/PortletReviewer/Test/JspValidatorTest.hs

http://hdbc.googlecode.com/ · Haskell · 131 lines · 114 code · 16 blank · 1 comment · 1 complexity · 70f74e93e36a49c441e39e8383eb48c4 MD5 · raw file

  1. module Test.JspValidatorTest where
  2. import Test.HUnit
  3. import JspValidator
  4. import Definitions
  5. runAllTests :: IO Counts
  6. runAllTests = runTestTT (
  7. TestList [TestLabel "testValidateJavascriptFunctionsEncoded" testValidateJavascriptFunctionsEncoded,
  8. TestLabel "testValidateElementIdsEncoded" testValidateElementIdsEncoded,
  9. TestLabel "testValidateNoHtmlComments" testValidateNoHtmlComments,
  10. TestLabel "testValidateImagesAreAccessible" testValidateImagesAreAccessible,
  11. TestLabel "testValidateFormNamesEncoded" testValidateFormNamesEncoded,
  12. TestLabel "testValidateNoIllegalHtmlTags" testValidateNoIllegalHtmlTags,
  13. TestLabel "testValidatUsingPortletClasses" testValidatUsingPortletClasses,
  14. TestLabel "testValidateContextPathCalls" testValidateContextPathCalls,
  15. TestLabel "testValidateNoSessionCreated" testValidateNoSessionCreated,
  16. TestLabel "testValidateTextBoxesHaveLabels" testValidateTextBoxesHaveLabels,
  17. TestLabel "testValidateTextBoxesHaveLabels2" testValidateTextBoxesHaveLabels2,
  18. TestLabel "testValidateTextBoxesHaveLabels3" testValidateTextBoxesHaveLabels3]
  19. )
  20. isErrorFree :: [ErrorMessage] -> Bool
  21. isErrorFree errs = length errs == 0
  22. testValidateJavascriptFunctionsEncoded :: Test
  23. testValidateJavascriptFunctionsEncoded = TestCase (do
  24. let fileContents1 = ["", "\n", ""]
  25. fileContents2 = ["", "function myFunction() {", "}"]
  26. fileContents3 = ["<portlet:namespace />function myFnc ()"]
  27. assertEqual "contents1 has no javascript functions" True
  28. (isErrorFree (validateJavascriptFunctionsEncoded fileContents1))
  29. assertEqual "contents2 is not properly encoded" False
  30. (isErrorFree (validateJavascriptFunctionsEncoded fileContents2))
  31. assertEqual "contents3 is properly encoded" True
  32. (isErrorFree (validateJavascriptFunctionsEncoded fileContents3))
  33. )
  34. testValidateElementIdsEncoded :: Test
  35. testValidateElementIdsEncoded = TestCase ( do
  36. let contents1 = ["", "", "\n"]
  37. contents2 = ["<form id=\"primary\" action=\"post\">", "<input name=\"insert\" />"]
  38. contents3 = ["<form id=\"<portlet:namespace />primary\" >"]
  39. assertEqual "contents1: expected 'valid'" True (isErrorFree (validateElementIdsEncoded contents1))
  40. assertEqual "contents2: expected 'invalid'" False (isErrorFree (validateElementIdsEncoded contents2))
  41. assertEqual "contents3: expected 'valid'" True (isErrorFree (validateElementIdsEncoded contents3))
  42. )
  43. testValidateFormNamesEncoded :: Test
  44. testValidateFormNamesEncoded = TestCase (do
  45. let contents1 = ["<form name=bad_name"]
  46. contents2 = ["<form id=\"some_id\" name='bad_name'"]
  47. contents3 = ["<form action=post name=\"bad_name\""]
  48. contents4 = ["<FORM method=POST name=\"<portlet:namespace />form1\" >"]
  49. assertEqual "contents1 expected invalid" False (isErrorFree (validateFormNamesEncoded contents1))
  50. assertEqual "contents2 expected invalid" False (isErrorFree (validateFormNamesEncoded contents2))
  51. assertEqual "contents3 expected invalid" False (isErrorFree (validateFormNamesEncoded contents3))
  52. assertEqual "contents4 expected invalid" True (isErrorFree (validateFormNamesEncoded contents4))
  53. )
  54. testValidateImagesAreAccessible :: Test
  55. testValidateImagesAreAccessible = TestCase (do
  56. let contents1 = ["<img src=./and/a/path/file.img />"]
  57. contents2 = ["<IMG src=\"\" alt=\"yo\""]
  58. assertEqual "contents1 expected invalid" False (isErrorFree (validateImagesAreAccessible contents1))
