Automation test for invalidate sessions.

src/org/labkey/test/tests/InvalidateSessionTest.java

@@ -20,9 +20,9 @@
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Set;
 
 import static org.junit.Assert.fail;
-import static org.labkey.test.WebTestHelper.getCookies;
 
 @Category({Daily.class})
 public class InvalidateSessionTest extends BaseWebDriverTest
@@ -61,23 +61,16 @@ private void doSetup()
         Regression coverage for Secure Issue 51523: Invalidate sessions on password change
      */
     @Test
-    public void testSessionInvalidatesAfterPasswordChange() throws IOException
+    public void testSessionInvalidatesAfterPasswordChange() throws IOException, CommandException
     {
         signOut();
         signIn(USER);
         Connection cn = createDefaultConnection();
         SelectRowsResponse response;
         SelectRowsCommand selectCmd = new SelectRowsCommand("auditLog", "UserAuditEvent");
-        try
-        {
-            response = selectCmd.execute(cn, "Home");
-            Assert.assertEquals("Did not establish the database connection before the password change", 200,
-                    response.getStatusCode());
-        }
-        catch (IOException | CommandException e)
-        {
-            throw new RuntimeException(e);
-        }
+        response = selectCmd.execute(cn, "Home");
+        Assert.assertEquals("Did not establish the database connection before the password change", 200,
+                response.getStatusCode());
 
         log("Changing the user password");
         String newPassword = PasswordUtil.getPassword() + "&*&*";
@@ -104,25 +97,18 @@ public void testSessionInvalidatesAfterPasswordChange() throws IOException
         Regression coverage for Secure Issue 31493: Test for session and cookie persistence through login and logout
      */
     @Test
-    public void testCookieAndSessionFromLogout() throws IOException
+    public void testCookieAndSessionFromLogout() throws IOException, CommandException
     {
         log("Capture the cookie after login");
-        Cookie beforeCookie = getCookies(getCurrentUser()).get(Connection.JSESSIONID);
+        Set<Cookie> beforeCookie = getDriver().manage().getCookies();
 
         log("Establish the connection");
         Connection cn = createDefaultConnection();
         SelectRowsResponse response;
         SelectRowsCommand selectCmd = new SelectRowsCommand("auditLog", "UserAuditEvent");
-        try
-        {
-            response = selectCmd.execute(cn, getProjectName());
-            Assert.assertEquals("Did not establish the database connection before the password change", 200,
-                    response.getStatusCode());
-        }
-        catch (CommandException e)
-        {
-            throw new RuntimeException(e);
-        }
+        response = selectCmd.execute(cn, getProjectName());
+        Assert.assertEquals("Did not establish the database connection before the password change", 200,
+                response.getStatusCode());
 
         log("Sign out");
         signOut();
@@ -139,8 +125,13 @@ public void testCookieAndSessionFromLogout() throws IOException
         }
 
         log("Capture the cookie after logout");
-        Cookie afterCookie = getCookies(getCurrentUser()).get(Connection.JSESSIONID);
-        Assert.assertFalse("Before and after log out cookie should be different", beforeCookie.equals(afterCookie));
+        Set<Cookie> afterCookie = getDriver().manage().getCookies();
+        Assert.assertFalse("Before and after log out cookie should be different", getJSessionIdValue(beforeCookie).equals(getJSessionIdValue(afterCookie)));
+    }
+
+    private String getJSessionIdValue(Set<Cookie> cookies)
+    {
+        return cookies.stream().toList().get(1).getValue();
     }
 
     @Override

src/org/labkey/test/tests/UserPermissionsTest.java

@@ -16,12 +16,17 @@
 
 package org.labkey.test.tests;
 
