From 5775de7b0fc84a29511dc4a1a480c3ab32da2ade Mon Sep 17 00:00:00 2001 From: efiacor Date: Tue, 26 Mar 2019 14:29:01 +0000 Subject: DR AAF CADI integration Change-Id: I01548882f813e4029dddf7ddee2af12472163761 Issue-ID: DMAAP-1016 Signed-off-by: efiacor --- .../provisioning/DRFeedsServletTest.java | 247 ++++++++++++------- .../datarouter/provisioning/DrServletTestBase.java | 11 +- .../datarouter/provisioning/FeedServletTest.java | 128 +++++++--- .../provisioning/SubscribeServletTest.java | 219 ++++++++++++----- .../provisioning/SubscriptionServletTest.java | 137 +++++++++-- .../provisioning/utils/DRProvCadiFilterTest.java | 269 +++++++++++++++++++++ datarouter-prov/src/test/resources/create.sql | 41 +++- .../src/test/resources/h2Database.properties | 3 +- 8 files changed, 828 insertions(+), 227 deletions(-) create mode 100644 datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilterTest.java (limited to 'datarouter-prov/src/test') diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServletTest.java index a8f9c56a..e2a2bc21 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServletTest.java @@ -22,59 +22,75 @@ ******************************************************************************/ package org.onap.dmaap.datarouter.provisioning; -import static org.hamcrest.Matchers.notNullValue; -import static org.mockito.Mockito.anyInt; -import static org.mockito.Mockito.anyString; -import static org.mockito.Mockito.argThat; -import static org.mockito.Mockito.eq; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; -import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; - -import java.util.HashSet; -import java.util.Set; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; import org.apache.commons.lang3.reflect.FieldUtils; import org.jetbrains.annotations.NotNull; import org.json.JSONArray; import org.json.JSONObject; +import org.junit.AfterClass; import org.junit.Before; +import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; import org.onap.dmaap.datarouter.authz.AuthorizationResponse; import org.onap.dmaap.datarouter.authz.Authorizer; -import org.onap.dmaap.datarouter.provisioning.beans.Feed; import org.onap.dmaap.datarouter.provisioning.beans.Insertable; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor; +import org.onap.dmaap.datarouter.provisioning.utils.DB; import org.powermock.modules.junit4.PowerMockRunner; +import javax.persistence.EntityManager; +import javax.persistence.EntityManagerFactory; +import javax.persistence.Persistence; +import javax.servlet.ServletOutputStream; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.util.HashSet; +import java.util.Set; + +import static org.hamcrest.Matchers.notNullValue; +import static org.mockito.Mockito.*; +import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; + @RunWith(PowerMockRunner.class) -@SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Feed") public class DRFeedsServletTest extends DrServletTestBase { private static DRFeedsServlet drfeedsServlet; + private static EntityManagerFactory emf; + private static EntityManager em; + private DB db; @Mock private HttpServletRequest request; @Mock private HttpServletResponse response; - ListAppender listAppender; + private ListAppender listAppender; + + @BeforeClass + public static void init() { + emf = Persistence.createEntityManagerFactory("dr-unit-tests"); + em = emf.createEntityManager(); + System.setProperty( + "org.onap.dmaap.datarouter.provserver.properties", + "src/test/resources/h2Database.properties"); + } + + @AfterClass + public static void tearDownClass() { + em.clear(); + em.close(); + emf.close(); + } @Before public void setUp() throws Exception { - super.setUp(); listAppender = setTestLogger(DRFeedsServlet.class); drfeedsServlet = new DRFeedsServlet(); + db = new DB(); setAuthoriserToReturnRequestIsAuthorized(); setPokerToNotCreateTimersWhenDeleteFeedIsCalled(); setupValidAuthorisedRequest(); @@ -137,14 +153,11 @@ public class DRFeedsServletTest extends DrServletTestBase { public void Given_Request_Is_HTTP_GET_And_Request_Succeeds_With_Valid_Name_And_Version() throws Exception { ServletOutputStream outStream = mock(ServletOutputStream.class); when(response.getOutputStream()).thenReturn(outStream); - when(request.getParameter("name")).thenReturn("stub_name"); - when(request.getParameter("version")).thenReturn("stub_version"); - PowerMockito.mockStatic(Feed.class); - Feed feed = mock(Feed.class); - PowerMockito.when(Feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(feed); - when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class)); + when(request.getParameter("name")).thenReturn("Feed1"); + when(request.getParameter("version")).thenReturn("v0.1"); drfeedsServlet.doGet(request, response); verify(response).setStatus(eq(HttpServletResponse.SC_OK)); + verify(response).setContentType(BaseServlet.FEEDFULL_CONTENT_TYPE); verifyEnteringExitCalled(listAppender); } @@ -205,54 +218,70 @@ public class DRFeedsServletTest extends DrServletTestBase { } @Test - public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() + public void Given_Request_Is_HTTP_POST_And_CadiEnabled_Is_True_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception { setAuthoriserToReturnRequestNotAuthorized(); + FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isCadiEnabled", "true", true); + when(request.getHeader(DRFeedsServlet.EXCLUDE_AAF_HEADER)).thenReturn("true"); + JSONObject JSObject = buildRequestJsonObject(); + DRFeedsServlet drfeedsServlet = new DRFeedsServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "not_stub_name"); + jo.put("version", "1.0"); + jo.put("authorization", JSObject); + jo.put("aaf_instance", "legacy"); + return jo; + } + }; drfeedsServlet.doPost(request, response); verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class))); } @Test - public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() - throws Exception { - drfeedsServlet.doPost(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); - } - - @Test - public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated() - throws Exception { - FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxFeeds", 0, true); + public void Given_Request_Is_HTTP_POST_And_CadiEnabled_Is_False_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() + throws