summaryrefslogtreecommitdiffstats
path: root/auth/auth-service/src/test
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-service/src/test')
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/test/JU_BaseServiceImpl.java162
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/test/JU_ServiceImpl_createUserCred.java148
2 files changed, 310 insertions, 0 deletions
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/test/JU_BaseServiceImpl.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/test/JU_BaseServiceImpl.java
new file mode 100644
index 00000000..c9ebc281
--- /dev/null
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/test/JU_BaseServiceImpl.java
@@ -0,0 +1,162 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.auth.service.test;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import java.util.ArrayList;
+import java.util.GregorianCalendar;
+import java.util.List;
+
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Spy;
+import org.mockito.runners.MockitoJUnitRunner;
+import org.onap.aaf.auth.common.Define;
+import org.onap.aaf.auth.dao.cached.CachedCertDAO;
+import org.onap.aaf.auth.dao.cached.CachedCredDAO;
+import org.onap.aaf.auth.dao.cached.CachedNSDAO;
+import org.onap.aaf.auth.dao.cached.CachedPermDAO;
+import org.onap.aaf.auth.dao.cached.CachedRoleDAO;
+import org.onap.aaf.auth.dao.cached.CachedUserRoleDAO;
+import org.onap.aaf.auth.dao.cass.ApprovalDAO;
+import org.onap.aaf.auth.dao.cass.CacheInfoDAO;
+import org.onap.aaf.auth.dao.cass.DelegateDAO;
+import org.onap.aaf.auth.dao.cass.FutureDAO;
+import org.onap.aaf.auth.dao.cass.HistoryDAO;
+import org.onap.aaf.auth.dao.cass.LocateDAO;
+import org.onap.aaf.auth.dao.cass.NsDAO;
+import org.onap.aaf.auth.dao.cass.UserRoleDAO;
+import org.onap.aaf.auth.dao.hl.Question;
+import org.onap.aaf.auth.env.AuthzEnv;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.service.AuthzCassServiceImpl;
+import org.onap.aaf.auth.service.mapper.Mapper_2_0;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.org.DefaultOrg;
+import org.onap.aaf.org.DefaultOrgIdentity;
+
+import aaf.v2_0.Approvals;
+import aaf.v2_0.Certs;
+import aaf.v2_0.Delgs;
+import aaf.v2_0.Error;
+import aaf.v2_0.History;
+import aaf.v2_0.Keys;
+import aaf.v2_0.Nss;
+import aaf.v2_0.Perms;
+import aaf.v2_0.Pkey;
+import aaf.v2_0.Request;
+import aaf.v2_0.Roles;
+import aaf.v2_0.UserRoles;
+import aaf.v2_0.Users;
+
+@RunWith(MockitoJUnitRunner.class)
+public abstract class JU_BaseServiceImpl {
+ protected AuthzCassServiceImpl<Nss, Perms, Pkey, Roles, Users, UserRoles, Delgs, Certs, Keys, Request, History, Error, Approvals>
+ acsi;
+ protected Mapper_2_0 mapper;
+
+ @Mock
+ protected DefaultOrg org;
+ @Mock
+ protected DefaultOrgIdentity orgIdentity;
+
+ protected HistoryDAO historyDAO = mock(HistoryDAO.class);
+ protected CacheInfoDAO cacheInfoDAO = mock(CacheInfoDAO.class);
+ protected CachedNSDAO nsDAO = mock(CachedNSDAO.class);
+ protected CachedPermDAO permDAO = mock(CachedPermDAO.class);
+ protected CachedRoleDAO roleDAO = mock(CachedRoleDAO.class);
+ protected CachedUserRoleDAO userRoleDAO = mock(CachedUserRoleDAO.class);
+ protected CachedCredDAO credDAO = mock(CachedCredDAO.class);
+ protected CachedCertDAO certDAO = mock(CachedCertDAO.class);
+ protected LocateDAO locateDAO = mock(LocateDAO.class);
+ protected FutureDAO futureDAO = mock(FutureDAO.class);
+ protected DelegateDAO delegateDAO = mock(DelegateDAO.class);
+ protected ApprovalDAO approvalDAO = mock(ApprovalDAO.class);
+
+ @Spy
+ protected static PropAccess access = new PropAccess();
+
+ @Spy
