Examples with Result com.google.gerrit.acceptance.PushOneCommit.Result used on opensource projects

Example 11 with Result

use of com.google.gerrit.acceptance.PushOneCommit.Result in project gerrit by GerritCodeReview.

the class CorsIT method missingOriginIsAllowedWithNoCorsResponseHeaders.

@Test
public void missingOriginIsAllowedWithNoCorsResponseHeaders() throws Exception {
    Result change = createChange();
    String url = "/changes/" + change.getChangeId() + "/detail";
    RestResponse r = adminRestSession.get(url);
    r.assertOK();
    String allowOrigin = r.getHeader(ACCESS_CONTROL_ALLOW_ORIGIN);
    String allowCred = r.getHeader(ACCESS_CONTROL_ALLOW_CREDENTIALS);
    String maxAge = r.getHeader(ACCESS_CONTROL_MAX_AGE);
    String allowMethods = r.getHeader(ACCESS_CONTROL_ALLOW_METHODS);
    String allowHeaders = r.getHeader(ACCESS_CONTROL_ALLOW_HEADERS);
    assertWithMessage(ACCESS_CONTROL_ALLOW_ORIGIN).that(allowOrigin).isNull();
    assertWithMessage(ACCESS_CONTROL_ALLOW_CREDENTIALS).that(allowCred).isNull();
    assertWithMessage(ACCESS_CONTROL_MAX_AGE).that(maxAge).isNull();
    assertWithMessage(ACCESS_CONTROL_ALLOW_METHODS).that(allowMethods).isNull();
    assertWithMessage(ACCESS_CONTROL_ALLOW_HEADERS).that(allowHeaders).isNull();
}

Example 12 with Result

use of com.google.gerrit.acceptance.PushOneCommit.Result in project gerrit by GerritCodeReview.

the class CorsIT method preflightBadOrigin.

@Test
public void preflightBadOrigin() throws Exception {
    Result change = createChange();
    Request req = Request.Options(adminRestSession.url() + "/a/changes/" + change.getChangeId() + "/detail");
    req.addHeader(ORIGIN, "http://evil.attacker");
    req.addHeader(ACCESS_CONTROL_REQUEST_METHOD, "GET");
    adminRestSession.execute(req).assertBadRequest();
}

Example 13 with Result

use of com.google.gerrit.acceptance.PushOneCommit.Result in project gerrit by GerritCodeReview.

the class CorsIT method crossDomainPutTopic.

@Test
public void crossDomainPutTopic() throws Exception {
    // Setting cookies with HttpOnly requires Servlet API 3+ which not all deployments might have
    // available.
    assume().that(cookieHasSetHttpOnlyMethod()).isTrue();
    Result change = createChange();
    BasicCookieStore cookies = new BasicCookieStore();
    Executor http = Executor.newInstance().use(cookies);
    Request req = Request.Get(canonicalWebUrl.get() + "/login/?account_id=" + admin.id().get());
    http.execute(req);
    String auth = null;
    for (Cookie c : cookies.getCookies()) {
        if ("GerritAccount".equals(c.getName())) {
            auth = c.getValue();
        }
    }
    assertWithMessage("GerritAccount cookie").that(auth).isNotNull();
    cookies.clear();
    UrlEncoded url = new UrlEncoded(canonicalWebUrl.get() + "/changes/" + change.getChangeId() + "/topic");
    url.put("$m", "PUT");
    url.put("$ct", "application/json; charset=US-ASCII");
    url.put("access_token", auth);
    String origin = "http://example.com";
    req = Request.Post(url.toString());
    req.setHeader(CONTENT_TYPE, "text/plain");
    req.setHeader(ORIGIN, origin);
    req.bodyByteArray("{\"topic\":\"test-xd\"}".getBytes(StandardCharsets.US_ASCII));
    HttpResponse r = http.execute(req).returnResponse();
    assertThat(r.getStatusLine().getStatusCode()).isEqualTo(200);
    Header vary = r.getFirstHeader(VARY);
    assertWithMessage(VARY).that(vary).isNotNull();
    assertWithMessage(VARY).that(Splitter.on(", ").splitToList(vary.getValue())).contains(ORIGIN);
    Header allowOrigin = r.getFirstHeader(ACCESS_CONTROL_ALLOW_ORIGIN);
    assertWithMessage(ACCESS_CONTROL_ALLOW_ORIGIN).that(allowOrigin).isNotNull();
    assertWithMessage(ACCESS_CONTROL_ALLOW_ORIGIN).that(allowOrigin.getValue()).isEqualTo(origin);
    Header allowAuth = r.getFirstHeader(ACCESS_CONTROL_ALLOW_CREDENTIALS);
    assertWithMessage(ACCESS_CONTROL_ALLOW_CREDENTIALS).that(allowAuth).isNotNull();
    assertWithMessage(ACCESS_CONTROL_ALLOW_CREDENTIALS).that(allowAuth.getValue()).isEqualTo("true");
    checkTopic(change, "test-xd");
}

Example 14 with Result

use of com.google.gerrit.acceptance.PushOneCommit.Result in project gerrit by GerritCodeReview.

the class CorsIT method preflightBadHeader.

@Test
public void preflightBadHeader() throws Exception {
    Result change = createChange();
    Request req = Request.Options(adminRestSession.url() + "/a/changes/" + change.getChangeId() + "/detail");
    req.addHeader(ORIGIN, "http://example.com");
    req.addHeader(ACCESS_CONTROL_REQUEST_METHOD, "GET");
    req.addHeader(ACCESS_CONTROL_REQUEST_HEADERS, "X-Secret-Auth-Token");
    adminRestSession.execute(req).assertBadRequest();
}

Example 15 with Result

use of com.google.gerrit.acceptance.PushOneCommit.Result in project gerrit by GerritCodeReview.

the class CorsIT method preflightBadMethod.

@Test
public void preflightBadMethod() throws Exception {
    Result change = createChange();
    Request req = Request.Options(adminRestSession.url() + "/a/changes/" + change.getChangeId() + "/detail");
    req.addHeader(ORIGIN, "http://example.com");
    req.addHeader(ACCESS_CONTROL_REQUEST_METHOD, "CALL");
    adminRestSession.execute(req).assertBadRequest();
}