PLATUI-111: Added tests and changed the logic to check if URL is proxied

deleteMe.sc

@@ -0,0 +1,4 @@
+"http://localhost:1234/abc/def".matches("http://localhost:1234/abc/def/")
+
+
+"http://localhost:1234/abc/def/".matches("http://localhost:1234/abc/def.*")

src/main/scala/uk/gov/hmrc/zap/ZapTest.scala

@@ -41,8 +41,8 @@ trait ZapTest extends BeforeAndAfterAll with HealthCheck with ZapOrchestrator {
       healthCheck(zapConfiguration.testUrl)
     }
     if (zapScan.passiveScanStatus == ScanNotCompleted) {
-      throw PassiveScanException("Test URL did not proxy via ZAP. Check if the browser is configured correctly " +
-        "to proxy via ZAP.")
+      throw PassiveScanException("Test URL did not proxy via ZAP (OR) Passive Scan did not complete within configured duration." +
+        "See ERROR message in the logs above.")
     }
     zapSetup.setConnectionTimeout()
     zapSetup.checkMissingScanners

src/main/scala/uk/gov/hmrc/zap/api/ZapScan.scala

@@ -31,11 +31,16 @@ class ZapScan(zapClient: ZapClient) extends Eventually {
   lazy val spiderRunStatus: ScanStatus = spiderStatus
 
   lazy val passiveScanStatus: ScanStatus = {
-    if (urlProxiedForPassiveScan) {
-      ScanCompleted
+    if (isUrlProxiedViaZap) {
+      recordsToScanStatus match {
+        case ScanCompleted => ScanCompleted
+        case ScanNotCompleted =>
+          log.error(s"Passive Scan did not complete within the configured duration: $patienceConfigTimeout seconds.")
+          ScanNotCompleted
+      }
     }
-    else{
-      log.error("Test URL did not proxy via ZAP. Check if the browser is configured correctly to proxy via ZAP.")
+    else {
+      log.error(s"Test URL '$testUrl' did not proxy via ZAP. Check if the browser is configured correctly to proxy via ZAP.")
       ScanNotCompleted
     }
   }
@@ -56,6 +61,12 @@ class ZapScan(zapClient: ZapClient) extends Eventually {
       ScanNotCompleted
   }
 
+  /*
+  /json/pscan/view/recordsToScan returns how many records left to Passive Scan. When it is 0, Passive Scan is completed.
+  Passive Scan occurs on two instances.
+  1. When Journey tests proxies requests via ZAP, passive scan is performed automatically.
+  2. When the test URL is crawled by ZAP (triggerSpiderScan()) , passive scan is performed again on the new requests and response.
+  */
   private def recordsToScanStatus: ScanStatus = {
     val recordsLeftToScan = 0
     val recordsToScan = retry(expectedResult = recordsLeftToScan) {
@@ -66,14 +77,10 @@ class ZapScan(zapClient: ZapClient) extends Eventually {
       recordsToScan
     }
 
-    if (recordsToScan == recordsLeftToScan) {
-      log.info("Passive Scan completed.")
+    if (recordsToScan == recordsLeftToScan)
       ScanCompleted
-    }
-    else {
-      log.error(s"Spider did not complete within configured duration: $patienceConfigTimeout seconds. Still $recordsToScan records left to scan.")
+    else
       ScanNotCompleted
-    }
   }
 
   private def scanStatus(path: String): ScanStatus = {
@@ -107,10 +114,14 @@ class ZapScan(zapClient: ZapClient) extends Eventually {
     result
   }
 
-  private def urlProxiedForPassiveScan: Boolean = {
+  /*
+  Test URL should be proxied via ZAP for passive scan to be performed.
+  */
+  private def isUrlProxiedViaZap: Boolean = {
     val response = callZapApi("/json/core/view/urls", "baseurl" -> s"$testUrl")
     val proxiedUrls: List[String] = (Json.parse(response) \ "urls").as[List[String]]
-    proxiedUrls.contains(testUrl)
+    val testUrlPattern = testUrl + ".*"
+    proxiedUrls.exists(_.matches(testUrlPattern))
   }
 
 }

src/test/scala/uk/gov/hmrc/ZapReportSpec.scala

@@ -71,23 +71,23 @@ class ZapReportSpec extends BaseSpec {
       getByAtt(reportXml, "id", "summary-info-count").text shouldBe "1"
     }
 
