Skip to content
This repository was archived by the owner on Feb 22, 2024. It is now read-only.

Commit 1a2bf00

Browse files
authored
Merge pull request #4 from dukecon/feature/continue
API Tests
2 parents 3b9c804 + ce3cbd6 commit 1a2bf00

16 files changed

Lines changed: 1490 additions & 125 deletions

README.adoc

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
== Dukecon API Tests
2+
Black box tests for the dukecon server (user and admin interface)
3+
4+
Aim is covering all parts of the interface, all variants, all details.
5+
6+
Without further setting tests run with stage latest configured.
7+
Select a profile (latest, local, testing to specify a stage to test.
8+
9+
Spring Rest Docs is used to gather all run http-requests and responses.
10+
See *target/generated-snippets* after a test run.
11+
12+
These snippets are used here:
13+
14+
First we

pom.xml

Lines changed: 206 additions & 86 deletions
Large diffs are not rendered by default.
Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
package org.dukecon;
2+
3+
public class AdminTests {
4+
5+
//TODO Resource is not used on client side, remove from server
6+
7+
}
Lines changed: 75 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
package org.dukecon;
2+
3+
import io.restassured.http.ContentType;
4+
import org.dukecon.support.BaseTests;
5+
import org.dukecon.support.TokenGatherer;
6+
import org.junit.jupiter.api.Test;
7+
8+
import static org.hamcrest.Matchers.notNullValue;
9+
import static org.springframework.restdocs.restassured3.RestAssuredRestDocumentation.document;
10+
11+
public class ConferencesTests extends BaseTests {
12+
13+
private static String pathToConferences = System.getProperty("dukecon.apitests.pathToConferences");
14+
private static String pathToConferenceById = System.getProperty("dukecon.apitests.pathToConferenceById");
15+
private static String pathToConferenceByIdSpeakers = System.getProperty("dukecon.apitests.pathToConferenceByIdSpeakers");
16+
private static String pathToConferenceByIdEvents = System.getProperty("dukecon.apitests.pathToConferenceByIdEvents");
17+
private static String pathToConferenceUpdateById = System.getProperty("dukecon.apitests.pathToConferenceUpdateById");
18+
19+
@Test
20+
public void testConferences() {
21+
whenUrlOkAndContentTypeMatches(pathToConferences, ContentType.JSON.toString(),document("conferencesGet"))
22+
.assertThat()
23+
.statusCode(200)
24+
.body(notNullValue());
25+
//TODO check body?
26+
}
27+
28+
@Test
29+
public void testConferencesGetById() {
30+
whenUrlOkAndContentTypeMatches(pathToConferenceById, ContentType.JSON.toString(),document("conferencesGetById"))
31+
.assertThat()
32+
.statusCode(200)
33+
.body(notNullValue());
34+
//TODO check body?
35+
}
36+
37+
@Test
38+
public void testConferencesGetByIdEvents() {
39+
whenUrlOkAndContentTypeMatches(pathToConferenceByIdEvents, ContentType.JSON.toString(),document("conferencesGetByIdEvents"))
40+
.assertThat()
41+
.statusCode(200)
42+
.body(notNullValue());
43+
//TODO check body?
44+
}
45+
46+
@Test
47+
public void testConferencesGetByIdSpeakers() {
48+
whenUrlOkAndContentTypeMatches(pathToConferenceByIdSpeakers, ContentType.JSON.toString(),document("conferencesGetByIdSpeakers"))
49+
.assertThat()
50+
.statusCode(200)
51+
.body(notNullValue());
52+
//TODO check body?
53+
}
54+
55+
@Test
56+
// TODO might not be necessary?
57+
public void testConferencesUpdateByIdIsSecured() {
58+
whenAuthenticatedAndContentTypeMatches(new TokenGatherer().gatherUserToken(),pathToConferenceUpdateById, ContentType.JSON.toString(),document("conferencesUpdateByIdIsSecured"))
59+
.assertThat()
60+
.statusCode(403)
61+
.body(notNullValue());
62+
//TODO check body?
63+
}
64+
65+
@Test
66+
// TODO might not be necessary?
67+
public void testConferencesUpdateById() {
68+
whenAuthenticatedAndContentTypeMatches(new TokenGatherer().gatherAdminToken(),pathToConferenceUpdateById, ContentType.JSON.toString(),document("conferencesUpdateById"))
69+
.assertThat()
70+
.statusCode(200)
71+
.body(notNullValue());
72+
//TODO check body?
73+
}
74+
75+
}
Lines changed: 98 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,98 @@
1+
package org.dukecon;
2+
3+
import io.restassured.http.ContentType;
4+
import io.restassured.response.ValidatableResponse;
5+
import org.dukecon.support.BaseTests;
6+
import org.dukecon.support.TokenGatherer;
7+
