diff options
author | IanHowell <ian.howell@att.com> | 2018-04-12 15:54:03 -0500 |
---|---|---|
committer | IanHowell <ian.howell@att.com> | 2018-04-12 15:54:10 -0500 |
commit | ccf061c2a62f55527b4806356adf386ce6dd45ca (patch) | |
tree | 5c38a00453df01606fce4a44096c167d737adbdc /cadi | |
parent | a933f226711eb22d680f6a722bfc33c124b53695 (diff) |
Improve coverage of cadi-aaf
Issue-ID: AAF-223
Change-Id: Ic5443be3f6fc08d7401136b9f235a4050b5d3ee5
Signed-off-by: IanHowell <ian.howell@att.com>
Diffstat (limited to 'cadi')
-rw-r--r-- | cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java | 24 | ||||
-rw-r--r-- | cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java | 196 | ||||
-rw-r--r-- | cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/JU_ErrMessageTest.java | 10 | ||||
-rw-r--r-- | cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_AAFPermission.java | 140 | ||||
-rw-r--r-- | cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java | 146 | ||||
-rw-r--r-- | cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CertException.java | 50 | ||||
-rw-r--r-- | cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java | 112 | ||||
-rw-r--r-- | cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenPerm.java (renamed from cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_FastPerms.java) | 84 | ||||
-rw-r--r-- | cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java | 2 |
9 files changed, 596 insertions, 168 deletions
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java index b3f0c4bb..37fb859e 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java @@ -71,24 +71,28 @@ public class AAFPermission implements Permission { * If you want a simple field comparison, it is faster without REGEX */ public boolean match(Permission p) { + boolean rv; + String aafType; + String aafInstance; + String aafAction; if(p instanceof AAFPermission) { AAFPermission ap = (AAFPermission)p; // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy // Current solution is only allow direct match on Type. // 8/28/2014 Jonathan - added REGEX ability - if(type.equals(ap.getName())) - if(PermEval.evalInstance(instance,ap.getInstance())) - if(PermEval.evalAction(action,ap.getAction())) - return true; + aafType = ap.getName(); + aafInstance = ap.getInstance(); + aafAction = ap.getAction(); } else { // Permission is concatenated together: separated by | String[] aaf = p.getKey().split("[\\s]*\\|[\\s]*",3); - if(aaf.length>0 && type.equals(aaf[0])) - if(PermEval.evalInstance(instance,aaf.length>1?aaf[1]:"*")) - if(PermEval.evalAction(action,aaf.length>2?aaf[2]:"*")) - return true; - } - return false; + aafType = aaf[0]; + aafInstance = (aaf.length > 1) ? aaf[1] : "*"; + aafAction = (aaf.length > 2) ? aaf[2] : "*"; + } + return ((type.equals(aafType)) && + (PermEval.evalInstance(instance, aafInstance)) && + (PermEval.evalAction(action, aafAction))); } public String getName() { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java index aa65504d..75df4eab 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -28,121 +28,113 @@ public class PermEval { public static final char START_REGEX_CHAR = '!'; public static final char START_INST_KEY_CHAR=':'; public static final char ALT_START_INST_KEY_CHAR='/'; - + public static final char LIST_SEP = ','; public static final String INST_KEY_REGEX = new StringBuilder().append(START_INST_KEY_CHAR).toString(); public static final String ASTERIX = "*"; - + /** * Evaluate Instance - * - * Instance can be more complex. It can be a string, a Regular Expression, or a ":" separated Key + * + * Instance can be more complex. It can be a string, a Regular Expression, or a ":" separated Key * who's parts can also be a String, Regular Expression. - * + * * sInst = Server's Instance * In order to prevent false matches, keys must be the same length to count as equal * Changing this will break existing users, like Cassandra. Jonathan 