void TransitionTests::PBOWBookmarkSequence()
//: simulate a privileged bookmark with a subsequent successful login
//  privileged request -> PBOWLoginPage ...
//  successful login request -> PBOWCustomerOnlyPage2 (now in privileged role) ...
//  logout request -> PBOWLoginPage (back to unprivileged role)
{
	Anything r1, r2, r3;
	// the session is back in unprivileged mode (or has even been removed)...
	// re-play a privileged request:

	t_assert(EvalRequest(fBookmarkedRequest, r1));
	assertEqual("PBOWLoginPage", r1["page"].AsString());	// login must be enforced

	// -- perform successful login using existing session id...
	//    original request should be satisfied...
	Anything c1 = AddSessionInfo(GetConfig()["GoodLoginRequest"], r1);
	t_assert(EvalRequest(c1, r2));
	assertEqual("PBOWCustomerOnlyPage2", r2["page"].AsString());

	// verify if we are still using the same session
	assertEqual(r1["sessionId"].AsString(), r2["sessionId"].AsString());

	// -- logout (overwrite r3)
	Anything c3 = AddSessionInfo(GetConfig()["LogoutRequest"], r3);
	t_assert(EvalRequest(c3, r3));
	assertEqual("PBOWLoginPage", r3["page"].AsString());
}
void TransitionTests::PBOWLoginSequence2()
//: a successful login sequence:
//  default request (using default role) -> PBOWLoginPage ...
//  successful login request -> PBOWCustomerOnlyPage (now in privileged role) ...
//  request for other privileged page -> PBOWCustomerOnlyPage2
//  logout request -> PBOWLoginPage (back to unprivileged role)
{
	// a successful login sequence (i.e. default request, then login request)
	Anything r1, r2, r3, r4;

	// -- get default page & session id
	t_assert(EvalRequest(GetConfig()["DefaultRequest"], r1));
	assertEqual("PBOWLoginPage", r1["page"].AsString());

	// -- perform successful login using existing session id
	Anything c1 = AddSessionInfo(GetConfig()["GoodLoginRequest"], r1);
	t_assert(EvalRequest(c1, r2));
	assertEqual("PBOWCustomerOnlyPage", r2["page"].AsString());

	// verify if we are still using the same session
	assertEqual(r1["sessionId"].AsString(), r2["sessionId"].AsString());

	// -- get other privileged page using existing session id
	Anything c2 = AddSessionInfo(GetConfig()["CustomerRequest2"], r2);
	t_assert(EvalRequest(c2, r3));
	assertEqual("PBOWCustomerOnlyPage2", r3["page"].AsString());

	// verify if we are still using the same session
	assertEqual(r2["sessionId"].AsString(), r3["sessionId"].AsString());

	// -- logout (overwrite r3)
	Anything c3 = AddSessionInfo(GetConfig()["LogoutRequest"], r3);
	t_assert(EvalRequest(c3, r3));
	assertEqual("PBOWLoginPage", r3["page"].AsString());

	// remember a privileged request for use in next test
	fBookmarkedRequest = c2;

	// -- perform successful login using existing session id
	Anything c4 = AddSessionInfo(GetConfig()["GoodLoginRequest"], r3);
	t_assert(EvalRequest(c4, r4));
	assertEqual("PBOWCustomerOnlyPage", r4["page"].AsString());

	// verify if we are still using the same session
	assertEqual(r4["sessionId"].AsString(), r3["sessionId"].AsString());

	// -- logout (overwrite r4)
	c3 = AddSessionInfo(GetConfig()["LogoutRequest"], r4);
	t_assert(EvalRequest(c3, r4));
	assertEqual("PBOWLoginPage", r4["page"].AsString());
}
void TransitionTests::PBOWFailedBookmarkSequence()
//: simulate a privileged bookmark with a subsequent unsuccessful login
//  privileged request -> PBOWLoginPage ...
//  failed login request -> PBOWLoginPage (still in unprivileged role) ...
{
	Anything r1, r2;
	// the session is back in unprivileged mode (or has even been removed)...
	// re-play a privileged request:

	t_assert(EvalRequest(fBookmarkedRequest, r1));
	assertEqual("PBOWLoginPage", r1["page"].AsString());	// login must be enforced

	// -- perform unsuccessful login using existing session id
	Anything c1 = AddSessionInfo(GetConfig()["BadLoginRequest"], r1);
	t_assert(EvalRequest(c1, r2));
	assertEqual("PBOWLoginPage", r2["page"].AsString());

	// verify if we are still using the same session
	assertEqual(r1["sessionId"].AsString(), r2["sessionId"].AsString());
}
void TransitionTests::PBOWLoginSequence1()
//: an unsuccessful login sequence:
//  default request (using default role) -> PBOWLoginPage ...
//  unsuccessful login attempt -> PBOWLoginPage (still in default role)
{
	//  (i.e. default request, then login request)
	Anything r1, r2;

	// -- get default page & session id
	t_assert(EvalRequest(GetConfig()["DefaultRequest"], r1));
	assertEqual("PBOWLoginPage", r1["page"].AsString());

	// -- perform unsuccessful login using existing session id
	Anything c1 = AddSessionInfo(GetConfig()["BadLoginRequest"], r1);
	t_assert(EvalRequest(c1, r2));
	assertEqual("PBOWLoginPage", r2["page"].AsString());

	// verify if we are still using the same session
	assertEqual(r1["sessionId"].AsString(), r2["sessionId"].AsString());
}
示例#5
0
CWOBackendReq::CWOBackendReq(const CUserProfile* prof, const char* url)
{
	Init(url);

	AddSessionInfo(prof->CustomerID, prof->SessionID);
}