diff options
Diffstat (limited to 'auth/auth-deforg')
9 files changed, 1212 insertions, 1212 deletions
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java index 0bfe7e2d..d9336d4e 100644 --- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java +++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java @@ -41,583 +41,583 @@ import org.onap.aaf.cadi.util.FQI; import org.onap.aaf.misc.env.Env; public class DefaultOrg implements Organization { - private static final String AAF_DATA_DIR = "aaf_data_dir"; - private static final String PROPERTY_IS_REQUIRED = " property is Required"; - // Package on Purpose - final String domain; - final String atDomain; - final String realm; - - private final String NAME,mailHost,mailFrom; - private final Set<String> supportedRealms; - - - public DefaultOrg(Env env, String realm) throws OrganizationException { - - this.realm = realm; - supportedRealms=new HashSet<>(); - supportedRealms.add(realm); - domain=FQI.reverseDomain(realm); - atDomain = '@'+domain; - String s; - NAME=env.getProperty(realm + ".name","Default Organization"); - mailHost = env.getProperty(s=(realm + ".mailHost"), null); - if(mailHost==null) { - throw new OrganizationException(s + PROPERTY_IS_REQUIRED); - } - mailFrom = env.getProperty(s=(realm + ".mailFrom"), null); - if(mailFrom==null) { - throw new OrganizationException(s + PROPERTY_IS_REQUIRED); - } - - // Note: This code is to avoid including javax.mail into ONAP, because there are security/licence - // exceptions - try { - Class.forName("javax.mail.Session"); // ensure package is loaded - @SuppressWarnings("unchecked") - Class<Mailer> minst = (Class<Mailer>)Class.forName("org.onap.aaf.org.JavaxMailer"); - mailer = minst.newInstance(); - } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e1) { - env.warn().log("JavaxMailer not loaded. Mailing disabled"); - } - - System.getProperties().setProperty("mail.smtp.host",mailHost); - System.getProperties().setProperty("mail.user", mailFrom); - - try { - String defFile; - String temp=env.getProperty(defFile = (getClass().getName()+".file")); - File fIdentities=null; - if(temp==null) { - temp = env.getProperty(AAF_DATA_DIR); - if(temp!=null) { - env.warn().log(defFile, " is not defined. Using default: ",temp+"/identities.dat"); - File dir = new File(temp); - fIdentities=new File(dir,"identities.dat"); - - if(!fIdentities.exists()) { - env.warn().log("No",fIdentities.getCanonicalPath(),"exists. Creating."); - if(!dir.exists()) { - dir.mkdirs(); - } - fIdentities.createNewFile(); - } - } - } else { - fIdentities = new File(temp); - if(!fIdentities.exists()) { - String dataDir = env.getProperty(AAF_DATA_DIR); - if(dataDir!=null) { - fIdentities = new File(dataDir,temp); - } - } - } - - if(fIdentities!=null && fIdentities.exists()) { - identities = new Identities(fIdentities); - } else { - if(fIdentities==null) { - throw new OrganizationException("No Identities"); - } else { - throw new OrganizationException(fIdentities.getCanonicalPath() + " does not exist."); - } - } - } catch (IOException e) { - throw new OrganizationException(e); - } - } - - // Implement your own Delegation System - static final List<String> NULL_DELEGATES = new ArrayList<>(); - - public Identities identities; - private boolean dryRun; - private Mailer mailer; - public enum Types {Employee, Contractor, Application, NotActive}; - private final static Set<String> typeSet; - - static { - typeSet = new HashSet<>(); - for(Types t : Types.values()) { - typeSet.add(t.name()); - } - } - - private static final EmailWarnings emailWarnings = new DefaultOrgWarnings(); - - @Override - public String getName() { - return NAME; - } - - @Override - public String getRealm() { - return realm; - } - - @Override - public String getDomain() { - return domain; - } - - @Override - public DefaultOrgIdentity getIdentity(AuthzTrans trans, String id) throws OrganizationException { - int at = id.indexOf('@'); - return new DefaultOrgIdentity(trans,at<0?id:id.substring(0, at),this); - } - - // Note: Return a null if found; return a String Message explaining why not found. - @Override - public String isValidID(final AuthzTrans trans, final String id) { - try { - DefaultOrgIdentity u = getIdentity(trans,id); - return (u==null||!u.isFound())?id + "is not an Identity in " + getName():null; - } catch (OrganizationException e) { - return getName() + " could not lookup " + id + ": " + e.getLocalizedMessage(); - } - } - // Possible ID Pattern - // private static final Pattern ID_PATTERN=Pattern.compile("([\\w.-]+@[\\w.-]+).{4-13}"); - // Another one: ID_PATTERN = "(a-z[a-z0-9]{5-8}@.*).{4-13}"; - - @Override - public boolean isValidCred(final AuthzTrans trans, final String id) { - // have domain? - int at = id.indexOf('@'); - String sid; - if(at > 0) { - // Use this to prevent passwords to any but THIS domain. -// if(!id.regionMatches(at+1, domain, 0, id.length()-at-1)) { -// return false; -// } - sid = id.substring(0,at); - } else { - sid = id; - } - // We'll validate that it exists, rather than check patterns. - - return isValidID(trans, sid)==null; - // Check Pattern (if checking existing is too long) - // if(id.endsWith(SUFFIX) && ID_PATTERN.matcher(id).matches()) { - // return true; - // } - // return false; - } - - private static final String SPEC_CHARS = "!@#$%^*-+?/,:;."; - private static final Pattern PASS_PATTERN=Pattern.compile("(((?=.*[a-z,A-Z])(((?=.*\\d))|(?=.*[" + SPEC_CHARS +"]))).{6,20})"); - /** - * ( # Start of group - * (?=.*[a-z,A-Z]) # must contain one character - * - * (?=.*\d) # must contain one digit from 0-9 - * OR - * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS - * - * . # match anything with previous condition checking - * {6,20} # length at least 6 characters and maximum of 20 - * ) # End of group - * - * Another example, more stringent pattern - private static final Pattern PASS_PATTERN=Pattern.compile("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[" + SPEC_CHARS +"]).{6,20})"); - * Attribution: from mkyong.com - * ( # Start of group - * (?=.*\d) # must contain one digit from 0-9 - * (?=.*[a-z]) # must contain one lowercase characters - * (?=.*[A-Z]) # must contain one uppercase characters - * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS - * . # match anything with previous condition checking - * {6,20} # length at least 6 characters and maximum of 20 - * ) # End of group - */ - @Override - public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) { - for(String p : prev) { - if(password.contains(p)) { // A more sophisticated algorithm might be better. - return "Password too similar to previous passwords"; - } - } - // If you have an Organization user/Password scheme, replace the following - if(PASS_PATTERN.matcher(password).matches()) { - return ""; - } - return "Password does not match " + NAME + " Password Standards"; - } - - private static final String[] rules = new String[] { - "Passwords must contain letters", - "Passwords must contain one of the following:", - " Number", - " One special symbols in the list \""+ SPEC_CHARS + '"', - "Passwords must be between 6 and 20 chars in length", - }; - - @Override - public String[] getPasswordRules() { - return rules; - } - - @Override - public Set<String> getIdentityTypes() { - return typeSet; - } - - @Override - public Response notify(AuthzTrans trans, Notify type, String url, String[] identities, String[] ccs, String summary, Boolean urgent) { - String system = trans.getProperty("CASS_ENV", ""); - - ArrayList<String> toList = new ArrayList<>(); - Identity identity; - if (identities != null) { - for (String user : identities) { - try { - identity = getIdentity(trans, user); - if (identity == null) { - trans.error().log( - "Failure to obtain User " + user + " for " - + getName()); - } else { - toList.add(identity.email()); - } - } catch (Exception e) { - trans.error().log( - e, - "Failure to obtain User " + user + " for " - + getName()); - } - } - } - - if (toList.isEmpty()) { - trans.error().log("No Users listed to email"); - return Response.ERR_NotificationFailure; - } - - ArrayList<String> ccList = new ArrayList<>(); - - // If we're sending an urgent email, CC the user's supervisor - // - if (urgent) { - trans.info().log("urgent msg for: " + identities[0]); - try { - List<Identity> supervisors = getApprovers(trans, identities[0]); - for (Identity us : supervisors) { - trans.info().log("supervisor: " + us.email()); - ccList.add(us.email()); - } - } catch (Exception e) { - trans.error().log(e, - "Failed to find supervisor for " + identities[0]); - } - } - - if (ccs != null) { - for (String user : ccs) { - try { - identity = getIdentity(trans, user); - ccList.add(identity.email()); - } catch (Exception e) { - trans.error().log( - e, - "Failure to obtain User " + user + " for " - + getName()); - } - } - } - - if (summary == null) { - summary = ""; - } - - switch (type) { - case Approval: - try { - sendEmail(trans, toList, ccList, - "AAF Approval Notification " - + (system.length() == 0 ? "" : "(ENV: " - + system + ")"), - "AAF is the " - + NAME - + "System for Fine-Grained Authorizations. You are being asked to Approve" - + (system.length() == 0 ? "" : " in the " - + system + " environment") - + " before AAF Actions can be taken.\n\n" - + "Please follow this link: \n\n\t" + url - + "\n\n" + summary, urgent); - } catch (Exception e) { - - trans.error().log(e, "Failure to send Email"); - return Response.ERR_NotificationFailure; - } - break; - case PasswordExpiration: - try { - sendEmail(trans, - toList, - ccList, - "AAF Password Expiration Warning " - + (system.length() == 0 ? "" : "(ENV: " - + system + ")"), - "AAF is the " - + NAME - + " System for Authorizations.