diff options
author | Sotiropoulos, Ioannis (is948x) <Ioannis.Sotiropoulos@amdocs.com> | 2018-06-06 10:56:36 +0100 |
---|---|---|
committer | Sotiropoulos, Ioannis (is948x) <Ioannis.Sotiropoulos@amdocs.com> | 2018-06-06 11:30:41 +0100 |
commit | c57a430c6dbd6951091978404a164000024fce20 (patch) | |
tree | cbd6a4d3ac492aa9c7cfbdeef21aa8f8aa47024e | |
parent | ca46bdfcfb109b856c293862f6ed77fe78eb510f (diff) |
Add validation for request header
Add validation for inclusion of X-FromAppId
and X-TransactionId in request header
Issue-ID: AAI-1190
Change-Id: Ie1d2b64a7243c013982992196048e1d6635d5e66
Signed-off-by: Sotiropoulos, Ioannis (is948x) <Ioannis.Sotiropoulos@amdocs.com>
-rw-r--r-- | pom.xml | 10 | ||||
-rw-r--r-- | src/main/java/org/onap/crud/service/CrudRestService.java | 29 | ||||
-rw-r--r-- | src/test/java/org/onap/crud/service/CrudRestServiceTest.java | 51 | ||||
-rw-r--r-- | src/test/java/org/onap/crud/service/TestHeaders.java | 19 |
4 files changed, 89 insertions, 20 deletions
@@ -127,9 +127,15 @@ limitations under the License. </dependency> <dependency> <groupId>org.mockito</groupId> - <artifactId>mockito-all</artifactId> - <version>1.9.5</version> + <artifactId>mockito-core</artifactId> + <version>1.10.19</version> <scope>test</scope> + <exclusions> + <exclusion> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-library</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>dom4j</groupId> diff --git a/src/main/java/org/onap/crud/service/CrudRestService.java b/src/main/java/org/onap/crud/service/CrudRestService.java index 5539374..2cbb87c 100644 --- a/src/main/java/org/onap/crud/service/CrudRestService.java +++ b/src/main/java/org/onap/crud/service/CrudRestService.java @@ -790,16 +790,29 @@ public class CrudRestService { return false; } - String sourceOfTruth = null; - if (headers.getRequestHeaders().containsKey("X-FromAppId")) { - sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId"); - } + validateRequestHeader(headers); + + return isValid; + } + + public void validateRequestHeader(HttpHeaders headers) throws CrudException { + String sourceOfTruth = null; + if (headers.getRequestHeaders().containsKey("X-FromAppId")) { + sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId"); + } - if (sourceOfTruth == null || sourceOfTruth.trim() == "") { - throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST); - } + if (sourceOfTruth == null || sourceOfTruth.trim() == "") { + throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST); + } + + String transId = null; + if (headers.getRequestHeaders().containsKey("X-TransactionId")) { + transId = headers.getRequestHeaders().getFirst("X-TransactionId"); + } - return isValid; + if (transId == null || transId.trim() == "") { + throw new CrudException("Invalid request, Missing X-TransactionId header", Status.BAD_REQUEST); + } } void logResult(Action op, String uri, Exception e) { diff --git a/src/test/java/org/onap/crud/service/CrudRestServiceTest.java b/src/test/java/org/onap/crud/service/CrudRestServiceTest.java index 029fd52..b61f234 100644 --- a/src/test/java/org/onap/crud/service/CrudRestServiceTest.java +++ b/src/test/java/org/onap/crud/service/CrudRestServiceTest.java @@ -20,19 +20,19 @@ */ package org.onap.crud.service; -import static org.junit.Assert.*; - +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; import java.io.BufferedReader; import java.io.File; import java.io.FileReader; import java.io.IOException; - import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; - import org.junit.Before; +import org.junit.Rule; import org.junit.Test; +import org.junit.rules.ExpectedException; import org.mockito.Mockito; import org.onap.crud.exception.CrudException; import org.onap.schema.RelationshipSchemaLoader; @@ -69,6 +69,9 @@ public class CrudRestServiceTest { private CrudRestService mockService; + @Rule + public ExpectedException thrown = ExpectedException.none(); + @Before public void init() throws Exception { ClassLoader classLoader = getClass().getClassLoader(); @@ -141,7 +144,7 @@ public class CrudRestServiceTest { @Test public void testUpdateVertex() throws CrudException { Response response; - + // Test ID mismatch response = mockService.updateVertex(putVertexPayload, "v11", "pserver", "bad-id", "services/inventory/v11", new TestHeaders(), null, new TestRequest()); @@ -203,6 +206,42 @@ public class CrudRestServiceTest { } @Test + public void testValidRequestHeader() throws CrudException { + TestHeaders testHeaders = new TestHeaders(); + mockService.validateRequestHeader(testHeaders); + } + + @Test + public void testInvalidRequestHeaderXTransactionId() throws CrudException { + thrown.expect(CrudException.class); + thrown.expectMessage("Invalid request, Missing X-TransactionId header"); + + TestHeaders testHeaders = new TestHeaders(); + testHeaders.clearRequestHeader("X-TransactionId"); + mockService.validateRequestHeader(testHeaders); + } + + @Test + public void testInvalidRequestHeaderXFromAppId() throws CrudException { + thrown.expect(CrudException.class); + thrown.expectMessage("Invalid request, Missing X-FromAppId header"); + + TestHeaders testHeaders = new TestHeaders(); + testHeaders.clearRequestHeader("X-FromAppId"); + mockService.validateRequestHeader(testHeaders); + } + + @Test + public void testEmptyRequestHeader() throws CrudException { + thrown.expect(CrudException.class); + thrown.expectMessage("Invalid request, Missing X-FromAppId header"); + + TestHeaders testHeaders = new TestHeaders(); + testHeaders.clearRequestHeader("X-TransactionId", "X-FromAppId"); + mockService.validateRequestHeader(testHeaders); + } + + @Test public void testBulk() throws CrudException, IOException { Response response; @@ -238,4 +277,4 @@ public class CrudRestServiceTest { } } -} +}
\ No newline at end of file diff --git a/src/test/java/org/onap/crud/service/TestHeaders.java b/src/test/java/org/onap/crud/service/TestHeaders.java index 6e30471..835840f 100644 --- a/src/test/java/org/onap/crud/service/TestHeaders.java +++ b/src/test/java/org/onap/crud/service/TestHeaders.java @@ -33,6 +33,14 @@ import javax.ws.rs.core.MultivaluedMap; public class TestHeaders implements HttpHeaders { + private MultivaluedMap<String, String> headers; + + public TestHeaders() { + headers = new MultivaluedHashMap<String, String>(); + headers.add("X-FromAppId", "test-app"); + headers.add("X-TransactionId", "65f7e29c-57fd-45b2-bfd5-19e25c59110e"); + } + @Override public List<Locale> getAcceptableLanguages() { return null; @@ -82,10 +90,13 @@ public class TestHeaders implements HttpHeaders { @Override public MultivaluedMap<String, String> getRequestHeaders() { - MultivaluedMap<String, String> map = new MultivaluedHashMap<String, String>(); - map.add("X-FromAppId", "test-app"); - map.add("X-TransactionId", "65f7e29c-57fd-45b2-bfd5-19e25c59110e"); - return map; + return headers; + } + + public void clearRequestHeader(String... keys) { + for (String key : keys) { + headers.remove(key); + } } } |