diff options
Diffstat (limited to 'auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java')
-rw-r--r-- | auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java | 509 |
1 files changed, 0 insertions, 509 deletions
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java deleted file mode 100644 index e06a8c57..00000000 --- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java +++ /dev/null @@ -1,509 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * - ******************************************************************************/ -package org.onap.aaf.auth.cass.hl; - -import static junit.framework.Assert.assertEquals; -import static junit.framework.Assert.assertFalse; -import static junit.framework.Assert.assertTrue; - -import java.util.ArrayList; -import java.util.Date; -import java.util.List; - -import org.junit.AfterClass; -import org.junit.BeforeClass; -import org.junit.Test; -import org.onap.aaf.auth.dao.cass.NsDAO; -import org.onap.aaf.auth.dao.cass.PermDAO; -import org.onap.aaf.auth.dao.cass.RoleDAO; -import org.onap.aaf.auth.dao.cass.UserRoleDAO; -import org.onap.aaf.auth.dao.cass.NsDAO.Data; -import org.onap.aaf.auth.dao.hl.Question; -import org.onap.aaf.auth.dao.hl.Question.Access; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.cadi.principal.TaggedPrincipal; -import org.onap.aaf.misc.env.Env; -import org.onap.aaf.misc.env.TimeTaken; - -import com.att.dao.aaf.test.AbsJUCass; - -public class JU_Question extends AbsJUCass { - - private static final int EXPIRES_IN = 60000000; - private static final String COM_TEST_JU = "com.test.ju_question"; - private static final String JU9999_JU_TEST_COM = "ju9999@ju.test.com"; - private static final String JU9998_JU_TEST_COM = "ju9998@ju.test.com"; - private static final String READ = "read"; - private static final int NFR_1 = 80; - private static final int NFR_2 = 4000; - private static final int ROLE_LEVEL1 = 1000; - private static final int PERM_LEVEL1 = 1000; -// private static final int PERM_LEVEL2 = 20; - private static Question q; - private static NsDAO.Data ndd; - - @BeforeClass - public static void startupBeforeClass() throws Exception { - details=false; - AuthzTrans trans = env.newTransNoAvg(); - q = new Question(trans,cluster,AUTHZ, false); - ndd = new NsDAO.Data(); - ndd.name=COM_TEST_JU; - ndd.type=3; // app - ndd.parent="com.test"; - ndd.description="Temporary Namespace for JU_Question"; - q.nsDAO.create(trans, ndd); - } - - @AfterClass - public static void endAfterClass() throws Exception { - q.nsDAO.delete(trans, ndd,false); - } -// @Test - public void mayUserRead_EmptyPerm() { - PermDAO.Data pdd = new PermDAO.Data(); - Result<NsDAO.Data> result = q.mayUser(trans,JU9999_JU_TEST_COM,pdd,Access.read); - assertFalse(result.isOK()); - } - -// @Test - public void mayUserRead_OnePermNotExist() { - Result<NsDAO.Data> result = q.mayUser(trans,JU9999_JU_TEST_COM,newPerm(0,0,READ),Access.read); - assertFalse(result.isOK()); - assertEquals("Denied - ["+ JU9999_JU_TEST_COM +"] may not read Perm [" + COM_TEST_JU + ".myPerm0|myInstance0|read]",result.errorString()); - } - -// @Test - public void