First pass at adding tests.

4a013111 · Jeff Thompson · 64dc4de1 · 4a013111 · 4a013111 · 4a013111
3 changed file
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -39,7 +39,7 @@ THE SOFTWARE.

  <properties>
    <staplerFork>true</staplerFork>
-    <stapler.version>1.259-rc1392.509f64eb3d44</stapler.version>
+    <stapler.version>1.259-SNAPSHOT</stapler.version>
    <spring.version>2.5.6.SEC03</spring.version>
    <groovy.version>2.4.12</groovy.version>
  </properties>

--- a/test/src/test/java/hudson/model/SimpleJobTest.java
+++ b/test/src/test/java/hudson/model/SimpleJobTest.java
@@ -19,20 +19,20 @@ public class SimpleJobTest {

    @Rule
    public JenkinsRule rule = new JenkinsRule();
-    
+
    @Test
    public void testGetEstimatedDuration() throws IOException {
-        
+
        final SortedMap<Integer, TestBuild> runs = new TreeMap<Integer, TestBuild>();
-        
+
        Job project = createMockProject(runs);
-        
+
        TestBuild previousPreviousBuild = new TestBuild(project, Result.SUCCESS, 20, null);
        runs.put(3, previousPreviousBuild);
-        
+
        TestBuild previousBuild = new TestBuild(project, Result.SUCCESS, 15, previousPreviousBuild);
        runs.put(2, previousBuild);
-        
+
        TestBuild lastBuild = new TestBuild(project, Result.SUCCESS, 42, previousBuild);
        runs.put(1, lastBuild);

@@ -41,78 +41,78 @@ public class SimpleJobTest {
        assertTrue("Expected < 42, but was "+project.getEstimatedDuration(), project.getEstimatedDuration() < 42);
        assertTrue("Expected > 15, but was "+project.getEstimatedDuration(), project.getEstimatedDuration() > 15);
    }
-    
+
    @Test
    public void testGetEstimatedDurationWithOneRun() throws IOException {
-        
+
        final SortedMap<Integer, TestBuild> runs = new TreeMap<Integer, TestBuild>();
-        
+
        Job project = createMockProject(runs);
-        
+
        TestBuild lastBuild = new TestBuild(project, Result.SUCCESS, 42, null);
        runs.put(1, lastBuild);

        assertEquals(42, project.getEstimatedDuration());
    }
-    
+
    public void testGetEstimatedDurationWithFailedRun() throws IOException {
-        
+
        final SortedMap<Integer, TestBuild> runs = new TreeMap<Integer, TestBuild>();
-        
+
        Job project = createMockProject(runs);
-        
+
        TestBuild lastBuild = new TestBuild(project, Result.FAILURE, 42, null);
        runs.put(1, lastBuild);

        assertEquals(-1, project.getEstimatedDuration());
    }
-    
+
    @Test
    public void testGetEstimatedDurationWithNoRuns() throws IOException {
-        
+
        final SortedMap<Integer, TestBuild> runs = new TreeMap<Integer, TestBuild>();
-        
+
        Job project = createMockProject(runs);
-        
+
        assertEquals(-1, project.getEstimatedDuration());
    }
-    
+
    @Test
    public void testGetEstimatedDurationIfPrevious3BuildsFailed() throws IOException {
-        
+
        final SortedMap<Integer, TestBuild> runs = new TreeMap<Integer, TestBuild>();
-        
+
        Job project = createMockProject(runs);
-        
+
        TestBuild prev5Build = new TestBuild(project, Result.UNSTABLE, 1, null);
        runs.put(6, prev5Build);
-        
+
        TestBuild prev4Build = new TestBuild(project, Result.SUCCESS, 1, prev5Build);
        runs.put(5, prev4Build);
-        
+
        TestBuild prev3Build = new TestBuild(project, Result.SUCCESS, 1, prev4Build);
        runs.put(4, prev3Build);
-        
+
        TestBuild previous2Build = new TestBuild(project, Result.FAILURE, 50, prev3Build);
        runs.put(3, previous2Build);
-        
+
        TestBuild previousBuild = new TestBuild(project, Result.FAILURE, 50, previous2Build);
        runs.put(2, previousBuild);
-        
+
        TestBuild lastBuild = new TestBuild(project, Result.FAILURE, 50, previousBuild);
        runs.put(1, lastBuild);

        // failed builds must not be used, if there are successfulBuilds available.
        assertEquals(1, project.getEstimatedDuration());
    }
-    
+
    @Test
    public void testGetEstimatedDurationIfNoSuccessfulBuildTakeDurationOfFailedBuild() throws IOException {
-        
+
        final SortedMap<Integer, TestBuild> runs = new TreeMap<Integer, TestBuild>();
-        
+
        Job project = createMockProject(runs);
-        
+
        TestBuild lastBuild = new TestBuild(project, Result.FAILURE, 50, null);
        runs.put(1, lastBuild);

@@ -125,29 +125,29 @@ public class SimpleJobTest {

    @SuppressWarnings("unchecked")
    private static class TestBuild extends Run {
-        
+
        public TestBuild(Job project, Result result, long duration, TestBuild previousBuild) throws IOException {
            super(project);
            this.result = result;
            this.duration = duration;
            this.previousBuild = previousBuild;
        }
-        
+
        @Override
        public int compareTo(Run o) {
            return 0;
        }
-        
+
        @Override
        public Result getResult() {
            return result;
        }
-        
+
        @Override
        public boolean isBuilding() {
            return false;
        }
-        
+
    }