import org.junit.jupiter.api.Test;
8+
import org.junit.jupiter.api.condition.EnabledIfSystemProperty;
9+
import org.springframework.restdocs.restassured3.RestDocumentationFilter;
10+
11+
import java.util.UUID;
12+
13+
import static io.restassured.RestAssured.given;
14+
import static io.restassured.module.jsv.JsonSchemaValidator.matchesJsonSchemaInClasspath;
15+
import static org.hamcrest.Matchers.emptyString;
16+
import static org.hamcrest.Matchers.equalTo;
17+
import static org.springframework.restdocs.restassured3.RestAssuredRestDocumentation.document;
18+
19+
public class EventsBookingTests extends BaseTests {
20+
21+
private final String badToken = UUID.randomUUID().toString();
22+
private final String userToken = new TokenGatherer().gatherUserToken();
23+
24+
private final String eventId = UUID.randomUUID().toString(); //TODO get date from conference?
25+
26+
private final String pathToEventsBooking = System.getProperty("dukecon.apitests.pathToEventsBooking");
27+
private final String pathToEventsBookingEvent = String.format("%s/%s",pathToEventsBooking,eventId);
28+
@Test
29+
public void testEventsBookingGet() {
30+
whenUrlOkAndContentTypeMatches(pathToEventsBooking, ContentType.JSON.toString(), document("eventsBookingGet"))
31+
.assertThat()
32+
.statusCode(200)
33+
.body(matchesJsonSchemaInClasspath("schemas/eventsBooking.json"));
34+
}
35+
36+
@Test
37+
public void testEventsBookingGetAuthenticated() {
38+
whenAuthenticatedAndContentTypeMatches(userToken,pathToEventsBooking, ContentType.JSON.toString(), document("eventsBookingGetWithAuth"))
39+
.assertThat()
40+
.statusCode(200)
41+
.and()
42+
.body(matchesJsonSchemaInClasspath("schemas/eventsBooking.json"));
43+
}
44+
45+
@Test
46+
@EnabledIfSystemProperty(named = "dukecon.apitests.auth.enabled", matches = "true")
47+
public void testEventBookingsUpdateIsInGeneralSecured() {
48+
String eventId = UUID.randomUUID().toString(); // TODO get date from conference?
49+
50+
eventsBookingPost(badToken, "{\"fullyBooked\":false,\"numberOccupied\":\"10\"}",
51+
document("eventsBookingPostWithBadAuthCreate"))
52+
.assertThat()
53+
//TODO this should return 401/403
54+
.statusCode(201)
55+
.body(equalTo("{\"numberOccupied\":10,\"fullyBooked\":false}"));
56+
}
57+
58+
@Test
59+
@EnabledIfSystemProperty(named = "dukecon.apitests.auth.enabled", matches = "true")
60+
public void testEventBookingsUpdateIsAdminSecured() {
61+
eventsBookingPost(userToken, "{\"fullyBooked\":false,\"numberOccupied\":\"10\"}",
62+
document("eventsBookingPostWithUserAuthCreate"))
63+
.assertThat()
64+
//TODO this should return 401/403
65+
.statusCode(201)
66+
.body(equalTo("{\"numberOccupied\":10,\"fullyBooked\":false}"));
67+
}
68+
69+
@Test
70+
public void testEventBookingsUpdate() {
71+
String eventId = UUID.randomUUID().toString(); //TODO get date from conference?
72+
73+
eventsBookingPost(userToken,"{\"fullyBooked\":true,\"numberOccupied\":\"11\"}", document("eventsBookingPostWithAuthCreate"))
74+
.assertThat()
75+
.statusCode(201)
76+
.body(equalTo("{\"numberOccupied\":11,\"fullyBooked\":true}"));
77+
78+
//TODO verify that the created eventbooking exists in the conference?
79+
80+
//TODO check that updating an existing eventBooking works
81+
eventsBookingPost(userToken,"{\"fullyBooked\":false,\"numberOccupied\":\"10\"}", document("eventsBookingPostWithAuthUpdate"))
82+
.assertThat()
83+
.statusCode(204)
84+
.body(emptyString());
85+
86+
}
87+
88+
//TODO limit overflow?
89+
//TODO crosscheck with feedback?
90+
private ValidatableResponse eventsBookingPost(String token, String eventsBookingContent, RestDocumentationFilter documentationFilter) {
91+
return given(this.spec).auth().oauth2(token)
92+
.body(eventsBookingContent)
93+
.contentType(ContentType.JSON)
94+
.filter(documentationFilter)
95+
.post(pathToEventsBookingEvent)
96+
.then();
97+
}
98+
}
Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
package org.dukecon;
2+
3+
import io.restassured.http.ContentType;
4+
import io.restassured.response.ValidatableResponse;
5+
import org.dukecon.support.BaseTests;
6+
import org.dukecon.support.TokenGatherer;
7+
import org.hamcrest.Matchers;
8+
import org.junit.jupiter.api.Test;
9+
import org.junit.jupiter.api.condition.EnabledIfSystemProperty;
10+
import org.springframework.restdocs.restassured3.RestDocumentationFilter;
11+
12+
import java.util.UUID;
13+
14+
import static io.restassured.RestAssured.given;
