Applications often have login screens. Testing a secured web application requires us to capture the login process as a custom action. That way, we can re-use it repeatedly for as many scenarios as we need.
java -jar selenium-server.jar
.satchmo
store application isn't already running, start it up in another shell or window by typing: python
manage.py
runserver
.With the following steps, we will exercise a web application's security and then see how to extend Pyccuracy by creating a custom action that does the same:
recipe37.acc
to contain this recipe's scenario.As a system administrator I want to login to Django's admin page So that I can check the product catalog.
Scenario 1 - Logging in to the admin page Given I go to "http://localhost:8000/admin" When I fill "username" textbox with "gturnquist" And I fill "password" textbox with "password" And I click "login" button and wait Then I see that current page contains "<a href="product/product/">Products</a>"
Scenario 2 - Check product catalog Given I am logged in with username "gturnquist" and password "password" When I click "Products" link and wait Then I see that current page contains "robot-attack"
recipe37.py
containing a custom defined action.from pyccuracy.actions import ActionBase from pyccuracy.errors import * class LoggedInAction(ActionBase): regex = r'(And )?I am logged in with username ["](?P<username>.+)["] and password ["](?P<password>.+)["]$' def execute(self, context, username, password): self.execute_action(u'I go to "http://localhost:8000/admin"', context) logged_in = False try: self.execute_action( u'And I see that current page contains "id_username"', context) except ActionFailedError: logged_in = True if not logged_in: self.execute_action(u'And I fill "username" textbox with "%s"' % username, context) self.execute_action(u'And I fill "password" textbox with "%s"' % password, context) self.execute_action(u'And I click "login" button', context)
pyccuracy_console -p recipe37.acc
.The first scenario shows the simple steps needed to exercise the login screen. After having proven the login screen works, it becomes cumbersome to repeat this procedure for more scenarios.
To handle this, we create a custom action in Python by extending ActionBase
. Custom actions require a regular expression to define the DSL text. Next, we define an execute
method to include a combination of application logic and Pyccuracy steps to execute. Essentially, we can define a set of steps to automatically execute actions and dynamically handle different situations.
In our situation, we coded it to handle whether or not the user was already logged in. With this custom action, we built the second scenario, and handled logging in with a single statement, allowing us to move on and test the core part of our scenario.
3.148.104.242