start working on network interception test (request/body/response alt…

…eration)
Cristi-Fogel · Sep 4, 2024 · 7910c6d · 7910c6d
1 parent b24ae68
commit 7910c6d
Show file tree

Hide file tree

Showing 4 changed files with 72 additions and 2 deletions.
diff --git a/package.json b/package.json
@@ -3,7 +3,9 @@
   "version": "1.0.0",
   "description": "",
   "main": "index.js",
-  "scripts": {},
+  "scripts": {
+    "testDebug": "npx playwright test tests/webApiPart2.spec.js --headed"
+  },
   "keywords": [],
   "author": "",
   "license": "ISC",

diff --git a/state.json b/state.json
@@ -6,7 +6,7 @@
       "localStorage": [
         {
           "name": "token",
-          "value": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NWZkMmVjZGE4NmY4Zjc0ZGNhODA3MGIiLCJ1c2VyRW1haWwiOiJjZkBtYWlsaW5hdG9yLmNvbSIsInVzZXJNb2JpbGUiOjIzNDIzNDM0MzQsInVzZXJSb2xlIjoiY3VzdG9tZXIiLCJpYXQiOjE3MjQ5OTU3MDQsImV4cCI6MTc1NjU1MzMwNH0.z_6_RjHOQjm1poC0ca57p2i6b1JxWwzibX-oaNqseDQ"
+          "value": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NWZkMmVjZGE4NmY4Zjc0ZGNhODA3MGIiLCJ1c2VyRW1haWwiOiJjZkBtYWlsaW5hdG9yLmNvbSIsInVzZXJNb2JpbGUiOjIzNDIzNDM0MzQsInVzZXJSb2xlIjoiY3VzdG9tZXIiLCJpYXQiOjE3MjUyNTQ5MzYsImV4cCI6MTc1NjgxMjUzNn0.QLacJv78j3V6ql7oNOFBaznoQU3o4WMZqlExB8m5QVc"
         }
       ]
     }

diff --git a/tests/networkTest.spec.js b/tests/networkTest.spec.js
@@ -0,0 +1,49 @@
+const {test, expect, request} = require('@playwright/test');
+const {APiUtils} = require('./utils/APiUtils');
+
+const loginPayload = {userEmail:"[email protected]",userPassword:"Password1"};
+const orderPayload = {orders:[{country:"Romania",productOrderedId:"6581ca399fd99c85e8ee7f45"}]};
+
+let response;
+let fakePayloadOrders = {data: [], message:"No Orders"};
+
+test.beforeAll(async () => { 
+    const apiContext = await request.newContext();
+    const apiUtils = new APiUtils(apiContext, loginPayload);
+    response = await apiUtils.createOrder(orderPayload);
+});
+
+test('@API Place the order', async ({page})=>
+    {   
+    await page.addInitScript(value => {
+        window.localStorage.setItem('token',value);
+        }, 
+        response.token );
+    await page.goto("https://rahulshettyacademy.com/client");
+    const products = page.locator(".card-body");
+
+    //mock the orders call --reroute how we want it
+    // await page.route("https://rahulshettyacademy.com/api/ecom/order/get-orders-for-customer/65fd2ecda86f8f74dca8070b", //with explicit id of customer (wildcard for wokring with any)
+    await page.route("https://rahulshettyacademy.com/api/ecom/order/get-orders-for-customer/*", 
+        async route=>{
+            //response interception -> [i am here] API response->browser->render data
+            const response = await page.request.fetch(route.request());
+            let body = JSON.stringify(fakePayloadOrders);
+            route.fulfill(
+                {
+                    response,
+                    body,
+                }
+            )
+        }
+    );
+    // await page.pause();
+    //orders page 
+    await page.locator("button[routerlink='/dashboard/myorders']").dispatchEvent('click');
+    await page.waitForResponse("https://rahulshettyacademy.com/api/ecom/order/get-orders-for-customer/*");
+    console.log(await page.locator(".mt-4").textContent());
+
+
+
+
+}) 
diff --git a/tests/networkTest2.spec.js b/tests/networkTest2.spec.js
@@ -0,0 +1,19 @@
+
+
+
+
+test('Security test request intercept', async(page)=>
+{
+    //login and reach orders page
+
+    //intercept the view-call
+    await page.route("https://rahulshettyacademy.com/api/ecom/order/get-orders-details?id=*",
+        route=>route.continue({
+            url: 'https://rahulshettyacademy.com/api/ecom/order/get-orders-details?id=621661884053f676546b6'
+        })
+
+    )
+    //once identified *all, click on View button for it
+    await page.locator("button:has-text('View')").click();
+
+})