mayUserRead_OnePermExistDenied() { - PermDAO.Data perm = newPerm(0,0,READ); - q.permDAO.create(trans,perm); - try { - Result<NsDAO.Data> result; - TimeTaken tt = trans.start("q.mayUser...", Env.SUB); - try { - result = q.mayUser(trans,JU9999_JU_TEST_COM,perm,Access.read); - } finally { - tt.done(); - assertTrue("NFR time < "+ NFR_1 + "ms",tt.millis()<NFR_1); - } - assertFalse(result.isOK()); - assertEquals("Denied - ["+ JU9999_JU_TEST_COM +"] may not read Perm ["+COM_TEST_JU + ".myPerm0|myInstance0|read]",result.errorString()); - } finally { - q.permDAO.delete(trans, perm, false); - } - } - -// @Test - public void mayUserRead_OnePermOneRoleExistOK() { - PermDAO.Data perm = newPerm(0,0,READ); - RoleDAO.Data role = newRole(0,perm); - UserRoleDAO.Data ur = newUserRole(role,JU9999_JU_TEST_COM,EXPIRES_IN); - try { - q.permDAO.create(trans,perm); - q.roleDAO.create(trans,role); - q.userRoleDAO.create(trans,ur); - - Result<NsDAO.Data> result; - TimeTaken tt = trans.start("q.mayUser...", Env.SUB); - try { - result = q.mayUser(trans,JU9999_JU_TEST_COM,perm,Access.read); - } finally { - tt.done(); - assertTrue("NFR time < "+ NFR_1 + "ms",tt.millis()<NFR_1); - } - assertTrue(result.isOK()); - } finally { - q.permDAO.delete(trans, perm, false); - q.roleDAO.delete(trans, role, false); - q.userRoleDAO.delete(trans, ur, false); - } - } - -// @Test - public void filter_OnePermOneRoleExistOK() { - PermDAO.Data perm = newPerm(0,0,READ); - RoleDAO.Data role = newRole(0,perm); - UserRoleDAO.Data ur1 = newUserRole(role,JU9998_JU_TEST_COM,EXPIRES_IN); - UserRoleDAO.Data ur2 = newUserRole(role,JU9999_JU_TEST_COM,EXPIRES_IN); - try { - q.permDAO.create(trans,perm); - q.roleDAO.create(trans,role); - q.userRoleDAO.create(trans,ur1); - q.userRoleDAO.create(trans,ur2); - - Result<List<PermDAO.Data>> pres; - TimeTaken tt = trans.start("q.getPerms...", Env.SUB); - try { - pres = q.getPermsByUserFromRolesFilter(trans, JU9999_JU_TEST_COM, JU9999_JU_TEST_COM); - } finally { - tt.done(); - trans.info().log("filter_OnePermOneRleExistOK",tt); - assertTrue("NFR time < "+ NFR_1 + "ms",tt.millis()<NFR_1); - } - assertTrue(pres.isOK()); - - try { - pres = q.getPermsByUserFromRolesFilter(trans, JU9999_JU_TEST_COM, JU9998_JU_TEST_COM); - } finally { - tt.done(); - trans.info().log("filter_OnePermOneRleExistOK No Value",tt); - assertTrue("NFR time < "+ NFR_1 + "ms",tt.millis()<NFR_1); - } - assertFalse(pres.isOKhasData()); - - } finally { - q.permDAO.delete(trans, perm, false); - q.roleDAO.delete(trans, role, false); - q.userRoleDAO.delete(trans, ur1, false); - q.userRoleDAO.delete(trans, ur2, false); - } - } - -// @Test - public void mayUserRead_OnePermMultiRoleExistOK() { - PermDAO.Data perm = newPerm(0,0,READ); - List<RoleDAO.Data> lrole = new ArrayList<RoleDAO.Data>(); - List<UserRoleDAO.Data> lur = new ArrayList<UserRoleDAO.Data>(); - try { - q.permDAO.create(trans,perm); - for(int i=0;i<ROLE_LEVEL1;++i) { - RoleDAO.Data role = newRole(i,perm); - lrole.add(role); - q.roleDAO.create(trans,role); - - UserRoleDAO.Data ur = newUserRole(role,JU9999_JU_TEST_COM,60000000); - lur.add(ur); - q.userRoleDAO.create(trans,ur); - } - - Result<NsDAO.Data> result; - TimeTaken