\n\nOne or more passwords will expire soon or have expired" - + (system.length() == 0 ? "" : " in the " - + system + " environment") - + ".\n\nPasswords expired for more than 30 days without action are subject to deletion.\n\n" - + "Please follow each link to add a New Password with Expiration Date. Either are valid until expiration. " - + "Use this time to change the passwords on your system. If issues, reply to this email.\n\n" - + summary, urgent); - } catch (Exception e) { - trans.error().log(e, "Failure to send Email"); - return Response.ERR_NotificationFailure; - } - break; - - case RoleExpiration: - try { - sendEmail( - trans, - toList, - ccList, - "AAF Role Expiration Warning " - + (system.length() == 0 ? "" : "(ENV: " - + system + ")"), - "AAF is the " - + NAME - + " System for Authorizations. One or more roles will expire soon" - + (system.length() == 0 ? "" : " in the " - + system + " environment") - + ".\n\nRoles expired for more than 30 days are subject to deletion." - + "Please follow this link the GUI Command line, and either 'extend' or 'del' the user in the role.\n" - + "If issues, reply to this email.\n\n\t" + url - + "\n\n" + summary, urgent); - } catch (Exception e) { - trans.error().log(e, "Failure to send Email"); - return Response.ERR_NotificationFailure; - } - break; - default: - return Response.ERR_NotImplemented; - } - return Response.OK; - } - - - /** - * Default Policy is to set to 6 Months for Notification Types. - * add others/change as required - */ - @Override - public Date whenToValidate(Notify type, Date lastValidated) { - switch(type) { - case Approval: - case PasswordExpiration: - return null; - default: - GregorianCalendar gc = new GregorianCalendar(); - gc.setTime(lastValidated); - gc.add(GregorianCalendar.MONTH, 6); // 6 month policy - return gc.getTime(); - } - } - - @Override - public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String... extra) { - GregorianCalendar now = new GregorianCalendar(); - GregorianCalendar rv = gc==null?now:(GregorianCalendar)gc.clone(); - switch (exp) { - case ExtendPassword: - // Extending Password give 5 extra days, max 8 days from now - rv.add(GregorianCalendar.DATE, 5); - now.add(GregorianCalendar.DATE, 8); - if(rv.after(now)) { - rv = now; - } - break; - case Future: - // Future requests last 15 days. - now.add(GregorianCalendar.DATE, 15); - rv = now; - break; - case Password: - // Passwords expire in 90 days - now.add(GregorianCalendar.DATE, 90); - rv = now; - break; - case TempPassword: - // Temporary Passwords last for 12 hours. - now.add(GregorianCalendar.DATE, 90); - rv = now; - break; - case UserDelegate: - // Delegations expire max in 2 months, renewable to 3 - rv.add(GregorianCalendar.MONTH, 2); - now.add(GregorianCalendar.MONTH, 3); - if(rv.after(now)) { - rv = now; - } - break; - case UserInRole: - // Roles expire in 6 months - now.add(GregorianCalendar.MONTH, 6); - rv = now; - break; - default: - // Unless other wise set, 6 months is default - now.add(GregorianCalendar.MONTH, 6); - rv = now; - break; - } - return rv; - } - - @Override - public EmailWarnings emailWarningPolicy() { - return emailWarnings; - } - - /** - * Assume the Supervisor is the Approver. - */ - @Override - public List<Identity> getApprovers(AuthzTrans trans, String user) throws OrganizationException { - Identity orgIdentity = getIdentity(trans, user); - List<Identity> orgIdentitys = new ArrayList<>(); - if(orgIdentity!=null) { - Identity supervisor = orgIdentity.responsibleTo(); - if(supervisor!=null) { - orgIdentitys.add(supervisor); - } - } - return orgIdentitys; - } - - @Override - public String getApproverType() { - return "supervisor"; - } - - @Override - public int startOfDay() { - // TODO Auto-generated method stub - return 0; - } - - @Override - public boolean canHaveMultipleCreds(String id) { - // External entities are likely mono-password... if you change it, it is a global change. - // This is great for people, but horrible for Applications. - // - // AAF's Password can have multiple Passwords, each with their own Expiration Date. - // For Default Org, we'll assume true for all, but when you add your external - // Identity stores, you need to return "false" if they cannot support multiple Passwords like AAF - return true; - } - - @Override - public String validate(AuthzTrans trans, Policy policy, Executor executor, String... vars) throws OrganizationException { - switch(policy) { - case OWNS_MECHID: - case CREATE_MECHID: - if(vars.length>0) { - DefaultOrgIdentity thisID = getIdentity(trans,vars[0]); - if("a".equals(thisID.identity.status)) { // MechID - DefaultOrgIdentity requestor = getIdentity(trans, trans.user()); - if(requestor!=null) { - Identity mechid = getIdentity(trans, vars[0]); - if(mechid!=null) { - Identity sponsor = mechid.responsibleTo(); - if(sponsor!=null && requestor.fullID().equals(sponsor.fullID())) { - return null; - } else { - return trans.user() + " is not the Sponsor of MechID " + vars[0]; - } - } - } - } - } - return null; - - case CREATE_MECHID_BY_PERM_ONLY: - return getName() + " only allows sponsors to create MechIDs"; - - default: - return policy.name() + " is unsupported at " + getName(); - } - } - - @Override - public boolean isTestEnv() { - return false; - } - - @Override - public void setTestMode(boolean dryRun) { - this.dryRun = dryRun; - } - - private String extractRealm(final String r) { - int at; - if((at=r.indexOf('@'))>=0) { - return FQI.reverseDomain(r.substring(at+1)); - } - return r; - } - @Override - public boolean supportsRealm(final String r) { - if(r.endsWith(realm)) { - return true; - } else { - String erealm = extractRealm(r); - for(String sr : supportedRealms) { - if(erealm.startsWith(sr)) { - return true; - } - } - } - return false; - } - - @Override - public synchronized void addSupportedRealm(final String r) { - supportedRealms.add(extractRealm(r)); - } - - @Override - public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body, - Boolean urgent) throws OrganizationException { - if (mailer!=null) { - List<String> to = new ArrayList<>(); - for(String em : toList) { - if(em.indexOf('@')<0) { - to.add(new DefaultOrgIdentity(trans, em, this).email()); - } else { - to.add(em); - } - } - - List<String> cc = new ArrayList<>(); - if(ccList!=null) { - if(!ccList.isEmpty()) { - - for(String em : ccList) { - if(em.indexOf('@')<0) { - cc.add(new DefaultOrgIdentity(trans, em, this).email()); - } else { - cc.add(em); - } - } - } - - // for now, I want all emails so we can see what goes out. Remove later - if (!ccList.contains(mailFrom)) { - ccList.add(mailFrom); - } - } - - return mailer.sendEmail(trans,dryRun,mailFrom,to,cc,subject,body,urgent); - } else { - return 0; - } - } + private static final String AAF_DATA_DIR = "aaf_data_dir"; + private static final String PROPERTY_IS_REQUIRED = " property is Required"; + // Package on Purpose + final String domain; + final String atDomain; + final String realm; + + private final String NAME,mailHost,mailFrom; + private final Set<String> supportedRealms; + + + public DefaultOrg(Env env, String realm) throws OrganizationException { + + this.realm = realm; + supportedRealms=new HashSet<>(); + supportedRealms.add(realm); + domain=FQI.reverseDomain(realm); + atDomain = '@'+domain; + String s; + NAME=env.getProperty(realm + ".name","Default Organization"); + mailHost = env.getProperty(s=(realm + ".mailHost"), null); + if(mailHost==null) { + throw new OrganizationException(s + PROPERTY_IS_REQUIRED); + } + mailFrom = env.getProperty(s=(realm + ".mailFrom"), null); + if(mailFrom==null) { + throw new OrganizationException(s + PROPERTY_IS_REQUIRED); + } + + // Note: This code is to avoid including javax.mail into ONAP, because there are security/licence + // exceptions + try { + Class.forName("javax.mail.Session"); // ensure package is loaded + @SuppressWarnings("unchecked") + Class<Mailer> minst = (Class<Mailer>)Class.forName("org.onap.aaf.org.JavaxMailer"); + mailer = minst.newInstance(); + } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e1) { + env.warn().log("JavaxMailer not loaded. Mailing disabled"); + } + + System.getProperties().setProperty("mail.smtp.host",mailHost); + System.getProperties().setProperty("mail.user", mailFrom); + + try { + String defFile; + String temp=env.getProperty(defFile = (getClass().getName()+".file")); + File fIdentities=null; + if(temp==null) { + temp = env.getProperty(AAF_DATA_DIR); + if(temp!=null) { + env.warn().log(defFile, " is not defined. Using default: ",temp+"/identities.dat"); + File dir = new File(temp); + fIdentities=new File(dir,"identities.dat"); + + if(!fIdentities.exists()) { + env.warn().log("No",fIdentities.getCanonicalPath(),"exists. Creating."); + if(!dir.exists()) { + dir.mkdirs(); + } + fIdentities.createNewFile(); + } + } + } else { + fIdentities = new File(temp); + if(!fIdentities.exists()) { + String dataDir = env.getProperty(AAF_DATA_DIR); + if(dataDir!=null) { + fIdentities = new File(dataDir,temp); + } + } + } + + if(fIdentities!