void TransitionTests::PBOWBookmarkSequence()
//: simulate a privileged bookmark with a subsequent successful login
// privileged request -> PBOWLoginPage ...
// successful login request -> PBOWCustomerOnlyPage2 (now in privileged role) ...
// logout request -> PBOWLoginPage (back to unprivileged role)
{
Anything r1, r2, r3;
// the session is back in unprivileged mode (or has even been removed)...
// re-play a privileged request:
t_assert(EvalRequest(fBookmarkedRequest, r1));
assertEqual("PBOWLoginPage", r1["page"].AsString()); // login must be enforced
// -- perform successful login using existing session id...
// original request should be satisfied...
Anything c1 = AddSessionInfo(GetConfig()["GoodLoginRequest"], r1);
t_assert(EvalRequest(c1, r2));
assertEqual("PBOWCustomerOnlyPage2", r2["page"].AsString());
// verify if we are still using the same session
assertEqual(r1["sessionId"].AsString(), r2["sessionId"].AsString());
// -- logout (overwrite r3)
Anything c3 = AddSessionInfo(GetConfig()["LogoutRequest"], r3);
t_assert(EvalRequest(c3, r3));
assertEqual("PBOWLoginPage", r3["page"].AsString());
}
void TransitionTests::PBOWLoginSequence2()
//: a successful login sequence:
// default request (using default role) -> PBOWLoginPage ...
// successful login request -> PBOWCustomerOnlyPage (now in privileged role) ...
// request for other privileged page -> PBOWCustomerOnlyPage2
// logout request -> PBOWLoginPage (back to unprivileged role)
{
// a successful login sequence (i.e. default request, then login request)
Anything r1, r2, r3, r4;
// -- get default page & session id
t_assert(EvalRequest(GetConfig()["DefaultRequest"], r1));
assertEqual("PBOWLoginPage", r1["page"].AsString());
// -- perform successful login using existing session id
Anything c1 = AddSessionInfo(GetConfig()["GoodLoginRequest"], r1);
t_assert(EvalRequest(c1, r2));
assertEqual("PBOWCustomerOnlyPage", r2["page"].AsString());
// verify if we are still using the same session
assertEqual(r1["sessionId"].AsString(), r2["sessionId"].AsString());
// -- get other privileged page using existing session id
Anything c2 = AddSessionInfo(GetConfig()["CustomerRequest2"], r2);
t_assert(EvalRequest(c2, r3));
assertEqual("PBOWCustomerOnlyPage2", r3["page"].AsString());
// verify if we are still using the same session
assertEqual(r2["sessionId"].AsString(), r3["sessionId"].AsString());
// -- logout (overwrite r3)
Anything c3 = AddSessionInfo(GetConfig()["LogoutRequest"], r3);
t_assert(EvalRequest(c3, r3));
assertEqual("PBOWLoginPage", r3["page"].AsString());
// remember a privileged request for use in next test
fBookmarkedRequest = c2;
// -- perform successful login using existing session id
Anything c4 = AddSessionInfo(GetConfig()["GoodLoginRequest"], r3);
t_assert(EvalRequest(c4, r4));
assertEqual("PBOWCustomerOnlyPage", r4["page"].AsString());
// verify if we are still using the same session
assertEqual(r4["sessionId"].AsString(), r3["sessionId"].AsString());
// -- logout (overwrite r4)
c3 = AddSessionInfo(GetConfig()["LogoutRequest"], r4);
t_assert(EvalRequest(c3, r4));
assertEqual("PBOWLoginPage", r4["page"].AsString());
}
void TransitionTests::PBOWFailedBookmarkSequence()
//: simulate a privileged bookmark with a subsequent unsuccessful login
// privileged request -> PBOWLoginPage ...
// failed login request -> PBOWLoginPage (still in unprivileged role) ...
{
Anything r1, r2;
// the session is back in unprivileged mode (or has even been removed)...
// re-play a privileged request:
t_assert(EvalRequest(fBookmarkedRequest, r1));
assertEqual("PBOWLoginPage", r1["page"].AsString()); // login must be enforced
// -- perform unsuccessful login using existing session id
Anything c1 = AddSessionInfo(GetConfig()["BadLoginRequest"], r1);
t_assert(EvalRequest(c1, r2));
assertEqual("PBOWLoginPage", r2["page"].AsString());
// verify if we are still using the same session
assertEqual(r1["sessionId"].AsString(), r2["sessionId"].AsString());
}
void TransitionTests::PBOWLoginSequence1()
//: an unsuccessful login sequence:
// default request (using default role) -> PBOWLoginPage ...
// unsuccessful login attempt -> PBOWLoginPage (still in default role)
{
// (i.e. default request, then login request)
Anything r1, r2;
// -- get default page & session id
t_assert(EvalRequest(GetConfig()["DefaultRequest"], r1));
assertEqual("PBOWLoginPage", r1["page"].AsString());
// -- perform unsuccessful login using existing session id
Anything c1 = AddSessionInfo(GetConfig()["BadLoginRequest"], r1);
t_assert(EvalRequest(c1, r2));
assertEqual("PBOWLoginPage", r2["page"].AsString());
// verify if we are still using the same session
assertEqual(r1["sessionId"].AsString(), r2["sessionId"].AsString());
}
CWOBackendReq::CWOBackendReq(const CUserProfile* prof, const char* url)
{
Init(url);
AddSessionInfo(prof->CustomerID, prof->SessionID);
}