ctrlv-privatebin/tst
2020-02-05 19:30:14 +01:00
..
Data documentation on fnv1a64 is lacking, but tests show it was only introduced with PHP 5.6 2019-05-10 22:46:39 +02:00
Persistence cleanup of PurgeLimiter #342 2018-07-29 16:05:57 +02:00
Bootstrap.php fix display of v2 pastes in JS, fixing parsing of comments in PHP, avoid exposing expiration date (we provide time_to_live, would allow calculation of creation date of paste) 2019-05-15 07:44:03 +02:00
ConfigurationTest.php adding unit tests for the new confi file env variable 2019-12-25 07:58:14 +01:00
ConfigurationTestGenerator.php fixing configuration test generator after PHP refactoring 2019-07-08 19:56:05 +02:00
ControllerTest.php apply StyleCI patch 2019-05-19 08:36:37 +02:00
ControllerWithDbTest.php fix display of v2 pastes in JS, fixing parsing of comments in PHP, avoid exposing expiration date (we provide time_to_live, would allow calculation of creation date of paste) 2019-05-15 07:44:03 +02:00
FilterTest.php update minimum required PHP version to 5.6 and replace slowEquals() with native hash_equals() function 2020-02-05 19:30:14 +01:00
FormatV2Test.php apply StyleCI patch 2019-05-10 21:45:34 +02:00
I18nTest.php apply StyleCI recommendation 2020-02-01 09:39:14 +01:00
IconTest adding icon generator comparison test script for reference in #148 2019-06-16 09:16:50 +02:00
JsonApiTest.php switching to full JSON API without POST array use, ensure all JSON operations are done with error detection 2019-05-13 22:31:52 +02:00
ModelTest.php removing dead code and improving code coverage 2019-05-11 22:18:35 +02:00
phpunit.xml starting to work on JSVerify & Mocha based unit tests for our JS code base 2017-01-29 14:31:44 +01:00
README.md simplify npm install instructions 2019-06-24 07:41:12 +02:00
RequestTest.php switching to full JSON API without POST array use, ensure all JSON operations are done with error detection 2019-05-13 22:31:52 +02:00
ViewTest.php removing untranslated string for non-human entities, moving insecure notice to template, so it can remains translated 2019-09-19 19:14:48 +02:00
Vizhash16x16Test.php applying patch based on StyleCI ruleset 2016-10-29 10:24:08 +02:00

Running all unit tests

Since it is non-trivial to setup all dependencies for our unit testing suite, we provide a docker image that bundles all of them into one container, both phpunit for PHP and mocha for JS.

You can fetch and run the image from the docker hub like this:

docker run --rm --read-only -v ~/PrivateBin:/srv:ro privatebin/unit-testing

The parameters in detail:

  • -v ~/PrivateBin:/srv:ro - Replace ~/PrivateBin with the location of the checked out PrivateBin repository on your machine. It is recommended to mount it read-only, which guarantees that your repository isn't damaged by an accidentally destructive test case in it.
  • --read-only - This image supports running in read-only mode. Only /tmp may be written into.
  • -rm - Remove the container after the run. This saves you doing a cleanup on your docker environment, if you run the image frequently.

You can also run just the php and javascript test suites instead of both:

docker run --rm --read-only -v ~/PrivateBin:/srv:ro privatebin/unit-testing phpunit
docker run --rm --read-only -v ~/PrivateBin:/srv:ro privatebin/unit-testing mocha

We also provide a Janitor image that includes the Cloud9 and Theia WebIDEs as well as the integrated unit testing utilities. See our docker wiki page for further details on this.

Running PHP unit tests

In order to run these tests, you will need to install the following packages and their dependencies:

  • phpunit
  • php-gd
  • php-sqlite3
  • php-xdebug (for code coverage reports)

Example for Debian and Ubuntu:

$ sudo apt install phpunit php-gd php-sqlite3 php-xdebug

To run the tests, change into the tst directory and run phpunit:

$ cd PrivateBin/tst
$ phpunit

Additionally there is the ConfigurationTestGenerator. Based on the configurations defined in its constructor, it generates the unit test file tst/ConfigurationCombinationsTest.php, containing all possible combinations of these configurations and tests for (most of the) valid combinations. Some of combinations can't be tested with this method, i.e. a valid option combined with an invalid one. Other very specific test cases (i.e. to trigger multiple errors) are covered in tst/PrivateBinTest.php. Here is how to generate the configuration test and run it:

$ cd PrivateBin/tst
$ php ConfigurationTestGenerator.php
$ phpunit ConfigurationCombinationsTest.php

Note that it can take an hour or longer to run the several thousand tests.

Running JavaScript unit tests

In order to run these tests, you will need to install the following packages and its dependencies:

  • npm

Then you can use the node package manager to install the latest stable release of mocha and nyc (for code coverage reports) globally and jsVerify, jsdom and jsdom-global locally:

$ npm install -g mocha nyc
$ cd PrivateBin/js
$ npm install

Example for Debian and Ubuntu, including steps to allow the current user to install node modules globally:

$ sudo apt install npm
$ sudo mkdir /usr/local/lib/node_modules
$ sudo chown -R $(whoami) $(npm config get prefix)/{lib/node_modules,bin,share}
$ ln -s /usr/bin/nodejs /usr/local/bin/node
$ npm install -g mocha nyc
$ cd PrivateBin/js
$ npm install

To run the tests, just change into the js directory and run istanbul:

$ cd PrivateBin/js
$ nyc mocha

Property based unit testing

In the JavaScript unit tests we use the JSVerify library to leverage property based unit testing. Instead of artificially creating specific test cases to cover all relevant paths of the tested code (with the generated coverage reports providing means to check the tested paths), property based testing allows us to describe the patterns of data that are valid input.

With each run of the tests, for each jsc.property 100 random inputs are generated and tested. For example we tell the test to generate random strings, which will include empty strings, numeric strings, long strings, unicode sequences, etc. This is great for finding corner cases that one might not think of when explicitly writing one test case at a time.

There is another benefit, too: When an error is found, JSVerify will try to find the smallest, still failing test case for you and print this out including the associated random number generator (RNG) state, so you can reproduce it easily:

[...]

  30 passing (3s)
  1 failing

  1) Helper getCookie returns the requested cookie:
     Error: Failed after 30 tests and 11 shrinks. rngState: 88caf85079d32e416b; Counterexample: ["{", "9", "9", "YD8%fT"]; [" ", "_|K:"]; 

[...]

Of course it may just be that you need to adjust a test case if the random pattern generated is ambiguous. In the above example the cookie string would contain two identical keys "9", something that may not be valid, but that our code could encounter and needs to be able to handle.

After you adjusted the code of the library or the test you can rerun the test with the same RNG state as follows:

$ nyc mocha test --jsverifyRngState 88caf85079d32e416b