1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.
#########################################
# Test for xmlrpc call to User.Create() #
#########################################
use strict;
use warnings;
use lib qw(lib ../../lib ../../local/lib/perl5);
use QA::Util;
use Test::More tests => 75;
my ($config, $xmlrpc, $jsonrpc, $jsonrpc_get) = get_rpc_clients();
use constant NEW_PASSWORD => 'UiX1Shuuchid';
use constant NEW_FULLNAME => 'WebService Created User';
use constant PASSWORD_TOO_SHORT => 'a';
# These are the characters that are actually invalid per RFC.
use constant INVALID_EMAIL => '()[]\;:,<>@webservice.test';
sub new_login {
return 'created_' . random_string(@_) . '@webservice.test';
}
sub post_success {
my ($call) = @_;
ok($call->result->{id}, "Got a non-zero user id");
}
$jsonrpc_get->bz_call_fail(
'User.create',
{email => new_login(), full_name => NEW_FULLNAME, password => '*'},
'must use HTTP POST',
'User.create fails over GET'
);
# We have to wrap @tests in the foreach, because we want a different
# login for each user, separately for each RPC client. (You can't create
# two users with the same username, and XML-RPC would otherwise try to
# create the same users that JSON-RPC created.)
foreach my $rpc ($jsonrpc, $xmlrpc) {
my @tests = (
# Permissions checks
{
args =>
{email => new_login(), full_name => NEW_FULLNAME, password => NEW_PASSWORD},
error => "you are not authorized",
test => 'Logged-out user cannot call User.create',
},
{
user => 'unprivileged',
args =>
{email => new_login(), full_name => NEW_FULLNAME, password => NEW_PASSWORD},
error => "you are not authorized",
test => 'Unprivileged user cannot call User.create',
},
# Login name checks.
{
user => 'admin',
args => {full_name => NEW_FULLNAME, password => NEW_PASSWORD},
error => "argument was not set",
test => 'Leaving out email argument fails',
},
{
user => 'admin',
args => {email => '', full_name => NEW_FULLNAME, password => NEW_PASSWORD},
error => "argument was not set",
test => "Passing an empty email argument fails",
},
{
user => 'admin',
args =>
{email => INVALID_EMAIL, full_name => NEW_FULLNAME, password => NEW_PASSWORD},
error => "didn't pass our syntax checking",
test => 'Invalid email address fails',
},
{
user => 'admin',
args => {
email => new_login(128),
full_name => NEW_FULLNAME,
password => NEW_PASSWORD
},
error => "didn't pass our syntax checking",
test => 'Too long (> 127 chars) email address fails',
},
{
user => 'admin',
args => {
email => $config->{unprivileged_user_login},
full_name => NEW_FULLNAME,
password => NEW_PASSWORD
},
error => "There is already an account",
test => 'Trying to use an existing login name fails',
},
{
user => 'admin',
args => {
email => new_login(),
full_name => NEW_FULLNAME,
password => PASSWORD_TOO_SHORT
},
error =>
'The password does not meet our security requirements for the following reason: too short',
test => 'Password Too Short fails',
},
{
user => 'admin',
args =>
{email => new_login(), full_name => NEW_FULLNAME, password => NEW_PASSWORD},
test => 'Creating a user with all arguments and correct privileges',
},
{
user => 'admin',
args => {email => new_login(), password => NEW_PASSWORD},
test => 'Leaving out fullname works',
},
{
user => 'admin',
args => {email => new_login(), full_name => NEW_FULLNAME},
test => 'Leaving out password works',
},
);
$rpc->bz_run_tests(
tests => \@tests,
method => 'User.create',
post_success => \&post_success
);
}
|