9-4-2015 */ - public static boolean evalInstance(String sInst, String pInst) { - if(sInst==null || pInst == null) { - return false; - } - if(ASTERIX.equals(sInst)) { - return true; // If Server's String is "*", then it accepts every Instance - } - char firstChar = pInst.charAt(0); - char startChar = firstChar==ALT_START_INST_KEY_CHAR?ALT_START_INST_KEY_CHAR:START_INST_KEY_CHAR; - switch(pInst.charAt(0)) { // First char - case START_REGEX_CHAR: // Evaluate as Regular Expression - String pItem = pInst.substring(1); - for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," definition in Action - return sItem.matches(pItem); - } - - case START_INST_KEY_CHAR: // Evaluate a special Key field, i.e.:xyz:*:!df.* - case ALT_START_INST_KEY_CHAR: // Also allow '/' as special Key Field, i.e. /xyz/*/!.* - if(sInst.charAt(0)==startChar) { // To compare key-to-key, both strings must be keys - String[] skeys=Split.split(startChar,sInst); - String[] pkeys=Split.split(startChar,pInst); - if(skeys.length!=pkeys.length) return false; - - boolean pass = true; - for(int i=1;pass && i<skeys.length;++i) { // We start at 1, because the first one, being ":" is always "" - if(ASTERIX.equals(skeys[i]))continue; // Server data accepts all for this key spot - pass = false; - for(String sItem : Split.split(LIST_SEP,skeys[i])) { // allow for "," definition in Action - if(pkeys[i].length()==0) { - if(pass=sItem.length()==0) { - break; // Both Empty, keep checking - } -// } else if(pkeys[i].charAt(0)==START_REGEX_CHAR) { -// if(pass=sItem.matches(pkeys[i].substring(1))) { -// break; // Matches, keep checking -// } - } else if(sItem.charAt(0)==START_REGEX_CHAR) { // Check Server side when wildcarding like * - if(pass=pkeys[i].matches(sItem.substring(1))) { - break; // Matches, keep checking - } - } else if(skeys[i].endsWith(ASTERIX)) { - if(pass=endAsterixCompare(skeys[i],pkeys[i])) { - break; - } - } else { - if(pass=sItem.equals(pkeys[i])) - break; // Equal, keep checking - } - } - } - return pass; // return whether passed all key checks - } - return false; // if first chars aren't the same, further String compare not necessary - default: // Evaluate as String Compare - for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," separator //TODO is this only for actions? - if(sItem.endsWith(ASTERIX)) { - if(endAsterixCompare(sInst, pInst)); - } else if(sItem.equals(pInst)) { - return true; - } - } - return false; - } - } - + public static boolean evalInstance(String sInst, String pInst) { + if(sInst == null || pInst == null) { + return false; + } + if (sInst == "" || pInst == "") { + return false; + } + if(ASTERIX.equals(sInst)) { + return true; // If Server's String is "*", then it accepts every Instance + } + char firstChar = pInst.charAt(0); + char startChar = firstChar==ALT_START_INST_KEY_CHAR?ALT_START_INST_KEY_CHAR:START_INST_KEY_CHAR; + switch(pInst.charAt(0)) { // First char + case START_REGEX_CHAR: // Evaluate as Regular Expression + String pItem = pInst.substring(1); + String first = Split.split(LIST_SEP,sInst)[0]; // allow for "," definition in Action + return first.matches(pItem); + + case START_INST_KEY_CHAR: // Evaluate a special Key field, i.e.:xyz:*:!df.* + case ALT_START_INST_KEY_CHAR: // Also allow '/' as special Key Field, i.e. /xyz/*/!.* + if(sInst.charAt(0)==startChar) { // To compare key-to-key, both strings must be keys + String[] skeys=Split.split(startChar,sInst); + String[] pkeys=Split.split(startChar,pInst); + if(skeys.length!