diff --git a/src/test/java/org/jenkinsci/plugins/configfiles/ConfigFilesSEC1253Test.java b/src/test/java/org/jenkinsci/plugins/configfiles/ConfigFilesSEC1253Test.java index ad25a30b..8d3d6591 100644 --- a/src/test/java/org/jenkinsci/plugins/configfiles/ConfigFilesSEC1253Test.java +++ b/src/test/java/org/jenkinsci/plugins/configfiles/ConfigFilesSEC1253Test.java @@ -1,6 +1,8 @@ package org.jenkinsci.plugins.configfiles; import org.htmlunit.html.HtmlAnchor; +import org.htmlunit.html.HtmlButton; +import org.htmlunit.html.HtmlElement; import org.htmlunit.html.HtmlForm; import org.htmlunit.html.HtmlInput; import org.htmlunit.html.HtmlPage; @@ -56,20 +58,21 @@ public void regularCaseStillWorking() throws Exception { assertThat(store.getConfigs(), hasSize(1)); HtmlPage configFiles = wc.goTo("configfiles"); - String attribute = j.jenkins.getVersion().isOlderThan(new VersionNumber("2.324")) ? "onclick" : "data-url"; - HtmlAnchor removeAnchor = configFiles.getDocumentElement().getFirstByXPath("//a[contains(@" + attribute + ", 'removeConfig?id=" + CONFIG_ID + "')]"); - - AtomicReference confirmCalled = new AtomicReference<>(false); - wc.setConfirmHandler((page, s) -> { - confirmCalled.set(true); - return true; - }); - - assertThat(confirmCalled.get(), is(false)); - - removeAnchor.click(); - - assertThat(confirmCalled.get(), is(true)); + HtmlAnchor removeAnchor = configFiles.getDocumentElement().getFirstByXPath("//a[contains(@data-url, 'removeConfig?id=" + CONFIG_ID + "')]"); + + if (j.jenkins.getVersion().isOlderThan(new VersionNumber("2.415"))) { + AtomicReference confirmCalled = new AtomicReference<>(false); + wc.setConfirmHandler((page, s) -> { + confirmCalled.set(true); + return true; + }); + assertThat(confirmCalled.get(), is(false)); + removeAnchor.click(); + assertThat(confirmCalled.get(), is(true)); + } else { + HtmlElement document = configFiles.getDocumentElement(); + HtmlElementUtil.clickDialogOkButton(removeAnchor, document); + } assertThat(store.getConfigs(), empty()); } @@ -89,25 +92,27 @@ public void xssPrevention() throws Exception { JenkinsRule.WebClient wc = j.createWebClient(); HtmlPage configFiles = wc.goTo("configfiles"); - String attribute = j.jenkins.getVersion().isOlderThan(new VersionNumber("2.324")) ? "onclick" : "data-url"; - HtmlAnchor removeAnchor = configFiles.getDocumentElement().getFirstByXPath("//a[contains(@" + attribute + ", 'removeConfig?id=" + CONFIG_ID + "')]"); + HtmlAnchor removeAnchor = configFiles.getDocumentElement().getFirstByXPath("//a[contains(@data-url, 'removeConfig?id=" + CONFIG_ID + "')]"); - AtomicReference confirmCalled = new AtomicReference<>(false); AtomicReference alertCalled = new AtomicReference<>(false); - wc.setConfirmHandler((page, s) -> { - confirmCalled.set(true); - return true; - }); wc.setAlertHandler((page, s) -> { alertCalled.set(true); }); - - assertThat(confirmCalled.get(), is(false)); assertThat(alertCalled.get(), is(false)); + if (j.jenkins.getVersion().isOlderThan(new VersionNumber("2.415"))) { + AtomicReference confirmCalled = new AtomicReference<>(false); + wc.setConfirmHandler((page, s) -> { + confirmCalled.set(true); + return true; + }); + assertThat(confirmCalled.get(), is(false)); + removeAnchor.click(); + assertThat(confirmCalled.get(), is(true)); + } else { + HtmlElement document = configFiles.getDocumentElement(); + HtmlElementUtil.clickDialogOkButton(removeAnchor, document); + } - removeAnchor.click(); - - assertThat(confirmCalled.get(), is(true)); assertThat(alertCalled.get(), is(false)); assertThat(store.getConfigs(), empty()); diff --git a/src/test/java/org/jenkinsci/plugins/configfiles/HtmlElementUtil.java b/src/test/java/org/jenkinsci/plugins/configfiles/HtmlElementUtil.java new file mode 100644 index 00000000..47daf86b --- /dev/null +++ b/src/test/java/org/jenkinsci/plugins/configfiles/HtmlElementUtil.java @@ -0,0 +1,35 @@ +package org.jenkinsci.plugins.configfiles; + +import java.io.IOException; +import org.htmlunit.Page; +import org.htmlunit.WebClient; +import org.htmlunit.WebClientUtil; +import org.htmlunit.html.HtmlButton; +import org.htmlunit.html.HtmlElement; + +public class HtmlElementUtil { + public HtmlElementUtil() { + } + + public static void clickDialogOkButton(HtmlElement element, HtmlElement document) throws IOException { + if (element != null) { + boolean var6 = false; + + try { + var6 = true; + element.click(); + var6 = false; + } finally { + if (var6) { + WebClient var4 = element.getPage().getWebClient(); + WebClientUtil.waitForJSExec(var4); + } + } + + WebClient webClient = element.getPage().getWebClient(); + WebClientUtil.waitForJSExec(webClient); + HtmlButton confirmButton = document.getOneHtmlElementByAttribute("button", "data-id", "ok"); + confirmButton.click(); + } + } +} diff --git a/src/test/java/org/jenkinsci/plugins/configfiles/folder/FolderConfigFileActionTest.java