+ protected static AuthzEnv env = new AuthzEnv(access);
+
+ @Spy
+ protected static AuthzTrans trans = env.newTransNoAvg();
+
+
+ @Spy
+ protected Question question = new Question(trans,historyDAO,cacheInfoDAO,nsDAO,permDAO,roleDAO,userRoleDAO,
+ credDAO,certDAO,locateDAO,futureDAO,delegateDAO,approvalDAO);
+
+ public void setUp() throws Exception {
+ when(trans.org()).thenReturn(org);
+ when(org.getDomain()).thenReturn("org.onap");
+ Define.set(access);
+ access.setProperty(Config.CADI_LATITUDE, "38.0");
+ access.setProperty(Config.CADI_LONGITUDE, "-72.0");
+
+ mapper = new Mapper_2_0(question);
+ acsi = new AuthzCassServiceImpl<>(trans, mapper, question);
+ }
+
+ //////////
+ // Common Data Objects
+ /////////
+ protected List<NsDAO.Data> nsData(String name) {
+ NsDAO.Data ndd = new NsDAO.Data();
+ ndd.name=name;
+ int dot = name.lastIndexOf('.');
+ if(dot<0) {
+ ndd.parent=".";
+ } else {
+ ndd.parent=name.substring(0,dot);
+ }
+ List<NsDAO.Data> rv = new ArrayList<NsDAO.Data>();
+ rv.add(ndd);
+ return rv;
+ }
+
+ protected UserRoleDAO.Data urData(String user, String ns, String rname, int days) {
+ UserRoleDAO.Data urdd = new UserRoleDAO.Data();
+ urdd.user = user;
+ urdd.ns = ns;
+ urdd.rname = rname;
+ urdd.role = ns + '.' + rname;
+ GregorianCalendar gc = new GregorianCalendar();
+ gc.add(GregorianCalendar.DAY_OF_YEAR, days);
+ urdd.expires = gc.getTime();
+ return urdd;
+ }
+
+
+ protected <T> List<T> listOf(T t) {
+ List<T> list = new ArrayList<>();
+ list.add(t);
+ return list;
+ }
+
+ protected <T> List<T> emptyList(Class<T> cls) {
+ return new ArrayList<>();
+ }
+
+}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/test/JU_ServiceImpl_createUserCred.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/test/JU_ServiceImpl_createUserCred.java
new file mode 100644
index 00000000..1e4e9719
--- /dev/null
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/test/JU_ServiceImpl_createUserCred.java
@@ -0,0 +1,148 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.auth.service.test;
+
+import static org.mockito.Mockito.*;
+
+import java.nio.ByteBuffer;
+import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.GregorianCalendar;
+import java.util.List;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.runners.MockitoJUnitRunner;
+import org.onap.aaf.auth.dao.CachedDAO;
+import org.onap.aaf.auth.dao.cass.CredDAO;
+import org.onap.aaf.auth.dao.cass.UserRoleDAO;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.layer.Result;
+import org.onap.aaf.auth.org.OrganizationException;
+import org.onap.aaf.cadi.Hash;
+import org.onap.aaf.cadi.util.FQI;
+import org.onap.aaf.misc.env.Trans;
+
+import aaf.v2_0.CredRequest;
+import junit.framework.Assert;
+
+@RunWith(MockitoJUnitRunner.class)
+public class JU_ServiceImpl_createUserCred extends JU_BaseServiceImpl {
+ @Mock
+ private Result<CredDAO.Data> rcdd;
+
+ @Before
+ public void setUp() throws Exception {
+ super.setUp();
+ }
+
+ @Test
+ public void validCreateNewIsOwner() throws OrganizationException {
+ CredRequest cr = credRequest1();
+ final String fqi = "bob@people.onap.org";
+ when(trans.user()).thenReturn(fqi);
+ when(org.isValidPassword(trans, cr.getId(),cr.getPassword())).thenReturn("");
+ when(org.isValidCred(trans, cr.getId())).thenReturn(true);
+ when(org.canHaveMultipleCreds(cr.getId())).thenReturn(true);
+ when(org.getIdentity(trans, cr.getId())).thenReturn(orgIdentity);
+ when(orgIdentity.isFound()).thenReturn(true);
+ final String ns = "org.onap.sample";
+ when(question.userRoleDAO().read(trans, fqi, ns+".owner")).thenReturn(Result.ok(listOf(urData(fqi,ns,"owner",100))));
