From a75597fd73b4effd6ec3163c2b8741ffa2a83aa2 Mon Sep 17 00:00:00 2001 From: Birte Kristina Friesel Date: Fri, 25 Jul 2025 14:53:14 +0200 Subject: add very basic locale tests --- t/02-registration.t | 228 ---------------------------------------------------- t/02-static-en.t | 50 ++++++++++++ t/03-static-fr.t | 50 ++++++++++++ t/10-registration.t | 228 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 328 insertions(+), 228 deletions(-) delete mode 100644 t/02-registration.t create mode 100644 t/02-static-en.t create mode 100644 t/03-static-fr.t create mode 100644 t/10-registration.t diff --git a/t/02-registration.t b/t/02-registration.t deleted file mode 100644 index ec09eaf..0000000 --- a/t/02-registration.t +++ /dev/null @@ -1,228 +0,0 @@ -#!/usr/bin/env perl - -# Copyright (C) 2020 Birte Kristina Friesel -# -# SPDX-License-Identifier: MIT - -use Mojo::Base -strict; - -# Tests the standard registration -> verification -> successful login flow - -use Test::More; -use Test::Mojo; - -# Include application -use FindBin; -require "$FindBin::Bin/../index.pl"; - -my $t = Test::Mojo->new('Travelynx'); - -$t->ua->on( start => sub { $_[1]->req->headers->accept_language('de-DE') } ); - -if ( not $t->app->config->{db} ) { - plan( skip_all => 'No database configured' ); -} - -$t->app->pg->db->query('drop schema if exists travelynx_test_02 cascade'); -$t->app->pg->db->query('create schema travelynx_test_02'); -$t->app->pg->db->query('set search_path to travelynx_test_02'); -$t->app->pg->on( - connection => sub { - my ( $pg, $dbh ) = @_; - $dbh->do('set search_path to travelynx_test_02'); - } -); - -$t->app->config->{mail}->{disabled} = 1; - -$ENV{__TRAVELYNX_TEST_MINI_IRIS} = 1; -$t->app->start( 'database', 'migrate' ); - -my $csrf_token - = $t->ua->get('/register')->res->dom->at('input[name=csrf_token]') - ->attr('value'); - -# Successful registration -$t->post_ok( - '/register' => form => { - csrf_token => $csrf_token, - dt => 1, - user => 'someone', - email => 'foo@example.org', - password => 'foofoofoo', - password2 => 'foofoofoo', - } -); -$t->status_is(200)->content_like(qr{Verifizierungslink}); - -# Failed registration (CSRF) -$t->post_ok( - '/register' => form => { - csrf_token => $csrf_token, - user => 'noone', - email => 'foo2@example.org', - password => 'foofoofoo', - password2 => 'foofoofoo', - } -); -$t->status_is(400)->content_like(qr{CSRF}); - -# Failed registration (user name not available) -$t->post_ok( - '/register' => form => { - csrf_token => $csrf_token, - dt => 1, - user => 'someone', - email => 'foo@example.org', - password => 'foofoofoo', - password2 => 'foofoofoo', - } -); -$t->status_is(200)->content_like(qr{Name bereits vergeben}); - -$csrf_token = $t->ua->get('/login')->res->dom->at('input[name=csrf_token]') - ->attr('value'); - -# Failed login (not verified yet) -$t->post_ok( - '/login' => form => { - csrf_token => $csrf_token, - user => 'someone', - password => 'foofoofoo', - } -); -$t->status_is(400)->content_like(qr{nicht freigeschaltet}); - -my $res = $t->app->pg->db->select( 'users', ['id'], { name => 'someone' } ); -my $uid = $res->hash->{id}; -$res = $t->app->pg->db->select( 'pending_registrations', ['token'], - { user_id => $uid } ); -my $token = $res->hash->{token}; - -# Successful verification -$t->get_ok("/reg/${uid}/${token}"); -$t->status_is(200)->content_like(qr{freigeschaltet}); - -# Failed login (wrong password) -$t->post_ok( - '/login' => form => { - csrf_token => $csrf_token, - user => 'someone', - password => 'definitely invalid', - } -); -$t->status_is(400)->content_like(qr{falsches Passwort}); - -# Successful login -$t->post_ok( - '/login' => form => { - csrf_token => $csrf_token, - user => 'someone', - password => 'foofoofoo', - } -); -$t->status_is(302)->header_is( location => '/' ); - -# Request deletion - -$csrf_token = $t->ua->get('/account')->res->dom->at('input[name=csrf_token]') - ->attr('value'); - -$t->post_ok( - '/delete' => form => { - action => 'delete', - csrf_token => $csrf_token, - password => 'foofoofoo', - } -); -$t->status_is(302)->header_is( location => '/account' ); -$t->get_ok('/account'); -$t->status_is(200)->content_like(qr{wird gelöscht}); - -$t->post_ok( - '/delete' => form => { - action => 'undelete', - csrf_token => $csrf_token, - } -); -$t->status_is(302)->header_is( location => '/account' ); -$t->get_ok('/account'); -$t->status_is(200)->content_unlike(qr{wird gelöscht}); - -$csrf_token - = $t->ua->get('/account/password')->res->dom->at('input[name=csrf_token]') - ->attr('value'); - -$t->post_ok( - '/account/password' => form => { - csrf_token => $csrf_token, - oldpw => 'foofoofoo', - newpw => 'barbarbar', - newpw2 => 'barbarbar', - } -); -$t->status_is(302)->header_is( location => '/account' ); - -$csrf_token = $t->ua->get('/account')->res->dom->at('input[name=csrf_token]') - ->attr('value'); -$t->post_ok( - '/logout' => form => { - csrf_token => $csrf_token, - } -); -$t->status_is(302)->header_is( location => '/login' ); - -$csrf_token = $t->ua->get('/login')->res->dom->at('input[name=csrf_token]') - ->attr('value'); -$t->post_ok( - '/login' => form => { - csrf_token => $csrf_token, - user => 'someone', - password => 'barbarbar', - } -); -$t->status_is(302)->header_is( location => '/' ); - -$csrf_token = $t->ua->get('/account')->res->dom->at('input[name=csrf_token]') - ->attr('value'); -$t->post_ok( - '/logout' => form => { - csrf_token => $csrf_token, - } -); -$t->status_is(302)->header_is( location => '/login' ); - -$csrf_token = $t->ua->get('/recover')->res->dom->at('input[name=csrf_token]') - ->attr('value'); -$t->post_ok( - '/recover' => form => { - csrf_token => $csrf_token, - action => 'initiate', - user => 'someone', - email => 'foo@example.org', - } -); -$t->status_is(200)->content_like(qr{wird durchgeführt}); - -$res = $t->app->pg->db->select( 'pending_passwords', ['token'], - { user_id => $uid } ); -$token = $res->hash->{token}; - -$t->get_ok("/recover/${uid}/${token}") - ->status_is(200) - ->content_like(qr{Neues Passwort eintragen}); - -$t->post_ok( - '/recover' => form => { - csrf_token => $csrf_token, - action => 'set_password', - id => $uid, - token => $token, - newpw => 'foofoofoo2', - newpw2 => 'foofoofoo2', - } -); -$t->status_is(302)->header_is( location => '/account' ); - -$t->app->pg->db->query('drop schema travelynx_test_02 cascade'); -done_testing(); diff --git a/t/02-static-en.t b/t/02-static-en.t new file mode 100644 index 0000000..26641cb --- /dev/null +++ b/t/02-static-en.t @@ -0,0 +1,50 @@ +#!/usr/bin/env perl + +# Copyright (C) 2020 Birte Kristina Friesel +# +# SPDX-License-Identifier: MIT + +use Mojo::Base -strict; + +use Test::More; +use Test::Mojo; + +# Include application +use FindBin; +require "$FindBin::Bin/../index.pl"; + +my $t = Test::Mojo->new('Travelynx'); + +$t->ua->on( start => sub { $_[1]->req->headers->accept_language('en-GB') } ); + +$t->get_ok('/')->status_is(200); +$t->text_like( 'a[href="/register"]' => qr{Register} ); +$t->text_like( 'a[href="/login"]' => qr{Login} ); + +$t->get_ok('/about')->status_is(200); +$t->get_ok('/api')->status_is(200); +$t->get_ok('/changelog')->status_is(200); +$t->get_ok('/legend')->status_is(200); +$t->get_ok('/offline.html')->status_is(200); + +$t->get_ok('/login')->status_is(200); +$t->element_exists('input[name="csrf_token"]'); +$t->text_like( 'button' => qr{Login} ); + +$t->get_ok('/recover')->status_is(200); + +$t->get_ok('/register')->status_is(200); +$t->element_exists('input[name="csrf_token"]'); +$t->element_exists('a[href="/impressum"]'); +$t->text_like( 'button' => qr{Register} ); + +# Protected sites should redirect to login form + +for my $protected (qw(/account /account/password /history /s/EE)) { + $t->get_ok($protected)->text_like( 'button' => qr{Login} ); +} + +# Otherwise, we expect a 404 +$t->get_ok('/definitelydoesnotexist')->status_is(404); + +done_testing(); diff --git a/t/03-static-fr.t b/t/03-static-fr.t new file mode 100644 index 0000000..dc4c278 --- /dev/null +++ b/t/03-static-fr.t @@ -0,0 +1,50 @@ +#!