diff options
Diffstat (limited to 'cadi')
12 files changed, 435 insertions, 192 deletions
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java index 99bdb49c..ea126f54 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java @@ -47,8 +47,7 @@ import org.onap.aaf.cadi.util.JsonOutputStream; */ public class CmdLine { - public static Access access; - + private static boolean systemExit = true; /** * @param args */ @@ -349,10 +348,13 @@ public class CmdLine { System.out.println(" sha256 <text> <salts(s)> (Digest String into SHA256 Hash)"); System.out.println(" md5 <text> (Digest String into MD5 Hash)"); } - String forceExit = access.getProperty("force_exit", null); - if (forceExit == null) { + if (systemExit) { System.exit(1); } } + public static void setSystemExit(boolean shouldExit) { + systemExit = shouldExit; + } + } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java index f7c4b7f1..f72a99bf 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java @@ -47,7 +47,7 @@ public class AUTHZServlet<S extends Servlet> implements Servlet { delegate = null; } RolesAllowed rolesAllowed = cls.getAnnotation(RolesAllowed.class); - if(rolesAllowed == null) { + if (rolesAllowed == null) { roles = null; } else { roles = rolesAllowed.value(); @@ -55,7 +55,9 @@ public class AUTHZServlet<S extends Servlet> implements Servlet { } public void init(ServletConfig sc) throws ServletException { - if(delegate == null) throw new ServletException("Invalid Servlet Delegate"); + if (delegate == null) { + throw new ServletException("Invalid Servlet Delegate"); + } delegate.init(sc); } @@ -68,27 +70,24 @@ public class AUTHZServlet<S extends Servlet> implements Servlet { } public void service(ServletRequest req, ServletResponse resp) throws ServletException, IOException { - if(roles==null) { - delegate.service(req,resp); - } else { // Validate - try { - HttpServletRequest hreq = (HttpServletRequest)req; - boolean proceed = false; - for(String role : roles) { - if(hreq.isUserInRole(role)) { - proceed = true; - break; - } - } - if(proceed) { - delegate.service(req,resp); - } else { - //baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles); - ((HttpServletResponse)resp).sendError(403); // forbidden + if (roles == null) { + delegate.service(req, resp); + return; + } + + // Validate + try { + HttpServletRequest hreq = (HttpServletRequest)req; + for (String role : roles) { + if (hreq.isUserInRole(role)) { + delegate.service(req, resp); + return; } - } catch(ClassCastException e) { - throw new ServletException("JASPIServlet only supports HTTPServletRequest/HttpServletResponse"); } + + ((HttpServletResponse)resp).sendError(403); // forbidden + } catch (ClassCastException e) { + throw new ServletException("JASPIServlet only supports HTTPServletRequest/HttpServletResponse"); } } @@ -96,5 +95,4 @@ public class AUTHZServlet<S extends Servlet> implements Servlet { delegate.destroy(); } - } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java index 052b9ff1..f0786b12 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java @@ -34,7 +34,7 @@ public class MapPermConverter implements PermConverter { * @param value */ public MapPermConverter() { - map = new HashMap<String,String>(); + map = new HashMap<>(); } /** @@ -48,7 +48,7 @@ public class MapPermConverter implements PermConverter { public String convert(String minimal) { String rv = map.get(minimal); - return rv==null?minimal:rv; + return (rv == null) ? minimal : rv; } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java index 211a4bfe..8b70d95d 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -23,18 +23,20 @@ package org.onap.aaf.cadi.filter; /** - * A NullPermConverter - * + * A NullPermConverter + * * Obey the PermConverter Interface, but passed in "minimal" String is not converted. - * + * * @author Jonathan * */ public class NullPermConverter implements PermConverter { - private NullPermConverter() {} private static final NullPermConverter singleton = new NullPermConverter(); - public static NullPermConverter singleton() {return singleton;} + + private NullPermConverter() {} + + public static NullPermConverter singleton() { return singleton; } public String convert(String minimal) { return minimal; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java index c508a5ce..cf87c840 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -39,44 +39,44 @@ import org.onap.aaf.cadi.config.Config; /** * PathFilter - * + * * This class implements Servlet Filter, and uses AAF to validate access to a Path. - * + * * This class can be used in a standard J2EE Servlet manner. - * + * * @author Jonathan, collaborating with Xue Gao * */ public class PathFilter implements Filter { - private ServletContext context; - private String aaf_type; - private String not_authorized_msg; private final Log log; + private ServletContext context; + private String aafType; + private String notAuthorizedMsg; + /** * Construct a viable Filter for installing in Container WEB.XML, etc. - * + * */ public PathFilter() { log = new Log() { public void info(String ... msg) { - context.log(build("INFO:",msg)); + context.log(build("INFO:", msg)); } public void audit(String ... msg) { - context.log(build("AUDIT:",msg)); + context.log(build("AUDIT:", msg)); } private String build(String type, String []msg) { StringBuilder sb = new StringBuilder(type); - for(String s : msg) { + for (String s : msg) { sb.append(' '); sb.append(s); } return sb.toString(); } - }; } - + /** * Filter that can be constructed within Java * @param access @@ -91,10 +91,10 @@ public class PathFilter implements Filter { } }; } - + /** * Init - * + * * Standard Filter "init" call with FilterConfig to obtain properties. POJOs can construct a * FilterConfig with the mechanism of their choice, and standard J2EE Servlet engines utilize this * mechanism already. @@ -103,16 +103,16 @@ public class PathFilter implements Filter { // need the Context for Logging, instantiating ClassLoader, etc context = filterConfig.getServletContext(); StringBuilder sb = new StringBuilder(); - StringBuilder err = new StringBuilder(); + StringBuilder err = new StringBuilder(); Object attr = context.getAttribute(Config.PATHFILTER_NS); - if(attr==null) { + if (attr == null) { err.append("PathFilter - pathfilter_ns is not set"); } else { - sb.append(attr.toString()); + sb.append(attr.toString()); } attr = context.getAttribute(Config.PATHFILTER_STACK); - if(attr==null) { + if (attr == null) { log.info("PathFilter - No pathfilter_stack set, ignoring"); } else { sb.append('.'); @@ -120,7 +120,7 @@ public class PathFilter implements Filter { } attr = context.getAttribute(Config.PATHFILTER_URLPATTERN); - if(attr==null) { + if (attr == null) { log.info("PathFilter - No pathfilter_urlpattern set, defaulting to 'urlpattern'"); sb.append(".urlpattern"); } else { @@ -128,20 +128,20 @@ public class PathFilter implements Filter { sb.append(attr.toString()); } - log.info("PathFilter - AAF Permission Type is",sb.toString()); - + log.info("PathFilter - AAF Permission Type is", sb.toString()); + sb.append('|'); - - aaf_type = sb.toString(); + + aafType = sb.toString(); attr = context.getAttribute(Config.PATHFILTER_NOT_AUTHORIZED_MSG); - if(attr==null) { - not_authorized_msg = "Forbidden - Not Authorized to access this Path"; + if (attr == null) { + notAuthorizedMsg = "Forbidden - Not Authorized to access this Path"; } else { - not_authorized_msg = attr.toString(); + notAuthorizedMsg = attr.toString(); } - if(err.length()>0) { + if (err.length() > 0) { throw new ServletException(err.toString()); } } @@ -153,7 +153,7 @@ public class PathFilter implements Filter { /** * doFilter - * + * * This is the standard J2EE invocation. Analyze the request, modify response as necessary, and * only call the next item in the filterChain if request is suitably Authenticated. */ @@ -161,23 +161,20 @@ public class PathFilter implements Filter { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest hreq = (HttpServletRequest)request; HttpServletResponse hresp = (HttpServletResponse)response; - String perm = aaf_type+hreq.getPathInfo()+'|'+hreq.getMethod(); - if(hreq.isUserInRole(perm)) { + String perm = aafType + hreq.getPathInfo() + '|' + hreq.getMethod(); + if (hreq.isUserInRole(perm)) { chain.doFilter(request, response); } else { - log.audit("PathFilter has denied",hreq.getUserPrincipal().getName(),"access to",perm); - hresp.sendError(403,not_authorized_msg); + log.audit("PathFilter has denied", hreq.getUserPrincipal().getName(), "access to", perm); + hresp.sendError(403, notAuthorizedMsg); } } /** - * Containers call "destroy" when time to cleanup + * Containers call "destroy" when time to cleanup */ public void destroy() { log.info("PathFilter destroyed."); } - - } - diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java new file mode 100644 index 00000000..6daa2720 --- /dev/null +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java @@ -0,0 +1,107 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.cadi.filter.test; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.fail; +import static org.mockito.Mockito.when; + +import java.io.IOException; +import java.lang.reflect.Field; + +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import org.onap.aaf.cadi.filter.AUTHZServlet; + +import javax.servlet.Servlet; +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequestWrapper; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +public class JU_AUTHZServlet { + + @Mock private Servlet servletMock; + @Mock private ServletConfig servletConfigMock; + @Mock private HttpServletRequest reqMock; + @Mock private HttpServletResponse respMock; + @Mock private ServletRequestWrapper servletWrapperMock; + + @Before + public void setup() { + MockitoAnnotations.initMocks(this); + } + + @Test + public void test() throws ServletException, IOException { + AUTHZServletStub servlet = new AUTHZServletStub(Servlet.class); + + try { + servlet.init(servletConfigMock); + fail("Should've thrown an exception"); + } catch (ServletException e) { + assertThat(e.getMessage(), is("Invalid Servlet Delegate")); + } + + setPrivateField(AUTHZServlet.class, "delegate", servlet, servletMock); + servlet.init(servletConfigMock); + servlet.getServletConfig(); + servlet.getServletInfo(); + + servlet.service(reqMock, respMock); + + String[] roles = new String[] {"role1", "role2"}; + setPrivateField(AUTHZServlet.class, "roles", servlet, roles); + servlet.service(reqMock, respMock); + + when(reqMock.isUserInRole("role1")).thenReturn(true); + servlet.service(reqMock, respMock); + + try { + servlet.service(servletWrapperMock, respMock); + fail("Should've thrown an exception"); + } catch (ServletException e) { + assertThat(e.getMessage(), is("JASPIServlet only supports HTTPServletRequest/HttpServletResponse")); + } + servlet.destroy(); + } + + private class AUTHZServletStub extends AUTHZServlet<Servlet> { + public AUTHZServletStub(Class<Servlet> cls) { super(cls); } + } + + private void setPrivateField(Class<?