+ when(question.nsDAO().read(trans, ns)).thenReturn(Result.ok(nsData(ns)));
+ when(question.credDAO().readID(trans, cr.getId())).thenReturn(Result.ok(emptyList(CredDAO.Data.class)));
+ when(question.credDAO().create(any(AuthzTrans.class), any(CredDAO.Data.class) )).thenReturn(Result.ok(credDataFound(cr,100)));
+ when(question.credDAO().readNS(trans, ns)).thenReturn(Result.ok(listOf(credDataFound(cr,100))));
+ Result<?> result = acsi.createUserCred(trans,cr);
+ // Owner may do FIRST Creds
+ Assert.assertEquals(Result.OK,result.status);
+ }
+
+ @Test
+ public void validCreateNewOnlyAdmin() throws OrganizationException {
+ CredRequest cr = credRequest1();
+ final String fqi = "bob@people.onap.org";
+ when(trans.user()).thenReturn(fqi);
+ when(org.isValidPassword(trans, cr.getId(),cr.getPassword())).thenReturn("");
+ when(org.isValidCred(trans, cr.getId())).thenReturn(true);
+ when(org.canHaveMultipleCreds(cr.getId())).thenReturn(true);
+ when(org.getIdentity(trans, cr.getId())).thenReturn(orgIdentity);
+ when(orgIdentity.isFound()).thenReturn(true);
+ final String ns = "org.onap.sample";
+ when(question.userRoleDAO().read(trans, fqi, ns+".owner")).thenReturn(Result.ok(emptyList(UserRoleDAO.Data.class)));
+ when(question.userRoleDAO().read(trans, fqi, ns+".admin")).thenReturn(Result.ok(listOf(urData(fqi,ns,"admin",100))));
+ when(question.nsDAO().read(trans, ns)).thenReturn(Result.ok(nsData(ns)));
+ when(question.credDAO().readID(trans, cr.getId())).thenReturn(Result.ok(emptyList(CredDAO.Data.class)));
+ when(question.credDAO().create(any(AuthzTrans.class), any(CredDAO.Data.class) )).thenReturn(Result.ok(credDataFound(cr,100)));
+ when(question.credDAO().readNS(trans, ns)).thenReturn(Result.ok(listOf(credDataFound(cr,100))));
+ Result<?> result = acsi.createUserCred(trans,cr);
+ // Admins may not do FIRST Creds
+ Assert.assertEquals(Result.ERR_Denied,result.status);
+ }
+
+ @Test
+ public void validCreateExisting() throws OrganizationException {
+ CredRequest cr = credRequest1();
+ when(org.isValidPassword(trans, cr.getId(),cr.getPassword())).thenReturn("");
+ when(org.isValidCred(trans, cr.getId())).thenReturn(true);
+ when(org.canHaveMultipleCreds(cr.getId())).thenReturn(true);
+ when(org.getIdentity(trans, cr.getId())).thenReturn(orgIdentity);
+ when(orgIdentity.isFound()).thenReturn(true);
+ String ns = "org.onap.sample";
+ when(question.nsDAO().read(trans, ns)).thenReturn(Result.ok(nsData(ns)));
+
+ CredDAO.Data cdd = credDataFound(cr,100);
+ when(question.credDAO().create(any(AuthzTrans.class), any(CredDAO.Data.class) )).thenReturn(Result.ok(cdd));
+ when(question.credDAO().readID(trans, cr.getId())).thenReturn(Result.ok(listOf(cdd)));
+
+ Result<?> result = acsi.createUserCred(trans,cr);
+ Assert.assertEquals(Result.OK,result.status);
+ }
+
+ private CredRequest credRequest1() {
+ CredRequest cr = new CredRequest();
+ cr.setId("m12345@sample.onap.org");
+ cr.setPassword("BobAndWeave");
+ cr.setType(CredDAO.RAW);
+ return cr;
+ }
+
+ private CredDAO.Data credDataFound(CredRequest cr, int days) {
+ CredDAO.Data cdd = new CredDAO.Data();
+ cdd.id = cr.getId();
+ cdd.ns = FQI.reverseDomain(cr.getId());
+ cdd.other = 12345;
+ cdd.tag = "1355434";
+ cdd.type = CredDAO.BASIC_AUTH_SHA256;
+ try {
+ cdd.cred = ByteBuffer.wrap(Hash.hashSHA256(cr.getPassword().getBytes()));
+ } catch (NoSuchAlgorithmException e) {
+ Assert.fail(e.getMessage());
+ }
+ GregorianCalendar gc = new GregorianCalendar();
+ gc.add(GregorianCalendar.DAY_OF_YEAR, days);
+ cdd.expires = gc.getTime();
+ return cdd;
+ }
+
+} \ No newline at end of file