/usr/bin/env perl + +# Copyright (C) 2020 Birte Kristina Friesel +# +# SPDX-License-Identifier: MIT + +use Mojo::Base -strict; + +use Test::More; +use Test::Mojo; + +# Include application +use FindBin; +require "$FindBin::Bin/../index.pl"; + +my $t = Test::Mojo->new('Travelynx'); + +$t->ua->on( start => sub { $_[1]->req->headers->accept_language('fr-FR') } ); + +$t->get_ok('/')->status_is(200); +$t->text_like( 'a[href="/register"]' => qr{Inscription} ); +$t->text_like( 'a[href="/login"]' => qr{Connexion} ); + +$t->get_ok('/about')->status_is(200); +$t->get_ok('/api')->status_is(200); +$t->get_ok('/changelog')->status_is(200); +$t->get_ok('/legend')->status_is(200); +$t->get_ok('/offline.html')->status_is(200); + +$t->get_ok('/login')->status_is(200); +$t->element_exists('input[name="csrf_token"]'); +$t->text_like( 'button' => qr{Connexion} ); + +$t->get_ok('/recover')->status_is(200); + +$t->get_ok('/register')->status_is(200); +$t->element_exists('input[name="csrf_token"]'); +$t->element_exists('a[href="/impressum"]'); +$t->text_like( 'button' => qr{Inscription} ); + +# Protected sites should redirect to login form + +for my $protected (qw(/account /account/password /history /s/EE)) { + $t->get_ok($protected)->text_like( 'button' => qr{Connexion} ); +} + +# Otherwise, we expect a 404 +$t->get_ok('/definitelydoesnotexist')->status_is(404); + +done_testing(); diff --git a/t/10-registration.t b/t/10-registration.t new file mode 100644 index 0000000..ec09eaf --- /dev/null +++ b/t/10-registration.t @@ -0,0 +1,228 @@ +#!/usr/bin/env perl + +# Copyright (C) 2020 Birte Kristina Friesel +# +# SPDX-License-Identifier: MIT + +use Mojo::Base -strict; + +# Tests the standard registration -> verification -> successful login flow + +use Test::More; +use Test::Mojo; + +# Include application +use FindBin; +require "$FindBin::Bin/../index.pl"; + +my $t = Test::Mojo->new('Travelynx'); + +$t->ua->on( start => sub { $_[1]->req->headers->accept_language('de-DE') } ); + +if ( not $t->app->config->{db} ) { + plan( skip_all => 'No database configured' ); +} + +$t->app->pg->db->query('drop schema if exists travelynx_test_02 cascade'); +$t->app->pg->db->query('create schema travelynx_test_02'); +$t->app->pg->db->query('set search_path to travelynx_test_02'); +$t->app->pg->on( + connection => sub { + my ( $pg, $dbh ) = @_; + $dbh->do('set search_path to travelynx_test_02'); + } +); + +$t->app->config->{mail}->{disabled} = 1; + +$ENV{__TRAVELYNX_TEST_MINI_IRIS} = 1; +$t->app->start( 'database', 'migrate' ); + +my $csrf_token + = $t->ua->get('/register')->res->dom->at('input[name=csrf_token]') + ->attr('value'); + +# Successful registration +$t->post_ok( + '/register' => form => { + csrf_token => $csrf_token, + dt => 1, + user => 'someone', + email => 'foo@example.org', + password => 'foofoofoo', + password2 => 'foofoofoo', + } +); +$t->status_is(200)->content_like(qr{Verifizierungslink}); + +# Failed registration (CSRF) +$t->post_ok( + '/register' => form => { + csrf_token => $csrf_token, + user => 'noone', + email => 'foo2@example.org', + password => 'foofoofoo', + password2 => 'foofoofoo', + } +); +$t->status_is(400)->content_like(qr{CSRF}); + +# Failed registration (user name not available) +$t->post_ok( + '/register' => form => { + csrf_token => $csrf_token, + dt => 1, + user => 'someone', + email => 'foo@example.org', + password => 'foofoofoo', + password2 => 'foofoofoo', + } +); +$t->status_is(200)->content_like(qr{Name bereits vergeben}); + +$csrf_token = $t->ua->get('/login')->res->dom->at('input[name=csrf_token]') + ->attr('value'); + +# Failed login (not verified yet) +$t->post_ok( + '/login' => form => { + csrf_token => $csrf_token, + user => 'someone', + password => 'foofoofoo', + } +); +$t->status_is(400)->content_like(qr{nicht freigeschaltet}); + +my $res = $t->app->pg->db->select( 'users', ['id'], { name => 'someone' } ); +my $uid = $res->hash->{id}; +$res = $t->app->pg->db->select( 'pending_registrations', ['token'], + { user_id => $uid } ); +my $token = $res->hash->{token}; + +# Successful verification +$t->get_ok("/reg/${uid}/${token}"); +$t->status_is(200)->content_like(qr{freigeschaltet}); + +# Failed login (wrong password) +$t->post_ok( + '/login' => form => { + csrf_token => $csrf_token, + user => 'someone', + password => 'definitely invalid', + } +); +$t->status_is(400)->content_like(qr{falsches Passwort}); + +# Successful login +$t->post_ok( + '/login' => form => { + csrf_token => $csrf_token, + user => 'someone', + password => 'foofoofoo', + } +); +$t->status_is(302)->header_is( location => '/' ); + +# Request deletion + +$csrf_token = $t->ua->get('/account')->res->dom->at('input[name=csrf_token]') + ->attr('value'); + +$t->post_ok( + '/delete' => form => { + action => 'delete', + csrf_token => $csrf_token, + password => 'foofoofoo', + } +); +$t->status_is(302)->header_is( location => '/account' ); +$t->get_ok('/account'); +$t->status_is(200)->content_like(qr{wird gelöscht}); + +$t->post_ok( + '/delete' => form => { + action => 'undelete', + csrf_token => $csrf_token, + } +); +$t->status_is(302)->header_is( location => '/account' ); +$t->get_ok('/account'); +$t->status_is(200)->content_unlike(qr{wird gelöscht}); + +$csrf_token + = $t->ua->get('/account/password')->res->dom->at('input[name=csrf_token]') + ->attr('value'); + +$t->post_ok( + '/account/password' => form => { + csrf_token => $csrf_token, + oldpw => 'foofoofoo', + newpw => 'barbarbar', + newpw2 => 'barbarbar', + } +); +$t->status_is(302)->header_is( location => '/account' ); + +$csrf_token = $t->ua->get('/account')->res->dom->at('input[name=csrf_token]') + ->attr('value'); +$t->post_ok( + '/logout' => form => { + csrf_token => $csrf_token, + } +); +$t->status_is(302)->header_is( location => '/login' ); + +$csrf_token = $t->ua->get('/login')->res->dom->at('input[name=csrf_token]') + ->attr('value'); +$t->post_ok( + '/login' => form => { + csrf_token => $csrf_token, + user => 'someone', + password => 'barbarbar', + } +); +$t->status_is(302)->header_is( location => '/' ); + +$csrf_token = $t->ua->get('/account')->res->dom->at('input[name=csrf_token]') + ->attr('value'); +$t->post_ok( + '/logout' => form => { + csrf_token => $csrf_token, + } +); +$t->status_is(302)->header_is( location => '/login' ); + +$csrf_token = $t->ua->get('/recover')->res->dom->at('input[name=csrf_token]') + ->attr('value'); +$t->post_ok( + '/recover' => form => { + csrf_token => $csrf_token, + action => 'initiate', + user => 'someone', + email => 'foo@example.org', + } +); +$t->status_is(200)->content_like(qr{wird durchgeführt}); + +$res = $t->app->pg->db->select( 'pending_passwords', ['token'], + { user_id => $uid } ); +$token = $res->hash->{token}; + +$t->get_ok("/recover/${uid}/${token}") + ->status_is(200) + ->content_like(qr{Neues Passwort eintragen}); + +$t->post_ok( + '/recover' => form => { + csrf_token => $csrf_token, + action => 'set_password', + id => $uid, + token => $token, + newpw => 'foofoofoo2', + newpw2 => 'foofoofoo2', + } +); +$t->status_is(302)->header_is( location => '/account' ); + +$t->app->pg->db->query('drop schema travelynx_test_02 cascade'); +done_testing(); -- cgit v1.2.3