Upgrade spring/camel versions

Upgrade the spring/camel dependency versions in order to solve the security issue Issue-ID: CLAMP-188 Change-Id: I80c28a4d9c142b89463ad3a6a00761e5495adda8 Signed-off-by: xg353y <xg353y@intl.att.com>
author: xg353y <xg353y@intl.att.com> 2018-07-23 16:02:28 +0200
committer: xg353y <xg353y@intl.att.com> 2018-07-26 16:06:10 +0200
commit: 054f1d1e13b4a7f0dc3a84d4c282019a3c528043 (patch)
tree: c20b0cb0915f678653288487c6ad8f4d5497144b /src/test
parent: b0ff445fb7b53db882997ec0fd0e843b5c92a413 (diff)
6 files changed, 54 insertions, 135 deletions
diff --git a/src/test/java/org/onap/clamp/clds/it/CldsHealthcheckServiceItCase.java b/src/test/java/org/onap/clamp/clds/it/CldsHealthcheckServiceItCase.java
index 40e87688..5d891035 100644
--- a/src/test/java/org/onap/clamp/clds/it/CldsHealthcheckServiceItCase.java
+++ b/src/test/java/org/onap/clamp/clds/it/CldsHealthcheckServiceItCase.java
@@ -34,6 +34,7 @@ import org.onap.clamp.clds.service.CldsHealthcheckService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.http.ResponseEntity;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
 /**
@@ -48,8 +49,8 @@ public class CldsHealthcheckServiceItCase {
 
     @Test
     public void testGetHealthCheck() {
-        Response response = cldsHealthcheckService.gethealthcheck();
-        CldsHealthCheck cldsHealthCheck = (CldsHealthCheck) response.getEntity();
+        ResponseEntity response = cldsHealthcheckService.gethealthcheck();
+        CldsHealthCheck cldsHealthCheck = (CldsHealthCheck) response.getBody();
         assertNotNull(cldsHealthCheck);
         assertEquals("UP", cldsHealthCheck.getHealthCheckStatus());
         assertEquals("CLDS-APP", cldsHealthCheck.getHealthCheckComponent());
diff --git a/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java b/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java
index 1450af90..f61a33e3 100644
--- a/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java
+++ b/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java
@@ -35,11 +35,10 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.security.GeneralSecurityException;
 import java.security.Principal;
+import java.util.LinkedList;
+import java.util.List;
 import java.util.Properties;
 
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.SecurityContext;
-
 import org.apache.commons.codec.DecoderException;
 import org.json.JSONException;
 import org.junit.Before;
@@ -58,6 +57,14 @@ import org.skyscreamer.jsonassert.JSONAssert;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
 /**
@@ -74,6 +81,8 @@ public class CldsServiceItCase {
     private String bpmnPropText;
     @Autowired
     private CldsDao cldsDao;
+    private Authentication authentication;
+    private List<GrantedAuthority> authList =  new LinkedList<GrantedAuthority>();
 
     /**
      * Setup the variable before the tests execution.
@@ -86,14 +95,24 @@ public class CldsServiceItCase {
         bpmnText = ResourceFileUtil.getResourceAsString("example/dao/bpmn-template.xml");
         imageText = ResourceFileUtil.getResourceAsString("example/dao/image-template.xml");
         bpmnPropText = ResourceFileUtil.getResourceAsString("example/dao/bpmn-prop.json");
+
+        authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|read"));
+        authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|update"));
+        authList.add(new SimpleGrantedAuthority("permission-type-template|dev|read"));
+        authList.add(new SimpleGrantedAuthority("permission-type-template|dev|update"));
+        authList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|*"));
+        authentication =  new UsernamePasswordAuthenticationToken(new User("admin", "", authList), "", authList);
     }
 
     @Test
     public void testCldsInfoNotAuthorized() {
         SecurityContext securityContext = Mockito.mock(SecurityContext.class);
-        Principal principal = Mockito.mock(Principal.class);
-        Mockito.when(principal.getName()).thenReturn("admin");
-        Mockito.when(securityContext.getUserPrincipal()).thenReturn(principal);
+        Authentication localAuth = Mockito.mock(Authentication.class);
+        UserDetails userDetails = Mockito.mock(UserDetails.class);
+        Mockito.when(userDetails.getUsername()).thenReturn("admin");
+        Mockito.when(securityContext.getAuthentication()).thenReturn(localAuth);
+        Mockito.when(localAuth.getPrincipal()).thenReturn(userDetails);
+
         cldsService.setSecurityContext(securityContext);
         CldsInfo cldsInfo = cldsService.getCldsInfo();
         assertFalse(cldsInfo.isPermissionReadCl());
@@ -105,13 +124,8 @@ public class CldsServiceItCase {
     @Test
     public void testCldsInfoAuthorized() throws Exception {
         SecurityContext securityContext = Mockito.mock(SecurityContext.class);
-        Principal principal = Mockito.mock(Principal.class);
-        Mockito.when(principal.getName()).thenReturn("admin");
-        Mockito.when(securityContext.getUserPrincipal()).thenReturn(principal);
-        Mockito.when(securityContext.isUserInRole("permission-type-cl|dev|read")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-cl|dev|update")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-template|dev|read")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-template|dev|update")).thenReturn(true);
+        Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
+
         cldsService.setSecurityContext(securityContext);
         CldsInfo cldsInfo = cldsService.getCldsInfo();
         assertTrue(cldsInfo.isPermissionReadCl());
@@ -127,25 +141,9 @@ public class CldsServiceItCase {
     }
 
