5 use RT::Test tests => 122;
7 my ($baseurl, $agent) = RT::Test->started_ok;
9 my $url = $agent->rt_base_url;
10 diag $url if $ENV{TEST_VERBOSE};
12 # test a login from the main page
15 is($agent->{'status'}, 200, "Loaded a page");
16 is($agent->uri, $url, "didn't redirect to /NoAuth/Login.html for base URL");
17 ok($agent->current_form->find_input('user'));
18 ok($agent->current_form->find_input('pass'));
19 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
21 ok($agent->content =~ /username:/i);
22 $agent->field( 'user' => 'root' );
23 $agent->field( 'pass' => 'password' );
25 # the field isn't named, so we have to click link 0
27 is( $agent->status, 200, "Fetched the page ok");
28 ok( $agent->content =~ /Logout/i, "Found a logout link");
29 is( $agent->uri, $url, "right URL" );
30 like( $agent->{redirected_uri}, qr{/NoAuth/Login\.html$}, "We redirected from login");
34 # test a bogus login from the main page
37 is($agent->{'status'}, 200, "Loaded a page");
38 is($agent->uri, $url, "didn't redirect to /NoAuth/Login.html for base URL");
39 ok($agent->current_form->find_input('user'));
40 ok($agent->current_form->find_input('pass'));
41 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
43 ok($agent->content =~ /username:/i);
44 $agent->field( 'user' => 'root' );
45 $agent->field( 'pass' => 'wrongpass' );
47 # the field isn't named, so we have to click link 0
49 is( $agent->status, 200, "Fetched the page ok");
51 ok( $agent->content =~ /Your username or password is incorrect/i, "Found the error message");
52 like( $agent->uri, qr{/NoAuth/Login\.html$}, "now on /NoAuth/Login.html" );
53 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
58 # test a login from a non-front page, both with a double leading slash and without
59 for my $path (qw(Prefs/Other.html /Prefs/Other.html)) {
60 my $requested = $url.$path;
61 $agent->get_ok($requested);
62 is($agent->status, 200, "Loaded a page");
63 like($agent->uri, qr'/NoAuth/Login\.html\?next=[a-z0-9]{32}', "on login page, with next page hash");
64 is($agent->{redirected_uri}, $requested, "redirected from our requested page");
66 ok($agent->current_form->find_input('user'));
67 ok($agent->current_form->find_input('pass'));
68 ok($agent->current_form->find_input('next'));
69 like($agent->value('next'), qr/^[a-z0-9]{32}$/i, "next page argument is a hash");
70 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
72 ok($agent->content =~ /username:/i);
73 $agent->field( 'user' => 'root' );
74 $agent->field( 'pass' => 'password' );
76 # the field isn't named, so we have to click link 0
78 is( $agent->status, 200, "Fetched the page ok");
79 ok( $agent->content =~ /Logout/i, "Found a logout link");
82 (my $collapsed = $path) =~ s{^/}{};
83 is( $agent->uri, $url.$collapsed, "right URL, with leading slashes in path collapsed" );
85 is( $agent->uri, $requested, "right URL" );
88 like( $agent->{redirected_uri}, qr{/NoAuth/Login\.html}, "We redirected from login");
92 # test a bogus login from a non-front page
94 my $requested = $url.'Prefs/Other.html';
95 $agent->get_ok($requested);
96 is($agent->status, 200, "Loaded a page");
97 like($agent->uri, qr'/NoAuth/Login\.html\?next=[a-z0-9]{32}', "on login page, with next page hash");
98 is($agent->{redirected_uri}, $requested, "redirected from our requested page");
100 ok($agent->current_form->find_input('user'));
101 ok($agent->current_form->find_input('pass'));
102 ok($agent->current_form->find_input('next'));
103 like($agent->value('next'), qr/^[a-z0-9]{32}$/i, "next page argument is a hash");
104 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
106 ok($agent->content =~ /username:/i);
107 $agent->field( 'user' => 'root' );
108 $agent->field( 'pass' => 'wrongpass' );
110 # the field isn't named, so we have to click link 0
112 is( $agent->status, 200, "Fetched the page ok");
114 ok( $agent->content =~ /Your username or password is incorrect/i, "Found the error message");
115 like( $agent->uri, qr{/NoAuth/Login\.html$}, "still on /NoAuth/Login.html" );
116 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
119 ok($agent->current_form->find_input('user'));
120 ok($agent->current_form->find_input('pass'));
121 ok($agent->current_form->find_input('next'));
