-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #63 from davewalker5/dast-fixups
Set security headers and cookie origin
- Loading branch information
Showing
13 changed files
with
1,147 additions
and
1,127 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| from src.naturerec_web import create_app | ||
|
|
||
| app = create_app() | ||
| from src.naturerec_web import create_app | ||
|
|
||
| app = create_app() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,127 +1,127 @@ | ||
| import os | ||
| import time | ||
| import platform | ||
| from sqlalchemy import text | ||
| from src.naturerec_model.model import create_database | ||
| from src.naturerec_model.logic import create_user | ||
| from behave import fixture, use_fixture | ||
| from selenium import webdriver | ||
| from selenium.webdriver.common.by import By | ||
| from selenium.common.exceptions import ElementNotInteractableException, NoSuchElementException | ||
| from flask_app_runner import FlaskAppRunner | ||
| from src.naturerec_web import create_app | ||
| from src.naturerec_model.model.database import Engine | ||
| from src.naturerec_model.model.utils import get_project_path | ||
|
|
||
|
|
||
| MAXIMUM_PAGE_LOAD_TIME = 5 | ||
|
|
||
|
|
||
| @fixture | ||
| def start_flask_server(context): | ||
| """ | ||
| Start the Nature Recorder web application on a background thread | ||
| :param context: | ||
| """ | ||
| context.flask_runner = FlaskAppRunner("127.0.0.1", 5000, create_app("development")) | ||
| context.flask_runner.start() | ||
| yield context.flask_runner | ||
|
|
||
| # As this behaves like a context manager, the following is called after the after_all() hook | ||
| context.flask_runner.stop_server() | ||
| context.flask_runner.join() | ||
|
|
||
|
|
||
| @fixture | ||
| def start_selenium_browser(context): | ||
| """ | ||
| Start a web browser to run the behave tests | ||
| :param context: Behave context | ||
| """ | ||
| # Determine the OS and create an appropriate browser instance | ||
| os_name = platform.system() | ||
| if os_name == "Darwin": | ||
| context.browser = webdriver.Safari() | ||
| elif os_name == "Windows": | ||
| context.browser = webdriver.Edge() | ||
| else: | ||
| raise NotImplementedError() | ||
|
|
||
| context.browser.implicitly_wait(MAXIMUM_PAGE_LOAD_TIME) | ||
| yield context.browser | ||
|
|
||
| # As this behaves like a context manager, the following is called after the after_all() hook | ||
| context.browser.close() | ||
|
|
||
|
|
||
| @fixture | ||
| def create_test_database(_): | ||
| """ | ||
| Create and populate the test database | ||
| :param _: Behave context (not used) | ||
| """ | ||
| create_database() | ||
| create_user("behave", "password") | ||
|
|
||
|
|
||
| @fixture | ||
| def login(context): | ||
| """ | ||
| Log in to the application | ||
| :param context: Behave context | ||
| """ | ||
| # Browse to the login page and enter the username and password | ||
| url = context.flask_runner.make_url("auth/login") | ||
| context.browser.get(url) | ||
| context.browser.find_element(By.NAME, "username").send_keys("behave") | ||
| context.browser.find_element(By.NAME, "password").send_keys("password") | ||
|
|
||
| # Click the "login" button | ||
| xpath = f"//*[text()='Login']" | ||
| elements = context.browser.find_elements(By.XPATH, xpath) | ||
| for element in elements: | ||
| try: | ||
| element.click() | ||
| except (ElementNotInteractableException, NoSuchElementException): | ||
| pass | ||
|
|
||
| time.sleep(1) | ||
|
|
||
|
|
||
| def before_all(context): | ||
| """ | ||
| Set up the test environment before any scenarios are run | ||
| :param context: Behave context | ||
| """ | ||
| use_fixture(create_test_database, context) | ||
| use_fixture(start_flask_server, context) | ||
| use_fixture(start_selenium_browser, context) | ||
| use_fixture(login, context) | ||
|
|
||
|
|
||
| def before_scenario(context, scenario): | ||
| """ | ||
| Initialise the database for every scenario | ||
| :param context: Behave context (not used) | ||
| :param scenario: Behave scenario | ||
| """ | ||
| clear_down_script = os.path.join(get_project_path(), "features", "sql", "clear_database.sql") | ||
| with open(clear_down_script, mode="rt", encoding="utf-8") as f: | ||
| for statement in f.readlines(): | ||
| if statement: | ||
