From 7ca6c2a19ee1971a402a6b7eaad4324d83fb236a Mon Sep 17 00:00:00 2001 From: "Popescu, Serban" Date: Fri, 14 Dec 2018 12:45:57 -0500 Subject: Add option to bypass user authorization the es.auth.authorization.enabled property, if set to false, will bypass user authorization Issue-ID: AAI-2007 Change-Id: I46e3e087ee13eacdf977bbdc9c439045b0072a33 Signed-off-by: Serban Popescu --- .../java/org/onap/aai/sa/rest/DocumentTest.java | 72 +++++++++++++++++++++- 1 file changed, 71 insertions(+), 1 deletion(-) (limited to 'src/test/java') diff --git a/src/test/java/org/onap/aai/sa/rest/DocumentTest.java b/src/test/java/org/onap/aai/sa/rest/DocumentTest.java index d16fe87..e780e3b 100644 --- a/src/test/java/org/onap/aai/sa/rest/DocumentTest.java +++ b/src/test/java/org/onap/aai/sa/rest/DocumentTest.java @@ -33,8 +33,12 @@ import org.mockito.InjectMocks; import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.MockitoAnnotations; +import org.mockito.invocation.InvocationOnMock; +import org.mockito.stubbing.Answer; +import org.onap.aai.sa.searchdbabstraction.elasticsearch.config.ElasticSearchConfig; import org.onap.aai.sa.searchdbabstraction.elasticsearch.dao.DocumentStoreDataEntity; import org.onap.aai.sa.searchdbabstraction.elasticsearch.dao.DocumentStoreInterface; +import org.onap.aai.sa.searchdbabstraction.elasticsearch.dao.ElasticSearchHttpController; import org.onap.aai.sa.searchdbabstraction.elasticsearch.exception.DocumentStoreOperationException; import org.onap.aai.sa.searchdbabstraction.entity.DocumentOperationResult; import org.onap.aai.sa.searchdbabstraction.entity.ErrorResult; @@ -43,6 +47,7 @@ import org.onap.aai.sa.searchdbabstraction.entity.SearchOperationResult; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import java.util.Properties; public class DocumentTest { @@ -70,6 +75,9 @@ public class DocumentTest { DocumentApi documentApi; + @Mock + ElasticSearchHttpController httpController; + @Before public void setUp() { MockitoAnnotations.initMocks(this); @@ -654,4 +662,66 @@ public class DocumentTest { Assert.assertNotNull(response); Assert.assertTrue(HttpStatus.INTERNAL_SERVER_ERROR.value() == response.getStatusCodeValue()); } -} + + @Test + public void testUserAuthorization() throws Exception { + String transactionId = "transactionId-1"; + String remoteAddr = "http://127.0.0.1"; + String content = "content"; + // Mockito.when(headers.getRequestHeaders()).thenReturn(multivaluedMap);; + Mockito.when(multivaluedMap.getFirst(Mockito.anyString())).thenReturn(transactionId); + Mockito.when(request.getRemoteAddr()).thenReturn(remoteAddr); + Mockito.when(request.getMethod()).thenReturn("testMethod"); + Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer("http://127.0.0.1")); + Mockito.when(request.getRemoteHost()).thenReturn("localhost"); + Mockito.when(searchServiceApi.validateRequest(Mockito.any(HttpHeaders.class), + Mockito.any(HttpServletRequest.class), Mockito.any(ApiUtils.Action.class), Mockito.anyString())) + .thenCallRealMethod(); + + Mockito.doAnswer(new Answer() { + public ElasticSearchConfig answer(InvocationOnMock invocation) { + Properties properties = new Properties(); + return new ElasticSearchConfig(properties); + } + }).when(httpController).getElasticSearchConfig(); + + searchServiceApi.documentStore = httpController; + + ResponseEntity response = + documentApi.processPut(content, request, headers, httpResponse, "index", "id-1", documentStore); + Assert.assertNotNull(response); + Assert.assertTrue(HttpStatus.FORBIDDEN.value() == response.getStatusCodeValue()); + + Mockito.doAnswer(new Answer() { + public ElasticSearchConfig answer(InvocationOnMock invocation) { + Properties properties = new Properties(); + properties.put(ElasticSearchConfig.ES_AUTH_ENABLED, "true"); + return new ElasticSearchConfig(properties); + } + }).when(httpController).getElasticSearchConfig(); + + + response = documentApi.processPut(content, request, headers, httpResponse, "index", "id-1", documentStore); + Assert.assertNotNull(response); + Assert.assertTrue(HttpStatus.FORBIDDEN.value() == response.getStatusCodeValue()); + + Mockito.doAnswer(new Answer() { + public ElasticSearchConfig answer(InvocationOnMock invocation) { + Properties properties = new Properties(); + properties.put(ElasticSearchConfig.ES_AUTH_ENABLED, "false"); + return new ElasticSearchConfig(properties); + } + }).when(httpController).getElasticSearchConfig(); + + DocumentOperationResult result = new DocumentOperationResult(); + result.setResultCode(302); + result.setError(new ErrorResult("type-1", "reason-1")); + result.setFailureCause("test-failure"); + Mockito.when(documentStore.createDocument(Mockito.anyString(), Mockito.any(DocumentStoreDataEntity.class), + Mockito.anyBoolean())).thenReturn(result); + response = documentApi.processPut(content, request, headers, httpResponse, "index", "id-1", documentStore); + Assert.assertNotNull(response); + Assert.assertTrue(HttpStatus.FOUND.value() == response.getStatusCodeValue()); + + } +} \ No newline at end of file -- cgit 1.2.3-korg