=pkeys.length) return false; + + boolean pass = true; + for(int i=1;pass && i<skeys.length;++i) { // We start at 1, because the first one, being ":" is always "" + if(ASTERIX.equals(skeys[i]))continue; // Server data accepts all for this key spot + pass = false; + for(String sItem : Split.split(LIST_SEP,skeys[i])) { // allow for "," definition in Action + if(pkeys[i].length()==0) { + if(pass=sItem.length()==0) { + break; // Both Empty, keep checking + } + } else if(sItem.charAt(0)==START_REGEX_CHAR) { // Check Server side when wildcarding like * + if(pass=pkeys[i].matches(sItem.substring(1))) { + break; // Matches, keep checking + } + } else if(skeys[i].endsWith(ASTERIX)) { + if(pass=endAsterixCompare(skeys[i],pkeys[i])) { + break; + } + } else if(pass=sItem.equals(pkeys[i])) { + break; // Equal, keep checking + } + } + } + return pass; // return whether passed all key checks + } + return false; // if first chars aren't the same, further String compare not necessary + default: // Evaluate as String Compare + for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," separator //TODO is this only for actions? + if((sItem.endsWith(ASTERIX)) && (endAsterixCompare(sInst, pInst))) { + return true; + } else if(sItem.equals(pInst)) { + return true; + } + } + return false; + } + } + private static boolean endAsterixCompare(String sInst, String pInst) { - final int len = sInst.length()-1; - if(pInst.length()<len) { + final int len = sInst.length()-1; + if(pInst.length()<len) { + return false; + } + for(int j=0;j<len;++j) { + if(pInst.charAt(j)!=sInst.charAt(j)) { return false; } - for(int j=0;j<len;++j) { - if(pInst.charAt(j)!=sInst.charAt(j)) { - return false; - } - } - return true; + } + return true; } /** - * Evaluate Action - * - * sAction = Stored Action... - * pAction = Present Action... the Permission to validate against. - * Action is not quite as complex. But we write it in this function so it can be consistent - */ - public static boolean evalAction(String sAction,String pAction) { - if(ASTERIX.equals(sAction))return true; // If Server's String is "*", then it accepts every Action - for(String sItem : Split.split(LIST_SEP,sAction)) { // allow for "," definition in Action - if (pAction.charAt(0)==START_REGEX_CHAR? // First char - sItem.matches(pAction.substring(1)): // Evaluate as Regular Expression - sItem.equals(pAction)) // Evaluate as String Compare - return true; - } - return false; - } - - /** - * Split.split by Char - * - * Note: I read the String Split.split and Pattern Split.split code, and we can do this more efficiently for a single Character - */ + * Evaluate Action + * + * sAction = Stored Action... + * pAction = Present Action... the Permission to validate against. + * Action is not quite as complex. But we write it in this function so it can be consistent + */ + public static boolean evalAction(String sAction,String pAction) { + if(ASTERIX.equals(sAction))return true; // If Server's String is "*", then it accepts every Action + if(pAction == "") return false; + for(String sItem : Split.split(LIST_SEP,sAction)) { // allow for "," definition in Action + if (pAction.charAt(0)==START_REGEX_CHAR? // First char + sItem.matches(pAction.substring(1)): // Evaluate as Regular Expression + sItem.equals(pAction)) // Evaluate as String Compare + return true; + } + return false; + } } diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/JU_ErrMessageTest.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/JU_ErrMessageTest.java index 15e11627..7094b1a6 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/JU_ErrMessageTest.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/JU_ErrMessageTest.java @@ -24,6 +24,9 @@ package org.onap.aaf.cadi.aaf.client; import static org.junit.Assert.assertEquals; import static org.mockito.Mockito.when; +import java.io.ByteArrayOutputStream; +import java.io.PrintStream; + import org.junit.Before; import org.junit.Test; import org.mockito.Answers; @@ -54,6 +57,8 @@ public class JU_ErrMessageTest { private Error error; private Future<?