From 00cc27b0fa1346435c7685300286f1adc98b69fb Mon Sep 17 00:00:00 2001
From: efiacor <fiachra.corcoran@est.tech>
Date: Wed, 17 Jul 2019 12:44:17 +0000
Subject: Authz unit test and code cleanup

Change-Id: I5c6a099ca4e6479df37505aa6bc645d8a26a42e1
Issue-ID: DMAAP-1226
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
---
 .../dmaap/datarouter/authz/impl/ProvAuthTest.java  | 134 +++++++++++++++++++++
 1 file changed, 134 insertions(+)
 create mode 100644 datarouter-prov/src/test/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthTest.java

(limited to 'datarouter-prov/src/test/java/org')

diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthTest.java
new file mode 100644
index 00000000..7de4ea91
--- /dev/null
+++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthTest.java
@@ -0,0 +1,134 @@
+/*-
+ * ============LICENSE_START=======================================================
+ *  Copyright (C) 2019 Nordix Foundation.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dmaap.datarouter.authz.impl;
+
+import static org.mockito.Mockito.when;
+
+import javax.persistence.EntityManager;
+import javax.persistence.EntityManagerFactory;
+import javax.persistence.Persistence;
+import javax.servlet.http.HttpServletRequest;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
+import org.onap.dmaap.datarouter.authz.impl.ProvAuthorizer;
+import org.onap.dmaap.datarouter.provisioning.StatisticsServlet;
+import org.onap.dmaap.datarouter.provisioning.utils.DB;
+import org.powermock.modules.junit4.PowerMockRunner;
+
+@RunWith(PowerMockRunner.class)
+public class ProvAuthTest {
+
+    @Mock
+    private HttpServletRequest request;
+
+    @Mock
+    private StatisticsServlet statisticsServlet;
+
+    private ProvAuthorizer provAuthorizer;
+
+    private static EntityManagerFactory emf;
+    private static EntityManager em;
+    private DB db;
+
+    @BeforeClass
+    public static void init() {
+        emf = Persistence.createEntityManagerFactory("dr-unit-tests");
+        em = emf.createEntityManager();
+        System.setProperty(
+                "org.onap.dmaap.datarouter.provserver.properties",
+                "src/test/resources/h2Database.properties");
+    }
+
+    @AfterClass
+    public static void tearDownClass() {
+        em.clear();
+        em.close();
+        emf.close();
+    }
+
+    @Before
+    public void setUp() throws Exception {
+        db = new DB();
+        provAuthorizer = new ProvAuthorizer(statisticsServlet);
+    }
+
+    @Test
+    public void Validate_Prov_Auth_Check_Feed_Access() {
+        when(statisticsServlet.getFeedOwner(Mockito.anyString())).thenReturn("dr-admin");
+        when(statisticsServlet.getGroupByFeedGroupId(Mockito.anyString(), Mockito.anyString())).thenReturn("stub_auth_id");
+        when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF")).thenReturn("dr-admin");
+        when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_auth_id");
+        when(request.getMethod()).thenReturn("PUT");
+        when(request.getRequestURI()).thenReturn("http://the-request-uri:443/feed/1?1");
+        AuthorizationResponse authResp;
+        authResp = provAuthorizer.decide(request);
+        Assert.assertTrue(authResp.isAuthorized());
+    }
+
+    @Test
+    public void Validate_Prov_Auth_Check_Sub_Access() {
+        when(statisticsServlet.getSubscriptionOwner(Mockito.anyString())).thenReturn("dr-admin");
+        when(statisticsServlet.getGroupBySubGroupId(Mockito.anyString(), Mockito.anyString())).thenReturn("stub_auth_id");
+        when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF")).thenReturn("dr-admin");
+        when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_auth_id");
+        when(request.getMethod()).thenReturn("PUT");
+        when(request.getRequestURI()).thenReturn("http://the-request-uri:443/subs/1?1");
+        AuthorizationResponse authResp;
+        authResp = provAuthorizer.decide(request);
+        Assert.assertTrue(authResp.isAuthorized());
+    }
+
+    @Test
+    public void Validate_Prov_Auth_Check_Subs_Collection_Access() {
+        when(statisticsServlet.getSubscriptionOwner(Mockito.anyString())).thenReturn("dr-admin");
+        when(statisticsServlet.getGroupBySubGroupId(Mockito.anyString(), Mockito.anyString())).thenReturn("stub_auth_id");
+        when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF")).thenReturn("dr-admin");
+        when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_auth_id");
+        when(request.getMethod()).thenReturn("POST");
+        when(request.getRequestURI()).thenReturn("http://the-request-uri:443/subscribe/1?1");
+        AuthorizationResponse authResp;
+        authResp = provAuthorizer.decide(request);
+        Assert.assertTrue(authResp.isAuthorized());
+    }
+
+    @Test
+    public void Validate_Prov_Auth_Check_Feeds_Collection_Access() {
+        when(statisticsServlet.getFeedOwner(Mockito.anyString())).thenReturn("dr-admin");
+        when(statisticsServlet.getGroupByFeedGroupId(Mockito.anyString(), Mockito.anyString())).thenReturn("stub_auth_id");
+        when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF")).thenReturn("dr-admin");
+        when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_auth_id");
+        when(request.getMethod()).thenReturn("POST");
+        when(request.getRequestURI()).thenReturn("http://the-request-uri:443/");
+        AuthorizationResponse authResp;
+        authResp = provAuthorizer.decide(request);
+        Assert.assertTrue(authResp.isAuthorized());
+        Assert.assertNull(authResp.getAdvice());
+        Assert.assertNull(authResp.getObligations());
+    }
+
+}
-- 
cgit 1.2.3-korg