=null && fIdentities.exists()) { + identities = new Identities(fIdentities); + } else { + if(fIdentities==null) { + throw new OrganizationException("No Identities"); + } else { + throw new OrganizationException(fIdentities.getCanonicalPath() + " does not exist."); + } + } + } catch (IOException e) { + throw new OrganizationException(e); + } + } + + // Implement your own Delegation System + static final List<String> NULL_DELEGATES = new ArrayList<>(); + + public Identities identities; + private boolean dryRun; + private Mailer mailer; + public enum Types {Employee, Contractor, Application, NotActive}; + private final static Set<String> typeSet; + + static { + typeSet = new HashSet<>(); + for(Types t : Types.values()) { + typeSet.add(t.name()); + } + } + + private static final EmailWarnings emailWarnings = new DefaultOrgWarnings(); + + @Override + public String getName() { + return NAME; + } + + @Override + public String getRealm() { + return realm; + } + + @Override + public String getDomain() { + return domain; + } + + @Override + public DefaultOrgIdentity getIdentity(AuthzTrans trans, String id) throws OrganizationException { + int at = id.indexOf('@'); + return new DefaultOrgIdentity(trans,at<0?id:id.substring(0, at),this); + } + + // Note: Return a null if found; return a String Message explaining why not found. + @Override + public String isValidID(final AuthzTrans trans, final String id) { + try { + DefaultOrgIdentity u = getIdentity(trans,id); + return (u==null||!u.isFound())?id + "is not an Identity in " + getName():null; + } catch (OrganizationException e) { + return getName() + " could not lookup " + id + ": " + e.getLocalizedMessage(); + } + } + // Possible ID Pattern + // private static final Pattern ID_PATTERN=Pattern.compile("([\\w.-]+@[\\w.-]+).{4-13}"); + // Another one: ID_PATTERN = "(a-z[a-z0-9]{5-8}@.*).{4-13}"; + + @Override + public boolean isValidCred(final AuthzTrans trans, final String id) { + // have domain? + int at = id.indexOf('@'); + String sid; + if(at > 0) { + // Use this to prevent passwords to any but THIS domain. +// if(!id.regionMatches(at+1, domain, 0, id.length()-at-1)) { +// return false; +// } + sid = id.substring(0,at); + } else { + sid = id; + } + // We'll validate that it exists, rather than check patterns. + + return isValidID(trans, sid)==null; + // Check Pattern (if checking existing is too long) + // if(id.endsWith(SUFFIX) && ID_PATTERN.matcher(id).matches()) { + // return true; + // } + // return false; + } + + private static final String SPEC_CHARS = "!@#$%^*-+?/,:;."; + private static final Pattern PASS_PATTERN=Pattern.compile("(((?=.*[a-z,A-Z])(((?=.*\\d))|(?=.*[" + SPEC_CHARS +"]))).{6,20})"); + /** + * ( # Start of group + * (?=.*[a-z,A-Z]) # must contain one character + * + * (?=.*\d) # must contain one digit from 0-9 + * OR + * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS + * + * . # match anything with previous condition checking + * {6,20} # length at least 6 characters and maximum of 20 + * ) # End of group + * + * Another example, more stringent pattern + private static final Pattern PASS_PATTERN=Pattern.compile("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[" + SPEC_CHARS +"]).{6,20})"); + * Attribution: from mkyong.com + * ( # Start of group + * (?=.*\d) # must contain one digit from 0-9 + * (?=.*[a-z]) # must contain one lowercase characters + * (?=.*[A-Z]) # must contain one uppercase characters + * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS + * . # match anything with previous condition checking + * {6,20} # length at least 6 characters and maximum of 20 + * ) # End of group + */ + @Override + public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) { + for(String p : prev) { + if(password.contains(p)) { // A more sophisticated algorithm might be better. + return "Password too similar to previous passwords"; + } + } + // If you have an Organization user/Password scheme, replace the following + if(PASS_PATTERN.matcher(password).matches()) { + return ""; + } + return "Password does not match " + NAME + " Password Standards"; + } + + private static final String[] rules = new String[] { + "Passwords must contain letters", + "Passwords must contain one of the following:", + " Number", + " One special symbols in the list \""+ SPEC_CHARS + '"', + "Passwords must be between 6 and 20 chars in length", + }; + + @Override + public String[] getPasswordRules() { + return rules; + } + + @Override + public Set<String> getIdentityTypes() { + return typeSet; + } + + @Override + public Response notify(AuthzTrans trans, Notify type, String url, String[] identities, String[] ccs, String summary, Boolean urgent) { + String system = trans.getProperty("CASS_ENV", ""); + + ArrayList<String> toList = new ArrayList<>(); + Identity identity; + if (identities != null) { + for (String user : identities) { + try { + identity = getIdentity(trans, user); + if (identity == null) { + trans.error().log( + "Failure to obtain User " + user + " for " + + getName()); + } else { + toList.add(identity.email()); + } + } catch (Exception e) { + trans.error().log( + e, + "Failure to obtain User " + user + " for " + + getName()); + } + } + } + + if (toList.isEmpty()) { + trans.error().log("No Users listed to email"); + return Response.ERR_NotificationFailure; + } + + ArrayList<String> ccList = new ArrayList<>(); + + // If we're sending an urgent email, CC the user's supervisor + // + if (urgent) { + trans.info().log("urgent msg for: " + identities[0]); + try { + List<Identity> supervisors = getApprovers(trans, identities[0]); + for (Identity us : supervisors) { + trans.info().log("supervisor: " + us.email()); + ccList.add(us.email()); + } + } catch (Exception e) { + trans.error().log(e, + "Failed to find supervisor for " + identities[0]); + } + } + + if (ccs != null) { + for (String user : ccs) { + try { + identity = getIdentity(trans, user); + ccList.add(identity.email()); + } catch (Exception e) { + trans.error().log( + e, + "Failure to obtain User " + user + " for " + + getName()); + } + } + } + + if (summary == null) { + summary = ""; + } + + switch (type) { + case Approval: + try { + sendEmail(trans, toList, ccList, + "AAF Approval Notification " + + (system.length() == 0 ? "" : "(ENV: " + + system + ")"), + "AAF is the " + + NAME + + "System for Fine-Grained Authorizations. You are being asked to Approve" + + (system.length() == 0 ? "" : " in the " + + system + " environment") + + " before AAF Actions can be taken.\n\n" + + "Please follow this link: \n\n\t" + url + + "\n\n" + summary, urgent); + } catch (Exception e) { + + trans.error().log(e, "Failure to send Email"); + return Response.ERR_NotificationFailure; + } + break; + case PasswordExpiration: + try { + sendEmail(trans, + toList, + ccList, + "AAF Password Expiration Warning " + + (system.length() == 0 ? "" : "(ENV: " + + system + ")"), + "AAF is the " + + NAME + + " System for Authorizations.\n\nOne or more passwords will expire soon or have expired" + + (system.length() == 0 ? "" : " in the " + + system + " environment") + + ".\n\nPasswords expired for more than 30 days without action are subject to deletion.\n\n" + + "Please follow each link to add a New Password with Expiration Date. Either are valid until expiration. " + + "Use this time to change the passwords on your system. If issues, reply to this email.\n\n" + + summary, urgent); + } catch (Exception e) { + trans.error().log(e, "Failure to send Email"); + return Response.ERR_NotificationFailure; + } + break; + + case RoleExpiration: + try { + sendEmail( + trans, + toList, + ccList, + "AAF Role Expiration Warning " + + (system.length() == 0 ? "" : "(ENV: " + + system + ")"), + "AAF is the " + + NAME + + " System for Authorizations. One or more roles will expire soon" + + (system.length() == 0 ? "" : " in the " + + system + " environment") + + ".\n\nRoles expired for more than 30 days are subject to deletion." + + "Please follow this link the GUI Command line, and either 'extend' or 'del' the user in the role.\n" + + "If issues, reply to this email.\n\n\t" + url + + "\n\n" + summary, urgent); + } catch (Exception e) { + trans.error().log(e, "Failure to send Email"); + return Response.ERR_NotificationFailure; + } + break; + default: + return Response.ERR_NotImplemented; + } + return Response.OK; + } + + + /** + * Default Policy is to set to 6 Months for Notification Types. + * add others/change as required + */ + @Override + public Date whenToValidate(Notify type, Date lastValidated) { + switch(type) { + case Approval: + case PasswordExpiration: + return null; + default: + GregorianCalendar gc = new GregorianCalendar(); + gc.setTime(lastValidated); + gc.add(GregorianCalendar.MONTH, 6); // 6 month policy + return gc.getTime(); + } + } + + @Override + public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String... extra) { + GregorianCalendar now = new GregorianCalendar(); + GregorianCalendar rv = gc==null?now:(GregorianCalendar)gc.clone(); + switch (exp) { + case ExtendPassword: + // Extending Password give 5 extra days, max 8 days from now + rv.add(GregorianCalendar.DATE, 5); + now.add(GregorianCalendar.DATE, 8); + if(rv.after(now)) { + rv = now; + } + break; + case Future: + // Future requests last 15 days. + now.add(GregorianCalendar.DATE, 15); + rv = now; + break; + case Password: + // Passwords expire in 90 days + now.add(GregorianCalendar.DATE, 90); + rv = now; + break; + case TempPassword: + // Temporary Passwords last for 12 hours. + now.add(GregorianCalendar.DATE, 90); + rv = now; + break; + case UserDelegate: + // Delegations expire max in 2 months, renewable to 3 + rv.add(GregorianCalendar.MONTH, 2); + now.add(GregorianCalendar.MONTH, 3); + if(rv.after(now)) { + rv = now; + } + break; + case UserInRole: + // Roles expire in 6 months + now.add(GregorianCalendar.MONTH, 6); + rv = now; + break; + default: + // Unless other wise set, 6 months is default + now.add(GregorianCalendar.MONTH, 6); + rv = now; + break; + } + return rv; + } + + @Override + public EmailWarnings emailWarningPolicy() { + return emailWarnings; + } + + /** + * Assume the Supervisor is the Approver. + */ + @Override + public List<Identity> getApprovers(AuthzTrans trans, String user) throws OrganizationException { + Identity orgIdentity = getIdentity(trans, user); + List<Identity> orgIdentitys = new ArrayList<>(); + if(orgIdentity!