     @Test
-    public void testGetHealthCheck() {
-        Response response = cldsService.gethealthcheck();
-        CldsHealthCheck cldsHealthCheck = (CldsHealthCheck) response.getEntity();
-        assertNotNull(cldsHealthCheck);
-        assertEquals("UP", cldsHealthCheck.getHealthCheckStatus());
-        assertEquals("CLDS-APP", cldsHealthCheck.getHealthCheckComponent());
-        assertEquals("OK", cldsHealthCheck.getDescription());
-    }
-
-    @Test
     public void testPutModel() {
         SecurityContext securityContext = Mockito.mock(SecurityContext.class);
-        Principal principal = Mockito.mock(Principal.class);
-        Mockito.when(principal.getName()).thenReturn("admin");
-        Mockito.when(securityContext.getUserPrincipal()).thenReturn(principal);
-        Mockito.when(securityContext.isUserInRole("permission-type-cl|dev|read")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-cl|dev|update")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-template|dev|read")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-template|dev|update")).thenReturn(true);
+        Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
         cldsService.setSecurityContext(securityContext);
         // Add the template first
         CldsTemplate newTemplate = new CldsTemplate();
@@ -188,14 +186,8 @@ public class CldsServiceItCase {
     public void testGetSdcPropertiesByServiceUuidForRefresh()
             throws GeneralSecurityException, DecoderException, JSONException, IOException {
         SecurityContext securityContext = Mockito.mock(SecurityContext.class);
-        Principal principal = Mockito.mock(Principal.class);
-        Mockito.when(principal.getName()).thenReturn("admin");
-        Mockito.when(securityContext.getUserPrincipal()).thenReturn(principal);
-        Mockito.when(securityContext.isUserInRole("permission-type-cl|dev|read")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-cl|dev|update")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-template|dev|read")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-template|dev|update")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-filter-vf|dev|*")).thenReturn(true);
+        Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
+
         cldsService.setSecurityContext(securityContext);
         // Test basic functionalities
         String result = cldsService.getSdcPropertiesByServiceUUIDForRefresh("4cc5b45a-1f63-4194-8100-cd8e14248c92",
diff --git a/src/test/java/org/onap/clamp/clds/it/CldsTemplateServiceItCase.java b/src/test/java/org/onap/clamp/clds/it/CldsTemplateServiceItCase.java
index 040c999f..913e49a4 100644
--- a/src/test/java/org/onap/clamp/clds/it/CldsTemplateServiceItCase.java
+++ b/src/test/java/org/onap/clamp/clds/it/CldsTemplateServiceItCase.java
@@ -32,10 +32,9 @@ import com.att.eelf.configuration.EELFManager;
 
 import java.io.IOException;
 import java.security.Principal;
+import java.util.LinkedList;
 import java.util.List;
 
-import javax.ws.rs.core.SecurityContext;
-
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -48,6 +47,13 @@ import org.onap.clamp.clds.util.ResourceFileUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
 /**
@@ -66,6 +72,8 @@ public class CldsTemplateServiceItCase {
     private String imageText;
     private String bpmnPropText;
     private CldsTemplate cldsTemplate;
+    private Authentication authentication;
+    private List<GrantedAuthority> authList =  new LinkedList<GrantedAuthority>();
 
