|
| 1 | +/** |
| 2 | + * @file plugins/generic/ashSecurityHeaders/cypress/tests/ashSecurityHeaders.cy.js |
| 3 | + * |
| 4 | + * Copyright (c) 2021-2025 AshVisualTheme |
| 5 | + * Copyright (c) 2014-2025 Simon Fraser University |
| 6 | + * Copyright (c) 2003-2025 John Willinsky |
| 7 | + * |
| 8 | + * @brief Test for the ashSecurityHeaders plugin settings UI. |
| 9 | + */ |
| 10 | + |
| 11 | +const pluginRowId = 'component-grid-settings-plugins-settingsplugingrid-category-generic-row-ashsecurityheadersplugin'; |
| 12 | + |
| 13 | +function openSettingsModal() { |
| 14 | + cy.get('nav a:contains("Website")').click(); |
| 15 | + cy.get('button#plugins-button').click(); |
| 16 | + |
| 17 | + cy.get('#' + pluginRowId + ' .show_extras').click(); |
| 18 | + cy.get('a[id^=' + pluginRowId + '-settings-button]').click(); |
| 19 | + |
| 20 | + cy.get('#ashSecurityHeadersSettings', { timeout: 10000 }).should('be.visible'); |
| 21 | +} |
| 22 | + |
| 23 | +describe('Security Headers Plugin UI Tests', function() { |
| 24 | + beforeEach(() => { |
| 25 | + cy.setLocale('en_US'); |
| 26 | + cy.login('admin', 'admin', 'publicknowledge'); |
| 27 | + cy.get('nav a:contains("Settings")').click(); |
| 28 | + }); |
| 29 | + |
| 30 | + it('Saves a custom header value and verifies it is stored', function() { |
| 31 | + const customValue = 'DENY'; |
| 32 | + const defaultValue = 'SAMEORIGIN'; |
| 33 | + |
| 34 | + openSettingsModal(); |
| 35 | + |
| 36 | + cy.get('input#headerXfo').clear().type(customValue); |
| 37 | + cy.get('#ashSecurityHeadersSettings button:contains("Save")').click(); |
| 38 | + |
| 39 | + cy.get('.pkp_notification:contains("Changes saved")').should('be.visible'); |
| 40 | + cy.get('.pkp_notification:contains("Changes saved")').should('not.exist'); |
| 41 | + cy.get('div.pkp_modal_close').click(); |
| 42 | + |
| 43 | + openSettingsModal(); |
| 44 | + cy.get('input#headerXfo').should('have.value', customValue); |
| 45 | + |
| 46 | + cy.get('input#headerXfo').clear().type(defaultValue); |
| 47 | + cy.get('#ashSecurityHeadersSettings button:contains("Save")').click(); |
| 48 | + cy.get('.pkp_notification:contains("Changes saved")').should('not.exist'); |
| 49 | + }); |
| 50 | + |
| 51 | + it('Disables a header by saving an empty value', function() { |
| 52 | + const defaultValue = 'SAMEORIGIN'; |
| 53 | + |
| 54 | + openSettingsModal(); |
| 55 | + |
| 56 | + cy.get('input#headerXfo').clear(); |
| 57 | + cy.get('#ashSecurityHeadersSettings button:contains("Save")').click(); |
| 58 | + |
| 59 | + cy.get('.pkp_notification:contains("Changes saved")').should('be.visible'); |
| 60 | + cy.get('.pkp_notification:contains("Changes saved")').should('not.exist'); |
| 61 | + cy.get('div.pkp_modal_close').click(); |
| 62 | + |
| 63 | + openSettingsModal(); |
| 64 | + cy.get('input#headerXfo').should('have.value', ''); |
| 65 | + |
| 66 | + cy.get('input#headerXfo').clear().type(defaultValue); |
| 67 | + cy.get('#ashSecurityHeadersSettings button:contains("Save")').click(); |
| 68 | + cy.get('.pkp_notification:contains("Changes saved")').should('not.exist'); |
| 69 | + }); |
| 70 | +}); |
0 commit comments