=null) { + Identity supervisor = orgIdentity.responsibleTo(); + if(supervisor!=null) { + orgIdentitys.add(supervisor); + } + } + return orgIdentitys; + } + + @Override + public String getApproverType() { + return "supervisor"; + } + + @Override + public int startOfDay() { + // TODO Auto-generated method stub + return 0; + } + + @Override + public boolean canHaveMultipleCreds(String id) { + // External entities are likely mono-password... if you change it, it is a global change. + // This is great for people, but horrible for Applications. + // + // AAF's Password can have multiple Passwords, each with their own Expiration Date. + // For Default Org, we'll assume true for all, but when you add your external + // Identity stores, you need to return "false" if they cannot support multiple Passwords like AAF + return true; + } + + @Override + public String validate(AuthzTrans trans, Policy policy, Executor executor, String... vars) throws OrganizationException { + switch(policy) { + case OWNS_MECHID: + case CREATE_MECHID: + if(vars.length>0) { + DefaultOrgIdentity thisID = getIdentity(trans,vars[0]); + if("a".equals(thisID.identity.status)) { // MechID + DefaultOrgIdentity requestor = getIdentity(trans, trans.user()); + if(requestor!=null) { + Identity mechid = getIdentity(trans, vars[0]); + if(mechid!=null) { + Identity sponsor = mechid.responsibleTo(); + if(sponsor!=null && requestor.fullID().equals(sponsor.fullID())) { + return null; + } else { + return trans.user() + " is not the Sponsor of MechID " + vars[0]; + } + } + } + } + } + return null; + + case CREATE_MECHID_BY_PERM_ONLY: + return getName() + " only allows sponsors to create MechIDs"; + + default: + return policy.name() + " is unsupported at " + getName(); + } + } + + @Override + public boolean isTestEnv() { + return false; + } + + @Override + public void setTestMode(boolean dryRun) { + this.dryRun = dryRun; + } + + private String extractRealm(final String r) { + int at; + if((at=r.indexOf('@'))>=0) { + return FQI.reverseDomain(r.substring(at+1)); + } + return r; + } + @Override + public boolean supportsRealm(final String r) { + if(r.endsWith(realm)) { + return true; + } else { + String erealm = extractRealm(r); + for(String sr : supportedRealms) { + if(erealm.startsWith(sr)) { + return true; + } + } + } + return false; + } + + @Override + public synchronized void addSupportedRealm(final String r) { + supportedRealms.add(extractRealm(r)); + } + + @Override + public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body, + Boolean urgent) throws OrganizationException { + if (mailer!=null) { + List<String> to = new ArrayList<>(); + for(String em : toList) { + if(em.indexOf('@')<0) { + to.add(new DefaultOrgIdentity(trans, em, this).email()); + } else { + to.add(em); + } + } + + List<String> cc = new ArrayList<>(); + if(ccList!=null) { + if(!ccList.isEmpty()) { + + for(String em : ccList) { + if(em.indexOf('@')<0) { + cc.add(new DefaultOrgIdentity(trans, em, this).email()); + } else { + cc.add(em); + } + } + } + + // for now, I want all emails so we can see what goes out. Remove later + if (!ccList.contains(mailFrom)) { + ccList.add(mailFrom); + } + } + + return mailer.sendEmail(trans,dryRun,mailFrom,to,cc,subject,body,urgent); + } else { + return 0; + } + } } diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java index 7aa57fd7..25832620 100644 --- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java +++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java @@ -40,140 +40,140 @@ import org.onap.aaf.org.Identities.Data; * */ public class DefaultOrgIdentity implements Identity { - private static final String CONTRACTOR = "c"; - private static final String EMPLOYEE = "e"; - private static final String APPLICATION = "a"; - private static final String NON_ACTIVE = "n"; - - private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF); - - private DefaultOrg org; - //package on purpose - Data identity; - private AuthzTrans trans; - - public DefaultOrgIdentity(AuthzTrans trans, String key, DefaultOrg dorg) throws OrganizationException { - this.trans = trans; - org = dorg; - identity=null; - try { - org.identities.open(trans, TIMEOUT); - try { - Reuse r = org.identities.reuse(); - int at = key.indexOf(dorg.getDomain()); - String search; - if(at>=0) { - search = key.substring(0,at); - } else { - search = key; - } - identity = org.identities.find(search, r); - - - - if(identity==null) { - identity = Identities.NO_DATA; - } - } finally { - org.identities.close(trans); - } - } catch (IOException e) { - throw new OrganizationException(e); - } - } - - @Override - public boolean equals(Object b) { - if(b instanceof DefaultOrgIdentity) { - return identity.id.equals(((DefaultOrgIdentity)b).identity.id); - } - return false; - } - - - @Override - public int hashCode() { - return identity.hashCode(); - } - - @Override - public String id() { - return identity.id; - } - - @Override - public String fullID() { - return identity.id+'@'+org.getDomain(); - } - - @Override - public String type() { - switch(identity.status) { - case EMPLOYEE: return DefaultOrg.Types.Employee.name(); - case CONTRACTOR: return DefaultOrg.Types.Contractor.name(); - case APPLICATION: return DefaultOrg.Types.Application.name(); - case NON_ACTIVE: return DefaultOrg.Types.NotActive.name(); - default: - return "Unknown"; - } - } - - @Override - public Identity responsibleTo() throws OrganizationException { - if("".equals(identity.responsibleTo) && isFound()) { // cover the situation of Top Dog... reports to no-one. - return this; - } else { - return org.getIdentity(trans, identity.responsibleTo); - } - } - - @Override - public List<String> delegate() { - //NOTE: implement Delegate system, if desired - return DefaultOrg.NULL_DELEGATES; - } - - @Override - public String email() { - return identity.email; - } - - @Override - public String fullName() { - return identity.name; - } - - @Override - public String firstName() { - return identity.fname; - } - - @Override - public String mayOwn() { - // Assume only Employees are responsible for Resources. - if(identity.status==null|| identity.status.length()==0) { - return "Identity must have valid status"; - } else if(EMPLOYEE.equals(identity.status)) { - return null; // This is "Yes, is Responsible" - } else { - return "Reponsible Party must be an Employee"; - } - } - - @Override - public boolean isFound() { - return identity!=Identities.NO_DATA; // yes, object comparison intended - } - - @Override - public boolean isPerson() { - return !identity.status.equals(APPLICATION); - } - - @Override - public Organization org() { - return org; - } + private static final String CONTRACTOR = "c"; + private static final String EMPLOYEE = "e"; + private static final String APPLICATION = "a"; + private static final String NON_ACTIVE = "n"; + + private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF); + + private DefaultOrg org; + //package on purpose + Data identity; + private AuthzTrans trans; + + public DefaultOrgIdentity(AuthzTrans trans, String key, DefaultOrg dorg) throws OrganizationException { + this.trans = trans; + org = dorg; + identity=null; + try { + org.identities.open(trans, TIMEOUT); + try { + Reuse r = org.identities.reuse(); + int at = key.indexOf(dorg.getDomain()); + String search; + if(at>=0) { + search = key.substring(0,at); + } else { + search = key; + } + identity = org.identities.find(search, r); + + + + if(identity==null) { + identity = Identities.NO_DATA; + } + } finally { + org.identities.close(trans); + } + } catch (IOException e) { + throw new OrganizationException(e); + } + } + + @Override + public boolean equals(Object b) { + if(b instanceof DefaultOrgIdentity) { + return identity.id.equals(((DefaultOrgIdentity)b).identity.id); + } + return false; + } + + + @Override + public int hashCode() { + return identity.hashCode(); + } + + @Override + public String id() { + return identity.id; + } + + @Override + public String fullID() { + return identity.id+'@'+org.getDomain(); + } + + @Override + public String type() { + switch(identity.status) { + case EMPLOYEE: return DefaultOrg.Types.Employee.name(); + case CONTRACTOR: return DefaultOrg.Types.Contractor.name(); + case APPLICATION: return DefaultOrg.Types.Application.name(); + case NON_ACTIVE: return DefaultOrg.Types.NotActive.name(); + default: + return "Unknown"; + } + } + + @Override + public Identity responsibleTo() throws OrganizationException { + if("".equals(identity.responsibleTo) && isFound()) { // cover the situation of Top Dog... reports to no-one. + return this; + } else { + return org.getIdentity(trans, identity.responsibleTo); + } + } + + @Override + public List<String> delegate() { + //NOTE: implement Delegate system, if desired + return DefaultOrg.NULL_DELEGATES; + } + + @Override + public String email() { + return identity.email; + } + + @Override + public String fullName() { + return identity.name; + } + + @Override + public String firstName() { + return identity.fname; + } + + @Override + public String mayOwn() { + // Assume only Employees are responsible for Resources. + if(identity.status==null|| identity.status.length()==0) { + return "Identity must have valid status"; + } else if(EMPLOYEE.equals(identity.status)) { + return null; // This is "Yes, is Responsible" + } else { + return "Reponsible Party must be an Employee"; + } + } + + @Override + public boolean isFound() { + return identity!