+import org.junit.Assert;
+import org.junit.BeforeClass;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 import org.labkey.test.BaseWebDriverTest;
 import org.labkey.test.Locator;
 import org.labkey.test.TestTimeoutException;
 import org.labkey.test.categories.Daily;
+import org.labkey.test.pages.core.admin.ShowAuditLogPage;
+import org.labkey.test.util.ApiPermissionsHelper;
+import org.labkey.test.util.DataRegionTable;
 import org.labkey.test.util.LogMethod;
 import org.labkey.test.util.PortalHelper;
 import org.openqa.selenium.WebElement;
@@ -36,14 +41,13 @@
 @BaseWebDriverTest.ClassTimeout(minutes = 7)
 public class UserPermissionsTest extends BaseWebDriverTest
 {
-    PortalHelper portalHelper = new PortalHelper(this);
     protected static final String PERM_PROJECT_NAME = "PermissionCheckProject";
     protected static final String DENIED_SUB_FOLDER_NAME = "UnlinkedFolder";
     protected static final String GAMMA_SUB_FOLDER_NAME = "GammaFolder";
     protected static final String GAMMA_EDITOR_GROUP_NAME = "GammaEditor";
     protected static final String GAMMA_AUTHOR_GROUP_NAME = "GammaAuthor";
     protected static final String GAMMA_READER_GROUP_NAME = "GammaReader";
-//    protected static final String GAMMA_RESTRICTED_READER_GROUP_NAME = "GammaRestrictedReader";
+    //    protected static final String GAMMA_RESTRICTED_READER_GROUP_NAME = "GammaRestrictedReader";
     protected static final String GAMMA_SUBMITTER_GROUP_NAME = "GammaSubmitter";
     protected static final String GAMMA_ADMIN_GROUP_NAME = "GammaAdmin";
     //permissions
@@ -54,11 +58,20 @@ public class UserPermissionsTest extends BaseWebDriverTest
     protected static final String GAMMA_AUTHOR_PAGE_TITLE = "This is a Test Message from : " + GAMMA_AUTHOR_USER;
     protected static final String GAMMA_READER_USER = "gammareader@security.test";
     protected static final String GAMMA_PROJECT_ADMIN_USER = "gammaadmin@security.test";
+    protected static final String GAMMA_SUBMITTER_USER = "gammasubmitter@security.test";
+    PortalHelper portalHelper = new PortalHelper(this);
 
     //I can't really find any docs on what this is exactly?
 //    protected static final String GAMMA_RESTRICTED_READER_USER = "gammarestricted@security.test";
 //    protected static final String GAMMA_SUBMITTER_USER = "gammasubmitter@security.test";
 
+    @BeforeClass
+    public static void setupProject()
+    {
+        UserPermissionsTest init = getCurrentTest();
+        init.doSetup();
+    }
+
     @Override
     public List<String> getAssociatedModules()
     {
@@ -83,32 +96,19 @@ protected void doCleanup(boolean afterTest) throws TestTimeoutException
         log(this.getClass().getName() + " Cleaning Up");
         _containerHelper.deleteProject(PERM_PROJECT_NAME, afterTest);
 
-        deleteUsersIfPresent(GAMMA_EDITOR_USER, GAMMA_AUTHOR_USER, GAMMA_READER_USER, GAMMA_PROJECT_ADMIN_USER);
+        deleteUsersIfPresent(GAMMA_EDITOR_USER, GAMMA_AUTHOR_USER, GAMMA_READER_USER, GAMMA_PROJECT_ADMIN_USER, GAMMA_SUBMITTER_USER);
     }
 
-    @Test
-    public void testSteps()
-    {
-        enableEmailRecorder();
-        userPermissionRightsTest();
-    }
-
-    /**
-     * Create some projects, create some groups, permissions for those groups
-     * Create some users, assign to groups and validate the permissions by
-     * impersonating the user.
-     */
-    @LogMethod
-    private void userPermissionRightsTest()
+    private void doSetup()
     {
         _containerHelper.createProject(PERM_PROJECT_NAME, null);
         _permissionsHelper.createPermissionsGroup(GAMMA_EDITOR_GROUP_NAME);
         _permissionsHelper.assertPermissionSetting(GAMMA_EDITOR_GROUP_NAME, "No Permissions");
         _permissionsHelper.setPermissions(GAMMA_EDITOR_GROUP_NAME, "Editor");
         createUserInProjectForGroup(GAMMA_EDITOR_USER, PERM_PROJECT_NAME, GAMMA_EDITOR_GROUP_NAME, false);
 
