diff options
Diffstat (limited to 'src/test/java')
6 files changed, 60 insertions, 467 deletions
diff --git a/src/test/java/org/onap/clamp/clds/config/CldsUserJsonDecoderTest.java b/src/test/java/org/onap/clamp/clds/config/CldsUserJsonDecoderTest.java index a9480421..5a129221 100644 --- a/src/test/java/org/onap/clamp/clds/config/CldsUserJsonDecoderTest.java +++ b/src/test/java/org/onap/clamp/clds/config/CldsUserJsonDecoderTest.java @@ -26,11 +26,11 @@ package org.onap.clamp.clds.config; -import static org.assertj.core.api.Assertions.assertThat; - import org.junit.Test; +import org.onap.clamp.authorization.CldsUser; import org.onap.clamp.clds.exception.CldsUsersException; -import org.onap.clamp.clds.service.CldsUser; + +import static org.assertj.core.api.Assertions.assertThat; public class CldsUserJsonDecoderTest { diff --git a/src/test/java/org/onap/clamp/clds/it/AuthorizationControllerItCase.java b/src/test/java/org/onap/clamp/clds/it/AuthorizationControllerItCase.java index 49f17364..3406042c 100644 --- a/src/test/java/org/onap/clamp/clds/it/AuthorizationControllerItCase.java +++ b/src/test/java/org/onap/clamp/clds/it/AuthorizationControllerItCase.java @@ -25,27 +25,27 @@ package org.onap.clamp.clds.it; +import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; - -import java.util.List; +import java.util.Arrays; +import java.util.Collection; import org.apache.camel.Exchange; -import org.junit.Before; +import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mockito; import org.onap.clamp.authorization.AuthorizationController; +import org.onap.clamp.authorization.SecureServicePermission; import org.onap.clamp.clds.exception.NotAuthorizedException; -import org.onap.clamp.clds.service.SecureServicePermission; -import org.onap.clamp.util.PrincipalUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContext; -import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.test.context.junit4.SpringRunner; /** @@ -53,33 +53,67 @@ import org.springframework.test.context.junit4.SpringRunner; * and stored procedures. */ @RunWith(SpringRunner.class) -@SpringBootTest +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) public class AuthorizationControllerItCase { - private PermissionTestDefaultHelper permissionTestHelper = new PermissionTestDefaultHelper(); - - // @Spy - // MockEnvironment env; - @Autowired private AuthorizationController auth; + private static SecurityContext sc = SecurityContextHolder.getContext(); + /** * Setup the variable before the tests execution. */ - @Before - public void setupBefore() { - // permissionTestHelper.setupMockEnv(env); - List<GrantedAuthority> authList = permissionTestHelper.getAuthList(); - - SecurityContext securityContext = Mockito.mock(SecurityContext.class); - Mockito.when(securityContext.getAuthentication()) - .thenReturn(new UsernamePasswordAuthenticationToken(new User("admin", "", authList), "", authList)); - PrincipalUtils.setSecurityContext(securityContext); + @BeforeClass + public static void setupBefore() { + + sc.setAuthentication(new Authentication() { + @Override + public Collection<? extends GrantedAuthority> getAuthorities() { + return Arrays.asList(new SimpleGrantedAuthority( + new SecureServicePermission("permission-type-cl", "dev", "read").getKey()), + new SimpleGrantedAuthority(new SecureServicePermission("permission-type-cl-manage", "dev", + "DEPLOY").getKey()), + new SimpleGrantedAuthority(new SecureServicePermission("permission-type-filter-vf", "dev", + "12345-55555-55555-5555").getKey())); + } + + @Override + public Object getCredentials() { + return null; + } + + @Override + public Object getDetails() { + return null; + } + + @Override + public Object getPrincipal() { + return "admin"; + } + + @Override + public boolean isAuthenticated() { + return true; + } + + @Override + public void setAuthenticated(boolean authenticatedFlag) throws IllegalArgumentException { + + } + + @Override + public String getName() { + return "admin"; + } + }); + } @Test public void testIsUserPermitted() { + assertEquals(AuthorizationController.getPrincipalName(sc),"admin"); assertTrue(auth.isUserPermitted(new SecureServicePermission("permission-type-cl", "dev", "read"))); assertTrue(auth.isUserPermitted(new SecureServicePermission("permission-type-cl-manage", "dev", "DEPLOY"))); assertTrue(auth.isUserPermitted( @@ -87,17 +121,6 @@ public class AuthorizationControllerItCase { assertFalse(auth.isUserPermitted(new SecureServicePermission("permission-type-cl", "test", "read"))); } - @Test - public void testIfUserAuthorize() { - Exchange ex = Mockito.mock(Exchange.class); - try { - permissionTestHelper - .doActionOnAllPermissions(((type, instance, action) -> auth.authorize(ex, type, instance, action))); - } catch (NotAuthorizedException e) { - fail(e.getMessage()); - } - } - @Test(expected = NotAuthorizedException.class) public void testIfAuthorizeThrowException() { Exchange ex = Mockito.mock(Exchange.class); diff --git a/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java b/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java