-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest-csi.sh
executable file
·89 lines (79 loc) · 5.68 KB
/
test-csi.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
#!/bin/bash
# Create user/admin
set -e
USERNAMES=( b0nes epicfail budroid user user2 hackerman"'"'`"`' hackerman hackerman hackerman hackerman )
PASSWORDS=( 12345678 87654321 12345678 18273645 12341234 hackerman "'"'`"`' 123456789 123456789 12341234 )
EMAILS=( [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] "'"'`"`'@mail.nl "'"'`"`'@mail.nl [email protected] bla@mail. )
FIRSTNAMES=( herman tom robert firstnameuser bla bla bla "'"'`"`' hacker )
LASTNAMES=( bonnes hagen knook lastnameuser bla bla bla "'"'`"`' man )
SERVER=localhost:3000/api/v1
# SERVER=https://cysedm.herokuapp.com/api/v1
for (( i=0; i<${#USERNAMES[*]}; i++ )); do
echo "Creating user. ${USERNAMES[$i]}|${PASSWORDS[$i]}|${EMAILS[$i]}|${FIRSTNAMES[$i]}|${LASTNAMES[$i]}"
http -b POST ${SERVER}/user/create \
username=${USERNAMES[$i]} \
password=${PASSWORDS[$i]} \
email=${EMAILS[$i]} \
firstName=${FIRSTNAMES[$i]} \
lastName=${LASTNAMES[$i]}
done
# Login test
for (( i=0; i<${#USERNAMES[*]}; i++ )); do
echo "Logging in with username. ${USERNAMES[$i]}|${PASSWORDS[$i]}"
http -b POST ${SERVER}/user/login login=${USERNAMES[$i]} password=${PASSWORDS[$i]}
echo "Logging in with email. ${EMAILS[$i]}|${PASSWORDS[$i]}"
http -b POST ${SERVER}/user/login login=${EMAILS[$i]} password=${PASSWORDS[$i]}
done
echo "Logging in with only password. ${EMAILS[$i]}|${PASSWORDS[$i]}"
http -b POST ${SERVER}/user/login password=${PASSWORDS[$i]}
# Login and store tokens
ADMIN_TOKEN=$(http -h POST ${SERVER}/user/login login=b0nes password=12345678 | grep authorization | cut -d\ -f2 | tr -d '\r' )
[ "$ADMIN_TOKEN" ] || echo "Token test failed."
USER_TOKEN=$(http -h POST ${SERVER}/user/login login=user password=18273645 | grep authorization | cut -d\ -f2 | tr -d '\r' )
[ "$USER_TOKEN" ] || echo "Username Token test failed."
BUDROID_TOKEN=$(http -h POST ${SERVER}/user/login login=budroid password=12345678 | grep authorization | cut -d\ -f2 | tr -d '\r' )
echo "Admin Token: ${ADMIN_TOKEN}"
echo "User Token: ${USER_TOKEN}"
# Delete a user
echo "Deleting user epicfail without admin credentials."
http -b DELETE ${SERVER}/user/epicfail Authorization:${USER_TOKEN}
echo "Deleting user epicfail with admin credentials."
http -b DELETE ${SERVER}/user/epicfail Authorization:${ADMIN_TOKEN}
# Update a user
echo "Updating user \"user\", logged in as \"user\"."
http -b PUT ${SERVER}/user/user Authorization:${USER_TOKEN} firstName=Tommieboy lastName=Hagendasz
echo "Updating user \"user2\", logged in as \"user\"."
http -b PUT ${SERVER}/user/user2 Authorization:${USER_TOKEN} firstName=bla
echo "Updating user \"user\", logged in as \"b0nes\" (admin)."
http -b PUT ${SERVER}/user/user2 Authorization:${ADMIN_TOKEN} [email protected] password=Welkom2018
echo "Updating user \"user\", logged in as \"b0nes\" (admin) with bogus data."
http -b PUT ${SERVER}/user/user2 Authorization:${ADMIN_TOKEN} [email protected] wtfEvenIsThis=Welkom2018
# Get a user
echo "Getting user \"user2\", logged in as \"user\" (admin)"
http -b GET ${SERVER}/user/user2 Authorization:${USER_TOKEN}
echo "Getting user \"user2\", logged in as \"b0nes\" (admin)"
http -b GET ${SERVER}/user/user2 Authorization:${ADMIN_TOKEN}
echo "Getting user \"user2\" with field firstname, logged in as \"user\" (admin)"
http -b GET ${SERVER}/user/user2/firstName Authorization:${USER_TOKEN}
echo "Getting user \"user2\" with field firstname, logged in as \"b0nes\" (admin)"
http -b GET ${SERVER}/user/user2/firstName Authorization:${ADMIN_TOKEN}
echo "Getting user \"user2\" with field password, logged in as \"b0nes\" (admin)"
http -b GET ${SERVER}/user/user2/PasSwoRd Authorization:${ADMIN_TOKEN}
# Get a message
http -b GET ${SERVER}/message/load Authorization:$USER_TOKEN --verify=no -b
# Get a message
http -b POST ${SERVER}/message/create Authorization:$ADMIN_TOKEN receiver=user content=bladiebladiebla1 --verify=no -b
http -b POST ${SERVER}/message/create Authorization:$ADMIN_TOKEN receiver=user2 content=bladiebladiebla1 --verify=no -b
http -b POST ${SERVER}/message/create Authorization:$ADMIN_TOKEN receiver=user content=bladiebladiebla2 --verify=no -b
http -b POST ${SERVER}/message/create Authorization:$USER_TOKEN receiver=b0nes content=bladiebladiebla3 --verify=no -b
http -b POST ${SERVER}/message/create Authorization:$USER_TOKEN receiver=b0nes content=bladiebladiebla4 --verify=no -b
http -b POST ${SERVER}/message/create Authorization:$BUDROID_TOKEN receiver=b0nes content=Jebenteenkneus --verify=no -b
http -b POST ${SERVER}/message/create Authorization:$USER_TOKEN sender=b0nes receiver=user content= --verify=no -b
http -b POST ${SERVER}/message/create Authorization:$USER_TOKEN sender=b0nes receiver=user content=bladiebladiebla extraparameter=bullshit --verify=no -b
http -b DELETE ${SERVER}/message/delete/1 Authorization:$USER_TOKEN --verify=no
http -b DELETE ${SERVER}/message/delete/7 Authorization:$USER_TOKEN --verify=no
http -b DELETE ${SERVER}/message/delete/3 Authorization:$USER_TOKEN --verify=no
http -b DELETE ${SERVER}/message/delete/3 Authorization:$ADMIN_TOKEN --verify=no
http -b PUT ${SERVER}/message/update id=2 content=blabla Authorization:$USER_TOKEN --verify=no
http -b PUT ${SERVER}/message/update id=2 content=blabla Authorization:$ADMIN_TOKEN --verify=no
http -b GET ${SERVER}/message/read/b0nes Authorization:$USER_TOKEN --verify=no