> future; + + private ByteArrayOutputStream errStream; @Before public void setUp() throws Exception { @@ -89,14 +94,15 @@ public class JU_ErrMessageTest { error.setText("Error Text"); errMessage = new ErrMessage(env); - + errStream = new ByteArrayOutputStream(); } @Test public void testPrintErrMessage() throws APIException { when(errDF.newData().in(TYPE.JSON).load(attErrJson).asObject()).thenReturn(error); - errMessage.printErr(System.out, attErrJson); + errMessage.printErr(new PrintStream(errStream), attErrJson); + assertEquals("Error Message Id Error Text\n", errStream.toString()); } @Test diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_AAFPermission.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_AAFPermission.java new file mode 100644 index 00000000..10958a23 --- /dev/null +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_AAFPermission.java @@ -0,0 +1,140 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * + ******************************************************************************/ + +package org.onap.aaf.cadi.aaf.test; + +import static org.junit.Assert.*; + +import java.util.ArrayList; +import java.util.List; + +import static org.hamcrest.CoreMatchers.*; +import org.junit.*; +import org.onap.aaf.cadi.Permission; +import org.onap.aaf.cadi.aaf.AAFPermission; + +public class JU_AAFPermission { + + private final static String type = "type"; + private final static String instance = "instance"; + private final static String action = "action"; + private final static String key = type + '|' + instance + '|' + action; + private final static String role = "role"; + + private static List<String> roles; + + @Before + public void setup() { + roles = new ArrayList<String>(); + roles.add(role); + } + + @Test + public void constructor1Test() { + AAFPermission perm = new AAFPermission(type, instance, action); + assertThat(perm.getName(), is(type)); + assertThat(perm.getInstance(), is(instance)); + assertThat(perm.getAction(), is(action)); + assertThat(perm.getKey(), is(key)); + assertThat(perm.permType(), is("AAF")); + assertThat(perm.roles().size(), is(0)); + assertThat(perm.toString(), is("AAFPermission:\n\tType: " + type + + "\n\tInstance: " + instance + + "\n\tAction: " + action + + "\n\tKey: " + key)); + } + + @Test + public void constructor2Test() { + AAFPermission perm; + + perm = new AAFPermission(type, instance, action, null); + assertThat(perm.getName(), is(type)); + assertThat(perm.getInstance(), is(instance)); + assertThat(perm.getAction(), is(action)); + assertThat(perm.getKey(), is(key)); + assertThat(perm.permType(), is("AAF")); + assertThat(perm.roles().size(), is(0)); + assertThat(perm.toString(), is("AAFPermission:\n\tType: " + type + + "\n\tInstance: " + instance + + "\n\tAction: " + action + + "\n\tKey: " + key)); + + perm = new AAFPermission(type, instance, action, roles); + assertThat(perm.getName(), is(type)); + assertThat(perm.getInstance(), is(instance)); + assertThat(perm.getAction(), is(action)); + assertThat(perm.getKey(), is(key)); + assertThat(perm.permType(), is("AAF")); + assertThat(perm.roles().size(), is(1)); + assertThat(perm.roles().get(0), is(role)); + assertThat(perm.toString(), is("AAFPermission:\n\tType: " + type + + "\n\tInstance: " + instance + + "\n\tAction: " + action + + "\n\tKey: " + key)); + } + + @Test + public void matchTest() { + final AAFPermission controlPermission = new AAFPermission(type, instance, action); + PermissionStub perm; + AAFPermission aafperm; + + aafperm = new AAFPermission(type, instance, action); + assertThat(controlPermission.match(aafperm), is(true)); + + perm = new PermissionStub(key); + assertThat(controlPermission.match(perm), is(true)); + + // Coverage tests + perm = new PermissionStub("not a valid key"); + assertThat(controlPermission.match(perm), is(false)); + perm = new PermissionStub("type"); + assertThat(controlPermission.match(perm), is(false)); + perm = new PermissionStub("type|instance|badAction"); + assertThat(controlPermission.match(perm), is(false)); + } + + @Test + public void coverageTest() { + AAFPermissionStub aafps = new