Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
xxadev
jenkins
提交
5fee3885
J
jenkins
项目概览
xxadev
/
jenkins
与 Fork 源项目一致
从无法访问的项目Fork
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jenkins
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
5fee3885
编写于
12月 10, 2019
作者:
J
Jesse Glick
提交者:
GitHub
12月 10, 2019
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #4392 from jglick/jth-jetty-upgrade
Adapt some tests to newer Jetty
上级
f3e1fa7e
9fae4cf6
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
18 addition
and
20 deletion
+18
-20
test-pom/pom.xml
test-pom/pom.xml
+2
-2
test/src/test/java/hudson/security/csrf/DefaultCrumbIssuerSEC1491Test.java
...a/hudson/security/csrf/DefaultCrumbIssuerSEC1491Test.java
+7
-10
test/src/test/java/hudson/security/csrf/DefaultCrumbIssuerSEC626Test.java
...va/hudson/security/csrf/DefaultCrumbIssuerSEC626Test.java
+5
-5
test/src/test/java/jenkins/security/ResourceDomainTest.java
test/src/test/java/jenkins/security/ResourceDomainTest.java
+4
-3
未找到文件。
test-pom/pom.xml
浏览文件 @
5fee3885
...
...
@@ -71,7 +71,7 @@ THE SOFTWARE.
<dependency>
<groupId>
${project.groupId}
</groupId>
<artifactId>
jenkins-test-harness
</artifactId>
<version>
2.5
5
</version>
<version>
2.5
7
</version>
<scope>
test
</scope>
<exclusions>
<exclusion>
...
...
@@ -167,7 +167,7 @@ THE SOFTWARE.
<dependency>
<groupId>
org.hamcrest
</groupId>
<artifactId>
hamcrest-core
</artifactId>
<version>
1.3
</version>
<version>
2.2
</version>
</dependency>
<dependency>
<!-- for testing JNLP launch. -->
...
...
test/src/test/java/hudson/security/csrf/DefaultCrumbIssuerSEC1491Test.java
浏览文件 @
5fee3885
...
...
@@ -4,8 +4,13 @@ import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
import
com.gargoylesoftware.htmlunit.HttpMethod
;
import
com.gargoylesoftware.htmlunit.WebRequest
;
import
com.gargoylesoftware.htmlunit.html.HtmlPage
;
import
java.net.HttpURLConnection
;
import
java.net.URL
;
import
javax.servlet.http.HttpServletResponse
;
import
jenkins.model.Jenkins
;
import
static
org
.
hamcrest
.
Matchers
.*;
import
org.junit.Assert
;
import
static
org
.
junit
.
Assert
.*;
import
org.junit.Before
;
import
org.junit.Rule
;
import
org.junit.Test
;
...
...
@@ -13,15 +18,6 @@ import org.jvnet.hudson.test.Issue;
import
org.jvnet.hudson.test.JenkinsRule
;
import
org.jvnet.hudson.test.MockAuthorizationStrategy
;
import
java.net.HttpURLConnection
;
import
java.net.URL
;
import
static
org
.
junit
.
Assert
.
assertEquals
;
import
static
org
.
junit
.
Assert
.
assertNotNull
;
import
static
org
.
junit
.
Assert
.
assertNull
;
import
static
org
.
junit
.
Assert
.
assertTrue
;
import
static
org
.
junit
.
Assert
.
fail
;
//TODO merge back to DefaultCrumbIssuerTest
public
class
DefaultCrumbIssuerSEC1491Test
{
...
...
@@ -72,7 +68,8 @@ public class DefaultCrumbIssuerSEC1491Test {
r
.
createWebClient
().
getPage
(
request1
);
fail
();
}
catch
(
FailingHttpStatusCodeException
e
)
{
assertTrue
(
e
.
getMessage
().
contains
(
"No valid crumb"
));
assertEquals
(
HttpServletResponse
.
SC_FORBIDDEN
,
e
.
getStatusCode
());
assertThat
(
e
.
getResponse
().
getContentAsString
(),
containsString
(
"No valid crumb"
));
}
// cannot create new job due to missing crumb
assertNull
(
r
.
jenkins
.
getItem
(
jobName1
));
...
...
test/src/test/java/hudson/security/csrf/DefaultCrumbIssuerSEC626Test.java
浏览文件 @
5fee3885
...
...
