Pattern Validation Test Cleanup

jeremiahjstacey · jeremiahjstacey · commit c3870f660439 · 2018-01-22T08:47:34.000-06:00
Adding documentation to the AbstractPatternTest to help with usability.
Extracting message constant to a class var in
EsapiWhitelistValidaitonPatternTests for improved readability.
diff --git a/src/test/java/org/owasp/esapi/reference/AbstractPatternTest.java b/src/test/java/org/owasp/esapi/reference/AbstractPatternTest.java
@@ -7,43 +7,50 @@
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 
-
 /**
- * FIXME:  Document intent of class.  General Function, purpose of creation, intended feature, etc.
- *  Why do people care this exists? 
- * @author Jeremiah
- * @since Jan 20, 2018
- *
+ * Abstract parameterized test case meant to assist with verifying regular expressions in test scope.
+ * <br/>
+ * Sub-classes are expected to provide instances of {@link PatternTestTuple} to this instance.
+ * <br/>
+ * For better test naming output specify {@link PatternTestTuple#description} and use {@code} @Parameters (name="{0}")},
+ * where '0' is the index that the PatternTestTuple reference appears in the constructor.
  */
-@RunWith (Parameterized.class)
+@RunWith(Parameterized.class)
 public abstract class AbstractPatternTest {
-    
+
+    /**
+     * Test tuple for Pattern validation.
+     */
     protected static class PatternTestTuple {
+        /** String value to be tested against the compiled regex reference. */
         String input;
+        /** Regular expression string that will be compiled and be passed the input. */
         String regex;
+        /** Test Expectation whether input should match the compiled regex. */
         boolean shouldMatch;
+        /** Optional field to override the toString value of this tuple. */
         String description;
-        /** {@inheritDoc}*/        
+
+        /** {@inheritDoc} */
         @Override
         public String toString() {
-           return description != null ? description : regex;
+            return description != null ? description : regex;
         }
     }
 
     private String input;
     private Pattern pattern;
     private boolean shouldMatch;
-    
-    
+
     public AbstractPatternTest(PatternTestTuple tuple) {
         this.input = tuple.input;
         this.pattern = Pattern.compile(tuple.regex);
         this.shouldMatch = tuple.shouldMatch;
     }
-    
+
     @Test
     public void checkPatternMatches() {
         Assert.assertEquals(shouldMatch, pattern.matcher(input).matches());
     }
-    
+
 }
diff --git a/src/test/java/org/owasp/esapi/reference/EsapiWhitelistValidationPatternTester.java b/src/test/java/org/owasp/esapi/reference/EsapiWhitelistValidationPatternTester.java
@@ -10,36 +10,38 @@
 /**
  * Extension of the AbstractPatternTest which focuses on asserting that the default whitelist regex values applied in
  * the validation process are performing the intended function in the environment.
- * 
  * <br/>
- * 
  * If the regex values in this test are found to not match the running environment configurations, then the tests will
  * be skipped.
  *
  * @author Jeremiah
  * @since Jan 20, 2018
  */
 public class EsapiWhitelistValidationPatternTester extends AbstractPatternTest {
-    //See ESAPI.properties
-    private static final String HTTP_QUERY_STRING_PROP_NAME="HTTPQueryString";
-    private static final String HTTP_QUERY_STRING_REGEX="^([a-zA-Z0-9_\\-]{1,32}=[\\p{L}\\p{N}.\\-/+=_ !$*?@%]*&?)*$";
+    // See ESAPI.properties
+    private static final String HTTP_QUERY_STRING_PROP_NAME = "HTTPQueryString";
+    private static final String HTTP_QUERY_STRING_REGEX = "^([a-zA-Z0-9_\\-]{1,32}=[\\p{L}\\p{N}.\\-/+=_ !$*?@%]*&?)*$";
+
+    private static final String CONFIGURATION_PATTERN_MISMATCH_MESSAGE = "The regular expression specified does not match the configuration settings.\n"
+        + "If the value was changed from the ESAPI default, it is recommended to copy "
+        + "this class into your project, update the regex being tested, and update all "
+        + "associated input expectations for your unique environment.";
 
     @Parameters(name = "{0}-{1}")
     public static Collection<Object[]> createDefaultPatternTests() {
         Collection<Object[]> parameters = new ArrayList<>();
-        
-        for(PatternTestTuple tuple : buildHttpQueryStringTests()) {
+
+        for (PatternTestTuple tuple : buildHttpQueryStringTests()) {
             parameters.add(new Object[] { HTTP_QUERY_STRING_PROP_NAME, tuple });
         }
 
-        
         return parameters;
     }
-    
+
     private static Collection<PatternTestTuple> buildHttpQueryStringTests() {
-        Collection <PatternTestTuple> httpQueryStringTests = new ArrayList<>();
-        
-        //MATCHING CASES
+        Collection<PatternTestTuple> httpQueryStringTests = new ArrayList<>();
+
+        // MATCHING CASES
         PatternTestTuple tuple = newHttpQueryStringTuple("Default Case", "b", true);
         httpQueryStringTests.add(tuple);
         tuple = newHttpQueryStringTuple("Percent Encoded Value", "%62", true);
@@ -48,27 +50,27 @@ private static Collection<PatternTestTuple> buildHttpQueryStringTests() {
         httpQueryStringTests.add(tuple);
         tuple = newHttpQueryStringTuple("Double Equals", "=", true);
         httpQueryStringTests.add(tuple);
-        
-        //NON-MATCHING CASES
+
+        // NON-MATCHING CASES
         tuple = newHttpQueryStringTuple("Ampersand In Value", "&b", false);
         httpQueryStringTests.add(tuple);
-        tuple = newHttpQueryStringTuple("Null Character", ""+Character.MIN_VALUE, false);
+        tuple = newHttpQueryStringTuple("Null Character", "" + Character.MIN_VALUE, false);
         httpQueryStringTests.add(tuple);
         tuple = newHttpQueryStringTuple("Encoded Null Character", "\u0000", false);
         httpQueryStringTests.add(tuple);
-        
+
         return httpQueryStringTests;
     }
 
     private static PatternTestTuple newHttpQueryStringTuple(String description, String value, boolean shouldPass) {
         PatternTestTuple tuple = new PatternTestTuple();
-        tuple.input = "a="+value;
+        tuple.input = "a=" + value;
         tuple.shouldMatch = shouldPass;
         tuple.regex = HTTP_QUERY_STRING_REGEX;
         tuple.description = description;
         return tuple;
     }
-   
+
     public EsapiWhitelistValidationPatternTester(String property, PatternTestTuple tuple) {
         super(tuple);
         /*
@@ -80,12 +82,8 @@ public EsapiWhitelistValidationPatternTester(String property, PatternTestTuple t
          * behavior.
          */
         DefaultSecurityConfiguration configuration = new DefaultSecurityConfiguration();
-        Assume.assumeTrue(
-            "The regular expression specified does not match the configuration settings.\n"
-            + "If the value was changed from the ESAPI default, it is recommended to copy "
-            + "this class into your project, update the regex being tested, and update all "
-            + "associated input expectations for your unique environment.",
-            configuration.getValidationPattern(property).toString().equals(tuple.regex));
+        Assume.assumeTrue(CONFIGURATION_PATTERN_MISMATCH_MESSAGE, configuration.getValidationPattern(property)
+            .toString().equals(tuple.regex));
     }
 
 }