> clazz, String fieldName, Object target, Object value) { + try { + Field field = clazz.getDeclaredField(fieldName); + field.setAccessible(true); + field.set(target, value); + field.setAccessible(false); + } catch(Exception e) { + System.err.println("Could not set field [" + fieldName + "] to " + value); + } + } + +} diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AccessGetter.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AccessGetter.java new file mode 100644 index 00000000..b53a9ea9 --- /dev/null +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AccessGetter.java @@ -0,0 +1,54 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.cadi.filter.test; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; + +import java.io.ByteArrayOutputStream; +import java.io.PrintStream; + +import org.junit.Before; +import org.junit.Test; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.filter.AccessGetter; + +public class JU_AccessGetter { + + private static final String tag = "tag"; + private static final String value = "value"; + + private PropAccess access; + + @Before + public void setup() { + access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]); + access.setProperty(tag, value); + } + + @Test + public void test() { + AccessGetter getter = new AccessGetter(access); + assertThat(getter.get(tag, null, false), is(value)); + } + +} diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_FCGetTest.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_FCGetTest.java deleted file mode 100644 index 694c59e7..00000000 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_FCGetTest.java +++ /dev/null @@ -1,103 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * - ******************************************************************************/ -package org.onap.aaf.cadi.filter.test; - -import static org.junit.Assert.*; -import static org.mockito.Mockito.when; - -import javax.servlet.FilterConfig; -import javax.servlet.ServletContext; - -import org.junit.Before; -import org.junit.Test; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; -import org.onap.aaf.cadi.PropAccess; - -public class JU_FCGetTest { - - @Test - public void netYetTested() { - //fail("Tests not yet implemented"); - } - -// @Mock -// private ServletContext context; - -// @Mock -// private FilterConfig config; - -// @Mock -// private PropAccess access = new PropAccess(); - -// @Before -// public void setUp() { -// MockitoAnnotations.initMocks(this); -// } - -// @Test -// public void testGetStringFromDef() { -// PropAccess access = new PropAccess(); - -// FCGet fcGet = new FCGet(access, context, config); - -// String user = fcGet.get("user", "DefaultUser", true); - -// assertEquals(user, "DefaultUser"); -// } - -// @Test -// public void testGetStringFromContext() { -// PropAccess access = new PropAccess(); -// when(context.getInitParameter("user")).thenReturn("ContextUser"); - -// FCGet fcGet = new FCGet(access, context, null); - -// String user = fcGet.get("user", "DefaultUser", true); - -// assertEquals(user,"ContextUser"); -// } - -// @Test -// public void testGetStringFromFilter() { -// PropAccess access = new PropAccess(); -// when(config.getInitParameter("user")).thenReturn("FilterUser"); - -// FCGet fcGet = new FCGet(access, null, config); - -// String user = fcGet.get("user", "DefaultUser", true); - -// assertEquals(user,"FilterUser"); -// } - -// @Test -// public void testGetStringWithNullContextFilter() { - -// when(access.getProperty("user", "DefaultUser")).thenReturn(null); - -// FCGet fcGet = new FCGet(access, null, null); - -// String user = fcGet.get("user", "DefaultUser", true); - -// assertEquals(user,"DefaultUser"); -// } -} diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_MapPermConverter.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_MapPermConverter.java new file mode 100644 index 00000000..9fb951a2 --- /dev/null +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_MapPermConverter.java @@ -0,0 +1,45 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.cadi.filter.test; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; + +import org.junit.Test; +import org.onap.aaf.cadi.filter.MapPermConverter; + +public class JU_MapPermConverter { + + private static final String tag = "tag"; + private static final String value = "value"; + private static final String nontag = "nontag"; + + @Test + public void test() { + MapPermConverter converter = new MapPermConverter(); + assertThat(converter.map().isEmpty(), is(true)); + converter.map().put(tag, value); + assertThat(converter.convert(tag), is(value)); + assertThat(converter.convert(nontag), is(nontag)); + } + +} diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_NullPermConverter.