summaryrefslogtreecommitdiffstats
path: root/auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java')
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java509
1 files changed, 0 insertions, 509 deletions
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java
deleted file mode 100644
index e06a8c57..00000000
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/cass/hl/JU_Question.java
+++ /dev/null
@@ -1,509 +0,0 @@
-/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * *
- ******************************************************************************/
-package org.onap.aaf.auth.cass.hl;
-
-import static junit.framework.Assert.assertEquals;
-import static junit.framework.Assert.assertFalse;
-import static junit.framework.Assert.assertTrue;
-
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.onap.aaf.auth.dao.cass.NsDAO;
-import org.onap.aaf.auth.dao.cass.PermDAO;
-import org.onap.aaf.auth.dao.cass.RoleDAO;
-import org.onap.aaf.auth.dao.cass.UserRoleDAO;
-import org.onap.aaf.auth.dao.cass.NsDAO.Data;
-import org.onap.aaf.auth.dao.hl.Question;
-import org.onap.aaf.auth.dao.hl.Question.Access;
-import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.layer.Result;
-import org.onap.aaf.cadi.principal.TaggedPrincipal;
-import org.onap.aaf.misc.env.Env;
-import org.onap.aaf.misc.env.TimeTaken;
-
-import com.att.dao.aaf.test.AbsJUCass;
-
-public class JU_Question extends AbsJUCass {
-
- private static final int EXPIRES_IN = 60000000;
- private static final String COM_TEST_JU = "com.test.ju_question";
- private static final String JU9999_JU_TEST_COM = "ju9999@ju.test.com";
- private static final String JU9998_JU_TEST_COM = "ju9998@ju.test.com";
- private static final String READ = "read";
- private static final int NFR_1 = 80;
- private static final int NFR_2 = 4000;
- private static final int ROLE_LEVEL1 = 1000;
- private static final int PERM_LEVEL1 = 1000;
-// private static final int PERM_LEVEL2 = 20;
- private static Question q;
- private static NsDAO.Data ndd;
-
- @BeforeClass
- public static void startupBeforeClass() throws Exception {
- details=false;
- AuthzTrans trans = env.newTransNoAvg();
- q = new Question(trans,cluster,AUTHZ, false);
- ndd = new NsDAO.Data();
- ndd.name=COM_TEST_JU;
- ndd.type=3; // app
- ndd.parent="com.test";
- ndd.description="Temporary Namespace for JU_Question";
- q.nsDAO.create(trans, ndd);
- }
-
- @AfterClass
- public static void endAfterClass() throws Exception {
- q.nsDAO.delete(trans, ndd,false);
- }
-// @Test
- public void mayUserRead_EmptyPerm() {
- PermDAO.Data pdd = new PermDAO.Data();
- Result<NsDAO.Data> result = q.mayUser(trans,JU9999_JU_TEST_COM,pdd,Access.read);
- assertFalse(result.isOK());
- }
-
-// @Test
- public void mayUserRead_OnePermNotExist() {
- Result<NsDAO.Data> result = q.mayUser(trans,JU9999_JU_TEST_COM,newPerm(0,0,READ),Access.read);
- assertFalse(result.isOK());
- assertEquals("Denied - ["+ JU9999_JU_TEST_COM +"] may not read Perm [" + COM_TEST_JU + ".myPerm0|myInstance0|read]",result.errorString());
- }
-
-// @Test
- public void mayUserRead_OnePermExistDenied() {