  59. assertEqual "contents2 expected valid" True (isErrorFree (validateImagesAreAccessible contents2))
  60. )
  61. testValidateNoHtmlComments :: Test
  62. testValidateNoHtmlComments = TestCase (do
  63. let contents1 = ["<!-- and a comment -->"]
  64. assertEqual "contents1: expected 'invalid'" False (isErrorFree (validateNoHtmlComments contents1))
  65. )
  66. testValidateNoIllegalHtmlTags :: Test
  67. testValidateNoIllegalHtmlTags = TestCase (do
  68. let contents = ["thed <iframe name=\"edkd"]
  69. assertEqual "expected failure - iframe element exists" False (isErrorFree (validateNoIllegalHtmlTags contents))
  70. )
  71. testValidatUsingPortletClasses :: Test
  72. testValidatUsingPortletClasses = TestCase (do
  73. let contents1 = ["<div class=\"bogus-class\" >"]
  74. contents2 = ["<p class=\"portlet-msg-error\">"]
  75. assertEqual "contents1: expected 'invalid'" False (isErrorFree (validateUsingPortletClasses contents1))
  76. assertEqual "contents2: expected 'valid'" True (isErrorFree (validateUsingPortletClasses contents2))
  77. )
  78. testValidateContextPathCalls :: Test
  79. testValidateContextPathCalls = TestCase (do
  80. let contents1 = ["String pathToImages = (String) renderRequest.getContextPath();"]
  81. contents2 = ["String pathToImages = (String) renderResponse.encodeURL(renderRequest.getContextPath() + /img/stuff.img);"]
  82. assertEqual "contents1: expected 'invalid'" False (isErrorFree (validateContextPathCalls contents1))
  83. assertEqual "contents2: expected 'valid'" True (isErrorFree (validateContextPathCalls contents2))
  84. )
  85. testValidateNoSessionCreated :: Test
  86. testValidateNoSessionCreated = TestCase (do
  87. let contents1 = ["<%@page session=\"false\" contentType=\"text/html\" %>"]
  88. contents2 = ["<%@ page contentType=\"text/html\" session=\"false\"%>"]
  89. assertEqual "contents1:expected 'valid'" True (isErrorFree (validateNoSessionCreated contents1))
  90. assertEqual "contents2:expected 'valid'" True (isErrorFree (validateNoSessionCreated contents2))
  91. )
  92. testValidateTextBoxesHaveLabels :: Test
  93. testValidateTextBoxesHaveLabels = TestCase (do
  94. let contents = ["<label for=\"<portlet:namespace/><%=Consts.SOURCE_URL%>\">",
  95. "<spring:message code=\"config.source.url\" />",
  96. "</label>",
  97. "<br/>",
  98. "<input type=\"text\" id=\"<portlet:namespace/><%=Consts.SOURCE_URL%>\" name=\"<%=Consts.SOURCE_URL%>\" size=\"40\"",
  99. "value='<c:out value=\"${attributes.sourceUrl}\"/>' />"]
  100. assertEqual "should pass as control has label" True (isErrorFree (validateTextBoxesHaveLabels contents)))
  101. testValidateTextBoxesHaveLabels2 :: Test
  102. testValidateTextBoxesHaveLabels2 = TestCase (do
  103. let contents = ["<textarea >",
  104. "<spring:message code=\"config.source.url\" />",
  105. "</textarea>",
  106. "<input type=\"text\" id=\"<portlet:namespace/><%=Consts.SOURCE_URL%>\" name=\"<%=Consts.SOURCE_URL%>\" size=\"40\"",
  107. "value='<c:out value=\"${attributes.sourceUrl}\"/>' />"]
  108. assertEqual "should not pass as control has label" False (isErrorFree (validateTextBoxesHaveLabels contents)))
  109. -- sometimes we have stuff like type=text without any quotes. Not valid html, but why would that stop anyone
  110. testValidateTextBoxesHaveLabels3 :: Test
  111. testValidateTextBoxesHaveLabels3 = TestCase (do
  112. let contents = ["<input type=text name=whatever / >",
  113. "<input type=text id=\"<portlet:namespace/><%=Consts.SOURCE_URL%>\" name=\"<%=Consts.SOURCE_URL%>\" size=\"40\"",
  114. "value='<c:out value=\"${attributes.sourceUrl}\"/>' />"]
  115. assertEqual "should not pass as we have two text boxes without labels" False (isErrorFree (validateTextBoxesHaveLabels contents)))