    @SuppressWarnings("unchecked")

--- a/test/src/test/java/jenkins/security/SuppressionFilterTest.java
+++ b/test/src/test/java/jenkins/security/SuppressionFilterTest.java
+/*
+ * The MIT License
+ *
+ * Copyright (c) 2020, CloudBees, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+package jenkins.security;
+
+import com.gargoylesoftware.htmlunit.Page;
+import hudson.model.User;
+import jenkins.model.Jenkins;
+import org.junit.Ignore;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
+import org.kohsuke.stapler.Dispatcher;
+
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.hamcrest.CoreMatchers.not;
+import static org.hamcrest.MatcherAssert.assertThat;
+
+public class SuppressionFilterTest {
+
+    @Rule
+    public JenkinsRule j = new JenkinsRule();
+
+    @Test
+    public void authenticationException() throws Exception {
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.READ).everywhere().to("alice"));
+        User alice = User.get("alice");
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.login(alice.getId());
+
+        wc.setThrowExceptionOnFailingStatusCode(false);
+        Page page = wc.goTo("configureSecurity");
+
+        String content = page.getWebResponse().getContentAsString();
+        assertThat(content, containsString(alice.getId() + " is missing the Overall/Administer permission"));
+        assertThat(content, not(containsString("Caused by")));
+    }
+
+    @Ignore("Doesn't work because the admin user gets to see everything currently")
+    @Test
+    public void authenticationExceptionShowsTrace() throws Exception {
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.ADMINISTER).everywhere().to("alice"));
+        User alice = User.get("alice");
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.login(alice.getId());
+
+        wc.setThrowExceptionOnFailingStatusCode(false);
+        Page page = wc.goTo("configureSecurity");
+
+        String content = page.getWebResponse().getContentAsString();
+        assertThat(content, containsString(alice.getId() + " is missing the Overall/Administer permission"));
+        assertThat(content, containsString("Caused by"));
+    }
+
+    @Test
+    public void nonexistentPath() throws Exception {
+        // This test doesn't really belong here. It really belongs in Stapler.
+        // Probably ought to just not add it here.
+        Dispatcher.TRACE = false;
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.READ).everywhere().to("alice"));
+        User alice = User.get("alice");
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.login(alice.getId());
+
+        wc.setThrowExceptionOnFailingStatusCode(false);
+        Page page = wc.goTo("nonexistentPath");
+
+        String content = page.getWebResponse().getContentAsString();
+        assertThat(content, containsString("Problem accessing /jenkins/nonexistentPath."));
+        assertThat(content, containsString("Not Found"));
+        assertThat(content, not(containsString("Caused by")));
+    }
+
+    @Test
+    public void nonexistentPathShowsTrace() throws Exception {
+        // This test doesn't really belong here. It really belongs in Stapler.
+        // Probably ought to just not add it here.
+        Dispatcher.TRACE = true;
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.READ).everywhere().to("alice"));
+        User alice = User.get("alice");
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.login(alice.getId());
+
+        wc.setThrowExceptionOnFailingStatusCode(false);
+        Page page = wc.goTo("nonexistentPath");
+
+        String content = page.getWebResponse().getContentAsString();
+        assertThat(content, containsString("Stapler processed this HTTP request as follows, but couldn't find the resource to consume the request"));
+        assertThat(content, containsString("Not Found"));
+    }
+
+    @Test
+    public void nonexistentAdjunct() throws Exception {
+        // This test probably doesn't belong here. It depends upon how we
+        // end up implementing. Probably really belongs in Stapler.
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.READ).everywhere().to("alice"));
+        User alice = User.get("alice");
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.login(alice.getId());
+
+        wc.setThrowExceptionOnFailingStatusCode(false);
+        Page page = wc.goTo("adjuncts/40331c1bldu3i%3b//'%3b//\"%3b//%25>%3f>uezm3<script>alert(1)</script>foo/org/kohsuke/stapler/jquery/jquery.full.js");
+
+        String content = page.getWebResponse().getContentAsString();
+        assertThat(content, containsString("No such adjunct found"));
+        assertThat(content, not(containsString("AdjunctManager.doDynamic")));
+    }
+
+    @Test
+    public void nonexistentAdjunctShowsTrace() throws Exception {
+        // This test probably doesn't belong here. It depends upon how we
+        // end up implementing. Probably really belongs in Stapler.
+        j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+        j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().grant(Jenkins.ADMINISTER).everywhere().to("alice"));
+        User alice = User.get("alice");
+        JenkinsRule.WebClient wc = j.createWebClient();
+        wc.login(alice.getId());
+
+        wc.setThrowExceptionOnFailingStatusCode(false);
+        Page page = wc.goTo("adjuncts/40331c1bldu3i%3b//'%3b//\"%3b//%25>%3f>uezm3<script>alert(1)</script>foo/org/kohsuke/stapler/jquery/jquery.full.js", "text/plain");
+
+        String content = page.getWebResponse().getContentAsString();
+        assertThat(content, containsString("No such adjunct found"));
+        assertThat(content, containsString("AdjunctManager.doDynamic"));
+    }
+
+}