- PermDAO.Data perm = newPerm(0,0,READ);
- q.permDAO.create(trans,perm);
- try {
- Result<NsDAO.Data> result;
- TimeTaken tt = trans.start("q.mayUser...", Env.SUB);
- try {
- result = q.mayUser(trans,JU9999_JU_TEST_COM,perm,Access.read);
- } finally {
- tt.done();
- assertTrue("NFR time < "+ NFR_1 + "ms",tt.millis()<NFR_1);
- }
- assertFalse(result.isOK());
- assertEquals("Denied - ["+ JU9999_JU_TEST_COM +"] may not read Perm ["+COM_TEST_JU + ".myPerm0|myInstance0|read]",result.errorString());
- } finally {
- q.permDAO.delete(trans, perm, false);
- }
- }
-
-// @Test
- public void mayUserRead_OnePermOneRoleExistOK() {
- PermDAO.Data perm = newPerm(0,0,READ);
- RoleDAO.Data role = newRole(0,perm);
- UserRoleDAO.Data ur = newUserRole(role,JU9999_JU_TEST_COM,EXPIRES_IN);
- try {
- q.permDAO.create(trans,perm);
- q.roleDAO.create(trans,role);
- q.userRoleDAO.create(trans,ur);
-
- Result<NsDAO.Data> result;
- TimeTaken tt = trans.start("q.mayUser...", Env.SUB);
- try {
- result = q.mayUser(trans,JU9999_JU_TEST_COM,perm,Access.read);
- } finally {
- tt.done();
- assertTrue("NFR time < "+ NFR_1 + "ms",tt.millis()<NFR_1);
- }
- assertTrue(result.isOK());
- } finally {
- q.permDAO.delete(trans, perm, false);
- q.roleDAO.delete(trans, role, false);
- q.userRoleDAO.delete(trans, ur, false);
- }
- }
-
-// @Test
- public void filter_OnePermOneRoleExistOK() {
- PermDAO.Data perm = newPerm(0,0,READ);
- RoleDAO.Data role = newRole(0,perm);
- UserRoleDAO.Data ur1 = newUserRole(role,JU9998_JU_TEST_COM,EXPIRES_IN);
- UserRoleDAO.Data ur2 = newUserRole(role,JU9999_JU_TEST_COM,EXPIRES_IN);
- try {
- q.permDAO.create(trans,perm);
- q.roleDAO.create(trans,role);
- q.userRoleDAO.create(trans,ur1);
- q.userRoleDAO.create(trans,ur2);
-
- Result<List<PermDAO.Data>> pres;
- TimeTaken tt = trans.start("q.getPerms...", Env.SUB);
- try {
- pres = q.getPermsByUserFromRolesFilter(trans, JU9999_JU_TEST_COM, JU9999_JU_TEST_COM);
- } finally {
- tt.done();
- trans.info().log("filter_OnePermOneRleExistOK",tt);
- assertTrue("NFR time < "+ NFR_1 + "ms",tt.millis()<NFR_1);
- }
- assertTrue(pres.isOK());
-
- try {
- pres = q.getPermsByUserFromRolesFilter(trans, JU9999_JU_TEST_COM, JU9998_JU_TEST_COM);
- } finally {
- tt.done();
- trans.info().log("filter_OnePermOneRleExistOK No Value",tt);
- assertTrue("NFR time < "+ NFR_1 + "ms",tt.millis()<NFR_1);
- }
- assertFalse(pres.isOKhasData());
-
- } finally {
- q.permDAO.delete(trans, perm, false);
- q.roleDAO.delete(trans, role, false);
- q.userRoleDAO.delete(trans, ur1, false);
- q.userRoleDAO.delete(trans, ur2, false);
- }
- }
-
-// @Test
- public void mayUserRead_OnePermMultiRoleExistOK() {
- PermDAO.Data perm = newPerm(0,0,READ);
- List<RoleDAO.Data> lrole = new ArrayList<RoleDAO.Data>();
- List<UserRoleDAO.Data> lur = new ArrayList<UserRoleDAO.Data>();
- try {
- q.permDAO.create(trans,perm);
- for(int i=0;i<ROLE_LEVEL1;++i) {
- RoleDAO.Data role = newRole(i,perm);
- lrole.add(role);
- q.roleDAO.create(trans,role);
-
- UserRoleDAO.Data ur = newUserRole(role,JU9999_JU_TEST_COM,60000000);
- lur.add(ur);
- q.userRoleDAO.create(trans,ur);
- }
-
