SEC-2624: Add Geb integration tests to contacts-xml

samples/contacts-xml/contacts.gradle

@@ -25,4 +25,5 @@ dependencies {
             "ch.qos.logback:logback-classic:$logbackVersion",
             "net.sf.ehcache:ehcache-core:$ehcacheVersion"
 
+    integrationTestCompile gebDependencies
 }

samples/contacts-xml/pom.xml

@@ -196,24 +196,72 @@
       <version>4.0.2.RELEASE</version>
       <scope>runtime</scope>
     </dependency>
+    <dependency>
+      <groupId>commons-httpclient</groupId>
+      <artifactId>commons-httpclient</artifactId>
+      <version>3.1</version>
+      <scope>test</scope>
+    </dependency>
     <dependency>
       <groupId>junit</groupId>
       <artifactId>junit</artifactId>
       <version>4.11</version>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.codehaus.groovy</groupId>
+      <artifactId>groovy</artifactId>
+      <version>2.0.5</version>
+      <scope>test</scope>
+    </dependency>
     <dependency>
       <groupId>org.easytesting</groupId>
       <artifactId>fest-assert</artifactId>
       <version>1.4</version>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.gebish</groupId>
+      <artifactId>geb-spock</artifactId>
+      <version>0.9.0</version>
+      <scope>test</scope>
+    </dependency>
     <dependency>
       <groupId>org.mockito</groupId>
       <artifactId>mockito-core</artifactId>
       <version>1.9.5</version>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.seleniumhq.selenium</groupId>
+      <artifactId>selenium-htmlunit-driver</artifactId>
+      <version>2.33.0</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.spockframework</groupId>
+      <artifactId>spock-core</artifactId>
+      <version>0.7-groovy-2.0</version>
+      <scope>test</scope>
+      <exclusions>
+        <exclusion>
+          <artifactId>junit-dep</artifactId>
+          <groupId>junit</groupId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.spockframework</groupId>
+      <artifactId>spock-spring</artifactId>
+      <version>0.7-groovy-2.0</version>
+      <scope>test</scope>
+      <exclusions>
+        <exclusion>
+          <artifactId>junit-dep</artifactId>
+          <groupId>junit</groupId>
+        </exclusion>
+      </exclusions>
+    </dependency>
     <dependency>
       <groupId>org.springframework</groupId>
       <artifactId>spring-test</artifactId>

samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/ContactsTests.groovy

@@ -0,0 +1,87 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples
+
+import geb.spock.*
+import spock.lang.Stepwise
+import org.springframework.security.samples.pages.*
+
+/**
+ * Tests the CAS sample application using service tickets.
+ *
+ * @author Rob Winch
+ */
+@Stepwise
+class ContactsTests extends GebReportingSpec {
+    def 'access home page with unauthenticated user success'() {
+        when: 'Unauthenticated user accesses the Home Page'
+        to HomePage
+        then: 'The page is displayed'
+        at HomePage
+    }
+
+    def 'access manage page with unauthenticated user sends to login page'() {
+        when: 'Unauthenticated user accesses the Manage Page'
+        manage.click(LoginPage)
+        then: 'The login page is displayed'
+        at LoginPage
+    }
+
+    def 'authenticated user is sent to original page'() {
+        when: 'user authenticates'
+        login()
+        then: 'The manage page is displayed'
+        at ContactsPage
+    }
+
+    def 'add contact link works'() {
+        when: 'user clicks add link'
+        addContact.click(AddPage)
+        then: 'The add page is displayed'
+        at AddPage
+    }
+
+    def 'add contact'() {
+        when: 'add a contact'
+        addContact
+        then: 'The add page is displayed'
+        at ContactsPage
+        and: 'The new contact is displayed'
+        contacts.find { it.email == 'rob@example.com' }?.name ==  'Rob Winch'
+    }
+
+    def 'delete contact'() {
+        when: 'delete a contact'
+        contacts.find { it.email == 'rob@example.com' }.delete()
+        then: 'Delete confirmation displayed'
+        at DeleteConfirmPage
+        when: 'View Manage Page'
+        manage.click()
+        then: 'New contact has been removed'
+        !contacts.find { it.email == 'rob@example.com' }
+    }
+
+    def 'authenticated user logs out'() {
+        when: 'user logs out'
+        logout.click()
+        then: 'the default logout success page is displayed'
+        at HomePage
+        when: 'Unauthenticated user accesses the Manage Page'
+        via ContactsPage
+        then: 'The login page is displayed'
+        at LoginPage
+    }
+}

samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/AddPage.groovy

@@ -0,0 +1,37 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples.pages
+
+import geb.Page
+
+/**
+ * The login page.
+ *
+ * @author Rob Winch
+ */
+class AddPage extends Page {
+    static url = 'add'
+    static at = { assert driver.title == 'Add New Contact'; true}
+    static content = {
+        addContact(required:false) { name = 'Rob Winch', email = 'rob@example.com'->
+            addForm.name = name
+            addForm.email = email
+            submit.click()
+        }
+        addForm { $('form') }
+        submit { $('input', type: 'submit') }
+    }
+}

samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/ContactsPage.groovy

@@ -0,0 +1,44 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples.pages
+
+import geb.*
+
+/**
+ * The home page
+ *
+ * @author Rob Winch
+ */
+class ContactsPage extends Page {
+    static url = 'secure/'
+    static at = { assert driver.title == 'Your Contacts'; true}
+    static content = {
+        addContact(to: AddPage) { $('a', text: 'Add') }
+        contacts { moduleList Contact, $("table tr").tail() }
+        logout { $("input[type=submit]", value: "Logoff") }
+    }
+}
+
+class Contact extends Module {
+    static content = {
+        cell { $("td", it) }
+        id { cell(0).text().toInteger() }
+        name { cell(1).text() }
+        email { cell(2).text() }
+        delete { cell(3).$('a').click() }
+        adminPermission { cell(4).$('a') }
+    }
+}

samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/DeleteConfirmPage.groovy

@@ -0,0 +1,30 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples.pages
+
+import geb.Page
+
+/**
+ * The home page
+ *
+ * @author Rob Winch
+ */
+class DeleteConfirmPage extends Page {
+    static at = { assert driver.title == 'Deletion completed'; true}
+    static content = {
+        manage(to: ContactsPage) { $('a', text: 'Manage') }
+    }
+}

samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/HomePage.groovy

@@ -0,0 +1,33 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples.pages;
+
+import geb.*
+
+/**
+ * The home page
+ *
+ * @author Rob Winch
+ */
+class HomePage extends Page {
+    static url = ''
+    static at = { assert driver.title == 'Contacts Security Demo'; true}
+    static content = {
+        manage(to: [ContactsPage,LoginPage]) { $('a', text: 'Manage') }
+        debug { $('a', text: 'Debug').click() }
+        frames { $('a', text: 'Frames').click() }
+    }
+}

samples/contacts-xml/src/integration-test/groovy/org/springframework/security/samples/pages/LoginPage.groovy

@@ -0,0 +1,37 @@
+/*
+ * Copyright 2011 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.samples.pages;
+
+import geb.*
+
+/**
+ * The login page.
+ *
+ * @author Rob Winch
+ */
+class LoginPage extends Page {
+    static url = 'login'
+    static at = { assert driver.title == 'Login'; true}
+    static content = {
+        login(required:false) { user='rod', password='koala' ->
+            loginForm.j_username = user
+            loginForm.j_password = password
+            submit.click()
+        }
+        loginForm { $('form') }
+        submit { $('input', type: 'submit') }
+    }
+}

samples/contacts-xml/src/main/webapp/WEB-INF/jsp/index.jsp

@@ -27,6 +27,11 @@
   </tr>
 </c:forEach>
 </table>
-<p><a href="<c:url value="add.htm"/>">Add</a>   <p><a href="<c:url value="../j_spring_security_logout"/>">Logoff</a> (also clears any remember-me cookie)
+<p><a href="<c:url value="add.htm"/>">Add</a> </p>
+
+<form action="<c:url value="/j_spring_security_logout"/>" method="post">
+    <input type="submit" value="Logoff"/> (also clears any remember-me cookie)
+    <security:csrfInput/>
+</form>
 </body>
 </html>