| Path: | rinject.rb |
| Last Update: | Tue Sep 09 06:33:12 +0200 2008 |
RInject.rb: RInject is a tool for automated testing of web applications and services. It can be used to test HTTP(S) interfaces for service-level monitoring. Compared to WebInject, RInject has a more powerful verification- and parsing-engine.
*Author*:
Benedikt Koeppel
http://muasch.ch
mailto:be.public@gmail.com
*Licence*:
RInject: automated testing of web applications and services
Copyright (C) 2008 Benedikt A. Koeppel
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, see <http://www.gnu.org/licenses/>.
*Usage*:
+rinject.rb [options]+
-c --config CONFIG: Specify config-file
-o --output OUTPUT: Specify output-location
-n --no-output: Disable any output
-C --cases CASES: From where to load testcases
-h --help: Help
RInject reads all testcases from the file, specified with -C or --cases
Syntax for XML-File:
<testcases repeat="1">
<!-- +comment+ -->
<!-- basic schema of XML file -->
<case id="+id+" sleep="+seconds+" log="+error|all|request|response|none+">
<description>+description+</description>
<error>+error message+</error>
<request method="+get|post+" url="+url+">
<post type="+enctype+">
<postarg name="+name1+" value="+value1+" />
<postarg name="+nameN+" value="+valueN+" />
</post>
<header name="+header-name1+" value="+header-value1+" />
<header name="+header-nameN+" value="+header-valueN+" />
<httpauth username="+username+" password="+password"+ />
</request>
<response>
<verify name="+verification-name1+" error="+errormessage1+" exp="+regular expression1+" type="+positive|negative+" />
<verify name="+verification-nameN+" error="+errormessageN+" exp="+regular expressionN+" type="+positive|negative+" />
<parse name="+parse-variable-name1+" exp="+regular expression1+" escape="+false|true+" default="+default-value1+" />
<parse name="+parse-variable-nameN+" exp="+regular expressionN+" escape="+false|true+" default="+default-valueN+" />
</response>
</case>
<!-- two examples -->
<!-- example 1:
- send POST-data to http://example.net/login.php with two additional headers
- verify that responsecode is 200
- verify that "Welcome Mr." or "Welcome Mrs." is in the source of the website
- verify that "Failed to connect to" is *not* in the source of the website
- read what's after "Welcome Mr." or "Welcome Mrs." in between to "!" and save this string as ${Username}
-->
<case id="1" sleep="0" log="error">
<description>POST Login to http://example.net/login.php</description>
<error>POST Login failed!</error>
<request method="post" url="http://example.net/login.php">
<post type="application/x-www-form-urlencoded">
<postarg name="username" value="rinject" />
<postarg name="password" value="PW01234:" />
<postarg name="submit" value="true" />
</post>
<header name="UserAgent" value="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" />
<header name="Referer" value="http://example.net/index.php" />
</request>
<response>
<verify name="HTTP responsecode" error="HTTP code 200 expected" exp="HTTP\/[\d]\.[\d] 200" type="positive" />
<verify name="Successfully logged in" error="Welcome-String not found" exp="Welcome (Mr\.|Mrs\.)" type="positive" />
<verify name="Database is not working" error="DB is not working" exp="Failed to connect to" type="negative" />
<parse name="Username" exp="Welcome (Mr\.|Mrs\.) (.*?)!" escape="false" default="" />
</response>
</case>
<!-- example 2:
- send GET-request to http://example.net/users/${Username} where ${Username} is the variable from case 1
- verify that responsecode is 200
- verify that "Userinformation for ${Username}" is in the source of the website
-->
<case id="2" sleep="0" log="error">
<description>View user details</description>
<error>User details can't be displayed</error>
<request method="get" url="http://example.net/users/${Username}" />
<response>
<verify name="HTTP responsecode" error="HTTP code 200 expected" exp="HTTP\/[\d]\.[\d] 200" type="positive" />
<verify name="Information for ${Username}" error="No information about ${Username} displayed" exp="Userinformation for ${Username}" type="positive" />
</response>
</case>
</testcases>
Running ./rinject.rb -C testcases.xml puts out the status in Nagios plugin format of all cases as last line
run +./rinject.rb [options] | tail -n 1+ to get only the Nagios output
*TODO*:
-c --config is not working yet
-o --output is not working yet
-n --no-output is not working yet
no stupid output, but correct logging instead!