15+
import static org.springframework.restdocs.restassured3.RestAssuredRestDocumentation.document;
16+
17+
public class FeedbackTests extends BaseTests {
18+
19+
private final String eventId = UUID.randomUUID().toString(); //TODO not validated, that the event exists in that conference??
20+
21+
private final String badToken = UUID.randomUUID().toString();
22+
private final String userToken = new TokenGatherer().gatherUserToken();
23+
24+
private final String pathToFeedback = "/rest/feedback/event/javaland2019/%s";
25+
private final String pathToFeedbackEvent = String.format(pathToFeedback, eventId);
26+
27+
//TODO future plans: read feedback, verify?
28+
29+
@Test
30+
@EnabledIfSystemProperty(named = "dukecon.apitests.auth.enabled", matches = "true")
31+
public void testFeedbackGiveIsSecured() {
32+
putFeedback(badToken, document("feedbackPutNotAuthorized"))
33+
.assertThat()
34+
.statusCode(401);
35+
}
36+
37+
@Test
38+
public void testFeedbackGive() {
39+
putFeedback(userToken, document("feedbackPut"))
40+
.assertThat()
41+
.statusCode(201) //TODO always created???
42+
.body(Matchers.emptyString());
43+
}
44+
45+
private ValidatableResponse putFeedback(String token, RestDocumentationFilter documentationFilter) {
46+
return given(this.spec)
47+
.filter(documentationFilter)
48+
.body("{\"comment\":\"test\",\"rating\":3}")
49+
.contentType(ContentType.JSON)
50+
.auth().oauth2(token)
51+
.put(pathToFeedbackEvent)
52+
.then();
53+
}
54+
55+
}
Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
package org.dukecon;
2+
3+
import io.restassured.http.ContentType;
4+
import io.restassured.response.ValidatableResponse;
5+
import org.dukecon.support.BaseTests;
6+
import org.dukecon.support.TokenGatherer;
7+
import org.hamcrest.Matchers;
8+
import org.junit.jupiter.api.Test;
9+
import org.junit.jupiter.api.condition.EnabledIfSystemProperty;
10+
import org.springframework.restdocs.restassured3.RestDocumentationFilter;
11+
import static org.hamcrest.Matchers.anyOf;
12+
import static org.hamcrest.Matchers.is;
13+
14+
import java.util.UUID;
15+
16+
import static io.restassured.RestAssured.given;
17+
import static org.springframework.restdocs.restassured3.RestAssuredRestDocumentation.document;
18+
19+
public class FiltersTests extends BaseTests {
20+
21+
private final String userToken = new TokenGatherer().gatherUserToken();
22+
private final String badToken = UUID.randomUUID().toString();
23+
24+
private final String pathToFilters = System.getProperty("dukecon.apitests.pathToFilters");
25+
26+
@Test
27+
@EnabledIfSystemProperty(named = "dukecon.apitests.auth.enabled", matches = "true")
28+
public void testFiltersIsSecured() {
29+
whenAuthenticatedAndContentTypeMatches(badToken, pathToFilters, ContentType.JSON.toString(), document("filtersGetSecured"))
30+
.assertThat()
31+
.statusCode(401)
32+
.body(Matchers.notNullValue());
33+
}
34+
35+
@Test
36+
@EnabledIfSystemProperty(named = "dukecon.apitests.auth.enabled", matches = "true")
37+
public void testFilters() {
38+
whenAuthenticatedAndContentTypeMatches(userToken, pathToFilters, ContentType.JSON.toString(), document("filtersGet"))
39+
.assertThat()
40+
.statusCode(200)
41+
.body(Matchers.notNullValue());
42+
}
43+
44+
@Test
45+
@EnabledIfSystemProperty(named = "dukecon.apitests.auth.enabled", matches = "true")
46+
public void testSetFilters() {
47+
48+
String filtersData = "{\"favourites\":true,\"levels\":[],\"languages\":[],\"tracks\":[],\"locations\":[]}";
49+
50+
//If there would be a way to remove the filters of a user / reset
51+
//Alternative would be to create a new user ...
52+
putFilters(userToken, filtersData, document("filtersSet"))
53+
.assertThat()
54+
.statusCode(anyOf(is(200),is(201))); // ... for a new user it must be 201 (will fail initially)
55+
56+
whenAuthenticatedAndContentTypeMatches(userToken, pathToFilters, ContentType.JSON.toString(), document("filtersGetAfterSet"))
57+
.assertThat()
58+
.statusCode(200)
59+
.body(Matchers.equalToObject(filtersData));
60+
}
61+
62+
private ValidatableResponse putFilters(String token, String filtersData, RestDocumentationFilter documentationFilter) {
63+
return given(this.spec)
64+
.filter(documentationFilter)
65+
.body(filtersData)
66+
.contentType(ContentType.JSON)
67+
.auth().oauth2(token)
68+
.put(pathToFilters)
69+
.then();
70+
}
71+
72+
}

0 commit comments

Comments
 (0)