deleted file mode 100644 index 40cc0650..00000000 --- a/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java +++ /dev/null @@ -1,240 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP CLAMP - * ================================================================================ - * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights - * reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END============================================ - * =================================================================== - * - */ - -package org.onap.clamp.clds.it; - -import static org.assertj.core.api.Assertions.assertThat; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertTrue; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; - -import java.io.IOException; -import java.io.InputStream; -import java.util.LinkedList; -import java.util.List; -import java.util.Properties; - -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.NotAuthorizedException; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.Matchers; -import org.mockito.Mockito; -import org.onap.clamp.clds.model.CldsInfo; -import org.onap.clamp.clds.service.CldsService; -import org.onap.clamp.clds.util.LoggingUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.test.context.SpringBootTest.WebEnvironment; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.context.SecurityContext; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -/** - * Test HTTP and HTTPS settings + redirection of HTTP to HTTPS. - */ -@RunWith(SpringJUnit4ClassRunner.class) -@SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) -public class CldsServiceItCase { - - @Autowired - private CldsService cldsService; - - private LoggingUtils util; - private SecurityContext securityContext = mock(SecurityContext.class); - private Authentication auth = Mockito.mock(Authentication.class); - private UserDetails userDetails = Mockito.mock(UserDetails.class); - private List<GrantedAuthority> authorityList = new LinkedList<GrantedAuthority>(); - /** - * Setup the variable before the tests execution. - * - * @throws IOException In case of issues when opening the files - */ - @Before - public void setupBefore() throws IOException { - util = Mockito.mock(LoggingUtils.class); - Mockito.doNothing().when(util).entering(Matchers.any(HttpServletRequest.class), Matchers.any(String.class)); - cldsService.setLoggingUtil(util); - - } - - @Test - public void testCldsInfoNotAuthorized() { - Mockito.when(userDetails.getUsername()).thenReturn("admin"); - Mockito.when(securityContext.getAuthentication()).thenReturn(auth); - Mockito.when(auth.getPrincipal()).thenReturn(userDetails); - - cldsService.setSecurityContext(securityContext); - CldsInfo cldsInfo = cldsService.getCldsInfo(); - assertFalse(cldsInfo.isPermissionReadCl()); - assertFalse(cldsInfo.isPermissionReadTemplate()); - assertFalse(cldsInfo.isPermissionUpdateCl()); - assertFalse(cldsInfo.isPermissionUpdateTemplate()); - } - - @Test - public void testCldsInfoAuthorized() throws Exception { - List<GrantedAuthority> authList = new LinkedList<GrantedAuthority>(); - authList.add(new SimpleGrantedAuthority("permission-type-cl-manage|dev|*")); - authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|read")); - authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|update")); - authList.add(new SimpleGrantedAuthority("permission-type-template|dev|read")); - authList.add(new SimpleGrantedAuthority("permission-type-template|dev|update")); - authList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|*")); - authList.add(new SimpleGrantedAuthority("permission-type-cl-event|dev|*")); - Authentication authentication; - authentication = new UsernamePasswordAuthenticationToken(new User("admin", "", authList), "", authList); - - Mockito.when(securityContext.getAuthentication()).thenReturn(authentication); - - cldsService.setSecurityContext(securityContext); - CldsInfo cldsInfo = cldsService.getCldsInfo(); - assertTrue(cldsInfo.isPermissionReadCl()); - assertTrue(cldsInfo.isPermissionReadTemplate()); - assertTrue(cldsInfo.isPermissionUpdateCl()); - assertTrue(cldsInfo.isPermissionUpdateTemplate()); - Properties prop = new Properties(); - InputStream in = Thread.currentThread().getContextClassLoader().getResourceAsStream("clds-version.properties"); - prop.load(in); - assertNotNull(in); - in.close(); - assertEquals(cldsInfo.getCldsVersion(), prop.getProperty("clds.version")); - assertEquals(cldsInfo.getUserName(), "admin"); - } - - @Test(expected = NotAuthorizedException.class) - public void isAuthorizedForVfTestNotAuthorized1() throws Exception { - when(userDetails.getUsername()).thenReturn("testName"); - when(auth.getPrincipal()).thenReturn(userDetails); - when(securityContext.getAuthentication()).thenReturn(auth); - cldsService.setSecurityContext(securityContext); - boolean res = cldsService.isAuthorizedForVf("testId"); - assertThat(res).isTrue(); - } - - @Test(expected = NotAuthorizedException.class) - public void isAuthorizedForVfTestNotAuthorized2() throws Exception { - when(userDetails.getUsername()).thenReturn("testName"); - when(auth.getPrincipal()).thenReturn(userDetails); - authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|prod|*")); - when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList); - when(securityContext.getAuthentication()).thenReturn(auth); - cldsService.setSecurityContext(securityContext); - boolean res = cldsService.isAuthorizedForVf("testId"); - assertThat(res).isTrue(); - } - - @Test(expected = NotAuthorizedException.class) - public void isAuthorizedForVfTestNotAuthorized3() throws Exception { - when(userDetails.getUsername()).thenReturn("testName"); - when(auth.getPrincipal()).thenReturn(userDetails); - authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|testId2")); - when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList); - when(securityContext.getAuthentication()).thenReturn(auth); - cldsService.setSecurityContext(securityContext); - boolean res = cldsService.isAuthorizedForVf("testId"); - assertThat(res).isTrue(); - } - - @Test(expected = NullPointerException.class) - public void isAuthorizedForVfTestNotAuthorized4() throws Exception { - when(userDetails.getUsername()).thenReturn("testName"); - when(auth.getPrincipal()).thenReturn(userDetails); - when(securityContext.getAuthentication()).thenReturn(null); - cldsService.setSecurityContext(securityContext); - boolean res = cldsService.isAuthorizedForVf("testId"); - assertThat(res).isTrue(); - } - - @Test - public void isAuthorizedForVfTest1() throws Exception { - when(userDetails.getUsername()).thenReturn("testName"); - when(auth.getPrincipal()).thenReturn(userDetails); - authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|*|*")); - when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList); - when(securityContext.getAuthentication()).thenReturn(auth); - - cldsService.setSecurityContext(securityContext); - boolean res = cldsService.isAuthorizedForVf("testId"); - assertThat(res).isTrue(); - } - - @Test - public void isAuthorizedForVfTest2() throws Exception { - when(userDetails.getUsername()).thenReturn("testName"); - when(auth.getPrincipal()).thenReturn(userDetails); - authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|*")); - when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList); - when(securityContext.getAuthentication()).thenReturn(auth); - - cldsService.setSecurityContext(securityContext); - boolean res = cldsService.isAuthorizedForVf("testId"); - assertThat(res).isTrue(); - } - - @Test - public void isAuthorizedForVfTest3() throws Exception { - when(userDetails.getUsername()).thenReturn("testName"); - when(auth.getPrincipal()).thenReturn(userDetails); - authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|testId")); - when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList); - when(securityContext.getAuthentication()).thenReturn(auth); - - cldsService.setSecurityContext(securityContext); - boolean res = cldsService.isAuthorizedForVf("testId"); - assertThat(res).isTrue(); - } - - @Test - public void isAuthorizedForVfTest4() throws Exception { - when(userDetails.getUsername()).thenReturn("testName"); - when(auth.getPrincipal()).thenReturn(userDetails); - authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|*|testId")); - when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList); - when(securityContext.getAuthentication()).thenReturn(auth); - - cldsService.setSecurityContext(securityContext); - boolean res = cldsService.isAuthorizedForVf("testId"); - assertThat(res).isTrue(); - } - - @Test - public void getUserIdTest() throws Exception { - when(userDetails.getUsername()).thenReturn("testName"); - when(auth.getPrincipal()).thenReturn(userDetails); - when(securityContext.getAuthentication()).thenReturn(auth); - - cldsService.setSecurityContext(securityContext); - assertThat(cldsService.getUserId()).isEqualTo("testName"); - } -} diff --git a/src/test/java/org/onap/clamp/clds/it/PermissionTestDefaultHelper.java b/src/test/java/org/onap/clamp/clds/it/PermissionTestDefaultHelper.java deleted file mode 100644 index 1830115f..00000000 --- a/src/test/java/org/onap/clamp/clds/it/PermissionTestDefaultHelper.java +++ /dev/null @@ -1,51 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP CLAMP - * ================================================================================ - * Copyright (C) 2019 Samsung. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END============================================ - * =================================================================== - * - */ - -package org.onap.clamp.clds.it; - -import com.google.common.collect.ImmutableMap; - -import java.util.Map; - -public class PermissionTestDefaultHelper extends PermissionTestHelper { - - private static final String[] ALL_ACTION = new String[] { "*" }; - private static final String[] READ_UPDATE_ACTION = new String[] { "read", "update" }; - - private static final String DEV_INSTANCE = "dev"; - private static final String TEST_INSTANCE = "test"; - - private static final Map<String, Map<?, ?