- Result<NsDAO.Data> result;
- TimeTaken tt = trans.start("mayUserRead_OnePermMultiRoleExistOK", Env.SUB);
- try {
- result = q.mayUser(trans,JU9999_JU_TEST_COM,perm,Access.read);
- } finally {
- tt.done();
- env.info().log(tt,ROLE_LEVEL1,"iterations");
- assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2);
- }
- assertTrue(result.isOK());
- } finally {
- q.permDAO.delete(trans, perm, false);
- for(RoleDAO.Data role : lrole) {
- q.roleDAO.delete(trans, role, false);
- }
- for(UserRoleDAO.Data ur : lur) {
- q.userRoleDAO.delete(trans, ur, false);
- }
- }
- }
-
- @Test
- public void mayUserRead_MultiPermOneRoleExistOK() {
- RoleDAO.Data role = newRole(0);
- UserRoleDAO.Data ur = newUserRole(role,JU9999_JU_TEST_COM,EXPIRES_IN);
- List<PermDAO.Data> lperm = new ArrayList<PermDAO.Data>();
- try {
- for(int i=0;i<PERM_LEVEL1;++i) {
- lperm.add(newPerm(i,i,READ,role));
- }
- q.roleDAO.create(trans, role);
- q.userRoleDAO.create(trans, ur);
-
- Result<NsDAO.Data> result;
- TimeTaken tt = trans.start("mayUserRead_MultiPermOneRoleExistOK", Env.SUB);
- try {
- result = q.mayUser(trans,JU9999_JU_TEST_COM,lperm.get(PERM_LEVEL1-1),Access.read);
- } finally {
- tt.done();
- env.info().log(tt,PERM_LEVEL1,"iterations");
- assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2);
- }
- assertTrue(result.isOK());
- } finally {
- for(PermDAO.Data perm : lperm) {
- q.permDAO.delete(trans, perm, false);
- }
- q.roleDAO.delete(trans, role, false);
- q.userRoleDAO.delete(trans, ur, false);
- }
- }
-
-//// @Test
-// public void mayUserRead_MultiPermMultiRoleExistOK() {
-// List<PermDAO.Data> lperm = new ArrayList<PermDAO.Data>();
-// List<RoleDAO.Data> lrole = new ArrayList<RoleDAO.Data>();
-// List<UserRoleDAO.Data> lur = new ArrayList<UserRoleDAO.Data>();
-//
-// try {
-// RoleDAO.Data role;
-// UserRoleDAO.Data ur;
-// for(int i=0;i<ROLE_LEVEL1;++i) {
-// lrole.add(role=newRole(i));
-// q.roleDAO.create(trans, role);
-// lur.add(ur=newUserRole(role, JU9999_JU_TEST_COM, EXPIRES_IN));
-// q.userRoleDAO.create(trans, ur);
-// for(int j=0;j<PERM_LEVEL2;++j) {
-// lperm.add(newPerm(i,j,READ,role));
-// }
-// }
-//
-// Result<NsDAO.Data> result;
-// TimeTaken tt = trans.start("mayUserRead_MultiPermMultiRoleExistOK", Env.SUB);
-// try {
-// result = q.mayUser(trans,JU9999_JU_TEST_COM,lperm.get(ROLE_LEVEL1*PERM_LEVEL2-1),Access.read);
-// } finally {
-// tt.done();
-// env.info().log(tt,lperm.size(),"perms",", ",lrole.size(),"role");
-// assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2);
-// }
-// assertTrue(result.isOK());
-// } finally {
-// for(PermDAO.Data perm : lperm) {
-// q.permDAO.delete(trans, perm, false);
-// }
-// for(RoleDAO.Data role : lrole) {
-// q.roleDAO.delete(trans, role, false);
-// }
-// for(UserRoleDAO.Data ur : lur) {
-// q.userRoleDAO.delete(trans, ur, false);
-// }
-// }
-// }
-
- @Test
- public void mayUserRead_MultiPermMultiRoleExist_10x10() {
- env.info().log("Original Filter Method 10x10");
- mayUserRead_MultiPermMultiRoleExist(10,10);
- env.info().log("New Filter Method 10x10");
- mayUserRead_MultiPermMultiRoleExist_NewOK(10,10);
- }
-
-// @Test