AAFPermissionStub(); + assertThat(aafps.getName(), is(nullValue())); + assertThat(aafps.getInstance(), is(nullValue())); + assertThat(aafps.getAction(), is(nullValue())); + assertThat(aafps.getKey(), is(nullValue())); + assertThat(aafps.permType(), is("AAF")); + assertThat(aafps.roles().size(), is(0)); + } + + private class PermissionStub implements Permission { + private String key; + + public PermissionStub(String key) { this.key = key; } + @Override public String permType() { return null; } + @Override public String getKey() { return key; } + @Override public boolean match(Permission p) { return false; } + } + + private class AAFPermissionStub extends AAFPermission { + + } +} diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java index 29ce7412..9433cef1 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -22,40 +22,131 @@ package org.onap.aaf.cadi.aaf.test; import static org.junit.Assert.*; +import static org.hamcrest.CoreMatchers.*; +import org.junit.*; -import org.junit.AfterClass; -import org.junit.Test; import org.onap.aaf.cadi.aaf.PermEval; public class JU_PermEval { - @AfterClass - public static void tearDownAfterClass() throws Exception { + @Test + public void instanceNullTest() { + assertThat(PermEval.evalInstance(null, null), is(false)); + assertThat(PermEval.evalInstance(null, "test"), is(false)); + assertThat(PermEval.evalInstance("test", null), is(false)); } @Test - public void test() { - // TRUE - assertTrue(PermEval.evalAction("fred","fred")); - assertTrue(PermEval.evalAction("fred,wilma","fred")); - assertTrue(PermEval.evalAction("barney,betty,fred,wilma","fred")); - assertTrue(PermEval.evalAction("*","fred")); - - assertTrue(PermEval.evalInstance("fred","fred")); - assertTrue(PermEval.evalInstance("fred,wilma","fred")); - assertTrue(PermEval.evalInstance("barney,betty,fred,wilma","fred")); + public void instanceEmptyTest() { + assertThat(PermEval.evalInstance("", ""), is(false)); + assertThat(PermEval.evalInstance("", "test"), is(false)); + assertThat(PermEval.evalInstance("test", ""), is(false)); + } + + @Test + public void instanceAsterixTest() { + assertThat(PermEval.evalInstance("*", "*"), is(true)); assertTrue(PermEval.evalInstance("*","fred")); - + } + + @Test + public void instanceRegexTest() { + assertThat(PermEval.evalInstance("test", "!test"), is(true)); + assertThat(PermEval.evalInstance(",", "!"), is(true)); + assertThat(PermEval.evalInstance("test,test", "!test"), is(true)); + + assertThat(PermEval.evalInstance("test", "!"), is(false)); + assertThat(PermEval.evalInstance("test", "!mismatch"), is(false)); + assertThat(PermEval.evalInstance("test,mismatch", "!mismatch"), is(false)); + } + + @Test + public void instanceKeyTest() { + // Reject non-keys + assertThat(PermEval.evalInstance("fred", ":fred"), is(false)); + + // Reject differing number of keys + assertThat(PermEval.evalInstance(":fred:barney", ":fred"), is(false)); + assertThat(PermEval.evalInstance(":fred", ":fred:barney"), is(false)); + + // Accept all wildcard keys + assertThat(PermEval.evalInstance(":*", ":fred"), is(true)); + + // Accept matching empty keys + assertThat(PermEval.evalInstance(":", ":"), is(true)); + + // Reject non-matching empty keys + assertThat(PermEval.evalInstance(":fred", ":"), is(false)); + + // Accept matches starting with a wildcard + assertThat(PermEval.evalInstance(":!.*ed", ":fred"), is(true)); + + // Reject non-matches starting with a wildcard + assertThat(PermEval.evalInstance(":!.