6 use RT::Test tests => 120;
8 my ($baseurl, $agent) = RT::Test->started_ok;
10 my $url = $agent->rt_base_url;
11 diag $url if $ENV{TEST_VERBOSE};
13 # test a login from the main page
16 is($agent->{'status'}, 200, "Loaded a page");
17 is($agent->uri, $url, "didn't redirect to /NoAuth/Login.html for base URL");
18 ok($agent->current_form->find_input('user'));
19 ok($agent->current_form->find_input('pass'));
20 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
22 ok($agent->content =~ /username:/i);
23 $agent->field( 'user' => 'root' );
24 $agent->field( 'pass' => 'password' );
26 # the field isn't named, so we have to click link 0
28 is( $agent->status, 200, "Fetched the page ok");
29 ok( $agent->content =~ /Logout/i, "Found a logout link");
30 is( $agent->uri, $url, "right URL" );
31 like( $agent->{redirected_uri}, qr{/NoAuth/Login\.html$}, "We redirected from login");
35 # test a bogus login from the main page
38 is($agent->{'status'}, 200, "Loaded a page");
39 is($agent->uri, $url, "didn't redirect to /NoAuth/Login.html for base URL");
40 ok($agent->current_form->find_input('user'));
41 ok($agent->current_form->find_input('pass'));
42 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
44 ok($agent->content =~ /username:/i);
45 $agent->field( 'user' => 'root' );
46 $agent->field( 'pass' => 'wrongpass' );
48 # the field isn't named, so we have to click link 0
50 is( $agent->status, 200, "Fetched the page ok");
52 ok( $agent->content =~ /Your username or password is incorrect/i, "Found the error message");
53 like( $agent->uri, qr{/NoAuth/Login\.html$}, "now on /NoAuth/Login.html" );
56 # Handle the warning after we're done with the page, since this leaves us
57 # with a completely different $mech
58 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
61 # test a login from a non-front page, both with a double leading slash and without
62 for my $path (qw(Prefs/Other.html /Prefs/Other.html)) {
63 my $requested = $url.$path;
64 $agent->get_ok($requested);
65 is($agent->status, 200, "Loaded a page");
66 like($agent->uri, qr'/NoAuth/Login\.html\?next=[a-z0-9]{32}', "on login page, with next page hash");
67 is($agent->{redirected_uri}, $requested, "redirected from our requested page");
69 ok($agent->current_form->find_input('user'));
70 ok($agent->current_form->find_input('pass'));
71 ok($agent->current_form->find_input('next'));
72 like($agent->value('next'), qr/^[a-z0-9]{32}$/i, "next page argument is a hash");
73 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
75 ok($agent->content =~ /username:/i);
76 $agent->field( 'user' => 'root' );
77 $agent->field( 'pass' => 'password' );
79 # the field isn't named, so we have to click link 0
81 is( $agent->status, 200, "Fetched the page ok");
82 ok( $agent->content =~ /Logout/i, "Found a logout link");
85 (my $collapsed = $path) =~ s{^/}{};
86 is( $agent->uri, $url.$collapsed, "right URL, with leading slashes in path collapsed" );
88 is( $agent->uri, $requested, "right URL" );
91 like( $agent->{redirected_uri}, qr{/NoAuth/Login\.html}, "We redirected from login");
95 # test a bogus login from a non-front page
97 my $requested = $url.'Prefs/Other.html';
98 $agent->get_ok($requested);
99 is($agent->status, 200, "Loaded a page");
100 like($agent->uri, qr'/NoAuth/Login\.html\?next=[a-z0-9]{32}', "on login page, with next page hash");
101 is($agent->{redirected_uri}, $requested, "redirected from our requested page");
103 ok($agent->current_form->find_input('user'));
104 ok($agent->current_form->find_input('pass'));
105 ok($agent->current_form->find_input('next'));
106 like($agent->value('next'), qr/^[a-z0-9]{32}$/i, "next page argument is a hash");
107 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
109 ok($agent->content =~ /username:/i);
110 $agent->field( 'user' => 'root' );
111 $agent->field( 'pass' => 'wrongpass' );
113 # the field isn't named, so we have to click link 0
115 is( $agent->status, 200, "Fetched the page ok");
117 ok( $agent->content =~ /Your username or password is incorrect/i, "Found the error message");
118 like( $agent->uri, qr{/NoAuth/Login\.html$}, "still on /NoAuth/Login.html" );
121 ok($agent->current_form->find_input('user'));
122 ok($agent->current_form->find_input('pass'));
123 ok($agent->current_form->find_input('next'));
124 like($agent->value('next'), qr/^[a-z0-9]{32}$/i, "next page argument is a hash");
125 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