- public void mayUserRead_MultiPermMultiRoleExist_20x10() {
- env.info().log("mayUserRead_MultiPermMultiRoleExist_20x10");
- mayUserRead_MultiPermMultiRoleExist_NewOK(20,10);
- }
-
-// @Test
- public void mayUserRead_MultiPermMultiRoleExist_100x10() {
- env.info().log("mayUserRead_MultiPermMultiRoleExist_100x10");
- mayUserRead_MultiPermMultiRoleExist_NewOK(100,10);
- }
-
-// @Test
- public void mayUserRead_MultiPermMultiRoleExist_100x20() {
- env.info().log("mayUserRead_MultiPermMultiRoleExist_100x20");
- mayUserRead_MultiPermMultiRoleExist_NewOK(100,20);
- }
-
-// @Test
- public void mayUserRead_MultiPermMultiRoleExist_1000x20() {
- env.info().log("mayUserRead_MultiPermMultiRoleExist_1000x20");
- mayUserRead_MultiPermMultiRoleExist_NewOK(1000,20);
- }
-
- private void mayUserRead_MultiPermMultiRoleExist(int roleLevel, int permLevel) {
- List<PermDAO.Data> lperm = new ArrayList<PermDAO.Data>();
- List<RoleDAO.Data> lrole = new ArrayList<RoleDAO.Data>();
- List<UserRoleDAO.Data> lur = new ArrayList<UserRoleDAO.Data>();
- load(roleLevel, permLevel, lperm,lrole,lur);
-
-
- Result<List<PermDAO.Data>> pres;
- trans.setUser(new TaggedPrincipal() {
- @Override
- public String getName() {
- return JU9999_JU_TEST_COM;
- }
-
- @Override
- public String tag() {
- return "JUnit";
- }
-
- @Override
- public String personalName() {
- return JU9998_JU_TEST_COM;
- }
- });
-
- try {
- TimeTaken group = trans.start(" Original Security Method (1st time)", Env.SUB);
- try {
- TimeTaken tt = trans.start(" Get User Perms for "+JU9998_JU_TEST_COM, Env.SUB);
- try {
- pres = q.getPermsByUser(trans,JU9998_JU_TEST_COM,true);
- } finally {
- tt.done();
- env.info().log(tt," Looked up (full) getPermsByUser for",JU9998_JU_TEST_COM);
- }
- assertTrue(pres.isOK());
- tt = trans.start(" q.mayUser", Env.SUB);
- List<PermDAO.Data> reduced = new ArrayList<PermDAO.Data>();
-
- try {
- for(PermDAO.Data p : pres.value) {
- Result<Data> r = q.mayUser(trans,JU9999_JU_TEST_COM,p,Access.read);
- if(r.isOK()) {
- reduced.add(p);
- }
- }
- } finally {
- tt.done();
- env.info().log(tt," reduced" + pres.value.size(),"perms","to",reduced.size());
- // assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2);
- }
- // assertFalse(result.isOK());
- } finally {
- group.done();
- env.info().log(group," Original Validation Method (1st pass)");
- }
-
-
- } finally {
- unload(lperm, lrole, lur);
- }
- }
-
- private void mayUserRead_MultiPermMultiRoleExist_NewOK(int roleLevel, int permLevel) {
- List<PermDAO.Data> lperm = new ArrayList<PermDAO.Data>();
- List<RoleDAO.Data> lrole = new ArrayList<RoleDAO.Data>();
- List<UserRoleDAO.Data> lur = new ArrayList<UserRoleDAO.Data>();
- load(roleLevel, permLevel, lperm,lrole,lur);
-
- try {
-
- Result<List<PermDAO.Data>> pres;
- TimeTaken tt = trans.start(" mayUserRead_MultiPermMultiRoleExist_New New Filter", Env.SUB);
- try {
- pres = q.getPermsByUserFromRolesFilter(trans, JU9999_JU_TEST_COM, JU9998_JU_TEST_COM);
- } finally {
- tt.done();
- env.info().log(tt,lperm.size(),"perms",", ",lrole.size(),"role", lur.size(), "UserRoles");
-// assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2);
- }
-// assertTrue(pres.isOKhasData());
-
- tt = trans.start(" mayUserRead_MultiPermMultiRoleExist_New New Filter (2nd time)", Env.SUB);
- try {
- pres = q.getPermsByUserFromRolesFilter(trans, JU9999_JU_TEST_COM, JU9998_JU_TEST_COM);
- } finally {
- tt.done();
- env.info().log(tt,lperm.size(),"perms",", ",lrole.size(),"role", lur.size(), "UserRoles");
- assertTrue("NFR time < "+ NFR_2 + "ms",tt.millis()<NFR_2);
- }
-// assertTrue(pres.isOKhasData());
-
- } finally {
- unload(lperm, lrole, lur);
- }
- }
-
-
- private void load(int roleLevel, int permLevel, List<PermDAO.Data> lperm , List<RoleDAO.Data> lrole, List<UserRoleDAO.Data> lur) {
- RoleDAO.Data role;
- UserRoleDAO.Data ur;
- PermDAO.Data perm;
-
- int onethirdR=roleLevel/3;
- int twothirdR=onethirdR*2;
- int onethirdP=permLevel/3;
- int twothirdP=onethirdP*2;
-
- for(int i=0;i<roleLevel;++i) {
- lrole.add(role=newRole(i));
- if(i<onethirdR) { // one has
- lur.add(ur=newUserRole(role, JU9998_JU_TEST_COM, EXPIRES_IN));
- q.userRoleDAO.create(trans, ur);
- for(int j=0;j<onethirdP;++j) {
- lperm.add(perm=newPerm(i,j,READ,role));
- q.permDAO.create(trans, perm);
- }
- } else if(i<twothirdR) { // both have
- lur.add(ur=newUserRole(role, JU9998_JU_TEST_COM, EXPIRES_IN));
- q.userRoleDAO.create(trans, ur);
- lur.add(ur=newUserRole(role, JU9999_JU_TEST_COM, EXPIRES_IN));
- q.userRoleDAO.create(trans, ur);
- for(int j=onethirdP;j<twothirdP;++j) {
- lperm.add(perm=newPerm(i,j,READ,role));
- q.permDAO.create(trans, perm);
- }
- } else { // other has
- lur.add(ur=newUserRole(role, JU9999_JU_TEST_COM, EXPIRES_IN));
- q.userRoleDAO.create(trans, ur);
- for(int j=twothirdP;j<permLevel;++j) {
- lperm.add(perm=newPerm(i,j,READ,role));
- q.permDAO.create(trans, perm);
- }
- }
- q.roleDAO.create(trans, role);
- }
-
- }
-
- private void unload(List<PermDAO.Data> lperm , List<RoleDAO.Data> lrole, List<UserRoleDAO.Data> lur) {
- for(PermDAO.Data perm : lperm) {
- q.permDAO.delete(trans, perm, false);
- }
- for(RoleDAO.Data role : lrole) {
- q.roleDAO.delete(trans, role, false);
- }
- for(UserRoleDAO.Data ur : lur) {
- q.userRoleDAO.delete(trans, ur, false);
- }
-
- }
- private PermDAO.Data newPerm(int permNum, int instNum, String action, RoleDAO.Data ... grant) {
- PermDAO.Data pdd = new PermDAO.Data();
- pdd.ns=COM_TEST_JU;
- pdd.type="myPerm"+permNum;
- pdd.instance="myInstance"+instNum;
- pdd.action=action;
- for(RoleDAO.Data r : grant) {
- pdd.roles(true).add(r.fullName());
- r.perms(true).add(pdd.encode());
- }
- return pdd;
- }
-
- private RoleDAO.Data newRole(int roleNum, PermDAO.Data ... grant) {
- RoleDAO.Data rdd = new RoleDAO.Data();
- rdd.ns = COM_TEST_JU+roleNum;
- rdd.name = "myRole"+roleNum;
- for(PermDAO.Data p : grant) {
- rdd.perms(true).add(p.encode());
- p.roles(true).add(rdd.fullName());
- }
- return rdd;
- }
-
- private UserRoleDAO.Data newUserRole(RoleDAO.Data role,String user, long offset) {
- UserRoleDAO.Data urd = new UserRoleDAO.Data();
- urd.user=user;
- urd.role(role);
- urd.expires=new Date(System.currentTimeMillis()+offset);
- return urd;
- }
-
-
-}