*arney", ":fred"), is(false)); + + // Accept matches ending with a wildcard + assertThat(PermEval.evalInstance(":fr*", ":fred"), is(true)); + + // Reject non-matches ending with a wildcard + assertThat(PermEval.evalInstance(":bar*", ":fred"), is(false)); + + // Accept exact keys + assertThat(PermEval.evalInstance(":fred", ":fred"), is(true)); + + // Reject mismatched keys + assertThat(PermEval.evalInstance(":fred", ":barney"), is(false)); + + // Check using alt-start character + assertThat(PermEval.evalInstance("/fred", "/fred"), is(true)); + assertThat(PermEval.evalInstance("/barney", "/fred"), is(false)); + } + + @Test + public void instanceDirectTest() { + assertThat(PermEval.evalInstance("fred","fred"), is(true)); + assertThat(PermEval.evalInstance("fred,wilma","fred"), is(true)); + assertThat(PermEval.evalInstance("barney,betty,fred,wilma","fred"), is(true)); + assertThat(PermEval.evalInstance("barney,betty,wilma","fred"), is(false)); + + assertThat(PermEval.evalInstance("fr*","fred"), is(true)); + assertThat(PermEval.evalInstance("freddy*","fred"), is(false)); + assertThat(PermEval.evalInstance("ba*","fred"), is(false)); + } + + @Test + public void actionTest() { + // Accept server * + assertThat(PermEval.evalAction("*", ""), is(true)); + assertThat(PermEval.evalAction("*", "literally anything"), is(true)); + + // Reject empty actions + assertThat(PermEval.evalAction("literally anything", ""), is(false)); + + // Accept match as regex + assertThat(PermEval.evalAction("action", "!action"), is(true)); + + // Reject non-match as regex + assertThat(PermEval.evalAction("action", "!nonaction"), is(false)); + + // Accept exact match + assertThat(PermEval.evalAction("action", "action"), is(true)); + + // Reject non-match + assertThat(PermEval.evalAction("action", "nonaction"), is(false)); + } + + @Test + public void redundancyTest() { + // TRUE assertTrue(PermEval.evalInstance(":fred:fred",":fred:fred")); assertTrue(PermEval.evalInstance(":fred:fred,wilma",":fred:fred")); assertTrue(PermEval.evalInstance(":fred:barney,betty,fred,wilma",":fred:fred")); - assertTrue(PermEval.evalInstance("*","fred")); assertTrue(PermEval.evalInstance(":*:fred",":fred:fred")); assertTrue(PermEval.evalInstance(":fred:*",":fred:fred")); assertTrue(PermEval.evalInstance(":!f.*:fred",":fred:fred")); assertTrue(PermEval.evalInstance(":fred:!f.*",":fred:fred")); - - /// FALSE + + // FALSE assertFalse(PermEval.evalInstance("fred","wilma")); assertFalse(PermEval.evalInstance("fred,barney,betty","wilma")); assertFalse(PermEval.evalInstance(":fred:fred",":fred:wilma")); @@ -73,10 +164,10 @@ public class JU_PermEval { assertTrue(PermEval.evalInstance("/v1/services/features/*","/v1/services/features/api1")); assertTrue(PermEval.evalInstance(":v1:services:features:*",":v1:services:features:api2")); // MSO - Xue Gao - assertTrue(PermEval.evalInstance(":v1:requests:*",":v1:requests:test0-service")); + assertTrue(PermEval.evalInstance(":v1:requests:*",":v1:requests:test0-service")); + - // Same tests, with Slashes assertTrue(PermEval.evalInstance("/fred/fred","/fred/fred")); assertTrue(PermEval.evalInstance("/fred/fred,wilma","/fred/fred")); @@ -86,8 +177,8 @@ public class JU_PermEval { assertTrue(PermEval.evalInstance("/fred/*","/fred/fred")); assertTrue(PermEval.evalInstance("/!f.*/fred","/fred/fred")); assertTrue(PermEval.evalInstance("/fred/!f.*","/fred/fred")); - - /// FALSE + + // FALSE assertFalse(PermEval.evalInstance("fred","wilma")); assertFalse(PermEval.evalInstance("fred,barney,betty","wilma")); assertFalse(PermEval.evalInstance("/fred/fred","/fred/wilma")); @@ -98,7 +189,7 @@ public class JU_PermEval { assertFalse(PermEval.evalInstance("/!f.*/!w.*","/fred/fred")); assertFalse(PermEval.evalInstance("/fred/!x.*","/fred/fred")); - + assertTrue(PermEval.evalInstance(":!com.att.*:role:write",":com.att.temp:role:write")); // CPFSF-431 Group needed help with Wild Card @@ -113,7 +204,10 @@ public class JU_PermEval { ":!topic.com.att.ecomp_test.crm.pre.*", ":topic.com.att.ecomp_test.crm.predemo100" )); - + + // coverage + @SuppressWarnings("unused") + PermEval pe = new PermEval(); } } diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CertException.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CertException.java new file mode 100644 index 00000000..aa12d7c6 --- /dev/null +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CertException.java @@ -0,0 +1,50 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * + ******************************************************************************/ +package org.onap.aaf.cadi.cm.test; + +import static org.junit.Assert.