127 ok($agent->content =~ /username:/i);
128 $agent->field( 'user' => 'root' );
129 $agent->field( 'pass' => 'password' );
131 # the field isn't named, so we have to click link 0
133 is( $agent->status, 200, "Fetched the page ok");
135 # check out where we got to
136 is( $agent->uri, $requested, "right URL" );
137 like( $agent->{redirected_uri}, qr{/NoAuth/Login\.html}, "We redirected from login");
140 # Handle the warning after we're done with the page, since this leaves us
141 # with a completely different $mech
142 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
145 # test a login from the main page with query params
147 my $requested = $url."?user=root;pass=password";
148 $agent->get_ok($requested);
149 is($agent->{'status'}, 200, "Loaded a page");
150 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for base URL");
151 ok($agent->content =~ /Logout/i, "Found a logout link - we're logged in");
155 # test a bogus login from the main page with query params
157 my $requested = $url."?user=root;pass=wrongpass";
158 $agent->get_ok($requested);
159 is($agent->{'status'}, 200, "Loaded a page");
160 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for base URL");
162 ok($agent->content =~ /Your username or password is incorrect/i, "Found the error message");
163 ok($agent->current_form->find_input('user'));
164 ok($agent->current_form->find_input('pass'));
165 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
167 # Handle the warning after we're done with the page, since this leaves us
168 # with a completely different $mech
169 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
172 # test a bogus login from a non-front page with query params
174 my $requested = $url."Prefs/Other.html?user=root;pass=wrongpass";
175 $agent->get_ok($requested);
176 is($agent->status, 200, "Loaded a page");
177 like($agent->uri, qr'/NoAuth/Login\.html\?next=[a-z0-9]{32}', "on login page, with next page hash");
178 is($agent->{redirected_uri}, $requested, "redirected from our requested page");
179 ok( $agent->content =~ /Your username or password is incorrect/i, "Found the error message");
181 ok($agent->current_form->find_input('user'));
182 ok($agent->current_form->find_input('pass'));
183 ok($agent->current_form->find_input('next'));
184 like($agent->value('next'), qr/^[a-z0-9]{32}$/i, "next page argument is a hash");
185 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
188 ok($agent->content =~ /username:/i);
189 $agent->field( 'user' => 'root' );
190 $agent->field( 'pass' => 'password' );
192 # the field isn't named, so we have to click link 0
194 is( $agent->status, 200, "Fetched the page ok");
196 # check out where we got to
197 is( $agent->uri, $requested, "right URL" );
198 like( $agent->{redirected_uri}, qr{/NoAuth/Login\.html}, "We redirected from login");
201 # Handle the warning after we're done with the page, since this leaves us
202 # with a completely different $mech
203 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
206 # test REST login response
208 my $requested = $url."REST/1.0/?user=root;pass=password";
209 $agent->get($requested);
210 is($agent->status, 200, "Loaded a page");
211 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for REST");
212 $agent->get_ok($url);
216 # test REST login response for wrong pass
218 my $requested = $url."REST/1.0/?user=root;pass=passwrong";
219 $agent->get_ok($requested);
220 is($agent->status, 200, "Loaded a page");
221 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for REST");
222 like($agent->content, qr/401 Credentials required/i, "got error status");
223 like($agent->content, qr/Your username or password is incorrect/, "got error message");
225 # Handle the warning after we're done with the page, since this leaves us
226 # with a completely different $mech
227 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
230 # test REST login response for no creds
232 my $requested = $url."REST/1.0/";
233 $agent->get_ok($requested);
234 is($agent->status, 200, "Loaded a page");
235 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for REST");
236 like($agent->content, qr/401 Credentials required/i, "got error status");
237 unlike($agent->content, qr/Your username or password is incorrect/, "didn't get any error message");
240 # XXX TODO: we should also be testing WebExternalAuth here, but we don't have
241 # the framework for dealing with that