>> defaultPermission = ImmutableMap.of("permission-type-cl", - ImmutableMap.of(DEV_INSTANCE, ALL_ACTION), "permission-type-cl-event", - ImmutableMap.of(DEV_INSTANCE, ALL_ACTION, TEST_INSTANCE, READ_UPDATE_ACTION), "permission-type-cl-manage", - ImmutableMap.of(DEV_INSTANCE, ALL_ACTION, TEST_INSTANCE, READ_UPDATE_ACTION), "permission-type-filter-vf", - ImmutableMap.of(DEV_INSTANCE, ALL_ACTION, TEST_INSTANCE, READ_UPDATE_ACTION), "permission-type-template", - ImmutableMap.of(DEV_INSTANCE, ALL_ACTION, TEST_INSTANCE, READ_UPDATE_ACTION)); - - /** - * Permission test default helper constructor. This class setup the default - * permission in the parent PermissionTestHelper class. - */ - public PermissionTestDefaultHelper() { - super(defaultPermission); - } -} diff --git a/src/test/java/org/onap/clamp/clds/it/PermissionTestHelper.java b/src/test/java/org/onap/clamp/clds/it/PermissionTestHelper.java deleted file mode 100644 index 905b7f70..00000000 --- a/src/test/java/org/onap/clamp/clds/it/PermissionTestHelper.java +++ /dev/null @@ -1,79 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP CLAMP - * ================================================================================ - * Copyright (C) 2019 Samsung. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END============================================ - * =================================================================== - * - */ - -package org.onap.clamp.clds.it; - -import static org.onap.clamp.authorization.AuthorizationController.PERM_PREFIX; -import static org.onap.clamp.clds.config.ClampProperties.CONFIG_PREFIX; - -import java.util.LinkedList; -import java.util.List; -import java.util.Map; - -import org.springframework.mock.env.MockEnvironment; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; - -public class PermissionTestHelper { - - private static final String securityPrefix = CONFIG_PREFIX + PERM_PREFIX; - private final Map<String, Map<?, ?>> permission; - private static final List<GrantedAuthority> authList = new LinkedList<>(); - - /** - * Permission Test Helper constructor. Generate authList base on general - * permission collection. - */ - public PermissionTestHelper(Map<String, Map<?, ?>> permission) { - this.permission = permission; - this.createAuthList(); - } - - private void createAuthList() { - permission.forEach((type, instanceMap) -> instanceMap.forEach((instance, actionList) -> { - for (String action : (String[]) actionList) { - authList.add(new SimpleGrantedAuthority(type + "|" + instance + "|" + action)); - } - })); - } - - List<GrantedAuthority> getAuthList() { - return authList; - } - - void setupMockEnv(MockEnvironment env) { - permission.forEach((type, instanceMap) -> env.withProperty(securityPrefix + type, type)); - } - - void doActionOnAllPermissions(PermissionAction action) { - permission.forEach((type, instanceMap) -> instanceMap.forEach((instance, actionList) -> { - for (String actionName : (String[]) actionList) { - action.doAction(type, (String) instance, actionName); - } - })); - } - - @FunctionalInterface - public interface PermissionAction { - void doAction(String type, String instance, String action); - } -} diff --git a/src/test/java/org/onap/clamp/clds/service/CldsInfoProviderTest.java b/src/test/java/org/onap/clamp/clds/service/CldsInfoProviderTest.java deleted file mode 100644 index fa898c7a..00000000 --- a/src/test/java/org/onap/clamp/clds/service/CldsInfoProviderTest.java +++ /dev/null @@ -1,60 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP CLAMP - * ================================================================================ - * Copyright (C) 2018 Nokia Intellectual Property. All rights - * reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END============================================ - * =================================================================== - * - */ - -package org.onap.clamp.clds.service; - -import static org.assertj.core.api.Assertions.assertThat; -import static org.mockito.Matchers.any; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; - -import org.junit.Test; -import org.onap.clamp.clds.model.CldsInfo; - - -public class CldsInfoProviderTest { - - private static final String TEST_USERNAME = "TEST_USERNAME"; - - @Test - public void shouldProvideCldsInfoFromContext() throws Exception { - - // given - CldsService serviceBase = mock(CldsService.class); - when(serviceBase.getUserName()).thenReturn(TEST_USERNAME); - when(serviceBase.isAuthorizedNoException(any())).thenReturn(true); - CldsInfoProvider cldsInfoProvider = new CldsInfoProvider(serviceBase); - - // when - CldsInfo cldsInfo = cldsInfoProvider.getCldsInfo(); - - // then - assertThat(cldsInfo.getUserName()).isEqualTo(TEST_USERNAME); - assertThat(cldsInfo.isPermissionReadCl()).isTrue(); - assertThat(cldsInfo.isPermissionReadTemplate()).isTrue(); - assertThat(cldsInfo.isPermissionUpdateCl()).isTrue(); - assertThat(cldsInfo.isPermissionUpdateTemplate()).isTrue(); - assertThat(cldsInfo.isPermissionReadTosca()).isTrue(); - assertThat(cldsInfo.isPermissionUpdateTosca()).isTrue(); - } -}
\ No newline at end of file |