*; +import static org.hamcrest.CoreMatchers.*; +import org.junit.*; + +import org.onap.aaf.cadi.cm.CertException; + +public class JU_CertException { + + private static final String message = "The message associated with the exception"; + + @Test(expected = CertException.class) + public void test() throws CertException { + CertException except; + + except = new CertException(message); + assertThat(except.getMessage(), is(message)); + + except = new CertException(new Exception(message)); + assertThat(except.getMessage(), is("java.lang.Exception: " + message)); + + except = new CertException(message, new Exception(message)); + assertThat(except.getMessage(), is(message)); + + throw new CertException(); + } + +} diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java new file mode 100644 index 00000000..e4eaf7fb --- /dev/null +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java @@ -0,0 +1,112 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * + ******************************************************************************/ +package org.onap.aaf.cadi.cm.test; + +import static org.junit.Assert.*; +import static org.hamcrest.CoreMatchers.*; +import static org.mockito.Mockito.*; +import org.junit.*; +import org.mockito.*; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import java.security.KeyPair; +import java.security.PublicKey; + +import javax.crypto.Cipher; + +import org.onap.aaf.cadi.cm.Factory; +import org.onap.aaf.cadi.cm.Factory.StripperInputStream; +import org.onap.aaf.misc.env.Env; +import org.onap.aaf.misc.env.LogTarget; +import org.onap.aaf.misc.env.TimeTaken; +import org.onap.aaf.misc.env.Trans; + +public class JU_Factory { + + @Mock + Trans transMock; + + @Mock + TimeTaken timeTakenMock; + + @Mock + LogTarget logTargetMock; + + @Before + public void setup() { + MockitoAnnotations.initMocks(this); + + when(transMock.start(anyString(), anyInt())).thenReturn(timeTakenMock); + when(transMock.debug()).thenReturn(logTargetMock); + } + + @Test + public void generateKeyPairTest() throws Exception { + String message = "The quick brown fox jumps over the lazy dog."; + + Cipher encryptor = Cipher.getInstance(Factory.KEY_ALGO); + Cipher decryptor = Cipher.getInstance(Factory.KEY_ALGO); + + KeyPair kp1 = Factory.generateKeyPair(transMock); + encryptor.init(Cipher.ENCRYPT_MODE, kp1.getPublic()); + decryptor.init(Cipher.DECRYPT_MODE, kp1.getPrivate()); + byte[] encrypedMessage1 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8)); + String output1 = new String(decryptor.doFinal(encrypedMessage1)); + assertThat(output1, is(message)); + + // coverage + when(transMock.start("Generate KeyPair", Env.SUB)).thenReturn(null); + KeyPair kp2 = Factory.generateKeyPair(transMock); + encryptor.init(Cipher.ENCRYPT_MODE, kp2.getPublic()); + decryptor.init(Cipher.DECRYPT_MODE, kp2.getPrivate()); + byte[] encrypedMessage2 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8)); + String output2 = new String(decryptor.doFinal(encrypedMessage2)); + assertThat(output2, is(message)); + + KeyPair kp3 = Factory.generateKeyPair(null); + encryptor.init(Cipher.ENCRYPT_MODE, kp3.getPublic()); + decryptor.init(Cipher.DECRYPT_MODE, kp3.getPrivate()); + byte[] encrypedMessage3 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8)); + String output3 = new String(decryptor.doFinal(encrypedMessage3)); + assertThat(output3, is(message)); + } + + @Test + public void keyToStringTest() throws IOException { + KeyPair kp = Factory.generateKeyPair(transMock); + + String publicKeyString = Factory.toString(transMock, kp.getPublic()); + String privateKeyString = Factory.toString(transMock, kp.getPrivate()); + + String[] publicKeyLines = publicKeyString.split("\n", 0); + assertThat(publicKeyLines.length, is(9)); + assertThat(publicKeyLines[0], is("-----BEGIN PUBLIC KEY-----")); + assertThat(publicKeyLines[8], is("-----END PUBLIC KEY-----")); + + String[] privateKeyLines = privateKeyString.split("\n", 0); + assertThat(privateKeyLines.length, is(28)); + assertThat(privateKeyLines[0], is("-----BEGIN PRIVATE KEY-----")); + assertThat(privateKeyLines[27], is("-----END PRIVATE KEY-----")); + } +} diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_FastPerms.