spring boot – JUnit test Mocking test case for Springboot App

Working on a Springboot app, which has a method to make a call to external rest API and get some response. This response is a number between 1 and 100. I am using a simple if else loop to check if number is less than or greater than 50.

This works fine. But as I am new to Springboot, I am not able to write a Junit test case for this. I am not sure how to Mock this.

Controller

private final Logger logger = LoggerFactory.getLogger(getClass());
private static RestTemplate restTemplate1 = new RestTemplate();
private static final String baseURL = "url/path";

@GetMapping("/compare")
public String compareToFifty() {
    
    ResponseEntity<String> responseEntity = restTemplate1.getForEntity(baseURL, String.class);
    String response1 = responseEntity.getBody();
    
    String message = "Could not determine comparison";
    
    if (Integer.parseInt(response1) > 50) {
        message = "Greater than 50";
        logger.info(message);
    } else {
        message = "Smaller than or equal to 50";
        logger.info(message);
    }

    return message;
}

I add some Junit test case after seeing some examples but it doesn’t work. How do I mock the external rest API. For now lets assume the external API is not reachable for Junit cases.

   @Test
    public void smallerThanOrEqualToFiftyMessage() throws Exception {
        this.mockMvc.perform(get("/compare")).andDo(print()).andExpect(status().isOk())
                .andExpect(content().string("Smaller than or equal to 50"));
    }

network – How can I test if a DNS Server is vulnerable to zone transfers with its IP?

How can I check if a DNS Server (let’s say a DNS Server inside a private network) is vulnerable to zone transfer attacks when I only have its IP?

I do not have any domain names. I see all these tools like dig, dnsenum, fierce and so on using a domain as a parameter and I do not know which domain I should use as a parameter when the only thing I have is the DNS server IP.

continuous integration – Test coverage highlight in Bitbucket cloud

We are using AWS Codepipeline for CI/CD and do not intend to change that. Our codebase is in the BitBucket cloud. We would like to see a couple of things highlighted in the Bitbucket dashboard itself when the pull request is created:

  1. The test coverage (Maybe Sonarqube) – Open for recommendations
  2. Successful build

Is it reasonable to use the Bitbucket pipeline just for the successful build check and the test coverage to show in Bitbucket Dashboard?

Is there an alternate/better way to do it?

android – Basic Espresso test

I am trying to get a grip on Android UI testing, and from a lot of trying and examples, I figured out this (working test):

@Test
public void FirstScan_ShouldSetSource() {
    try(ActivityScenario<ManualMoveActivity> scenario  = ActivityScenario.launch(ManualMoveActivity.class)) {
        scenario.onActivity(activity -> {
            activity.onBarcode("CODE");
        });

        onView(withId(R.id.tvSource)).check(matches(withText("CODE")));
    }
}

I have a few questions on this:

  1. What is the syntax of that try() method? Googling it gives info on try.catch, but this seems to be something different.
  2. Can I somehow get that try() part in a constructor? Having to copy this quite verbose statement in each test that needs the Activity seems annoying.

penetration test – What are the ways to attack the client if you have full control of the server, over an RDP or SSH connection?

I am not sure whether I accurately captured this question with the title, so let me explain it.

I have a penetration testing scenario where I am on the network with two machines, Machine A and Machine B. I have complete control over Machine B and am trying to leverage that to get access to Machine A. Machine A appears to be some variant of Linux (I pinged it and the response had a TTL value of 64, but I know this could be spoofed which is why it is only my guess), and Machine B is Ubuntu Linux.

An nmap scan of Machine A found that port 443 was open and port 22 was filtered. I have drawn the conclusion that Machine A accepts SSH connections via port 22, but behind some rule or firewall.

Machine A acts as a bastion, so the web application on port 443 (which I have already tested for vulnerabilities and found none) lets authenticated users have an interactive RDP or SSH session with machines on the network, from the context of Machine A. So I can log into the web application that Machine A is hosting and connect via a browser over to Machine B via RDP or SSH.

Because I have full control over Machine B and can get Machine A to connect to it, what RDP or SSH attacks are there that I can leverage? I am thinking primarily of whether or not there’s a way to have Machine B make Machine A redirect the session to localhost, which would mean Machine A would connect back to itself over SSH in a session I can interact with.

Note: I am aware of SSH reverse tunneling, but that requires special configuration on Machine A’s side when the connection is established, and I don’t have access to that.

unit testing – TDD vs Test Automation

TDD and Test Automation

I can see many responses online, but they all contradict with each other and/or not straight forward answers with some hypothetical answers/assumptions.