122 like($agent->value('next'), qr/^[a-z0-9]{32}$/i, "next page argument is a hash");
123 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
125 ok($agent->content =~ /username:/i);
126 $agent->field( 'user' => 'root' );
127 $agent->field( 'pass' => 'password' );
129 # the field isn't named, so we have to click link 0
131 is( $agent->status, 200, "Fetched the page ok");
133 # check out where we got to
134 is( $agent->uri, $requested, "right URL" );
135 like( $agent->{redirected_uri}, qr{/NoAuth/Login\.html}, "We redirected from login");
139 # test a login from the main page with query params
141 my $requested = $url."?user=root;pass=password";
142 $agent->get_ok($requested);
143 is($agent->{'status'}, 200, "Loaded a page");
144 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for base URL");
145 ok($agent->content =~ /Logout/i, "Found a logout link - we're logged in");
149 # test a bogus login from the main page with query params
151 my $requested = $url."?user=root;pass=wrongpass";
152 $agent->get_ok($requested);
153 is($agent->{'status'}, 200, "Loaded a page");
154 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for base URL");
156 ok($agent->content =~ /Your username or password is incorrect/i, "Found the error message");
157 ok($agent->current_form->find_input('user'));
158 ok($agent->current_form->find_input('pass'));
159 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
160 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
163 # test a bogus login from a non-front page with query params
165 my $requested = $url."Prefs/Other.html?user=root;pass=wrongpass";
166 $agent->get_ok($requested);
167 is($agent->status, 200, "Loaded a page");
168 like($agent->uri, qr'/NoAuth/Login\.html\?next=[a-z0-9]{32}', "on login page, with next page hash");
169 is($agent->{redirected_uri}, $requested, "redirected from our requested page");
170 ok( $agent->content =~ /Your username or password is incorrect/i, "Found the error message");
172 ok($agent->current_form->find_input('user'));
173 ok($agent->current_form->find_input('pass'));
174 ok($agent->current_form->find_input('next'));
175 like($agent->value('next'), qr/^[a-z0-9]{32}$/i, "next page argument is a hash");
176 like($agent->current_form->action, qr{/NoAuth/Login\.html$}, "login form action is correct");
177 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
180 ok($agent->content =~ /username:/i);
181 $agent->field( 'user' => 'root' );
182 $agent->field( 'pass' => 'password' );
184 # the field isn't named, so we have to click link 0
186 is( $agent->status, 200, "Fetched the page ok");
188 # check out where we got to
189 is( $agent->uri, $requested, "right URL" );
190 like( $agent->{redirected_uri}, qr{/NoAuth/Login\.html}, "We redirected from login");
194 # test REST login response
196 $agent = RT::Test::Web->new;
197 my $requested = $url."REST/1.0/?user=root;pass=password";
198 $agent->get($requested);
199 is($agent->status, 200, "Loaded a page");
200 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for REST");
201 $agent->get_ok($url."REST/1.0");
204 # test REST login response for wrong pass
206 $agent = RT::Test::Web->new;
207 my $requested = $url."REST/1.0/?user=root;pass=passwrong";
208 $agent->get_ok($requested);
209 is($agent->status, 200, "Loaded a page");
210 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for REST");
211 like($agent->content, qr/401 Credentials required/i, "got error status");
212 like($agent->content, qr/Your username or password is incorrect/, "got error message");
213 $agent->warning_like(qr/FAILED LOGIN for root/, "got failed login warning");
216 # test REST login response for no creds
218 $agent = RT::Test::Web->new;
219 my $requested = $url."REST/1.0/";
220 $agent->get_ok($requested);
221 is($agent->status, 200, "Loaded a page");
222 is($agent->uri, $requested, "didn't redirect to /NoAuth/Login.html for REST");
223 like($agent->content, qr/401 Credentials required/i, "got error status");
224 unlike($agent->content, qr/Your username or password is incorrect/, "didn't get any error message");
227 # XXX TODO: we should also be testing WebRemoteUserAuth here, but we don't have
228 # the framework for dealing with that