Prosoft Git

ProjectSideBarViewTest.java

Home / azkaban-webserver / src / test / java / azkaban / webapp / servlet / ProjectSideBarViewTest.java

43 lines | 1.269 kB Blame History Raw Download 
package azkaban.webapp.servlet;

import azkaban.fixture.FileAssertion;
import azkaban.fixture.MockProject;
import azkaban.fixture.VelocityContextTestUtil;
import azkaban.fixture.VelocityTemplateTestUtil;
import azkaban.fixture.WebFileAssertion;
import azkaban.project.Project;
import org.apache.velocity.VelocityContext;
import org.junit.Test;


/**
 * Test project side bar view
 */
public class ProjectSideBarViewTest {

  /**
   * Test project side bar view.
   *
   * The project description should be HTML encoded to avoid cross site scripting issues.
   *
   * @throws Exception the exception
   */
  @Test
  public void testProjectSideBarView()
      throws Exception {
    VelocityContext context = VelocityContextTestUtil.getInstance();

    Project project = MockProject.getMockProject();

    // Intentionally tries to inject a Javascript.
    project.setDescription("<script>window.alert(\"hacked\")</script>");

    context.put("project", project);
    context.put("admins", "admin_name");
    context.put("userpermission", "admin_permission");

    String result = VelocityTemplateTestUtil.renderTemplate("projectsidebar", context);
    String actual = FileAssertion.surroundWithHtmlTag(result);
    WebFileAssertion.assertStringEqualFileContent("project-side-bar.html", actual);
  }
}

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github