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_NullPermConverter.java new file mode 100644 index 00000000..0a6dc2d5 --- /dev/null +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_NullPermConverter.java @@ -0,0 +1,38 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.cadi.filter.test; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; + +import org.junit.Test; +import org.onap.aaf.cadi.filter.NullPermConverter; + +public class JU_NullPermConverter { + + @Test + public void test() { + NullPermConverter converter = NullPermConverter.singleton(); + assertThat(converter.convert("test"), is("test")); + } + +} diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_PathFilter.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_PathFilter.java new file mode 100644 index 00000000..a36dd462 --- /dev/null +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_PathFilter.java @@ -0,0 +1,105 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.cadi.filter.test; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.fail; +import static org.mockito.Matchers.anyString; +import static org.mockito.Mockito.when; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.PrintStream; +import java.security.Principal; + +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.filter.PathFilter; + +public class JU_PathFilter { + + private PropAccess access; + + @Mock private FilterConfig filterConfigMock; + @Mock private ServletContext contextMock; + @Mock private HttpServletRequest reqMock; + @Mock private HttpServletResponse respMock; + @Mock private FilterChain chainMock; + @Mock private Principal princMock; + + @Before + public void setup() { + MockitoAnnotations.initMocks(this); + when(filterConfigMock.getServletContext()).thenReturn(contextMock); + when(reqMock.getUserPrincipal()).thenReturn(princMock); + when(princMock.getName()).thenReturn("name"); + + access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]); + } + + @Test + public void test() throws ServletException, IOException { + PathFilter pathFilter = new PathFilter(access); + try { + pathFilter.init(filterConfigMock); + fail("Should've thrown an exception"); + } catch (ServletException e) { + assertThat(e.getMessage(), is("PathFilter - pathfilter_ns is not set")); + } + + when(contextMock.getAttribute(Config.PATHFILTER_NS)).thenReturn(5); + when(contextMock.getAttribute(Config.PATHFILTER_STACK)).thenReturn(5); + when(contextMock.getAttribute(Config.PATHFILTER_URLPATTERN)).thenReturn(5); + when(contextMock.getAttribute(Config.PATHFILTER_NOT_AUTHORIZED_MSG)).thenReturn(5); + pathFilter.init(filterConfigMock); + + pathFilter.doFilter(reqMock, respMock, chainMock); + + when(reqMock.isUserInRole(anyString())).thenReturn(true); + pathFilter.doFilter(reqMock, respMock, chainMock); + + pathFilter.destroy(); + + pathFilter = new PathFilter(); + pathFilter.init(filterConfigMock); + + pathFilter.doFilter(reqMock, respMock, chainMock); + + when(reqMock.isUserInRole(anyString())).thenReturn(false); + pathFilter.doFilter(reqMock, respMock, chainMock); + + pathFilter.destroy(); + } + +} diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java index 52be7d5e..efcc1b29 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java @@ -21,10 +21,11 @@ ******************************************************************************/ package org.onap.aaf.cadi.test; -import static org.junit.Assert.*; -import static org.hamcrest.CoreMatchers.*; -import org.junit.*; -import org.mockito.*; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.not; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.assertTrue; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; @@ -37,8 +38,12 @@ import java.nio.file.Files; import java.nio.file.Paths; import java.util.Properties; +import org.junit.After; +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; import org.onap.aaf.cadi.CmdLine; -import org.onap.aaf.cadi.PropAccess; import org.onap.aaf.cadi.Symm; public class JU_CmdLine { @@ -59,12 +64,12 @@ public class JU_CmdLine { public void setup() throws Exception { MockitoAnnotations.initMocks(this); - System.setOut(new PrintStream(outContent)); + System.setOut(new PrintStream(outContent)); Properties p = new Properties(); p.setProperty("force_exit", "false"); - CmdLine.access = new PropAccess(p); + CmdLine.setSystemExit(false); keyfile = "src/test/resources/keyfile"; password = "password"; @@ -79,8 +84,8 @@ public class JU_CmdLine { @After public void restoreStreams() throws IOException { - System.setOut(System.out); - System.setIn(System.in); + System.setOut(System.out); + System.setIn(System.in); } @Test @@ -95,13 +100,6 @@ public class JU_CmdLine { assertThat(decrypted, is(password)); } - // @Test - // public void regurgitateTest() { - // // TODO: We may still want to remove the regurgitate functionality - // // from the CmdLine - Ian - // fail("Tests not yet implemented"); - // } - @Test public void encode64Test() throws Exception { CmdLine.main(new String[]{"encode64", password}); |