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenPerm.java index 523bbc58..861e32e0 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_FastPerms.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenPerm.java @@ -21,37 +21,74 @@ package org.onap.aaf.cadi.oauth.test; +import static org.hamcrest.CoreMatchers.*; +import static org.junit.Assert.*; +import org.junit.*; + import java.io.StringReader; -import org.junit.After; -import org.junit.AfterClass; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; import org.onap.aaf.cadi.Permission; import org.onap.aaf.cadi.oauth.TokenPerm.LoadPermissions; import org.onap.aaf.misc.rosetta.ParseException; -public class JU_FastPerms { +public class JU_TokenPerm { - @BeforeClass - public static void setUpBeforeClass() throws Exception { - } + @Test + public void test() throws ParseException { + String json; + LoadPermissions lp; + Permission p; - @AfterClass - public static void tearDownAfterClass() throws Exception { - } + json = "{\"perm\":[" + + " {\"type\":\"com.access\",\"instance\":\"*\",\"action\":\"read,approve\"}," + + "]}"; - @Before - public void setUp() throws Exception { - } + lp = new LoadPermissions(new StringReader(json)); + assertThat(lp.perms.size(), is(1)); + + p = lp.perms.get(0); + assertThat(p.getKey(), is("com.access|*|read,approve")); + assertThat(p.permType(), is("AAF")); + + // Extra closing braces for coverage + json = "{\"perm\":[" + + " {\"type\":\"com.access\",\"instance\":\"*\",\"action\":\"read,approve\"}}," + + "]]}"; + + lp = new LoadPermissions(new StringReader(json)); + assertThat(lp.perms.size(), is(1)); - @After - public void tearDown() throws Exception { + p = lp.perms.get(0); + assertThat(p.getKey(), is("com.access|*|read,approve")); + assertThat(p.permType(), is("AAF")); + + // Test without a type + json = "{\"perm\":[" + + " {\"instance\":\"*\",\"action\":\"read,approve\"}," + + "]}"; + + lp = new LoadPermissions(new StringReader(json)); + assertThat(lp.perms.size(), is(0)); + + // Test without an instance + json = "{\"perm\":[" + + " {\"type\":\"com.access\",\"action\":\"read,approve\"}," + + "]}"; + + lp = new LoadPermissions(new StringReader(json)); + assertThat(lp.perms.size(), is(0)); + + // Test without an action + json = "{\"perm\":[" + + " {\"type\":\"com.access\",\"instance\":\"*\"}," + + "]}"; + + lp = new LoadPermissions(new StringReader(json)); + assertThat(lp.perms.size(), is(0)); } @Test - public void test() { + public void redundancyTest() { String json = "{\"perm\":[" + " {\"type\":\"com.access\",\"instance\":\"*\",\"action\":\"read,approve\"}," + " {\"type\":\"org.osaaf.aaf.access\",\"instance\":\"*\",\"action\":\"*\"}," + @@ -88,19 +125,12 @@ public class JU_FastPerms { " {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}," + " {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}" + "]}"; - try { LoadPermissions lp = new LoadPermissions(new StringReader(json)); - for(Permission p : lp.perms) { - System.out.println(p.toString()); - } - System.out.println("done"); + assertThat(lp.perms.size(), is(34)); } catch (ParseException e) { - System.err.println(e); + fail(e.getMessage()); } - - } - } diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java index b97667d5..614cafbb 100644 --- a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java +++ b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java @@ -19,7 +19,7 @@ * */ -package org.onap.aaf.cadi.client.test; +package org.onap.aaf.cadi.locator.test; import java.net.URI; import java.net.URL; |