b/src/test/java/org/jenkinsci/plugins/configfiles/folder/FolderConfigFileActionTest.java index 663d2c1a..eccb7bbd 100644 --- a/src/test/java/org/jenkinsci/plugins/configfiles/folder/FolderConfigFileActionTest.java +++ b/src/test/java/org/jenkinsci/plugins/configfiles/folder/FolderConfigFileActionTest.java @@ -1,7 +1,9 @@ package org.jenkinsci.plugins.configfiles.folder; import com.cloudbees.hudson.plugins.folder.Folder; +import org.hamcrest.CoreMatchers; import org.htmlunit.html.HtmlAnchor; +import org.htmlunit.html.HtmlElement; import org.htmlunit.html.HtmlPage; import hudson.model.Item; import hudson.util.VersionNumber; @@ -13,6 +15,7 @@ import org.jenkinsci.plugins.configfiles.ConfigFileStore; import org.jenkinsci.plugins.configfiles.ConfigFiles; import org.jenkinsci.plugins.configfiles.GlobalConfigFiles; +import org.jenkinsci.plugins.configfiles.HtmlElementUtil; import org.jenkinsci.plugins.configfiles.custom.CustomConfig; import org.jenkinsci.plugins.configfiles.maven.MavenSettingsConfig; import org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition; @@ -242,18 +245,22 @@ public void xssPreventionInFolder() throws Exception { // Clicking the button works // If we click on the link, it goes via POST, therefore it removes it successfully HtmlPage configFiles = wc.goTo(f1.getUrl() + "configfiles"); - String attribute = r.jenkins.getVersion().isOlderThan(new VersionNumber("2.324")) ? "onclick" : "data-url"; - HtmlAnchor removeAnchor = configFiles.getDocumentElement().getFirstByXPath("//a[contains(@" + attribute + ", 'removeConfig?id=" + CONFIG_ID + "')]"); - - AtomicReference confirmCalled = new AtomicReference<>(false); - wc.setConfirmHandler((page, s) -> { - confirmCalled.set(true); - return true; - }); - - assertThat(confirmCalled.get(), is(false)); - removeAnchor.click(); - assertThat(confirmCalled.get(), is(true)); + HtmlAnchor removeAnchor = configFiles.getDocumentElement().getFirstByXPath("//a[contains(@data-url, 'removeConfig?id=" + CONFIG_ID + "')]"); + + if (r.jenkins.getVersion().isOlderThan(new VersionNumber("2.415"))) { + AtomicReference confirmCalled = new AtomicReference<>(false); + wc.setConfirmHandler((page, s) -> { + confirmCalled.set(true); + return true; + }); + assertThat(confirmCalled.get(), CoreMatchers.is(false)); + removeAnchor.click(); + assertThat(confirmCalled.get(), CoreMatchers.is(true)); + } else { + HtmlElement document = configFiles.getDocumentElement(); + HtmlElementUtil.clickDialogOkButton(removeAnchor, document); + } + assertThat(store.getConfigs(), empty()); } diff --git a/src/test/java/org/jenkinsci/plugins/configfiles/sec/Security2002Test.java b/src/test/java/org/jenkinsci/plugins/configfiles/sec/Security2002Test.java index 99bb536f..0dfc8978 100644 --- a/src/test/java/org/jenkinsci/plugins/configfiles/sec/Security2002Test.java +++ b/src/test/java/org/jenkinsci/plugins/configfiles/sec/Security2002Test.java @@ -1,10 +1,13 @@ package org.jenkinsci.plugins.configfiles.sec; +import org.hamcrest.CoreMatchers; import org.htmlunit.html.HtmlAnchor; +import org.htmlunit.html.HtmlElement; import org.htmlunit.html.HtmlPage; import hudson.util.VersionNumber; import jenkins.model.GlobalConfiguration; import org.jenkinsci.plugins.configfiles.GlobalConfigFiles; +import org.jenkinsci.plugins.configfiles.HtmlElementUtil; import org.jenkinsci.plugins.configfiles.custom.CustomConfig; import org.junit.Rule; import org.junit.Test; @@ -51,18 +54,21 @@ public void xssPrevention() throws Exception { // Clicking the button works // If we click on the link, it goes via POST, therefore it removes it successfully HtmlPage configFiles = wc.goTo("configfiles"); - String attribute = j.jenkins.getVersion().isOlderThan(new VersionNumber("2.324")) ? "onclick" : "data-url"; - HtmlAnchor removeAnchor = configFiles.getDocumentElement().getFirstByXPath("//a[contains(@" + attribute + ", 'removeConfig?id=" + CONFIG_ID + "')]"); + HtmlAnchor removeAnchor = configFiles.getDocumentElement().getFirstByXPath("//a[contains(@data-url, 'removeConfig?id=" + CONFIG_ID + "')]"); - AtomicReference confirmCalled = new AtomicReference<>(false); - wc.setConfirmHandler((page, s) -> { - confirmCalled.set(true); - return true; - }); - - assertThat(confirmCalled.get(), is(false)); - removeAnchor.click(); - assertThat(confirmCalled.get(), is(true)); + if (j.jenkins.getVersion().isOlderThan(new VersionNumber("2.415"))) { + AtomicReference confirmCalled = new AtomicReference<>(false); + wc.setConfirmHandler((page, s) -> { + confirmCalled.set(true); + return true; + }); + assertThat(confirmCalled.get(), CoreMatchers.is(false)); + removeAnchor.click(); + assertThat(confirmCalled.get(), CoreMatchers.is(true)); + } else { + HtmlElement document = configFiles.getDocumentElement(); + HtmlElementUtil.clickDialogOkButton(removeAnchor, document); + } assertThat(store.getConfigs(), empty()); } }