-    "should show the correct scan status in the Summary of Scan table when spiderScan and activeScan is not completed" in new TestSetup {
+    "should show the correct scan status in the Summary of Scan table when passiveScan, spiderScan and activeScan is not completed" in new TestSetup {
       val zapReport = ZapReport(alerts,
         "AUniqueThreshold",
-        passiveScanStatus = ScanCompleted,
+        passiveScanStatus = ScanNotCompleted,
         spiderScanStatus = ScanNotCompleted,
         activeScanStatus = ScanNotCompleted,
         missingScanners,
         zapVersion)
       val reportHtmlAsString: String = generateHtmlReport(zapReport)
       val reportXml: Elem = XML.loadString(reportHtmlAsString)
 
-      getByAtt(reportXml, "id", "passive-scan").text shouldBe "Run"
+      getByAtt(reportXml, "id", "passive-scan").text shouldBe "Not Run"
       getByAtt(reportXml, "id", "spider-scan").text shouldBe "Not Run"
       getByAtt(reportXml, "id", "active-scan").text shouldBe "Not Run"
     }
 
-    "should show the correct scan status in the Summary of Scan table when spiderScan and ActiveScan is completed" in new TestSetup {
+    "should show the correct scan status in the Summary of Scan table when passiveScan, spiderScan and activeScan is completed" in new TestSetup {
       val zapReport = ZapReport(alerts,
         "AUniqueThreshold",
         passiveScanStatus = ScanCompleted,

src/test/scala/uk/gov/hmrc/ZapScanSpec.scala

@@ -18,7 +18,7 @@ package uk.gov.hmrc
 
 import com.typesafe.config.{Config, ConfigFactory}
 import org.mockito.Matchers.{any, eq => eqTo}
-import org.mockito.Mockito.{verify, when}
+import org.mockito.Mockito.{verify, when, atLeastOnce}
 import org.scalatest.concurrent.Eventually
 import uk.gov.hmrc.zap.api._
 import uk.gov.hmrc.zap.client.{HttpClient, ZapClient}
@@ -118,4 +118,42 @@ class ZapScanSpec extends BaseSpec {
       zapScan.activeScanStatus shouldBe ScanNotCompleted
     }
   }
+  "Passive Scan status" should {
+    "should return ScanCompleted if test url is proxied via ZAP and passive scan is completed within the configured duration" in new TestSetup {
+
+      import zapConfiguration._
+
+      when(httpClient.get(any(), eqTo("/json/core/view/urls"), any())).thenReturn((200,
+        """{"urls":["http://localhost:1234/abc/de", "http://localhost:1234/abc/def", "http://localhost:1234/abc/def/ghijk"]}""".stripMargin))
+      when(httpClient.get(any(), eqTo("/json/pscan/view/recordsToScan"), any())).thenReturn((200, """{"recordsToScan": "0"}"""))
+
+      zapScan.passiveScanStatus shouldBe ScanCompleted
+      verify(httpClient).get(zapBaseUrl, "/json/core/view/urls", "baseurl" -> testUrl)
+      verify(httpClient).get(zapBaseUrl, "/json/pscan/view/recordsToScan")
+    }
+
+    "should return ScanNotCompleted if test url is NOT proxied via ZAP" in new TestSetup {
+
+      import zapConfiguration._
+
+      when(httpClient.get(any(), eqTo("/json/core/view/urls"), any())).thenReturn((200,
+        """{"urls":["http://localhost:1234/abc/de"]}""".stripMargin))
+
+      zapScan.passiveScanStatus shouldBe ScanNotCompleted
+      verify(httpClient).get(zapBaseUrl, "/json/core/view/urls", "baseurl" -> testUrl)
+    }
+
+    "should return ScanNotCompleted when test url proxied via ZAP but passive scan is NOT completed within the configured duration" in new TestSetup {
+
+      import zapConfiguration._
+
+      when(httpClient.get(any(), eqTo("/json/core/view/urls"), any())).thenReturn((200,
+        """{"urls":["http://localhost:1234/abc/de", "http://localhost:1234/abc/def/ghijk"]}""".stripMargin))
+      when(httpClient.get(any(), eqTo("/json/pscan/view/recordsToScan"), any())).thenReturn((200, """{"recordsToScan": "1"}"""))
+
+      zapScan.passiveScanStatus shouldBe ScanNotCompleted
+      verify(httpClient).get(zapBaseUrl, "/json/core/view/urls", "baseurl" -> testUrl)
+      verify(httpClient, atLeastOnce()).get(zapBaseUrl, "/json/pscan/view/recordsToScan")
+    }
+  }
 }