| Engine.execute(text(statement)) | ||
|
|
||
|
|
||
| def after_all(_): | ||
| """ | ||
| Tear down the test environment after all scenarios have run | ||
| :param _: Behave context (not used) | ||
| """ | ||
| pass | ||
| import os | ||
| import time | ||
| import platform | ||
| from sqlalchemy import text | ||
| from src.naturerec_model.model import create_database | ||
| from src.naturerec_model.logic import create_user | ||
| from behave import fixture, use_fixture | ||
| from selenium import webdriver | ||
| from selenium.webdriver.common.by import By | ||
| from selenium.common.exceptions import ElementNotInteractableException, NoSuchElementException | ||
| from flask_app_runner import FlaskAppRunner | ||
| from src.naturerec_web import create_app | ||
| from src.naturerec_model.model.database import Engine | ||
| from src.naturerec_model.model.utils import get_project_path | ||
|
|
||
|
|
||
| MAXIMUM_PAGE_LOAD_TIME = 5 | ||
|
|
||
|
|
||
| @fixture | ||
| def start_flask_server(context): | ||
| """ | ||
| Start the Nature Recorder web application on a background thread | ||
| :param context: | ||
| """ | ||
| context.flask_runner = FlaskAppRunner("127.0.0.1", 5000, create_app("development")) | ||
| context.flask_runner.start() | ||
| yield context.flask_runner | ||
|
|
||
| # As this behaves like a context manager, the following is called after the after_all() hook | ||
| context.flask_runner.stop_server() | ||
| context.flask_runner.join() | ||
|
|
||
|
|
||
| @fixture | ||
| def start_selenium_browser(context): | ||
| """ | ||
| Start a web browser to run the behave tests | ||
| :param context: Behave context | ||
| """ | ||
| # Determine the OS and create an appropriate browser instance | ||
| os_name = platform.system() | ||
| if os_name == "Darwin": | ||
| context.browser = webdriver.Safari() | ||
| elif os_name == "Windows": | ||
| context.browser = webdriver.Edge() | ||
| else: | ||
| raise NotImplementedError() | ||
|
|
||
| context.browser.implicitly_wait(MAXIMUM_PAGE_LOAD_TIME) | ||
| yield context.browser | ||
|
|
||
| # As this behaves like a context manager, the following is called after the after_all() hook | ||
| context.browser.close() | ||
|
|
||
|
|
||
| @fixture | ||
| def create_test_database(_): | ||
| """ | ||
| Create and populate the test database | ||
| :param _: Behave context (not used) | ||
| """ | ||
| create_database() | ||
| create_user("behave", "password") | ||
|
|
||
|
|
||
| @fixture | ||
| def login(context): | ||
| """ | ||
| Log in to the application | ||
| :param context: Behave context | ||
| """ | ||
| # Browse to the login page and enter the username and password | ||
| url = context.flask_runner.make_url("auth/login") | ||
| context.browser.get(url) | ||
| context.browser.find_element(By.NAME, "username").send_keys("behave") | ||
| context.browser.find_element(By.NAME, "password").send_keys("password") | ||
|
|
||
| # Click the "login" button | ||
| xpath = f"//*[text()='Login']" | ||
| elements = context.browser.find_elements(By.XPATH, xpath) | ||
| for element in elements: | ||
| try: | ||
| element.click() | ||
| except (ElementNotInteractableException, NoSuchElementException): | ||
| pass | ||
|
|
||
| time.sleep(1) | ||
|
|
||
|
|
||
| def before_all(context): | ||
| """ | ||
| Set up the test environment before any scenarios are run | ||
| :param context: Behave context | ||
| """ | ||
| use_fixture(create_test_database, context) | ||
| use_fixture(start_flask_server, context) | ||
| use_fixture(start_selenium_browser, context) | ||
| use_fixture(login, context) | ||
|
|
||
|
|
||
| def before_scenario(context, scenario): | ||
| """ | ||
| Initialise the database for every scenario | ||
| :param context: Behave context (not used) | ||
| :param scenario: Behave scenario | ||
| """ | ||
| clear_down_script = os.path.join(get_project_path(), "features", "sql", "clear_database.sql") | ||
| with open(clear_down_script, mode="rt", encoding="utf-8") as f: | ||
| for statement in f.readlines(): | ||
| if statement: | ||
| Engine.execute(text(statement)) | ||
|
|
||
|
|
||
| def after_all(_): | ||
| """ | ||
| Tear down the test environment after all scenarios have run | ||
| :param _: Behave context (not used) | ||
| """ | ||
| pass |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,49 +1,49 @@ | ||
