summaryrefslogtreecommitdiffstats
path: root/aai-resources/src/it/java
diff options
context:
space:
mode:
authorEric Santos <eric.santos@yoppworks.com>2021-05-06 14:18:58 -0400
committerM.Hosnidokht <mohammad.hosnidokht@yoppworks.com>2021-05-28 09:47:11 -0400
commit364dbfd6f51650718d803c7249fe854370eb901e (patch)
tree9eef0b381184e7c3a58da3bff72c8c9673a3c547 /aai-resources/src/it/java
parent641a1a0318a6de88ad5e4643258f7165783141e7 (diff)
Add multi-tenancy integration tests
- Created a separate directory under 'src' for integration tests - Moved all multi-tenancy related integration test classes and files into 'it' directory - Depends on https://gerrit.onap.org/r/c/ci-management/+/121243 Issue-ID: AAI-3324 Signed-off-by: Santos, Eric <eric.santos@yoppworks.com> Change-Id: Ie50e81bad6b72fdd02ff2e937f2fda5e6b8228e9
Diffstat (limited to 'aai-resources/src/it/java')
-rw-r--r--aai-resources/src/it/java/org/onap/aai/multitenancy/KeycloakTestConfiguration.java73
-rw-r--r--aai-resources/src/it/java/org/onap/aai/multitenancy/KeycloakTestProperties.java44
-rw-r--r--aai-resources/src/it/java/org/onap/aai/multitenancy/MultiTenancyIT.java119
-rw-r--r--aai-resources/src/it/java/org/onap/aai/multitenancy/RoleHandler.java57
4 files changed, 293 insertions, 0 deletions
diff --git a/aai-resources/src/it/java/org/onap/aai/multitenancy/KeycloakTestConfiguration.java b/aai-resources/src/it/java/org/onap/aai/multitenancy/KeycloakTestConfiguration.java
new file mode 100644
index 0000000..01f335a
--- /dev/null
+++ b/aai-resources/src/it/java/org/onap/aai/multitenancy/KeycloakTestConfiguration.java
@@ -0,0 +1,73 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aai.multitenancy;
+
+import com.github.dockerjava.api.model.ExposedPort;
+import com.github.dockerjava.api.model.HostConfig;
+import com.github.dockerjava.api.model.PortBinding;
+import com.github.dockerjava.api.model.Ports;
+import dasniko.testcontainers.keycloak.KeycloakContainer;
+import org.keycloak.adapters.springboot.KeycloakSpringBootProperties;
+import org.keycloak.admin.client.Keycloak;
+import org.keycloak.admin.client.KeycloakBuilder;
+import org.keycloak.representations.adapters.config.AdapterConfig;
+import org.springframework.boot.test.context.TestConfiguration;
+import org.springframework.context.annotation.Bean;
+
+@TestConfiguration
+class KeycloakTestConfiguration {
+
+ @Bean
+ public AdapterConfig adapterConfig() {
+ return new KeycloakSpringBootProperties();
+ }
+
+ @Bean
+ KeycloakContainer keycloakContainer(KeycloakTestProperties properties) {
+ KeycloakContainer keycloak = new KeycloakContainer("jboss/keycloak:12.0.4")
+ .withRealmImportFile(properties.realmJson)
+ .withCreateContainerCmdModifier(cmd -> cmd.withHostConfig(
+ new HostConfig().withPortBindings(new PortBinding(Ports.Binding.bindPort(Integer.parseInt(properties.port)), new ExposedPort(8080)))
+ ));
+ keycloak.start();
+ return keycloak;
+ }
+
+ @Bean
+ Keycloak keycloakAdminClient(KeycloakContainer keycloak, KeycloakTestProperties properties) {
+ return KeycloakBuilder.builder()
+ .serverUrl(keycloak.getAuthServerUrl())
+ .realm(properties.realm)
+ .clientId(properties.adminCli)
+ .username(keycloak.getAdminUsername())
+ .password(keycloak.getAdminPassword())
+ .build();
+ }
+
+ @Bean
+ RoleHandler roleHandler(Keycloak adminClient, KeycloakTestProperties properties) {
+ return new RoleHandler(adminClient, properties);
+ }
+
+ @Bean