@@ -10,6 +10,9 @@ import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
import
com.gargoylesoftware.htmlunit.html.DomElement
;
import
com.gargoylesoftware.htmlunit.html.HtmlPage
;
import
hudson.model.User
;
import
javax.servlet.http.HttpServletResponse
;
import
static
org
.
hamcrest
.
Matchers
.*;
import
static
org
.
junit
.
Assert
.*;
import
org.junit.Before
;
import
org.junit.Rule
;
import
org.junit.Test
;
...
...
@@ -17,10 +20,6 @@ import org.jvnet.hudson.test.Issue;
import
org.jvnet.hudson.test.JenkinsRule
;
import
org.jvnet.hudson.test.JenkinsRule.WebClient
;
import
static
org
.
junit
.
Assert
.
assertEquals
;
import
static
org
.
junit
.
Assert
.
assertTrue
;
import
static
org
.
junit
.
Assert
.
fail
;
/**
* @author dty
*/
...
...
@@ -74,7 +73,8 @@ public class DefaultCrumbIssuerSEC626Test { //TODO merge back to DefaultCrumbIss
r
.
submit
(
p
.
getFormByName
(
"config"
));
fail
();
}
catch
(
FailingHttpStatusCodeException
e
)
{
assertTrue
(
e
.
getMessage
().
contains
(
"No valid crumb"
));
assertEquals
(
HttpServletResponse
.
SC_FORBIDDEN
,
e
.
getStatusCode
());
assertThat
(
e
.
getResponse
().
getContentAsString
(),
containsString
(
"No valid crumb"
));
}
}
}
...
...
test/src/test/java/jenkins/security/ResourceDomainTest.java
浏览文件 @
5fee3885
...
...
@@ -10,6 +10,7 @@ import hudson.model.Item;
import
hudson.model.UnprotectedRootAction
;
import
jenkins.model.Jenkins
;
import
jenkins.model.JenkinsLocationConfiguration
;
import
static
org
.
hamcrest
.
Matchers
.*;
import
org.junit.Assert
;
import
org.junit.Before
;
import
org.junit.Rule
;
...
...
@@ -176,7 +177,7 @@ public class ResourceDomainTest {
String
modifiedUrl
=
resourceResponseUrl
.
replaceAll
(
"static[-]files[/]...."
,
"static-files/aaaa"
);
Page
page
=
webClient
.
getPage
(
modifiedUrl
);
Assert
.
assertEquals
(
"resource not found"
,
404
,
page
.
getWebResponse
().
getStatusCode
());
Assert
.
assert
Equals
(
"resource not found"
,
ResourceDomainFilter
.
ERROR_RESPONSE
,
page
.
getWebResponse
().
getStatusMessage
(
));
Assert
.
assert
That
(
"resource not found"
,
page
.
getWebResponse
().
getContentAsString
(),
containsString
(
ResourceDomainFilter
.
ERROR_RESPONSE
));
}
...
...
@@ -219,7 +220,7 @@ public class ResourceDomainTest {
// and we get a 403 response
page
=
webClient
.
getPage
(
anonUrl
);
Assert
.
assertEquals
(
"page is not found"
,
403
,
page
.
getWebResponse
().
getStatusCode
());
Assert
.
assertT
rue
(
"Response mentions workspace permission"
,
page
.
getWebResponse
().
getStatusMessage
().
contains
(
"Failed permission check: anonymous is missing the Job/Workspace permission"
));
Assert
.
assertT
hat
(
"Response mentions workspace permission"
,
page
.
getWebResponse
().
getContentAsString
(),
containsString
(
"Failed permission check: anonymous is missing the Job/Workspace permission"
));
// now remove Job/Read permission from all users (but grant Discover)
a
=
new
MockAuthorizationStrategy
();
...
...
@@ -230,7 +231,7 @@ public class ResourceDomainTest {
// and we get a 403 response asking to log in (Job/Discover is basically meant to be granted to anonymous only)
page
=
webClient
.
getPage
(
anonUrl
);
Assert
.
assertEquals
(
"page is not found"
,
403
,
page
.
getWebResponse
().
getStatusCode
());
Assert
.
assertT
rue
(
"Response mentions workspace permission"
,
page
.
getWebResponse
().
getStatusMessage
().
contains
(
"Failed permission check: Please login to access job"
));
Assert
.
assertT
hat
(
"Response mentions workspace permission"
,
page
.
getWebResponse
().
getContentAsString
(),
containsString
(
"Failed permission check: Please login to access job"
));
}
@Test
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录