search

globaleaks / GlobaLeaks

GlobaLeaks is free, open source software enabling anyone to easily set up and maintain a secure whistleblowing platform.
https://www.globaleaks.org
Other
1.2k stars 262 forks source link

Add front end unit testing to improve software quality and maintainability #2096

Open NSkelsey opened 6 years ago

NSkelsey commented 6 years ago

Current behavior

The application's testing covers the backend via unit tests, the frontend interface via end-to-end tests and a tiny part of the backends API via jasmine tests. We lack testing of libraries and functions used in the frontend by the frontend. Our work on browser based cryptography requires this sort of testing if we are ever going to push it into production because

1) We need to ensure the implemented API corresponds with the API specified 2) We need to ensure cross-compatibility across different browsers 3) We need a way to gradually introduce functionality with out dumping every piece of the code into the frontend all at once.

Expected behavior

This project will use Mocha framework along with other npm libraries to produce a set of unit tests executable and testable with our existing Saucelabs infrastructure and independently on developers machines.

Feature illustration

The implementation of unit testing frontend testing will look like mocha's sample and be structured similar to OpenPGPjs's testing setup.

Client Operating System and Version (if applicable):

Adding testing on all supported and planned supported clients is a goal.

NSkelsey commented 6 years ago

Quick update, the test suite has 19 functional tests which cover things like key gen, password change, some encryption functions and PBKDF with scrypt. When running in a web browser this is what the results look like:

unittests

To run this you need to:

1) Checkout feature/js-unit 2) Run cd client/ 2) Run grunt unittest 3) Run python -m SimpleHTTPServer 4) Visit http://localhost:8000/tests/unit with a browser

NSkelsey commented 6 years ago

Some notes on work towards improving our code coverage as of b8ebc0a1ce8aff1d0e74a1ecb77a903f0dc0c893

With the node libraries grunt-mocha-istanbul and webworker-threads, the file /tests/unit/node-angular-shim.js and the removal of the load of GLClient from tests/unit/module.js , it is possible to generate a minimal coverage.json file that includes functions that our protractor tests would have a bunch of difficulty covering.

To setup these tests one must install:

> npm install # get new deps
> grunt mocha-coverage-report

There is an unresolved issue with the interaction of opengpgjs, scrypt and webworkers executing in the node environment that leaves many of the GLBrowserCrypto functions broken. The failure leaves node running at 100% hanging on to what seem to be multiple failed tests like so:


$ grunt mocha-coverage-report
Running "mocha_istanbul:coverage" (mocha_istanbul) task
  GLUnitTest
    Test Environment
      ✓ syncPromise
      ✓ syncPromiseErr
      ✓ asyncPromiseTimeout
      ✓ asyncPromiseTimeoutErr

  GLBrowserCrypto
    glbcUtil
      ✓ str2Uint8Array produces real arrays
    glbcCipherLib
      ✓ loadPublicKeys (937ms)
      ✓ encryptAndSignMessage (1484ms)
    glbcKeyLib
      1) deriveUserPassword
      2) scrypt
   .
   .
   # hangs here

I think a way forward is checking the compatibity of various libraries we use against the node environment. Scrypt may very well be the culprit here.