tt = trans.start("mayUserRead_OnePermMultiRoleExistOK", Env.SUB); - try { - result = q.mayUser(trans,JU9999_JU_TEST_COM,perm,Access.read); - } finally { - tt.done(); - env.info().log(tt,ROLE_LEVEL1,"iterations"); - assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2); - } - assertTrue(result.isOK()); - } finally { - q.permDAO.delete(trans, perm, false); - for(RoleDAO.Data role : lrole) { - q.roleDAO.delete(trans, role, false); - } - for(UserRoleDAO.Data ur : lur) { - q.userRoleDAO.delete(trans, ur, false); - } - } - } - - @Test - public void mayUserRead_MultiPermOneRoleExistOK() { - RoleDAO.Data role = newRole(0); - UserRoleDAO.Data ur = newUserRole(role,JU9999_JU_TEST_COM,EXPIRES_IN); - List<PermDAO.Data> lperm = new ArrayList<PermDAO.Data>(); - try { - for(int i=0;i<PERM_LEVEL1;++i) { - lperm.add(newPerm(i,i,READ,role)); - } - q.roleDAO.create(trans, role); - q.userRoleDAO.create(trans, ur); - - Result<NsDAO.Data> result; - TimeTaken tt = trans.start("mayUserRead_MultiPermOneRoleExistOK", Env.SUB); - try { - result = q.mayUser(trans,JU9999_JU_TEST_COM,lperm.get(PERM_LEVEL1-1),Access.read); - } finally { - tt.done(); - env.info().log(tt,PERM_LEVEL1,"iterations"); - assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2); - } - assertTrue(result.isOK()); - } finally { - for(PermDAO.Data perm : lperm) { - q.permDAO.delete(trans, perm, false); - } - q.roleDAO.delete(trans, role, false); - q.userRoleDAO.delete(trans, ur, false); - } - } - -//// @Test -// public void mayUserRead_MultiPermMultiRoleExistOK() { -// List<PermDAO.Data> lperm = new ArrayList<PermDAO.Data>(); -// List<RoleDAO.Data> lrole = new ArrayList<RoleDAO.Data>(); -// List<UserRoleDAO.Data> lur = new ArrayList<UserRoleDAO.Data>(); -// -// try { -// RoleDAO.Data role; -// UserRoleDAO.Data ur; -// for(int i=0;i<ROLE_LEVEL1;++i) { -// lrole.add(role=newRole(i)); -// q.roleDAO.create(trans, role); -// lur.add(ur=newUserRole(role, JU9999_JU_TEST_COM, EXPIRES_IN)); -// q.userRoleDAO.create(trans, ur); -// for(int j=0;j<PERM_LEVEL2;++j) { -// lperm.add(newPerm(i,j,READ,role)); -// } -// } -// -// Result<NsDAO.Data> result; -// TimeTaken tt = trans.start("mayUserRead_MultiPermMultiRoleExistOK", Env.SUB); -// try { -// result = q.mayUser(trans,JU9999_JU_TEST_COM,lperm.get(ROLE_LEVEL1*PERM_LEVEL2-1),Access.read); -// } finally { -// tt.done(); -// env.info().log(tt,lperm.size(),"perms",", ",lrole.size(),"role"); -// assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2); -// } -// assertTrue(result.isOK()); -// } finally { -// for(PermDAO.Data perm : lperm) { -// q.permDAO.delete(trans, perm, false); -// } -// for(RoleDAO.Data role : lrole) { -// q.roleDAO.delete(trans, role, false); -// } -// for(UserRoleDAO.Data ur : lur) { -// q.userRoleDAO.delete(trans, ur, false); -// } -// } -// } - - @Test - public void mayUserRead_MultiPermMultiRoleExist_10x10() { - env.info().log("Original Filter Method 10x10"); - mayUserRead_MultiPermMultiRoleExist(10,10); - env.info().log("New Filter Method 10x10"); - mayUserRead_MultiPermMultiRoleExist_NewOK(10,10); - } - -// @Test - public void mayUserRead_MultiPermMultiRoleExist_20x10() { - env.info().log("mayUserRead_MultiPermMultiRoleExist_20x10"); - mayUserRead_MultiPermMultiRoleExist_NewOK(20,10); - } - -// @Test - public void mayUserRead_MultiPermMultiRoleExist_100x10() { - env.info().log("mayUserRead_MultiPermMultiRoleExist_100x10"); - mayUserRead_MultiPermMultiRoleExist_NewOK(100,10); - } - -// @Test - public void mayUserRead_MultiPermMultiRoleExist_100x20() { - env.info().log("mayUserRead_MultiPermMultiRoleExist_100x20"); - mayUserRead_MultiPermMultiRoleExist_NewOK(100,20); - } - -// @Test - public void mayUserRead_MultiPermMultiRoleExist_1000x20() { - env.info().log("mayUserRead_MultiPermMultiRoleExist_1000x20"); - mayUserRead_MultiPermMultiRoleExist_NewOK(1000,20); - } - - private void mayUserRead_MultiPermMultiRoleExist(int roleLevel, int permLevel) { - List<PermDAO.Data> lperm = new ArrayList<PermDAO.Data>(); - List<RoleDAO.Data> lrole = new ArrayList<RoleDAO.Data>(); - List<UserRoleDAO.Data> lur = new ArrayList<UserRoleDAO.Data>(); - load(roleLevel, permLevel, lperm,lrole,lur); - - - Result<List<PermDAO.Data>> pres; - trans.setUser(new TaggedPrincipal() { - @Override - public String getName() { - return JU9999_JU_TEST_COM; - } - - @Override - public String tag() { - return "JUnit"; - } - - @Override - public String personalName() { - return JU9998_JU_TEST_COM; - } - }); - - try { - TimeTaken group = trans.start(" Original Security Method (1st time)", Env.SUB); - try { - TimeTaken tt = trans.start(" Get User Perms for "+JU9998_JU_TEST_COM, Env.SUB); - try { - pres = q.getPermsByUser(trans,JU9998_JU_TEST_COM,true); - } finally { - tt.done(); - env.info().log(tt," Looked up (full) getPermsByUser for",JU9998_JU_TEST_COM); - } - assertTrue(pres.isOK()); - tt = trans.start(" q.mayUser", Env.SUB); - List<PermDAO.Data> reduced = new ArrayList<PermDAO.Data>(); - - try { - for(PermDAO.Data p : pres.value) { - Result<Data> r = q.mayUser(trans,JU9999_JU_TEST_COM,p,Access.read); - if(r.isOK()) { - reduced.add(p); - } - } - } finally { - tt.done(); - env.info().log(tt," reduced" + pres.value.size(),"perms","to",reduced.size()); - // assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2); - } - // assertFalse(result.isOK()); - } finally { - group.done(); - env.info().log(group," Original Validation Method (1st pass)"); - } - - - } finally { - unload(lperm, lrole, lur); - } - } - - private void mayUserRead_MultiPermMultiRoleExist_NewOK(int roleLevel, int permLevel) { - List<PermDAO.Data> lperm = new ArrayList<PermDAO.Data>(); - List<RoleDAO.Data> lrole = new ArrayList<RoleDAO.Data>(); - List<UserRoleDAO.Data> lur = new ArrayList<UserRoleDAO.Data>(); - load(roleLevel, permLevel, lperm,lrole,lur); - - try { - - Result<List<PermDAO.Data>> pres; - TimeTaken tt = trans.start(" mayUserRead_MultiPermMultiRoleExist_New New Filter", Env.SUB); - try { - pres = q.getPermsByUserFromRolesFilter(trans, JU9999_JU_TEST_COM, JU9998_JU_TEST_COM); - } finally { - tt.done(); - env.info().log(tt,lperm.size(),"perms",", ",lrole.size(),"role", lur.size(), "UserRoles"); -// assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2); - } -// assertTrue(pres.isOKhasData()); - - tt = trans.start(" mayUserRead_MultiPermMultiRoleExist_New New Filter (2nd time)", Env.SUB); - try { - pres = q.getPermsByUserFromRolesFilter(trans, JU9999_JU_TEST_COM, JU9998_JU_TEST_COM); - } finally { - tt.done(); - env.info().log(tt,lperm.size(),"perms",", ",lrole.size(),"role", lur.size(), "UserRoles"); - assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2); - } -// assertTrue(pres.isOKhasData()); - - } finally { - unload(lperm, lrole, lur); - } - } - - - private void load(int roleLevel, int permLevel, List<PermDAO.Data> lperm , List<RoleDAO.Data> lrole, List<UserRoleDAO.Data> lur) { - RoleDAO.Data role; - UserRoleDAO.Data ur; - PermDAO.Data perm; - - int onethirdR=roleLevel/3; - int twothirdR=onethirdR*2; - int onethirdP=permLevel/3; - int twothirdP=onethirdP*2; - - for(int i=0;i<roleLevel;++i) { - lrole.add(role=newRole(i)); - if(i<onethirdR) { // one has - lur.add(ur=newUserRole(role, JU9998_JU_TEST_COM, EXPIRES_IN)); - q.userRoleDAO.create(trans, ur); - for(int j=0;j<onethirdP;++j) { - lperm.add(perm=newPerm(i,j,READ,role)); - q.permDAO.create(trans, perm); - } - } else if(i<twothirdR) { // both have - lur.add(ur=newUserRole(role, JU9998_JU_TEST_COM, EXPIRES_IN)); - q.userRoleDAO.create(trans, ur); - lur.add(ur=newUserRole(role, JU9999_JU_TEST_COM, EXPIRES_IN)); - q.userRoleDAO.create(trans, ur); - for(int j=onethirdP;j<twothirdP;++j) { - lperm.add(perm=newPerm(i,j,READ,role)); - q.permDAO.create(trans, perm); - } - } else { // other has - lur.add(ur=newUserRole(role, JU9999_JU_TEST_COM, EXPIRES_IN)); - q.userRoleDAO.create(trans, ur); - for(int j=twothirdP;j<permLevel;++j) { - lperm.add(perm=newPerm(i,j,READ,role)); - q.permDAO.create(trans, perm); - } - } - q.roleDAO.create(trans, role); - } - - } - - private void unload(List<PermDAO.Data> lperm , List<RoleDAO.Data> lrole, List<UserRoleDAO.Data> lur) { - for(PermDAO.Data perm : lperm) { - q.permDAO.delete(trans, perm, false); - } - for(RoleDAO.Data role : lrole) { - q.roleDAO.delete(trans, role, false); - } - for(UserRoleDAO.Data ur : lur) { - q.userRoleDAO.delete(trans, ur, false); - } - - } - private PermDAO.Data newPerm(int permNum, int instNum, String action, RoleDAO.Data ... grant) { - PermDAO.Data pdd = new PermDAO.Data(); - pdd.ns=COM_TEST_JU; - pdd.type="myPerm"+permNum; - pdd.instance="myInstance"+instNum; - pdd.action=action; - for(RoleDAO.Data r : grant) { - pdd.roles(true).add(r.fullName()); - r.perms(true).add(pdd.encode()); - } - return pdd; - } - - private RoleDAO.Data newRole(int roleNum, PermDAO.Data ... grant) { - RoleDAO.Data rdd = new RoleDAO.Data(); - rdd.ns = COM_TEST_JU+roleNum; - rdd.name = "myRole"+roleNum; - for(PermDAO.Data p : grant) { - rdd.perms(true).add(p.encode()); - p.roles(true).add(rdd.fullName()); - } - return rdd; - } - - private UserRoleDAO.Data newUserRole(RoleDAO.Data role,String user, long offset) { - UserRoleDAO.Data urd = new UserRoleDAO.Data(); - urd.user=user; - urd.role(role); - urd.expires=new Date(System.currentTimeMillis()+offset); - return urd; - } - - -} |