-        _containerHelper.createSubfolder(PERM_PROJECT_NAME, PERM_PROJECT_NAME, DENIED_SUB_FOLDER_NAME, "None", new String[] {"Messages", "Wiki"}, true);
-        _containerHelper.createSubfolder(PERM_PROJECT_NAME, DENIED_SUB_FOLDER_NAME, GAMMA_SUB_FOLDER_NAME, "None", new String[] {"Messages", "Wiki"}, true);
+        _containerHelper.createSubfolder(PERM_PROJECT_NAME, PERM_PROJECT_NAME, DENIED_SUB_FOLDER_NAME, "None", new String[]{"Messages", "Wiki"}, true);
+        _containerHelper.createSubfolder(PERM_PROJECT_NAME, DENIED_SUB_FOLDER_NAME, GAMMA_SUB_FOLDER_NAME, "None", new String[]{"Messages", "Wiki"}, true);
         portalHelper.addWebPart("Messages");
         assertElementPresent(Locator.linkWithText("Messages"));
         portalHelper.addWebPart("Wiki");
@@ -123,24 +123,44 @@ private void userPermissionRightsTest()
         _permissionsHelper.assertPermissionSetting(GAMMA_READER_GROUP_NAME, "No Permissions");
         _permissionsHelper.setPermissions(GAMMA_READER_GROUP_NAME, "Reader");
         createUserInProjectForGroup(GAMMA_READER_USER, PERM_PROJECT_NAME, GAMMA_READER_GROUP_NAME, false);
+
         //Create Author User
         clickProject(PERM_PROJECT_NAME);
         _permissionsHelper.enterPermissionsUI();
         _permissionsHelper.createPermissionsGroup(GAMMA_AUTHOR_GROUP_NAME);
         _permissionsHelper.assertPermissionSetting(GAMMA_AUTHOR_GROUP_NAME, "No Permissions");
         _permissionsHelper.setPermissions(GAMMA_AUTHOR_GROUP_NAME, "Author");
         createUserInProjectForGroup(GAMMA_AUTHOR_USER, PERM_PROJECT_NAME, GAMMA_AUTHOR_GROUP_NAME, false);
+
         //Create the Submitter User
         clickProject(PERM_PROJECT_NAME);
         _permissionsHelper.enterPermissionsUI();
         _permissionsHelper.createPermissionsGroup(GAMMA_SUBMITTER_GROUP_NAME);
         _permissionsHelper.assertPermissionSetting(GAMMA_SUBMITTER_GROUP_NAME, "No Permissions");
         _permissionsHelper.setPermissions(GAMMA_SUBMITTER_GROUP_NAME, "Submitter");
+
         // TODO: Add submitter to a group
         /*
          * I need a way to test submitter, I can't even view a folder where submitter has permissions when
          * impersonating on my local labkey, so may require special page?
          */
+    }
+
+    @Test
+    public void testSteps()
+    {
+        enableEmailRecorder();
+        userPermissionRightsTest();
+    }
+
+    /**
+     * Create some projects, create some groups, permissions for those groups
+     * Create some users, assign to groups and validate the permissions by
+     * impersonating the user.
+     */
+    @LogMethod
+    private void userPermissionRightsTest()
+    {
 
         //Make sure the Editor can edit
         impersonate(GAMMA_EDITOR_USER);
@@ -236,6 +256,33 @@ private void userPermissionRightsTest()
         signIn();
     }
 
+    /*
+        Regression for Secure Issue 51187: Additional automation testing for group audit logs
+     */
+    @Test
+    public void testAuditLogForGroupUpdates()
+    {
+        ApiPermissionsHelper permissionsHelper = new ApiPermissionsHelper(this);
+
+        log("Add user to the group and verify logs");
+        _userHelper.createUser(GAMMA_SUBMITTER_USER);
+        permissionsHelper.addUserToProjGroup(GAMMA_SUBMITTER_USER, getProjectName(), GAMMA_SUBMITTER_GROUP_NAME);
+        verifyAuditLog("User: " + GAMMA_SUBMITTER_USER + " was added as a member to Group: " + GAMMA_SUBMITTER_GROUP_NAME);
+
+        log("Remove user from group and verify logs");
+        goToProjectHome();
+        permissionsHelper.removeUserFromGroup(GAMMA_SUBMITTER_GROUP_NAME, GAMMA_SUBMITTER_USER);
+        verifyAuditLog("User: " + GAMMA_SUBMITTER_USER + " was deleted from Group: " + GAMMA_SUBMITTER_GROUP_NAME);
+    }
+
+    private void verifyAuditLog(String expectedComment)
+    {
+        ShowAuditLogPage showAuditLogPage = goToAdminConsole().clickAuditLog();
+        showAuditLogPage.selectView("Group and role events");
+        DataRegionTable table = showAuditLogPage.getLogTable();
+        Assert.assertEquals("Incorrect audit log record for user getting added to group", expectedComment, table.getDataAsText(0, "Comment"));
+    }
+
     private void clickLinkWithTextNoTarget(String text)
     {
         String href = getAttribute(Locator.linkWithText(text), "href");