| Feature: Sightings Management | ||
| Scenario: List today's sightings | ||
| Given A set of sightings | ||
| | Date | Location | Category | Species | Number | Gender | WithYoung | Notes | | ||
| | TODAY | Test Location | Birds | Blackbird | 1 | Male | No | Some notes | | ||
| | TODAY | Test Location | Mammals | Grey Squirrel | 1 | Unknown | No | More notes | | ||
|
|
||
| When I navigate to the sightings page | ||
| Then There will be 2 sightings in the sightings list | ||
|
|
||
| Scenario: List filtered sightings | ||
| Given A set of sightings | ||
| | Date | Location | Category | Species | Number | Gender | WithYoung | Notes | | ||
| | TODAY | Test Location | Birds | Blackbird | 1 | Male | No | Some notes | | ||
| | TODAY | Test Location | Mammals | Grey Squirrel | 1 | Unknown | No | More notes | | ||
|
|
||
| When I navigate to the sightings page | ||
| And I fill in the sightings filter form | ||
| | Location | Category | Species | | ||
| | Test Location | Mammals | Grey Squirrel | | ||
|
|
||
| And I click on the "Filter Sightings" button | ||
| Then There will be 1 sighting in the sightings list | ||
|
|
||
| Scenario: List today's sightings when there are none | ||
| Given There are no "sightings" in the database | ||
| When I navigate to the sightings page | ||
| Then The sightings list will be empty | ||
|
|
||
| Scenario: Create sighting | ||
| Given A set of locations | ||
| | Name | Address | City | County | Postcode | Country | Latitude | Longitude | | ||
| | Farmoor Reservoir | Cumnor Road | Farmoor | Oxfordshire | OX2 9NS | United Kingdom | 51.75800 | -1.34752 | | ||
|
|
||
| And A set of categories | ||
| | Category | | ||
| | Birds | | ||
|
|
||
| And A set of species | ||
| | Category | Species | | ||
| | Birds | Black-Headed Gull | | ||
|
|
||
| When I navigate to the sightings entry page | ||
| And I fill in the sighting details | ||
| | Date | Location | Category | Species | Number | Gender | WithYoung | | ||
| | TODAY | Farmoor Reservoir | Birds | Black-Headed Gull | 1 | Unknown | No | | ||
|
|
||
| And I click on the "Add Sighting" button | ||
| Then The sighting will be added to the database | ||
| Feature: Sightings Management | ||
| Scenario: List today's sightings | ||
| Given A set of sightings | ||
| | Date | Location | Category | Species | Number | Gender | WithYoung | Notes | | ||
| | TODAY | Test Location | Birds | Blackbird | 1 | Male | No | Some notes | | ||
| | TODAY | Test Location | Mammals | Grey Squirrel | 1 | Unknown | No | More notes | | ||
|
|
||
| When I navigate to the sightings page | ||
| Then There will be 2 sightings in the sightings list | ||
|
|
||
| Scenario: List filtered sightings | ||
| Given A set of sightings | ||
| | Date | Location | Category | Species | Number | Gender | WithYoung | Notes | | ||
| | TODAY | Test Location | Birds | Blackbird | 1 | Male | No | Some notes | | ||
| | TODAY | Test Location | Mammals | Grey Squirrel | 1 | Unknown | No | More notes | | ||
|
|
||
| When I navigate to the sightings page | ||
| And I fill in the sightings filter form | ||
| | Location | Category | Species | | ||
| | Test Location | Mammals | Grey Squirrel | | ||
|
|
||
| And I click on the "Filter Sightings" button | ||
| Then There will be 1 sighting in the sightings list | ||
|
|
||
| Scenario: List today's sightings when there are none | ||
| Given There are no "sightings" in the database | ||
| When I navigate to the sightings page | ||
| Then The sightings list will be empty | ||
|
|
||
| Scenario: Create sighting | ||
| Given A set of locations | ||
| | Name | Address | City | County | Postcode | Country | Latitude | Longitude | | ||
| | Farmoor Reservoir | Cumnor Road | Farmoor | Oxfordshire | OX2 9NS | United Kingdom | 51.75800 | -1.34752 | | ||
|
|
||
| And A set of categories | ||
| | Category | | ||
| | Birds | | ||
|
|
||
| And A set of species | ||
| | Category | Species | | ||
| | Birds | Black-Headed Gull | | ||
|
|
||
| When I navigate to the sightings entry page | ||
| And I fill in the sighting details | ||
| | Date | Location | Category | Species | Number | Gender | WithYoung | | ||
| | TODAY | Farmoor Reservoir | Birds | Black-Headed Gull | 1 | Unknown | No | | ||
|
|
||
| And I click on the "Add Sighting" button | ||
| Then The sighting will be added to the database |
Oops, something went wrong.