+ KeycloakTestProperties properties() {
+ return new KeycloakTestProperties();
+ }
+}
diff --git a/aai-resources/src/it/java/org/onap/aai/multitenancy/KeycloakTestProperties.java b/aai-resources/src/it/java/org/onap/aai/multitenancy/KeycloakTestProperties.java
new file mode 100644
index 0000000..de62d2d
--- /dev/null
+++ b/aai-resources/src/it/java/org/onap/aai/multitenancy/KeycloakTestProperties.java
@@ -0,0 +1,44 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aai.multitenancy;
+
+import org.springframework.beans.factory.annotation.Value;
+
+class KeycloakTestProperties {
+
+ @Value("${test.keycloak.realm.json}")
+ public String realmJson;
+
+ @Value("${keycloak.realm}")
+ public String realm;
+
+ @Value("${keycloak.resource}")
+ public String clientId;
+
+ @Value("${test.keycloak.client.secret}")
+ public String clientSecret;
+
+ @Value("${test.keycloak.admin.cli}")
+ public String adminCli;
+
+ @Value("${test.keycloak.auth-server-port}")
+ public String port;
+
+}
diff --git a/aai-resources/src/it/java/org/onap/aai/multitenancy/MultiTenancyIT.java b/aai-resources/src/it/java/org/onap/aai/multitenancy/MultiTenancyIT.java
new file mode 100644
index 0000000..2ad9616
--- /dev/null
+++ b/aai-resources/src/it/java/org/onap/aai/multitenancy/MultiTenancyIT.java
@@ -0,0 +1,119 @@
+/**
+ * ============LICENSE_START==================================================
+ * org.onap.aai
+ * ===========================================================================
+ * Copyright © 2017-2020 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ */
+package org.onap.aai.multitenancy;
+
+import dasniko.testcontainers.keycloak.KeycloakContainer;
+import org.junit.Test;
+import org.keycloak.admin.client.Keycloak;
+import org.keycloak.admin.client.KeycloakBuilder;
+import org.keycloak.representations.AccessTokenResponse;
+import org.onap.aai.PayloadUtil;
+import org.onap.aai.rest.AbstractSpringRestTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Import;
+import org.springframework.http.*;
+import org.springframework.test.context.TestPropertySource;
+
+import java.util.Collections;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+@Import(KeycloakTestConfiguration.class)
+@TestPropertySource(locations = "classpath:application-keycloak-test.properties")
+public class MultiTenancyIT extends AbstractSpringRestTest {
+
+ @Autowired
+ private KeycloakContainer keycloakContainer;
+ @Autowired
+ private RoleHandler roleHandler;
+ @Autowired
+ private KeycloakTestProperties properties;
+
+ @Test
+ public void testCreateAndGetPnf() throws Exception {
+ baseUrl = "http://localhost:" + randomPort;
+ String endpoint = baseUrl + "/aai/v23/network/pnfs/pnf/pnf-1";
+ ResponseEntity responseEntity = null;
+
+ // create pnf with ran (operator)
+ String username = "ran", password = "ran";
+ headers = this.getHeaders(username, password);
+ httpEntity = new HttpEntity(PayloadUtil.getResourcePayload("pnf.json"), headers);
+ responseEntity = restTemplate.exchange(endpoint, HttpMethod.PUT, httpEntity, String.class);
+ assertEquals(HttpStatus.CREATED, responseEntity.getStatusCode());
+
+ // get pnf with bob (operator_readOnly)
+ username = "bob"; password = "bob";
+ headers = this.getHeaders(username, password);
+ httpEntity = new HttpEntity("", headers);
+ responseEntity = restTemplate.exchange(endpoint, HttpMethod.GET, httpEntity, String.class);
+ assertEquals(HttpStatus.OK, responseEntity.getStatusCode());
+