  1. So what is the real difference between TDD and Test Automation ? Can TDD and dedicated test automation exist together in the same place / organisation ? (OR can only 1 of the two exist?) ?

  2. Why should a developer write automation tests instead of focussing on his core job – Development / code changes (unless the development team doesn’t have anything else to do) ? Ofcourse he can have
    automated unit tests to satisfy his requirements for tests.

  3. Can we write End to End integration tests using TDD ? Also Is TDD even possible for enterprise level apps ?

  4. Does it even make sense to build a automated test when the application didn’t exist in first place ? What if this code that you initially write has a bug ? How different will this be to build a app – Have manual testing team do the testing and ensure all works fine and then automate the manual tests and keep re-using automated tests(and maintaining this) throughout the product life except for the fact that you code the test before building the app.

Please answer all questions one by one.

Mission Control (expose) disabled by CASSPP test setup

I recently setup my son’s 10.15.7 OS X mb pro to take the CASSPP test. They require that you load up a special profile that turns off a bunch of stuff, as described here:

https://ca-toms-help.ets.org/spring-21-parents-guardians/download-secure-browser/mac-big-sur/

That all went fine, as did, for the most part, the annoying mess of manual stuff you have to do to undo the damage wrought by installing the new profile. (See section “Steps to Restore Settings”). Everything came back EXCEPT mission control (expose). I usually have expose hooked to my hot corners, and I can hook pretty much anything else (e.g., enter screen saver) to the hot corners and they work fine, but expose (mission control) seems to be simply dead. It’s not dead for other accounts, just the one we did the new profile to. And it’s dead to the function keys as well (f3, I guess). I even tried using terminal commands (defaults), rebooting multiple times, resetting the SCM — pretty much everything you can think of, but I can’t get mc/expose to work.

Any further advice on how to force it on?

Thanks!

covid 19 – Do I need to quarantine in Poland when I have a negative test after arriving from outside the Schengen area?

I have a question regarding required quarantine in Poland. There are two websites I do not get which one is correct?

https://www.gov.pl/web/coronavirus/travel

Stated that Since 23 January, persons holding a negative result of a test for SARS-CoV-2 are exempt from the obligation to undergo quarantine. The test must be conducted before crossing the border and is valid for 48 hours from the moment of receiving the result.

https://www.gov.pl/web/gsse-warszawa/od-30-marca-nowe-zasady-dotyczace-kwarantanny-dla-przyjezdzajacych-do-polski

Stated that On the other hand, those arriving from outside the Schengen area will be sent to quarantine without exception, regardless of the test they have. Vaccinated people will be released from quarantine. The new rules will apply from Tuesday, March 30.

And the border police (last sentence)

https://www.strazgraniczna.pl/pl/aktualnosci/8884,Koronawirus-wjazd-do-Polski.html

The latest update which I did not understand is number 30:

https://www.strazgraniczna.pl/pl/cudzoziemcy/covid-epidemia-koronawi/8578,Outbreak-of-coronavirus-rules-of-entry-and-stay-on-the-territory-of-the-Republic.html

java – Need Feedback on JUnit test comparing two timestamps

I am writng a JUnit test case for the below methods :

public final class LoggerService implements ILoggerService {

  private Logger logger;
  
  private <T> LoggerService(T type){
    logger = LoggerFactory.getLogger((Class<?>) type);
  }

  public static <T> LoggerService getLoggerService(T type){
    return new LoggerService(type);
  }

  @Override
  public Long startTimeFrame() {
    return new Date().getTime();
  }

  @Override
  public Long stopTimeFrame() {
    return new Date().getTime() - startTimeFrame;
  }   
 
  }

}

The simple JUnit test is :


@Test
public void testStartTimeFrame(){
   LoggerService loggerService = LoggerService.getLoggerService(LoggerServiceTest.class);
   assertEquals(new Date().getTime(), loggerService.startTimeFrame());
}

Is this an efficient test case ? Is there any chance that this test could fail sometimes ?
Please suggest how I can improve this

usability testing – How to test an onboarding?

I have to test an onboarding, and I’m pretty blocked because I’m running out of ideas for tasks for the testing.

It’s an onboarding of 12 steps showing the product and showing step by step how to use it.

I thought to let users go through it and then ask them to perform some of the tasks explained previously to see if it was clear.

Do you have any suggestions?