     /**
      * Setup the variable before the tests execution.
@@ -75,14 +83,17 @@ public class CldsTemplateServiceItCase {
      */
     @Before
     public void setupBefore() throws IOException {
+        authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|read"));
+        authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|update"));
+        authList.add(new SimpleGrantedAuthority("permission-type-template|dev|read"));
+        authList.add(new SimpleGrantedAuthority("permission-type-template|dev|update"));
+        authList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|*"));
+        authentication =  new UsernamePasswordAuthenticationToken(new User("admin", "", authList), "", authList);
+        
         SecurityContext securityContext = Mockito.mock(SecurityContext.class);
-        Principal principal = Mockito.mock(Principal.class);
-        Mockito.when(principal.getName()).thenReturn("admin");
-        Mockito.when(securityContext.getUserPrincipal()).thenReturn(principal);
-        Mockito.when(securityContext.isUserInRole("permission-type-cl|dev|read")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-cl|dev|update")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-template|dev|read")).thenReturn(true);
-        Mockito.when(securityContext.isUserInRole("permission-type-template|dev|update")).thenReturn(true);
+        Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
+        
+        
         cldsTemplateService.setSecurityContext(securityContext);
         bpmnText = ResourceFileUtil.getResourceAsString("example/dao/bpmn-template.xml");
         imageText = ResourceFileUtil.getResourceAsString("example/dao/image-template.xml");
diff --git a/src/test/java/org/onap/clamp/clds/it/OperationPolicyReqItCase.java b/src/test/java/org/onap/clamp/clds/it/OperationPolicyReqItCase.java
index b6f3ef42..69dad53e 100644
--- a/src/test/java/org/onap/clamp/clds/it/OperationPolicyReqItCase.java
+++ b/src/test/java/org/onap/clamp/clds/it/OperationPolicyReqItCase.java
@@ -82,6 +82,7 @@ public class OperationPolicyReqItCase {
     }
 
     private String replaceGeneratedValues(String yaml) {
+        yaml = yaml.replaceAll("Policy - created" + System.lineSeparator() + "    by CLDS", "Policy - created by CLDS");
         yaml = yaml.replaceAll("trigger_policy: (.*)", "trigger_policy: <generatedId>");
         yaml = yaml.replaceAll("id: (.*)", "id: <generatedId>");
         yaml = yaml.replaceAll("success: (.*)", "success: <generatedId>");
diff --git a/src/test/java/org/onap/clamp/clds/swagger/SwaggerConfig.java b/src/test/java/org/onap/clamp/clds/swagger/SwaggerConfig.java
deleted file mode 100644
index 96784dd6..00000000
--- a/src/test/java/org/onap/clamp/clds/swagger/SwaggerConfig.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * ONAP CLAMP
- * ================================================================================
- * Copyright (C) 2018 AT&T Intellectual Property. All rights
- *                             reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License"); 
- * you may not use this file except in compliance with the License. 
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software 
- * distributed under the License is distributed on an "AS IS" BASIS, 
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
- * See the License for the specific language governing permissions and 
- * limitations under the License.
- * ============LICENSE_END============================================
- * ===================================================================
- */
-
-package org.onap.clamp.clds.swagger;
-
-import org.springframework.context.annotation.Configuration;
-
-import springfox.documentation.builders.ApiInfoBuilder;
-import springfox.documentation.service.ApiInfo;
-import springfox.documentation.swagger2.annotations.EnableSwagger2;
-
-@EnableSwagger2
-@Configuration
-public class SwaggerConfig {
-
-    private ApiInfo apiInfo() {
-        return new ApiInfoBuilder().title("Clamp").description("Clamp API Description").license("Apache 2.0")
-                .licenseUrl("http://www.apache.org/licenses/LICENSE-2.0").build();
-    }
-}
diff --git a/src/test/java/org/onap/clamp/clds/swagger/SwaggerGenerationTest.java b/src/test/java/org/onap/clamp/clds/swagger/SwaggerGenerationTest.java
deleted file mode 100644
index 363d12d4..00000000
--- a/src/test/java/org/onap/clamp/clds/swagger/SwaggerGenerationTest.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * ONAP CLAMP
- * ================================================================================
- * Copyright (C) 2018 AT&T Intellectual Property. All rights
- *                             reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License"); 
- * you may not use this file except in compliance with the License. 
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software 
- * distributed under the License is distributed on an "AS IS" BASIS, 
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
- * See the License for the specific language governing permissions and 
- * limitations under the License.
- * ============LICENSE_END============================================
- * ===================================================================
- */
-
-package org.onap.clamp.clds.swagger;
-
-import java.nio.file.Path;
-import java.nio.file.Paths;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.onap.clamp.clds.Application;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-
-import io.github.swagger2markup.Swagger2MarkupConverter;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@SpringBootTest(classes = {
-        Application.class, SwaggerConfig.class
-})
-public class SwaggerGenerationTest {
-
-    @Test
-    public void convertRemoteSwaggerToAsciiDoc() {
-        Path localSwaggerFile = Paths.get("docs/swagger/swagger.json");
-        Swagger2MarkupConverter.from(localSwaggerFile).build();
-    }
-}
author	xg353y <xg353y@intl.att.com>	2018-07-23 16:02:28 +0200
committer	xg353y <xg353y@intl.att.com>	2018-07-26 16:06:10 +0200
commit	054f1d1e13b4a7f0dc3a84d4c282019a3c528043 (patch)
tree	c20b0cb0915f678653288487c6ad8f4d5497144b /src/test
parent	b0ff445fb7b53db882997ec0fd0e843b5c92a413 (diff)