATE KEY BLOCK----- +lQHYBFb8yCkBBADeH/BThp7SRk0w/nxVEEusv4oZ+rWC7chmWWwjndLf/ZB7f62q +EcRFJLPKwjjzKh1/snh7LwwbQ8mWE78obX7lqwVG2BlvkGeD3b6Puzcixz1tHSrA +gQs68e6caqataKvi6VBaqUn4yU32GhlQzV6zyteOGu0aMdvjAm4Kt7cJxQARAQAB +AAP8DTFfcE6UG1AioJDU6KZ9oCaGONHLuxmNaArSofDrR/ODA9rLAUlp22N5LEdJ +46NyOhXrEwHx2aK2k+vbVDbgrP4ZTH7GxIK/2KzmH4zX0fWUNsaRy94Q12lJegXH +sH2Im8Jjxu16YwGgFNTX1fCPqLB6WdQpf1796s6+/3PnCDcCAOXTCul3N7V5Yl+9 +N2Anupn+qNDXKT/kiKIZLHsMbo7EriGWReG3lLj1cOJPC6Nf0uOEri4ErSjFEadR +F2TNITsCAPdsZjc5RGppUXyBfxhQkAnZ0r+UT2meCH3g3EVh3W9SBrXNhwipNpW3 +bPzRjUCDtmA8EOvd93oPCZv4/tb50P8B/jC+QIZ3GncP1CFPSVDoIZ7OUU5M1330 +DP77vG1GxeQvYO/hlxL5/KdtTR6m5zlIuooDxUaNJz1w5/oVjlG3NZKpl7QSIDx0 +ZXN0X3VzZXJfZW1haWw+iLgEEwECACIFAlb8yCkCGy8GCwkIBwMCBhUIAgkKCwQW +AgMBAh4BAheAAAoJECph/rleZ5KTSisEANReMSIaePPIGlepqJWYmvgzJ88h8pMr +hr7iq9H7Z+x4PuG14X3ybbqLVhEjmiYunj8yfEZKmAoUoi5Yh2QSIuDsglykVlV2 +gNW58S3NuP2CY4eWe16SxsK24RLIHQfK2xtri5L1p9xMl0aI80wd6eIj9JhQpwJw +itCak0ig4Dk4nQHYBFb8yCkBBAC+WMUQ+FC6GQ+pyaWlwTRsBAT4+Tp8w9jD7PK4 +xeEmVZDirP0VkW18UeQEueWJ63ia7wIGf1WyVH1tbvgVyRLsjT2cpKo8c6OkNkhf +GfjTnUJPeBNy8734UDIdqZLXJl0z6Z1R0CfOjBqvV25kWUvMkz/NEgZBhE+cm3Ju +Zy1k7QARAQABAAP9HrUaGvdpqTwVx3cHyXUhId6GzCuuKyaP4mZoGeBCcaQS2vQR +YtiykwBwX/AlfwSFJmmHKB6EErWIA+QyaEFR/fO56cHD2TY3Ql0BGcuHIx3+9pkp +biPBZdiiGz7oa6k6GWsbKSksqwV8poSXV7qbn+Bjm2xCM4VnjNZIrFtL7fkCAMOf +e9yHBFoXfc175bkNXEUXrNS34kv2ODAlx6KyY+PS77D+nprpHpGCnLn77G+xH1Xi +qvX1Dr/iSQU5Tzsd+tcCAPkYZulaC/9itwme7wIT3ur+mdqMHymsCzv9193iLgjJ +9t7fARo18yB845hI9Xv7TwRcoyuSpfvuM05rCMRzydsCAOI1MZeKtZSogXVa9QTX +sVGZeCkrujSVOgsA3w48OLc2OrwZskDfx5QHfeJnumjQLut5qsnZ+1onj9P2dGdn +JaChe4kBPQQYAQIACQUCVvzIKQIbLgCoCRAqYf65XmeSk50gBBkBAgAGBQJW/Mgp +AAoJELCUmIrUFDr+MNcEAJ92rSORLJkcsOogulFVlib/5SotT64srQ7K3R+cVJh1 +IKelVPD8PWOhvrL+dCi321UNZfvP9we9U42nbDsYfjwT7BMmKSull01RsuOCA7xV +hsjqHfLZn3BTfSKVOQ5kpP758vRu0Sv5257WtlZ32Ts8JuYt3DZD6xRjy9c9Ct6r +NFcD/jOwV3agUUhQwwaRtSdE62YqBI7ynjrE/1JfJm1bex0KXDfdyMEzuLpMtFqM +tp2+0m00MOsDqVOeLu/uXUkNN5bVB4NaMMumNwjDnhS/nvQC6QGQFGjMGO8zBYap +T1WWTH3TC0bHS4p+u0SDPjiegPduQDOdmxEE9WMJEJT+Jr0G +=hvJM +-----END PGP PRIVATE KEY BLOCK----- +HERE + end diff --git a/tests/white-box/webapp.rb b/tests/white-box/webapp.rb index 2d4a51f6..68f3dcd2 100644 --- a/tests/white-box/webapp.rb +++ b/tests/white-box/webapp.rb @@ -74,8 +74,8 @@ class Webapp < LeapTest def url_options { - :username => property('couchdb_webapp_user.username'), - :password => property('couchdb_webapp_user.password') + :username => property('webapp.couchdb_webapp_user.username'), + :password => property('webapp.couchdb_webapp_user.password') } end @@ -131,18 +131,4 @@ class Webapp < LeapTest return end - # - # I tried, but couldn't get this working: - # # - # # get an CSRF authenticity token - # # - # url = api_url("/") - # csrf_token = nil - # assert_get(url) do |body| - # lines = body.split("\n").grep(/csrf-token/) - # assert lines.any?, 'failed to find csrf-token' - # csrf_token = lines.first.split('"')[1] - # assert csrf_token, 'failed to find csrf-token' - # end - end |