=Identities.NO_DATA; // yes, object comparison intended + } + + @Override + public boolean isPerson() { + return !identity.status.equals(APPLICATION); + } + + @Override + public Organization org() { + return org; + } } diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java index 97d0cef2..d544b709 100644 --- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java +++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java @@ -25,39 +25,39 @@ import org.onap.aaf.auth.org.EmailWarnings; public class DefaultOrgWarnings implements EmailWarnings { - @Override - public long credEmailInterval() - { - return 604800000L; // 7 days in millis 1000 * 86400 * 7 - } - - @Override - public long roleEmailInterval() - { - return 604800000L; // 7 days in millis 1000 * 86400 * 7 - } - - @Override - public long apprEmailInterval() { - return 259200000L; // 3 days in millis 1000 * 86400 * 3 - } - - @Override - public long credExpirationWarning() - { - return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds - } - - @Override - public long roleExpirationWarning() - { - return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds - } - - @Override - public long emailUrgentWarning() - { - return( 1209600000L ); // Two weeks, in milliseconds 1000 * 86400 * 14 in milliseconds - } + @Override + public long credEmailInterval() + { + return 604800000L; // 7 days in millis 1000 * 86400 * 7 + } + + @Override + public long roleEmailInterval() + { + return 604800000L; // 7 days in millis 1000 * 86400 * 7 + } + + @Override + public long apprEmailInterval() { + return 259200000L; // 3 days in millis 1000 * 86400 * 3 + } + + @Override + public long credExpirationWarning() + { + return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds + } + + @Override + public long roleExpirationWarning() + { + return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds + } + + @Override + public long emailUrgentWarning() + { + return( 1209600000L ); // Two weeks, in milliseconds 1000 * 86400 * 14 in milliseconds + } } diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java index 344d0552..345e6e82 100644 --- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java +++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java @@ -31,113 +31,113 @@ import org.onap.aaf.auth.local.DataFile.Token.Field; * Example User Data file, which can be modified for many different kinds of Data Feeds. * * Note: This has shown to be extremely effective in AT&T, an acknowledged very large organizations, - * because there is no need to synchronize records. AAF simply receives a Data Feed in Organization - * defined intervals. (You might want to check for validity, such as size, etc), then is copied into - * Data Directory. You will want to do so first creating a "lock" file. Assuming the File name is "users.dat", - * the Lock File is "users.lock". + * because there is no need to synchronize records. AAF simply receives a Data Feed in Organization + * defined intervals. (You might want to check for validity, such as size, etc), then is copied into + * Data Directory. You will want to do so first creating a "lock" file. Assuming the File name is "users.dat", + * the Lock File is "users.lock". * - * After the movement of the Datafile into place, it is best to remove the Index File, then remove the lock file. + * After the movement of the Datafile into place, it is best to remove the Index File, then remove the lock file. * - * Note, Any AAF Programs needing this data WILL wait on the Lock file, so you should get fresh Data files + * Note, Any AAF Programs needing this data WILL wait on the Lock file, so you should get fresh Data files * in a "stage" directory, from WEB, or wherever, and then, after it is correct, do the following as fast as feasible. * - * a) lock + * a) lock * b) copy from stage * c) remove idx * d) unlock * - * If the Index File is either non-existent or out of date from the Data File, it will be reindexed, which - * has proven to be a very quick function, even with large numbers of entries. + * If the Index File is either non-existent or out of date from the Data File, it will be reindexed, which + * has proven to be a very quick function, even with large numbers of entries. * * This Sample Feed is set for a file with delimiter of "|". 512 is maximum expected line length. The "0" is the * field offset for the "key" to the record, which, for user, should be the unique Organization Identity. * */ public class Identities extends AbsData { - public final static Data NO_DATA = new Data(); + public final static Data NO_DATA = new Data(); - public Identities(File users) throws IOException { - super(users,'|',512,0); - } + public Identities(File users) throws IOException { + super(users,'|',512,0); + } - /* - * Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split - * out AppIDs, choose your own status indicators, or whatever you use. - * 0 - unique ID - * 1 - full name - * 2 - first name - * 3 - last name - * 4 - phone - * 5 - official email - * 6 - employment status e=employee, c=contractor, a=application, n=no longer with company - * 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID) - */ - public static class Data { - public final String id; - public final String name; - public final String fname; - public final String lname; - public final String phone; - public final String email; - public final String status; - public final String responsibleTo; + /* + * Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split + * out AppIDs, choose your own status indicators, or whatever you use. + * 0 - unique ID + * 1 - full name + * 2 - first name + * 3 - last name + * 4 - phone + * 5 - official email + * 6 - employment status e=employee, c=contractor, a=application, n=no longer with company + * 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID) + */ + public static class Data { + public final String id; + public final String name; + public final String fname; + public final String lname; + public final String phone; + public final String email; + public final String status; + public final String responsibleTo; - private Data(Field f) { - f.reset(); - id=f.next(); - name=f.next(); - fname=f.next(); - lname=f.next(); - phone=f.next(); - email=f.next(); - status=f.next(); - responsibleTo =f.next(); - } + private Data(Field f) { + f.reset(); + id=f.next(); + name=f.next(); + fname=f.next(); + lname=f.next(); + phone=f.next(); + email=f.next(); + status=f.next(); + responsibleTo =f.next(); + } - private Data() { - id = name = fname = lname = - phone = email = status = responsibleTo - = ""; - } + private Data() { + id = name = fname = lname = + phone = email = status = responsibleTo + = ""; + } - public String toString() { - return id + '|' + - name + '|' + - lname + '|' + - fname + '|' + - phone + '|' + - email + '|' + - status + '|' + - responsibleTo; - } + public String toString() { + return id + '|' + + name + '|' + + lname + '|' + + fname + '|' + + phone + '|' + + email + '|' + + status + '|' + + responsibleTo; + } - // Here, make up your own Methods which help you easily determine your Organization's structure - // in your Organization Object - public boolean hasStatus(String possible) { - return possible.contains(status); - } + // Here, make up your own Methods which help you easily determine your Organization's structure + // in your Organization Object + public boolean hasStatus(String possible) { + return possible.contains(status); + } - public boolean isEmployee() { - return "e".equals(status); - } + public boolean isEmployee() { + return "e".equals(status); + } - public boolean isContractor() { - return "c".equals(status); - } + public boolean isContractor() { + return "c".equals(status); + } - public boolean isApplication() { - return "a".equals(status); - } - } + public boolean isApplication() { + return "a".equals(status); + } + } - public Data find(Object key,Reuse r) throws IOException { - r.reset(); - // These are new, to allow for Thread Safety - int rec = ti.find(key,r,0); - if(rec<0) { - return null; - } - r.pos(rec); - return new Data(r.getFieldData()); - } + public Data find(Object key,Reuse r) throws IOException { + r.reset(); + // These are new, to allow for Thread Safety + int rec = ti.find(key,r,0); + if(rec<0) { + return null; + } + r.pos(rec); + return new Data(r.getFieldData()); + } } diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java index b0ade8c0..e52f3cca 100644 --- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java +++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java @@ -53,219 +53,219 @@ import org.powermock.modules.junit4.PowerMockRunner; public class JU_DefaultOrg { - private DefaultOrg defaultOrg; + private DefaultOrg defaultOrg; - Identities.Data data; + Identities.Data data; - @Mock - Env envMock; + @Mock + Env envMock; - @Mock - AuthzTrans authzTransMock; + @Mock + AuthzTrans authzTransMock; - @Mock - TimeTaken ttMock; + @Mock + TimeTaken ttMock; - @Mock - LogTarget logTargetMock; + @Mock + LogTarget logTargetMock; - private static final String PROPERTY_IS_REQUIRED = " property is Required"; - private static final String DOMAIN = "osaaf.com"; - private static final String REALM = "com.osaaf"; - private static final String NAME = "Default Organization"; - private static final String NO_PASS = NAME + " does not support Passwords. Use AAF"; + private static final String PROPERTY_IS_REQUIRED = " property is Required"; + private static final String DOMAIN = "osaaf.com"; + private static final String REALM = "com.osaaf"; + private static final String NAME = "Default Organization"; + private static final String NO_PASS = NAME + " does not support Passwords. Use AAF"; - private static final String URL = "www.deforg.com"; - private static final String IDENT = "ccontra|iowna"; - private static final String CCS = "mmanager|bdevl"; - String mailHost,mailFromUserId,summary,supportAddress; + private static final String URL = "www.deforg.com"; + private static final String IDENT = "ccontra|iowna"; + private static final String CCS = "mmanager|bdevl"; + String mailHost,mailFromUserId,summary,supportAddress; - private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF); + private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF); - @Before - public void setUp() throws OrganizationException{ + @Before + public void setUp() throws OrganizationException{ - mailFromUserId = "frommail"; - mailHost = "hostmail"; - File file = new File("src/test/resources/"); - when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME); - when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost); - when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId); - when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath()); - when(envMock.warn()).thenReturn(logTargetMock); - when(authzTransMock.warn()).thenReturn(logTargetMock); - when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock); - when(authzTransMock.error()).thenReturn(logTargetMock); - when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env"); + mailFromUserId = "frommail"; + mailHost = "hostmail"; + File file = new File("src/test/resources/"); + when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME); + when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost); + when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId); + when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath()); + when(envMock.warn()).thenReturn(logTargetMock); + when(authzTransMock.warn()).thenReturn(logTargetMock); + when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock); + when(authzTransMock.error()).thenReturn(logTargetMock); + when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env"); - defaultOrg = new DefaultOrg(envMock, REALM); + defaultOrg = new DefaultOrg(envMock, REALM); - } + } - @Test - public void testDefOrg_returnDataIdentityNotNull() throws OrganizationException { + @Test + public void testDefOrg_returnDataIdentityNotNull() throws OrganizationException { - try { - defaultOrg.identities.open(authzTransMock, TIMEOUT); - try { - Reuse r = defaultOrg.identities.reuse(); - data = defaultOrg.identities.find("iowna", defaultOrg.identities.reuse()); - System.out.println("here is identities data: "+ data.toString()); + try { + defaultOrg.identities.open(authzTransMock, TIMEOUT); + try { + Reuse r = defaultOrg.identities.reuse(); + data = defaultOrg.identities.find("iowna", defaultOrg.identities.reuse()); + System.out.println("here is identities data: "+ data.toString()); - } finally { - defaultOrg.identities.close(authzTransMock); - } - } catch (IOException e) { - throw new OrganizationException(e); - } + } finally { + defaultOrg.identities.close(authzTransMock); + } + } catch (IOException e) { + throw new OrganizationException(e); + } - assertTrue(data.toString() != null); + assertTrue(data.toString() != null); - } + } - @Test - public void testDefOrg_returnDefOrgEntity() { + @Test + public void testDefOrg_returnDefOrgEntity() { - assertTrue(defaultOrg != null); + assertTrue(defaultOrg != null); - } + } - @Test - public void testDefOrgNotifyApproval_returnResponseOK() { + @Test + public void testDefOrgNotifyApproval_returnResponseOK() { - summary = "Approval"; - Boolean urgent = false; - DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.Approval, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); - assertEquals(response.name(), "OK"); + summary = "Approval"; + Boolean urgent = false; + DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.Approval, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); + assertEquals(response.name(), "OK"); - } - - @Test - public void testDefOrgPasswords() { - assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),""); - assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2you!", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newtoyou", "Pilgrim"),""); - } + } + + @Test + public void testDefOrgPasswords() { + assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),""); + assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2you!", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newtoyou", "Pilgrim"),""); + } - @Test - public void testDefOrgNotifyPasswordExpiration_returnResponseOK() { + @Test + public void testDefOrgNotifyPasswordExpiration_returnResponseOK() { - summary = "PasswordExpiration"; - Boolean urgent = false; - DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.PasswordExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); - assertEquals(response.name(), "OK"); + summary = "PasswordExpiration"; + Boolean urgent = false; + DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.PasswordExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); + assertEquals(response.name(), "OK"); - } + } - @Test - public void testDefOrgNotifyRoleExpiration_returnResponseOK() { + @Test + public void testDefOrgNotifyRoleExpiration_returnResponseOK() { - summary = "RoleExpiration"; - Boolean urgent = false; - DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); - assertEquals(response.name(), "OK"); - } + summary = "RoleExpiration"; + Boolean urgent = false; + DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); + assertEquals(response.name(), "OK"); + } - @Test - public void testDefOrgNotifyRoleExpirationUrgent_returnResponseOK() { + @Test + public void testDefOrgNotifyRoleExpirationUrgent_returnResponseOK() { - summary = "RoleExpirationUrgent"; - Boolean urgent = true; - when(authzTransMock.info()).thenReturn(logTargetMock); - DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); - assertEquals(response.name(), "OK"); + summary = "RoleExpirationUrgent"; + Boolean urgent = true; + when(authzTransMock.info()).thenReturn(logTargetMock); + DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); + assertEquals(response.name(), "OK"); - } - - @Test - public void testDefOrgNotifyModeTest_returnResponseOK() { - - summary = "ModeTest"; - Boolean urgent = false; - when(authzTransMock.info()).thenReturn(logTargetMock); - defaultOrg.setTestMode(true); - DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); - assertEquals(response.name(), "OK"); + } + + @Test + public void testDefOrgNotifyModeTest_returnResponseOK() { + + summary = "ModeTest"; + Boolean urgent = false; + when(authzTransMock.info()).thenReturn(logTargetMock); + defaultOrg.setTestMode(true); + DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent); + assertEquals(response.name(), "OK"); - } + } - //@Test //(expected=OrganizationException.class) - public void testMultipleCreds() throws OrganizationException{ - String id = "test"; - boolean canHaveMultipleCreds; - canHaveMultipleCreds = defaultOrg.canHaveMultipleCreds(id ); - System.out.println("value of canHaveMultipleCreds: " + canHaveMultipleCreds); - assertTrue(canHaveMultipleCreds); - } - + //@Test //(expected=OrganizationException.class) + public void testMultipleCreds() throws OrganizationException{ + String id = "test"; + boolean canHaveMultipleCreds; + canHaveMultipleCreds = defaultOrg.canHaveMultipleCreds(id ); + System.out.println("value of canHaveMultipleCreds: " + canHaveMultipleCreds); + assertTrue(canHaveMultipleCreds); + } + - //@Test - public void testGetIdentityTypes() throws OrganizationException{ - Set<String> identityTypes = defaultOrg.getIdentityTypes(); - System.out.println("value of IdentityTypes: " + identityTypes); - assertTrue(identityTypes.size() == 4); - } + //@Test + public void testGetIdentityTypes() throws OrganizationException{ + Set<String> identityTypes = defaultOrg.getIdentityTypes(); + System.out.println("value of IdentityTypes: " + identityTypes); + assertTrue(identityTypes.size() == 4); + } - //@Test - public void testGetRealm() throws OrganizationException{ - String realmTest = defaultOrg.getRealm(); - System.out.println("value of realm: " + realmTest); - assertTrue(realmTest == REALM); - } - - public void supportsRealm() { - String otherRealm = "org.ossaf.something"; - defaultOrg.addSupportedRealm(otherRealm); - assertTrue(defaultOrg.supportsRealm(otherRealm)); - } - //@Test - public void testGetName() throws OrganizationException{ - String testName = defaultOrg.getName(); - System.out.println("value of name: " + testName); - assertTrue(testName == NAME); - } - - - //@Test - public void testGetDomain() throws OrganizationException{ - String testDomain = defaultOrg.getDomain(); - System.out.println("value of domain: " + testDomain); - assertTrue(testDomain == DOMAIN); - } - - // @Test - // public void testIsValidID(){ - // String Result = defaultOrg.isValidID(Matchers.anyString()); - // System.out.println("value of res " +Result); - // assertNotNull(Result); - // } - - @Test - public void testResponsible() throws OrganizationException { - Identity id = defaultOrg.getIdentity(authzTransMock, "osaaf"); - Identity rt = id.responsibleTo(); - assertTrue(rt.id().equals("bdevl")); - - } - - //@Test - public void notYetImplemented() { - fail("Tests in this file should not be trusted"); - } + //@Test + public void testGetRealm() throws OrganizationException{ + String realmTest = defaultOrg.getRealm(); + System.out.println("value of realm: " + realmTest); + assertTrue(realmTest == REALM); + } + + public void supportsRealm() { + String otherRealm = "org.ossaf.something"; + defaultOrg.addSupportedRealm(otherRealm); + assertTrue(defaultOrg.supportsRealm(otherRealm)); + } + //@Test + public void testGetName() throws OrganizationException{ + String testName = defaultOrg.getName(); + System.out.println("value of name: " + testName); + assertTrue(testName == NAME); + } + + + //@Test + public void testGetDomain() throws OrganizationException{ + String testDomain = defaultOrg.getDomain(); + System.out.println("value of domain: " + testDomain); + assertTrue(testDomain == DOMAIN); + } + + // @Test + // public void testIsValidID(){ + // String Result = defaultOrg.isValidID(Matchers.anyString()); + // System.out.println("value of res " +Result); + // assertNotNull(Result); + // } + + @Test + public void testResponsible() throws OrganizationException { + Identity id = defaultOrg.getIdentity(authzTransMock, "osaaf"); + Identity rt = id.responsibleTo(); + assertTrue(rt.id().equals("bdevl")); + + } + + //@Test + public void notYetImplemented() { + fail("Tests in this file should not be trusted"); + } } diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java index 3e5c74b5..d0d08075 100644 --- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java +++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java @@ -44,120 +44,120 @@ import java.io.IOException; @RunWith(PowerMockRunner.class) public class JU_DefaultOrgIdentity { - private DefaultOrg defaultOrgMock; + private DefaultOrg defaultOrgMock; - @Mock - private Reuse rMock; + @Mock + private Reuse rMock; - @Mock - AuthzTrans authzTransMock; + @Mock + AuthzTrans authzTransMock; - @Mock - private Data dataMock; + @Mock + private Data dataMock; - @Mock - private DefaultOrgIdentity defaultOrgIdentity; + @Mock + private DefaultOrgIdentity defaultOrgIdentity; - static String key = "iowna@deforg"; - static String orgDomain = "@deforg"; + static String key = "iowna@deforg"; + static String orgDomain = "@deforg"; - @Before - public void setUp() throws IOException, OrganizationException { - MockitoAnnotations.initMocks(this); - defaultOrgMock = PowerMockito.mock(DefaultOrg.class); - defaultOrgMock.identities = mock(Identities.class); + @Before + public void setUp() throws IOException, OrganizationException { + MockitoAnnotations.initMocks(this); + defaultOrgMock = PowerMockito.mock(DefaultOrg.class); + defaultOrgMock.identities = mock(Identities.class); - authzTransMock = PowerMockito.mock(AuthzTrans.class); + authzTransMock = PowerMockito.mock(AuthzTrans.class); - when(defaultOrgMock.getDomain()).thenReturn(orgDomain); - when(defaultOrgMock.identities.reuse()).thenReturn(rMock); - when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock); + when(defaultOrgMock.getDomain()).thenReturn(orgDomain); + when(defaultOrgMock.identities.reuse()).thenReturn(rMock); + when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock); - defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock); + defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock); - } + } - @Test - public void testIdentify_returnIdentifiedEntity() { + @Test + public void testIdentify_returnIdentifiedEntity() { - assertTrue(defaultOrgIdentity.id() != null); + assertTrue(defaultOrgIdentity.id() != null); - } + } - @Test - public void testIdentify_returnIdentifiedEntityWithDataNull() throws IOException, OrganizationException { + @Test + public void testIdentify_returnIdentifiedEntityWithDataNull() throws IOException, OrganizationException { - when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(null); + when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(null); - DefaultOrgIdentity defaultOrgIdentityDataNull = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock); - assertTrue(defaultOrgIdentityDataNull.id() != null); + DefaultOrgIdentity defaultOrgIdentityDataNull = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock); + assertTrue(defaultOrgIdentityDataNull.id() != null); - } + } - @Test(expected = OrganizationException.class) - public void testIdentify_returnThrowIOException() throws OrganizationException { + @Test(expected = OrganizationException.class) + public void testIdentify_returnThrowIOException() throws OrganizationException { - when(defaultOrgMock.getDomain()).thenReturn(orgDomain); - when(defaultOrgMock.identities.reuse()).thenThrow(IOException.class); - DefaultOrgIdentity defaultOrgIdentityException = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock); + when(defaultOrgMock.getDomain()).thenReturn(orgDomain); + when(defaultOrgMock.identities.reuse()).thenThrow(IOException.class); + DefaultOrgIdentity defaultOrgIdentityException = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock); - } + } - @Test - public void testEquals_returnTrue() { + @Test + public void testEquals_returnTrue() { - Object b = defaultOrgIdentity; - assertTrue(defaultOrgIdentity.equals(b) == true ); - } + Object b = defaultOrgIdentity; + assertTrue(defaultOrgIdentity.equals(b) == true ); + } - @Test - public void testStatus_returnUnknown() { + @Test + public void testStatus_returnUnknown() { - assertEquals(defaultOrgIdentity.type(), "Unknown"); + assertEquals(defaultOrgIdentity.type(), "Unknown"); - } + } - @Test - public void testHash_returnHashCode() { + @Test + public void testHash_returnHashCode() { - assertTrue(defaultOrgIdentity.hashCode() != 0 ); + assertTrue(defaultOrgIdentity.hashCode() != 0 ); - } + } - @Test - public void testFullId_returnFullId() throws IOException, OrganizationException{ - String key="toto@deforg"; - String orgDomain="@deforg"; - when(defaultOrgMock.getDomain()).thenReturn(orgDomain); - when(defaultOrgMock.identities.reuse()).thenReturn(rMock); - when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock); - defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock); + @Test + public void testFullId_returnFullId() throws IOException, OrganizationException{ + String key="toto@deforg"; + String orgDomain="@deforg"; + when(defaultOrgMock.getDomain()).thenReturn(orgDomain); + when(defaultOrgMock.identities.reuse()).thenReturn(rMock); + when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock); + defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock); - assertTrue(defaultOrgIdentity.fullID().contains("@") ); - } + assertTrue(defaultOrgIdentity.fullID().contains("@") ); + } - @Test - public void testEmail_returnEmail() { + @Test + public void testEmail_returnEmail() { - assertTrue(defaultOrgIdentity.email() != null ); - } + assertTrue(defaultOrgIdentity.email() != null ); + } - @Test - public void testFullName_returnFullName() { + @Test + public void testFullName_returnFullName() { - assertTrue(defaultOrgIdentity.fullName() != null ); - } + assertTrue(defaultOrgIdentity.fullName() != null ); + } - @Test - public void testFirstName_returnFirstName() { + @Test + public void testFirstName_returnFirstName() { - assertTrue(defaultOrgIdentity.firstName() != null ); - } + assertTrue(defaultOrgIdentity.firstName() != null ); + } diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java index 2692d608..ad92c3e1 100644 --- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java +++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java @@ -34,50 +34,50 @@ import org.powermock.modules.junit4.PowerMockRunner; @RunWith(PowerMockRunner.class) public class JU_DefaultOrgWarnings { - private DefaultOrgWarnings defaultOrgWarningsMock; - private DefaultOrgWarnings defaultOrgWarnings; + private DefaultOrgWarnings defaultOrgWarningsMock; + private DefaultOrgWarnings defaultOrgWarnings; - @Before - public void setUp(){ - MockitoAnnotations.initMocks(this); + @Before + public void setUp(){ + MockitoAnnotations.initMocks(this); - defaultOrgWarningsMock = PowerMockito.mock(DefaultOrgWarnings.class); + defaultOrgWarningsMock = PowerMockito.mock(DefaultOrgWarnings.class); - defaultOrgWarnings = new DefaultOrgWarnings(); - } + defaultOrgWarnings = new DefaultOrgWarnings(); + } - @Test - public void testApprEmailInterval() { + @Test + public void testApprEmailInterval() { - assertEquals(259200000, defaultOrgWarnings.apprEmailInterval() ); - } + assertEquals(259200000, defaultOrgWarnings.apprEmailInterval() ); + } - @Test - public void testCredEmailInterval() { - assertEquals(604800000, defaultOrgWarnings.credEmailInterval()); + @Test + public void testCredEmailInterval() { + assertEquals(604800000, defaultOrgWarnings.credEmailInterval()); - } + } - @Test - public void testCredExpirationWarning() { - assertEquals(2592000000L, defaultOrgWarnings.credExpirationWarning()); - } + @Test + public void testCredExpirationWarning() { + assertEquals(2592000000L, defaultOrgWarnings.credExpirationWarning()); + } - @Test - public void testEmailUrgentWarning() { - assertEquals(1209600000L, defaultOrgWarnings.emailUrgentWarning()); - } + @Test + public void testEmailUrgentWarning() { + assertEquals(1209600000L, defaultOrgWarnings.emailUrgentWarning()); + } - @Test - public void testRoleEmailInterval() { - assertEquals(604800000L, defaultOrgWarnings.roleEmailInterval()); - } + @Test + public void testRoleEmailInterval() { + assertEquals(604800000L, defaultOrgWarnings.roleEmailInterval()); + } - @Test - public void testRoleExpirationWarning() { - assertEquals(2592000000L, defaultOrgWarnings.roleExpirationWarning()); - } + @Test + public void testRoleExpirationWarning() { + assertEquals(2592000000L, defaultOrgWarnings.roleExpirationWarning()); + } } diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java index 458d3b25..6fa7a347 100644 --- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java +++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java @@ -44,67 +44,67 @@ import org.onap.aaf.org.Identities.Data; */ public class JU_Identities { // -// private static final String DATA_IDENTITIES = "/opt/app/onap/data/identities.dat"; -// private static File fids; -// private static Identities ids; -// private static AuthzEnv env; +// private static final String DATA_IDENTITIES = "/opt/app/onap/data/identities.dat"; +// private static File fids; +// private static Identities ids; +// private static AuthzEnv env; // -// /** -// * @throws java.lang.Exception -// */ -// @BeforeClass -// public static void setUpBeforeClass() throws Exception { -// env = new AuthzEnv(); -// AuthzTrans trans = env.newTransNoAvg(); -// // Note: utilize TimeTaken, from trans.start if you want to time. -// fids = new File(DATA_IDENTITIES); -// if(fids.exists()) { -// ids = new Identities(fids); -// ids.open(trans, 5000); -// } else { -// -// throw new Exception("Data File for Tests, \"" + DATA_IDENTITIES -// + "\" must exist before test can run. (Current dir is " + System.getProperty("user.dir") + ")"); -// } -// } +// /** +// * @throws java.lang.Exception +// */ +// @BeforeClass +// public static void setUpBeforeClass() throws Exception { +// env = new AuthzEnv(); +// AuthzTrans trans = env.newTransNoAvg(); +// // Note: utilize TimeTaken, from trans.start if you want to time. +// fids = new File(DATA_IDENTITIES); +// if(fids.exists()) { +// ids = new Identities(fids); +// ids.open(trans, 5000); +// } else { +// +// throw new Exception("Data File for Tests, \"" + DATA_IDENTITIES +// + "\" must exist before test can run. (Current dir is " + System.getProperty("user.dir") + ")"); +// } +// } // -// /** -// * @throws java.lang.Exception -// */ -// @AfterClass -// public static void tearDownAfterClass() throws Exception { -// AuthzTrans trans = env.newTransNoAvg(); -// if(ids!=null) { -// ids.close(trans); -// } -// } +// /** +// * @throws java.lang.Exception +// */ +// @AfterClass +// public static void tearDownAfterClass() throws Exception { +// AuthzTrans trans = env.newTransNoAvg(); +// if(ids!=null) { +// ids.close(trans); +// } +// } // -// /** -// * @throws java.lang.Exception -// */ -// @Before -// public void setUp() throws Exception { -// } +// /** +// * @throws java.lang.Exception +// */ +// @Before +// public void setUp() throws Exception { +// } // -// /** -// * @throws java.lang.Exception -// */ -// @After -// public void tearDown() throws Exception { -// } +// /** +// * @throws java.lang.Exception +// */ +// @After +// public void tearDown() throws Exception { +// } // -// @Test -// public void test() throws IOException { -// Reuse reuse = ids.reuse(); // this object can be reused within the same thread. -// Data id = ids.find("osaaf",reuse); -// Assert.assertNotNull(id); -// System.out.println(id); +// @Test +// public void test() throws IOException { +// Reuse reuse = ids.reuse(); // this object can be reused within the same thread. +// Data id = ids.find("osaaf",reuse); +// Assert.assertNotNull(id); +// System.out.println(id); // -// id = ids.find("mmanager",reuse); -// Assert.assertNotNull(id); -// System.out.println(id); +// id = ids.find("mmanager",reuse); +// Assert.assertNotNull(id); +// System.out.println(id); // -// //TODO Fill out JUnit with Tests of all Methods in "Data id" -// } +// //TODO Fill out JUnit with Tests of all Methods in "Data id" +// } } diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java index 72e4ff87..847e59f1 100644 --- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java +++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java @@ -46,80 +46,80 @@ import org.powermock.modules.junit4.PowerMockRunner; public class JU_Passwords { - private DefaultOrg defaultOrg; + private DefaultOrg defaultOrg; - Identities.Data data; + Identities.Data data; - @Mock - Env envMock; + @Mock + Env envMock; - @Mock - AuthzTrans authzTransMock; + @Mock + AuthzTrans authzTransMock; - @Mock - TimeTaken ttMock; + @Mock + TimeTaken ttMock; - @Mock - LogTarget logTargetMock; + @Mock + LogTarget logTargetMock; - private static final String REALM = "org.osaaf"; - private static final String NAME = "Default Organization"; + private static final String REALM = "org.osaaf"; + private static final String NAME = "Default Organization"; - String mailHost,mailFromUserId,summary,supportAddress; + String mailHost,mailFromUserId,summary,supportAddress; - @Before - public void setUp() throws OrganizationException{ + @Before + public void setUp() throws OrganizationException{ - mailFromUserId = "frommail"; - mailHost = "hostmail"; - File file = new File("src/test/resources/"); - when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME); - when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost); - when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId); - when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath()); - when(envMock.warn()).thenReturn(logTargetMock); - when(authzTransMock.warn()).thenReturn(logTargetMock); - when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock); - when(authzTransMock.error()).thenReturn(logTargetMock); - when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env"); + mailFromUserId = "frommail"; + mailHost = "hostmail"; + File file = new File("src/test/resources/"); + when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME); + when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost); + when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId); + when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath()); + when(envMock.warn()).thenReturn(logTargetMock); + when(authzTransMock.warn()).thenReturn(logTargetMock); + when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock); + when(authzTransMock.error()).thenReturn(logTargetMock); + when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env"); - defaultOrg = new DefaultOrg(envMock, REALM); + defaultOrg = new DefaultOrg(envMock, REALM); - } + } - @Test - public void testDefOrgPasswords() { - // Accepts letters and one of (number, Special Char, Upper) - assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou2", "Pilgrim"),""); - assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),""); - assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),""); - - // Don't accept just letters, Numbers or Special Chars, or without ANY letters - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyouA", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "NEWYOU", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyou", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "125343", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$@*^#", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$3333", "Pilgrim"),""); + @Test + public void testDefOrgPasswords() { + // Accepts letters and one of (number, Special Char, Upper) + assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou2", "Pilgrim"),""); + assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),""); + assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),""); + + // Don't accept just letters, Numbers or Special Chars, or without ANY letters + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyouA", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "NEWYOU", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyou", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "125343", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$@*^#", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$3333", "Pilgrim"),""); - // Length - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "w2Yu!", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "moreThan20somethingCharacters, even though good", "Pilgrim"),""); + // Length + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "w2Yu!", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "moreThan20somethingCharacters, even though good", "Pilgrim"),""); - // May not contain ID - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim1", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim#", "Pilgrim"),""); - assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "aPilgrim1", "Pilgrim"),""); + // May not contain ID + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim1", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim#", "Pilgrim"),""); + assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "aPilgrim1", "Pilgrim"),""); - // Solid - assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),""); + // Solid + assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),""); - - } + + } } |