+ // get pnf with ted (selector)
+ username = "ted"; password = "ted";
+ headers = this.getHeaders(username, password);
+ httpEntity = new HttpEntity("", headers);
+ responseEntity = restTemplate.exchange(endpoint, HttpMethod.GET, httpEntity, String.class);
+ assertEquals(HttpStatus.FORBIDDEN, responseEntity.getStatusCode());
+
+ // add role to ted and try to get pnf again
+ roleHandler.addToUser(RoleHandler.OPERATOR_READ_ONLY, username);
+ headers = this.getHeaders(username, password);
+ httpEntity = new HttpEntity("", headers);
+ responseEntity = restTemplate.exchange(endpoint, HttpMethod.GET, httpEntity, String.class);
+ assertEquals(HttpStatus.OK, responseEntity.getStatusCode());
+
+ // get pnf with ran
+ username = "ran"; password = "ran";
+ headers = this.getHeaders(username, password);
+ httpEntity = new HttpEntity("", headers);
+ responseEntity = restTemplate.exchange(endpoint, HttpMethod.GET, httpEntity, String.class);
+ assertEquals(HttpStatus.OK, responseEntity.getStatusCode());
+ }
+
+ private HttpHeaders getHeaders(String username, String password) {
+ HttpHeaders headers = new HttpHeaders();
+
+ headers.setContentType(MediaType.APPLICATION_JSON);
+ headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
+ headers.add("Real-Time", "true");
+ headers.add("X-FromAppId", "JUNIT");
+ headers.add("X-TransactionId", "JUNIT");
+ headers.add("Authorization", "Bearer " + getStringToken(username, password));
+
+ return headers;
+ }
+
+ private String getStringToken(String username, String password) {
+ Keycloak keycloakClient = KeycloakBuilder.builder()
+ .serverUrl(keycloakContainer.getAuthServerUrl())
+ .realm(properties.realm)
+ .clientId(properties.clientId)
+ .clientSecret(properties.clientSecret)
+ .username(username)
+ .password(password)
+ .build();
+
+ AccessTokenResponse tokenResponse = keycloakClient.tokenManager().getAccessToken();
+ assertNotNull(tokenResponse);
+ return tokenResponse.getToken();
+ }
+}
diff --git a/aai-resources/src/it/java/org/onap/aai/multitenancy/RoleHandler.java b/aai-resources/src/it/java/org/onap/aai/multitenancy/RoleHandler.java
new file mode 100644
index 0000000..0769c15
--- /dev/null
+++ b/aai-resources/src/it/java/org/onap/aai/multitenancy/RoleHandler.java
@@ -0,0 +1,57 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aai.multitenancy;
+
+import org.keycloak.admin.client.Keycloak;
+import org.keycloak.admin.client.resource.RealmResource;
+
+import java.util.Collections;
+
+class RoleHandler {
+
+ /**
+ Following roles should be the same as given roles in multi-tenancy-realm json file
+ */
+ final static String OPERATOR = "operator";
+ final static String OPERATOR_READ_ONLY = "operator_readOnly";
+ private final Keycloak adminClient;
+ private final KeycloakTestProperties properties;
+
+ RoleHandler(Keycloak adminClient, KeycloakTestProperties properties) {
+ this.adminClient = adminClient;
+ this.properties = properties;
+ }
+
+ void addToUser(String role, String username) {
+ RealmResource realm = adminClient.realm(properties.realm);
+ realm.users().get(username)
+ .roles()
+ .realmLevel()
+ .add(Collections.singletonList(realm.roles().get(role).toRepresentation()));
+ }
+
+ void removeFromUser(String role, String username) {
+ RealmResource realm = adminClient.realm(properties.realm);
+ realm.users().get(username)
+ .roles()
+ .realmLevel()
+ .remove(Collections.singletonList(realm.roles().get(role).toRepresentation()));
+ }
+}