Exception { + setAuthoriserToReturnRequestNotAuthorized(); + FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isCadiEnabled", "false", true); + when(request.getHeader(DRFeedsServlet.EXCLUDE_AAF_HEADER)).thenReturn("true"); + JSONObject JSObject = buildRequestJsonObject(); DRFeedsServlet drfeedsServlet = new DRFeedsServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { - return new JSONObject(); + JSONObject jo = new JSONObject(); + jo.put("name", "not_stub_name"); + jo.put("version", "1.0"); + jo.put("authorization", JSObject); + jo.put("aaf_instance", "legacy"); + return jo; } }; drfeedsServlet.doPost(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class))); } @Test - public void Given_Request_Is_HTTP_POST_And_Feed_Is_Not_Valid_Object_Bad_Request_Response_Is_Generated() - throws Exception { - when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn(null); + public void Given_Request_Is_HTTP_POST_And_AAF_DRFeed_And_Exclude_AAF_Is_True_Then_Forbidden_Response_Is_Generated() throws Exception { + when(request.getHeader(DRFeedsServlet.EXCLUDE_AAF_HEADER)).thenReturn("true"); + FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isCadiEnabled", "true", true); JSONObject JSObject = buildRequestJsonObject(); - DRFeedsServlet drfeedsServlet = new DRFeedsServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { JSONObject jo = new JSONObject(); + jo.put("name", "not_stub_name"); + jo.put("version", "1.0"); + jo.put("authorization", JSObject); + jo.put("aaf_instance", "https://aaf-onap-test.osaaf.org:8095"); return jo; } }; - drfeedsServlet.doPost(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("Invalid request exclude_AAF")); } @Test - public void Given_Request_Is_HTTP_POST_And_Feed_Already_Exists_Bad_Request_Response_Is_Generated() - throws Exception { - setFeedToReturnInvalidFeedIdSupplied(); + public void Given_Request_Is_HTTP_POST_And_AAF_DRFeed_And_Exclude_AAF_Is_False_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception { + when(request.getHeader(DRFeedsServlet.EXCLUDE_AAF_HEADER)).thenReturn("false"); + FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isCadiEnabled", "true", true); JSONObject JSObject = buildRequestJsonObject(); DRFeedsServlet drfeedsServlet = new DRFeedsServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { @@ -260,59 +289,119 @@ public class DRFeedsServletTest extends DrServletTestBase { jo.put("name", "not_stub_name"); jo.put("version", "1.0"); jo.put("authorization", JSObject); + jo.put("aaf_instance", "*"); return jo; } }; drfeedsServlet.doPost(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access to permission")); } @Test - public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception { + public void Given_Request_Is_HTTP_POST_And_AAF_DRFeed_And_Exclude_AAF_Is_False_With_Permissions_Then_Created_OK_Response_Is_Generated() throws Exception { + FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isCadiEnabled", "true", true); + ServletOutputStream outStream = mock(ServletOutputStream.class); + when(response.getOutputStream()).thenReturn(outStream); + when(request.getHeader(DRFeedsServlet.EXCLUDE_AAF_HEADER)).thenReturn("false"); JSONObject JSObject = buildRequestJsonObject(); + when(request.isUserInRole("org.onap.dmaap-dr.feed|*|create")).thenReturn(true); DRFeedsServlet drfeedsServlet = new DRFeedsServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { JSONObject jo = new JSONObject(); - jo.put("name", "stub_name"); - jo.put("version", "2.0"); + jo.put("name", "not_stub_name"); + jo.put("version", "1.0"); jo.put("authorization", JSObject); + jo.put("aaf_instance", "*"); return jo; } @Override protected boolean doInsert(Insertable bean) { - return false; + return true; } }; drfeedsServlet.doPost(request, response); - verify(response) - .sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class))); + verify(response).setStatus(eq(HttpServletResponse.SC_CREATED)); + verifyEnteringExitCalled(listAppender); } + @Test + public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() + throws Exception { + drfeedsServlet.doPost(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + } @Test - public void Given_Request_Is_HTTP_POST_And_Change_On_Feeds_Succeeds_A_STATUS_OK_Response_Is_Generated() + public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated() throws Exception { - ServletOutputStream outStream = mock(ServletOutputStream.class); - when(response.getOutputStream()).thenReturn(outStream); + FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxFeeds", 0, true); + DRFeedsServlet drfeedsServlet = new DRFeedsServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + return new JSONObject(); + } + }; + drfeedsServlet.doPost(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), argThat(notNullValue(String.class))); + } + + @Test + public void Given_Request_Is_HTTP_POST_And_Feed_Is_Not_Valid_Object_Bad_Request_Response_Is_Generated() + throws Exception { + DRFeedsServlet drfeedsServlet = new DRFeedsServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + return new JSONObject(); + } + }; + + drfeedsServlet.doPost(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + } + + @Test + public void Given_Request_Is_HTTP_POST_And_Feed_Already_Exists_Bad_Request_Response_Is_Generated() + throws Exception { + when(request.getParameter("name")).thenReturn("AafFeed"); + when(request.getParameter("version")).thenReturn("v0.1"); + when(request.getHeader(DRFeedsServlet.EXCLUDE_AAF_HEADER)).thenReturn("false"); + when(request.isUserInRole("org.onap.dmaap-dr.feed|*|create")).thenReturn(true); JSONObject JSObject = buildRequestJsonObject(); + DRFeedsServlet drfeedsServlet = new DRFeedsServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "AafFeed"); + jo.put("version", "v0.1"); + jo.put("authorization", JSObject); + jo.put("aaf_instance", "*"); + return jo; + } + }; + drfeedsServlet.doPost(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("This feed already exists in the database")); + } + + @Test + public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception { + JSONObject JSObject = buildRequestJsonObject(); + when(request.getHeader(DRFeedsServlet.EXCLUDE_AAF_HEADER)).thenReturn("true"); DRFeedsServlet drfeedsServlet = new DRFeedsServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { JSONObject jo = new JSONObject(); jo.put("name", "stub_name"); - jo.put("version", "1.0"); + jo.put("version", "2.0"); jo.put("authorization", JSObject); + jo.put("aaf_instance", "legacy"); return jo; } @Override protected boolean doInsert(Insertable bean) { - return true; + return false; } }; drfeedsServlet.doPost(request, response); - verify(response).setStatus(eq(HttpServletResponse.SC_CREATED)); - verifyEnteringExitCalled(listAppender); + verify(response) + .sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class))); } @NotNull @@ -335,7 +424,7 @@ public class DRFeedsServletTest extends DrServletTestBase { private void setUpValidSecurityOnHttpRequest() throws Exception { when(request.isSecure()).thenReturn(true); - Set authAddressesAndNetworks = new HashSet(); + Set authAddressesAndNetworks = new HashSet<>(); authAddressesAndNetworks.add(("127.0.0.1")); FieldUtils .writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, @@ -348,29 +437,6 @@ public class DRFeedsServletTest extends DrServletTestBase { when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue); } - private void setValidPathInfoInHttpHeader() { - when(request.getPathInfo()).thenReturn("/123"); - } - - private void setFeedToReturnInvalidFeedIdSupplied() { - PowerMockito.mockStatic(Feed.class); - PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null); - when(Feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(mock(Feed.class)); - } - - private void setFeedToReturnValidFeedForSuppliedId() { - PowerMockito.mockStatic(Feed.class); - Feed feed = mock(Feed.class); - PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed); - when(feed.isDeleted()).thenReturn(false); - when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class)); - when(feed.getPublisher()).thenReturn("Stub_Value"); - when(feed.getName()).thenReturn("stub_name"); - when(feed.getVersion()).thenReturn("1.0"); - when(feed.asLimitedJSONObject()).thenReturn(mock(JSONObject.class)); - PowerMockito.when(feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(null); - } - private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException { AuthorizationResponse authResponse = mock(AuthorizationResponse.class); Authorizer authorizer = mock(Authorizer.class); @@ -395,13 +461,10 @@ public class DRFeedsServletTest extends DrServletTestBase { private void setupValidAuthorisedRequest() throws Exception { setUpValidSecurityOnHttpRequest(); setBehalfHeader("Stub_Value"); - setValidPathInfoInHttpHeader(); - setFeedToReturnValidFeedForSuppliedId(); } - private void setUpValidContentHeadersAndJSONOnHttpRequest() { + private void setUpValidContentHeadersAndJSONOnHttpRequest() throws IllegalAccessException { when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.0"); when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup"); - } } diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DrServletTestBase.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DrServletTestBase.java index 265a2ee9..bad6e2cb 100644 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DrServletTestBase.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DrServletTestBase.java @@ -28,17 +28,11 @@ import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; import org.apache.commons.lang3.reflect.FieldUtils; import org.junit.After; -import org.junit.AfterClass; -import org.junit.Assert; import org.junit.Before; import org.onap.dmaap.datarouter.provisioning.utils.DB; import org.slf4j.LoggerFactory; -import java.io.File; -import java.io.FileNotFoundException; -import java.io.PrintWriter; import java.util.Properties; -import java.util.Scanner; import static org.junit.Assert.assertEquals; import static org.mockito.Mockito.mock; @@ -46,7 +40,6 @@ import static org.mockito.Mockito.when; public class DrServletTestBase { - @Before public void setUp() throws Exception { Properties props = new Properties(); @@ -61,7 +54,7 @@ public class DrServletTestBase { FieldUtils.writeDeclaredStaticField(BaseServlet.class, "synctask", synchronizerTask, true); } - public ListAppender setTestLogger(Class c) { + ListAppender setTestLogger(Class c) { Logger logger = (Logger) LoggerFactory.getLogger(c); ListAppender listAppender = new ListAppender<>(); listAppender.start(); @@ -69,7 +62,7 @@ public class DrServletTestBase { return listAppender; } - public void verifyEnteringExitCalled(ListAppender listAppender) { + void verifyEnteringExitCalled(ListAppender listAppender) { assertEquals("EELF0004I Entering data router provisioning component with RequestId and InvocationId", listAppender.list.get(0).getMessage()); assertEquals("EELF0005I Exiting data router provisioning component with RequestId and InvocationId", listAppender.list.get(2).getMessage()); assertEquals(3, listAppender.list.size()); diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java index f042e11d..f4eac05f 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java @@ -71,7 +71,7 @@ public class FeedServletTest extends DrServletTestBase { private static EntityManager em; private DB db; - ListAppender listAppender; + private ListAppender listAppender; @BeforeClass public static void init() { @@ -120,8 +120,7 @@ public class FeedServletTest extends DrServletTestBase { @Test - public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() - throws Exception { + public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception { when(request.getPathInfo()).thenReturn(null); feedServlet.doDelete(request, response); verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); @@ -129,8 +128,7 @@ public class FeedServletTest extends DrServletTestBase { @Test - public void Given_Request_Is_HTTP_DELETE_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() - throws Exception { + public void Given_Request_Is_HTTP_DELETE_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception { when(request.getPathInfo()).thenReturn("/123"); feedServlet.doDelete(request, response); verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); @@ -138,13 +136,28 @@ public class FeedServletTest extends DrServletTestBase { @Test - public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() - throws Exception { + public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception { setAuthoriserToReturnRequestNotAuthorized(); feedServlet.doDelete(request, response); verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class))); } + @Test + public void Given_Request_Is_HTTP_DELETE_And_AAF_Feed_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception { + when(request.getPathInfo()).thenReturn("/2"); + feedServlet.doDelete(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access to permission")); + } + + @Test + public void Given_Request_Is_HTTP_DELETE_And_AAF_Feed_With_Permissions_Then_A_NO_CONTENT_Response_Is_Generated() { + when(request.getPathInfo()).thenReturn("/3"); + when(request.isUserInRole("org.onap.dmaap-dr.feed|*|delete")).thenReturn(true); + feedServlet.doDelete(request, response); + verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT)); + verifyEnteringExitCalled(listAppender); + } + @Test public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Fails_An_Internal_Server_Error_Is_Reported() @@ -161,8 +174,7 @@ public class FeedServletTest extends DrServletTestBase { @Test - public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated() - throws Exception { + public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated() throws Exception { feedServlet.doDelete(request, response); verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT)); reinsertFeedIntoDb(); @@ -209,6 +221,7 @@ public class FeedServletTest extends DrServletTestBase { public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception { setAuthoriserToReturnRequestNotAuthorized(); + when(request.getPathInfo()).thenReturn("/2"); feedServlet.doGet(request, response); verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class))); } @@ -218,6 +231,7 @@ public class FeedServletTest extends DrServletTestBase { public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception { ServletOutputStream outStream = mock(ServletOutputStream.class); when(response.getOutputStream()).thenReturn(outStream); + when(request.getPathInfo()).thenReturn("/2"); feedServlet.doGet(request, response); verify(response).setStatus(eq(HttpServletResponse.SC_OK)); verifyEnteringExitCalled(listAppender); @@ -264,9 +278,9 @@ public class FeedServletTest extends DrServletTestBase { throws Exception { when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed-fail; version=2.0"); when(request.getContentType()).thenReturn("stub_contentType"); + when(request.getPathInfo()).thenReturn("/2"); feedServlet.doPut(request, response); - verify(response) - .sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class))); } @Test @@ -274,12 +288,19 @@ public class FeedServletTest extends DrServletTestBase { throws Exception { ServletInputStream inStream = mock(ServletInputStream.class); when(request.getInputStream()).thenReturn(inStream); + when(request.getPathInfo()).thenReturn("/2"); + FeedServlet feedServlet = new FeedServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + return null; + } + }; feedServlet.doPut(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("Badly formed JSON")); } @Test public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Invalid_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception { + when(request.getPathInfo()).thenReturn("/2"); FeedServlet feedServlet = new FeedServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { return new JSONObject(); @@ -292,6 +313,7 @@ public class FeedServletTest extends DrServletTestBase { @Test public void Given_Request_Is_HTTP_PUT_And_Feed_Change_Is_Not_Publisher_Who_Requested_Feed_Bad_Request_Response_Is_Generated() throws Exception { when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn(null); + when(request.getPathInfo()).thenReturn("/2"); JSONObject JSObject = buildRequestJsonObject(); FeedServlet feedServlet = new FeedServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { @@ -302,13 +324,13 @@ public class FeedServletTest extends DrServletTestBase { return jo; } }; - feedServlet.doPut(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("must be modified by the same publisher")); } @Test public void Given_Request_Is_HTTP_PUT_And_Feed_Name_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception { + when(request.getPathInfo()).thenReturn("/2"); JSONObject JSObject = buildRequestJsonObject(); FeedServlet feedServlet = new FeedServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { @@ -320,52 +342,99 @@ public class FeedServletTest extends DrServletTestBase { } }; feedServlet.doPut(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("name of the feed may not be updated")); } @Test public void Given_Request_Is_HTTP_PUT_And_Feed_Version_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception { + when(request.getPathInfo()).thenReturn("/2"); JSONObject JSObject = buildRequestJsonObject(); FeedServlet feedServlet = new FeedServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { JSONObject jo = new JSONObject(); - jo.put("name", "stub_name"); - jo.put("version", "2.0"); + jo.put("name", "AafFeed"); + jo.put("version", "v0.2"); jo.put("authorization", JSObject); return jo; } }; feedServlet.doPut(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("version of the feed may not be updated")); } @Test public void Given_Request_Is_HTTP_PUT_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception { + setAuthoriserToReturnRequestNotAuthorized(); + when(request.getPathInfo()).thenReturn("/2"); JSONObject JSObject = buildRequestJsonObject(); FeedServlet feedServlet = new FeedServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { JSONObject jo = new JSONObject(); - jo.put("name", "Feed1"); + jo.put("name", "AafFeed"); jo.put("version", "v0.1"); jo.put("authorization", JSObject); return jo; } }; - setAuthoriserToReturnRequestNotAuthorized(); feedServlet.doPut(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("Policy Engine disallows access")); } @Test - public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Fails_An_Internal_Server_Error_Response_Is_Generated() throws Exception { + public void Given_Request_Is_HTTP_PUT_And_AAF_Feed_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception { + when(request.getPathInfo()).thenReturn("/2"); + JSONObject JSObject = buildRequestJsonObject(); + FeedServlet feedServlet = new FeedServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "AafFeed"); + jo.put("version", "v0.1"); + jo.put("authorization", JSObject); + jo.put("aaf_instance", "https://aaf-onap-test.osaaf.org:8095"); + return jo; + } + }; + feedServlet.doPut(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access to permission")); + } + + @Test + public void Given_Request_Is_HTTP_PUT_And_AAF_Feed_With_Permissions_Then_STATUS_OK__Response_Is_Generated() throws Exception { ServletOutputStream outStream = mock(ServletOutputStream.class); when(response.getOutputStream()).thenReturn(outStream); + when(request.getPathInfo()).thenReturn("/2"); + when(request.isUserInRole("org.onap.dmaap-dr.feed|*|edit")).thenReturn(true); + JSONObject JSObject = buildRequestJsonObject(); + FeedServlet feedServlet = new FeedServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "AafFeed"); + jo.put("version", "v0.1"); + jo.put("authorization", JSObject); + jo.put("aaf_instance", "*"); + return jo; + } + @Override + protected boolean doUpdate(Updateable bean) { + return true; + } + + }; + feedServlet.doPut(request, response); + verify(response).setStatus(eq(HttpServletResponse.SC_OK)); + verifyEnteringExitCalled(listAppender); + } + @Test + public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Fails_An_Internal_Server_Error_Response_Is_Generated() throws Exception { + ServletOutputStream outStream = mock(ServletOutputStream.class); + when(response.getOutputStream()).thenReturn(outStream); + when(request.getPathInfo()).thenReturn("/2"); JSONObject JSObject = buildRequestJsonObject(); FeedServlet feedServlet = new FeedServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { JSONObject jo = new JSONObject(); - jo.put("name", "Feed1"); + jo.put("name", "AafFeed"); jo.put("version", "v0.1"); jo.put("authorization", JSObject); return jo; @@ -384,15 +453,20 @@ public class FeedServletTest extends DrServletTestBase { public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Suceeds_A_STATUS_OK_Response_Is_Generated() throws Exception { ServletOutputStream outStream = mock(ServletOutputStream.class); when(response.getOutputStream()).thenReturn(outStream); + when(request.getPathInfo()).thenReturn("/2"); JSONObject JSObject = buildRequestJsonObject(); FeedServlet feedServlet = new FeedServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { JSONObject jo = new JSONObject(); - jo.put("name", "Feed1"); + jo.put("name", "AafFeed"); jo.put("version", "v0.1"); jo.put("authorization", JSObject); return jo; } + @Override + protected boolean doUpdate(Updateable bean) { + return true; + } }; feedServlet.doPut(request, response); @@ -427,11 +501,9 @@ public class FeedServletTest extends DrServletTestBase { private void setUpValidSecurityOnHttpRequest() throws Exception { when(request.isSecure()).thenReturn(true); - Set authAddressesAndNetworks = new HashSet(); + Set authAddressesAndNetworks = new HashSet<>(); authAddressesAndNetworks.add(("127.0.0.1")); - FieldUtils - .writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, - true); + FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks,true); FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true); } diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java index 0b5c23fe..b867c672 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java @@ -27,19 +27,24 @@ import ch.qos.logback.core.read.ListAppender; import org.apache.commons.lang3.reflect.FieldUtils; import org.jetbrains.annotations.NotNull; import org.json.JSONObject; +import org.junit.AfterClass; import org.junit.Before; +import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; import org.onap.dmaap.datarouter.authz.AuthorizationResponse; import org.onap.dmaap.datarouter.authz.Authorizer; -import org.onap.dmaap.datarouter.provisioning.beans.Feed; import org.onap.dmaap.datarouter.provisioning.beans.Insertable; import org.onap.dmaap.datarouter.provisioning.beans.Subscription; +import org.onap.dmaap.datarouter.provisioning.utils.DB; import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor; +import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; +import javax.persistence.EntityManager; +import javax.persistence.EntityManagerFactory; +import javax.persistence.Persistence; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -54,20 +59,39 @@ import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; @RunWith(PowerMockRunner.class) -@SuppressStaticInitializationFor({"org.onap.dmaap.datarouter.provisioning.beans.Feed", "org.onap.dmaap.datarouter.provisioning.beans.Subscription"}) +@PrepareForTest(Subscription.class) public class SubscribeServletTest extends DrServletTestBase { private static SubscribeServlet subscribeServlet; + private static EntityManagerFactory emf; + private static EntityManager em; + private DB db; @Mock private HttpServletRequest request; @Mock private HttpServletResponse response; - ListAppender listAppender; + private ListAppender listAppender; + + @BeforeClass + public static void init() { + emf = Persistence.createEntityManagerFactory("dr-unit-tests"); + em = emf.createEntityManager(); + System.setProperty( + "org.onap.dmaap.datarouter.provserver.properties", + "src/test/resources/h2Database.properties"); + } + + @AfterClass + public static void tearDownClass() { + em.clear(); + em.close(); + emf.close(); + } @Before public void setUp() throws Exception { - super.setUp(); + db = new DB(); listAppender = setTestLogger(SubscribeServlet.class); subscribeServlet = new SubscribeServlet(); setAuthoriserToReturnRequestIsAuthorized(); @@ -110,26 +134,18 @@ public class SubscribeServletTest extends DrServletTestBase { @Test public void Given_Request_Is_HTTP_GET_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception { - setFeedToReturnInvalidFeedIdSupplied(); + when(request.getPathInfo()).thenReturn("/123"); subscribeServlet.doGet(request, response); verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); } - - @Test - public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception { - setAuthoriserToReturnRequestNotAuthorized(); - subscribeServlet.doGet(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class))); - } - - @Test public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception { ServletOutputStream outStream = mock(ServletOutputStream.class); when(response.getOutputStream()).thenReturn(outStream); + when(request.getPathInfo()).thenReturn("/1"); PowerMockito.mockStatic(Subscription.class); - List list = new ArrayList(); + List list = new ArrayList<>(); list.add("{}"); PowerMockito.when(Subscription.getSubscriptionUrlList(anyInt())).thenReturn(list); subscribeServlet.doGet(request, response); @@ -171,7 +187,7 @@ public class SubscribeServletTest extends DrServletTestBase { @Test public void Given_Request_Is_HTTP_POST_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception { - setFeedToReturnInvalidFeedIdSupplied(); + when(request.getPathInfo()).thenReturn("/123"); subscribeServlet.doPost(request, response); verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); } @@ -179,41 +195,107 @@ public class SubscribeServletTest extends DrServletTestBase { @Test public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception { setAuthoriserToReturnRequestNotAuthorized(); + when(request.getPathInfo()).thenReturn("/1"); + JSONObject JSObject = buildRequestJsonObject(); + SubscribeServlet subscribeServlet = new SubscribeServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "stub_name"); + jo.put("version", "2.0"); + jo.put("metadataOnly", true); + jo.put("suspend", true); + jo.put("delivery", JSObject); + jo.put("sync", false); + return jo; + } + @Override + protected boolean doInsert(Insertable bean) { + return false; + } + }; subscribeServlet.doPost(request, response); verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class))); } @Test - public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception { - when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.1"); - when(request.getContentType()).thenReturn("stub_contentType"); + public void Given_Request_Is_HTTP_POST_And_AAF_Subscriber_Added_To_Legacy_Feed_Then_Forbidden_Response_Is_Generated() throws Exception { + when(request.getPathInfo()).thenReturn("/1"); + JSONObject JSObject = buildRequestJsonObject(); + SubscribeServlet subscribeServlet = new SubscribeServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "stub_name"); + jo.put("version", "2.0"); + jo.put("metadataOnly", true); + jo.put("suspend", true); + jo.put("delivery", JSObject); + jo.put("aaf_instance", "*"); + jo.put("follow_redirect", false); + jo.put("sync", false); + return jo; + } + @Override + protected boolean doInsert(Insertable bean) { + return false; + } + }; subscribeServlet.doPost(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF Subscriber can not be added to legacy Feed")); } @Test - public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception { + public void Given_Request_Is_HTTP_POST_And_Legacy_Subscriber_Added_To_AAF_Feed_And_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception { + setAuthoriserToReturnRequestNotAuthorized(); + when(request.getPathInfo()).thenReturn("/2"); + JSONObject JSObject = buildRequestJsonObject(); + SubscribeServlet subscribeServlet = new SubscribeServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "stub_name"); + jo.put("version", "2.0"); + jo.put("metadataOnly", true); + jo.put("suspend", true); + jo.put("delivery", JSObject); + jo.put("aaf_instance", "legacy"); + jo.put("follow_redirect", false); + jo.put("sync", false); + return jo; + } + }; subscribeServlet.doPost(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("Policy Engine disallows access.")); } @Test - public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated() throws Exception { - FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxSubs", 0, true); + public void Given_Request_Is_HTTP_POST_And_AAF_Subscriber_Added_To_AAF_Feed_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception { + when(request.getPathInfo()).thenReturn("/2"); + JSONObject JSObject = buildRequestJsonObject(); SubscribeServlet subscribeServlet = new SubscribeServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { - return new JSONObject(); + JSONObject jo = new JSONObject(); + jo.put("name", "stub_name"); + jo.put("version", "2.0"); + jo.put("metadataOnly", true); + jo.put("suspend", true); + jo.put("delivery", JSObject); + jo.put("aaf_instance", "*"); + jo.put("follow_redirect", false); + jo.put("sync", false); + return jo; } }; subscribeServlet.doPost(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), argThat(notNullValue(String.class))); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access to permission")); } @Test - public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception { + public void Given_Request_Is_HTTP_POST_And_AAF_Subscriber_Added_To_AAF_Feed_With_Permissions_Then_OK_Response_Is_Generated() throws Exception { + ServletOutputStream outStream = mock(ServletOutputStream.class); + when(response.getOutputStream()).thenReturn(outStream); + when(request.getPathInfo()).thenReturn("/2"); + when(request.isUserInRole("org.onap.dmaap-dr.feed|*|approveSub")).thenReturn(true); PowerMockito.mockStatic(Subscription.class); - PowerMockito.when(Subscription.getSubscriptionMatching(mock(Subscription.class))).thenReturn(null); - PowerMockito.when(Subscription.countActiveSubscriptions()).thenReturn(0); + PowerMockito.when(Subscription.getSubscriptionMatching(new Subscription())).thenReturn(null); JSONObject JSObject = buildRequestJsonObject(); SubscribeServlet subscribeServlet = new SubscribeServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { @@ -223,26 +305,56 @@ public class SubscribeServletTest extends DrServletTestBase { jo.put("metadataOnly", true); jo.put("suspend", true); jo.put("delivery", JSObject); + jo.put("aaf_instance", "*"); + jo.put("follow_redirect", false); jo.put("sync", false); return jo; } @Override protected boolean doInsert(Insertable bean) { - return false; + return true; } }; subscribeServlet.doPost(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class))); + verify(response).setStatus(eq(HttpServletResponse.SC_CREATED)); + verifyEnteringExitCalled(listAppender); } + @Test + public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception { + when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.1"); + when(request.getContentType()).thenReturn("stub_contentType"); + when(request.getPathInfo()).thenReturn("/1"); + subscribeServlet.doPost(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class))); + } @Test - public void Given_Request_Is_HTTP_POST_And_Change_On_Feeds_Succeeds_A_STATUS_OK_Response_Is_Generated() throws Exception { - ServletOutputStream outStream = mock(ServletOutputStream.class); - when(response.getOutputStream()).thenReturn(outStream); + public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception { + when(request.getPathInfo()).thenReturn("/1"); + subscribeServlet.doPost(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + } + + @Test + public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated() throws Exception { + FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxSubs", 0, true); + when(request.getPathInfo()).thenReturn("/1"); + SubscribeServlet subscribeServlet = new SubscribeServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + return new JSONObject(); + } + }; + subscribeServlet.doPost(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), argThat(notNullValue(String.class))); + } + + @Test + public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception { + when(request.getPathInfo()).thenReturn("/2"); PowerMockito.mockStatic(Subscription.class); - PowerMockito.when(Subscription.getSubscriptionMatching(mock(Subscription.class))).thenReturn(null); + PowerMockito.when(Subscription.getSubscriptionMatching(new Subscription())).thenReturn(null); JSONObject JSObject = buildRequestJsonObject(); SubscribeServlet subscribeServlet = new SubscribeServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { @@ -252,21 +364,21 @@ public class SubscribeServletTest extends DrServletTestBase { jo.put("metadataOnly", true); jo.put("suspend", true); jo.put("delivery", JSObject); - jo.put("sync", true); + jo.put("aaf_instance", "legacy"); + jo.put("follow_redirect", false); + jo.put("sync", false); return jo; } @Override protected boolean doInsert(Insertable bean) { - return true; + return false; } }; subscribeServlet.doPost(request, response); - verify(response).setStatus(eq(HttpServletResponse.SC_CREATED)); - verifyEnteringExitCalled(listAppender); + verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class))); } - @NotNull private JSONObject buildRequestJsonObject() { JSONObject JSObject = new JSONObject(); @@ -279,7 +391,7 @@ public class SubscribeServletTest extends DrServletTestBase { private void setUpValidSecurityOnHttpRequest() throws Exception { when(request.isSecure()).thenReturn(true); - Set authAddressesAndNetworks = new HashSet(); + Set authAddressesAndNetworks = new HashSet<>(); authAddressesAndNetworks.add(("127.0.0.1")); FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true); FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true); @@ -290,27 +402,6 @@ public class SubscribeServletTest extends DrServletTestBase { when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue); } - private void setValidPathInfoInHttpHeader() { - when(request.getPathInfo()).thenReturn("/123"); - } - - private void setFeedToReturnInvalidFeedIdSupplied() { - PowerMockito.mockStatic(Feed.class); - PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null); - } - - private void setFeedToReturnValidFeedForSuppliedId() { - PowerMockito.mockStatic(Feed.class); - Feed feed = mock(Feed.class); - PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed); - when(feed.isDeleted()).thenReturn(false); - when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class)); - when(feed.getPublisher()).thenReturn("Stub_Value"); - when(feed.getName()).thenReturn("stub_name"); - when(feed.getVersion()).thenReturn("1.0"); - when(feed.asLimitedJSONObject()).thenReturn(mock(JSONObject.class)); - } - private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException { AuthorizationResponse authResponse = mock(AuthorizationResponse.class); Authorizer authorizer = mock(Authorizer.class); @@ -335,8 +426,6 @@ public class SubscribeServletTest extends DrServletTestBase { private void setupValidAuthorisedRequest() throws Exception { setUpValidSecurityOnHttpRequest(); setBehalfHeader("Stub_Value"); - setValidPathInfoInHttpHeader(); - setFeedToReturnValidFeedForSuppliedId(); } private void setUpValidContentHeadersAndJSONOnHttpRequest() { diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java index aede69cf..a17e23e0 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java @@ -27,7 +27,10 @@ import ch.qos.logback.core.read.ListAppender; import org.apache.commons.lang3.reflect.FieldUtils; import org.jetbrains.annotations.NotNull; import org.json.JSONObject; -import org.junit.*; +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; import org.onap.dmaap.datarouter.authz.AuthorizationResponse; @@ -37,6 +40,9 @@ import org.onap.dmaap.datarouter.provisioning.beans.SubDelivery; import org.onap.dmaap.datarouter.provisioning.beans.Subscription; import org.onap.dmaap.datarouter.provisioning.beans.Updateable; import org.onap.dmaap.datarouter.provisioning.utils.DB; +import org.onap.dmaap.datarouter.provisioning.utils.PasswordProcessor; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; import javax.persistence.EntityManager; @@ -46,7 +52,6 @@ import javax.servlet.ServletInputStream; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import java.io.FileNotFoundException; import java.sql.SQLException; import java.util.HashSet; import java.util.Set; @@ -57,6 +62,7 @@ import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; @RunWith(PowerMockRunner.class) +@PrepareForTest(PasswordProcessor.class) public class SubscriptionServletTest extends DrServletTestBase { private static EntityManagerFactory emf; private static EntityManager em; @@ -72,7 +78,7 @@ public class SubscriptionServletTest extends DrServletTestBase { @Mock private HttpServletResponse response; - ListAppender listAppender; + private ListAppender listAppender; @BeforeClass public static void init() { @@ -84,7 +90,7 @@ public class SubscriptionServletTest extends DrServletTestBase { } @AfterClass - public static void tearDownClass() throws FileNotFoundException { + public static void tearDownClass() { em.clear(); em.close(); emf.close(); @@ -125,7 +131,7 @@ public class SubscriptionServletTest extends DrServletTestBase { @Test public void Given_Request_Is_HTTP_DELETE_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception { - when(request.getPathInfo()).thenReturn("/3"); + when(request.getPathInfo()).thenReturn("/123"); subscriptionServlet.doDelete(request, response); verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); } @@ -149,11 +155,22 @@ public class SubscriptionServletTest extends DrServletTestBase { } @Test - public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated() throws Exception { + public void Given_Request_Is_HTTP_DELETE_And_AAF_CADI_Is_Enabled_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception { + when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0"); + when(request.getPathInfo()).thenReturn("/2"); + subscriptionServlet.doDelete(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access")); + } + + @Test + public void Given_Request_Is_HTTP_DELETE_And_AAF_CADI_Is_Enabled_With_Permissions_Then_A_NO_CONTENT_Response_Is_Generated() throws Exception { + when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0"); + when(request.getPathInfo()).thenReturn("/2"); + when(request.isUserInRole("org.onap.dmaap-dr.sub|*|delete")).thenReturn(true); subscriptionServlet.doDelete(request, response); verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT)); verifyEnteringExitCalled(listAppender); - insertSubscriptionIntoDb(); + resetAafSubscriptionInDB(); } @Test @@ -180,7 +197,7 @@ public class SubscriptionServletTest extends DrServletTestBase { @Test public void Given_Request_Is_HTTP_GET_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception { - when(request.getPathInfo()).thenReturn("/3"); + when(request.getPathInfo()).thenReturn("/123"); subscriptionServlet.doGet(request, response); verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); } @@ -225,7 +242,7 @@ public class SubscriptionServletTest extends DrServletTestBase { @Test public void Given_Request_Is_HTTP_PUT_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception { - when(request.getPathInfo()).thenReturn("/3"); + when(request.getPathInfo()).thenReturn("/123"); subscriptionServlet.doPut(request, response); verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); } @@ -233,10 +250,82 @@ public class SubscriptionServletTest extends DrServletTestBase { @Test public void Given_Request_Is_HTTP_PUT_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception { setAuthoriserToReturnRequestNotAuthorized(); + when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0"); + JSONObject JSObject = buildRequestJsonObject(); + SubscriptionServlet subscriptionServlet = new SubscriptionServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "stub_name"); + jo.put("version", "2.0"); + jo.put("metadataOnly", true); + jo.put("suspend", true); + jo.put("delivery", JSObject); + jo.put("aaf_instance", "legacy"); + jo.put("follow_redirect", false); + jo.put("decompress", true); + jo.put("sync", true); + jo.put("changeowner", true); + return jo; + } + }; subscriptionServlet.doPut(request, response); verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class))); } + @Test + public void Given_Request_Is_HTTP_PUT_And_AAF_CADI_Is_Enabled_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception { + when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0"); + when(request.getPathInfo()).thenReturn("/3"); + JSONObject JSObject = buildRequestJsonObject(); + SubscriptionServlet subscriptionServlet = new SubscriptionServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "stub_name"); + jo.put("version", "2.0"); + jo.put("metadataOnly", true); + jo.put("suspend", true); + jo.put("delivery", JSObject); + jo.put("aaf_instance", "*"); + jo.put("follow_redirect", false); + jo.put("sync", true); + jo.put("changeowner", true); + return jo; + } + }; + subscriptionServlet.doPut(request, response); + verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access")); + } + + @Test + public void Given_Request_Is_HTTP_PUT_And_AAF_CADI_Is_Enabled_With_Permissions_Then_OK_Response_Is_Generated() throws Exception { + ServletOutputStream outStream = mock(ServletOutputStream.class); + when(response.getOutputStream()).thenReturn(outStream); + when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup"); + when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0"); + when(request.getPathInfo()).thenReturn("/3"); + when(request.isUserInRole("org.onap.dmaap-dr.sub|*|edit")).thenReturn(true); + PowerMockito.mockStatic(PasswordProcessor.class); + JSONObject JSObject = buildRequestJsonObject(); + SubscriptionServlet subscriptionServlet = new SubscriptionServlet() { + protected JSONObject getJSONfromInput(HttpServletRequest req) { + JSONObject jo = new JSONObject(); + jo.put("name", "stub_name"); + jo.put("version", "2.0"); + jo.put("metadataOnly", true); + jo.put("suspend", true); + jo.put("delivery", JSObject); + jo.put("aaf_instance", "*"); + jo.put("follow_redirect", false); + jo.put("sync", true); + return jo; + } + }; + subscriptionServlet.doPut(request, response); + verify(response).setStatus(eq(HttpServletResponse.SC_OK)); + resetAafSubscriptionInDB(); + verifyEnteringExitCalled(listAppender); + } + @Test public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception { when(request.getContentType()).thenReturn("stub_ContentType"); @@ -281,6 +370,8 @@ public class SubscriptionServletTest extends DrServletTestBase { jo.put("privilegedSubscriber", true); jo.put("decompress", true); jo.put("delivery", JSObject); + jo.put("aaf_instance", "legacy"); + jo.put("follow_redirect", false); jo.put("subscriber", "differentSubscriber"); jo.put("sync", true); return jo; @@ -304,7 +395,9 @@ public class SubscriptionServletTest extends DrServletTestBase { jo.put("suspend", true); jo.put("privilegedSubscriber", true); jo.put("delivery", JSObject); + jo.put("aaf_instance", "legacy"); jo.put("decompress", true); + jo.put("follow_redirect", false); jo.put("sync", true); return jo; } @@ -324,6 +417,7 @@ public class SubscriptionServletTest extends DrServletTestBase { when(response.getOutputStream()).thenReturn(outStream); when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup"); when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0"); + PowerMockito.mockStatic(PasswordProcessor.class); JSONObject JSObject = buildRequestJsonObject(); SubscriptionServlet subscriptionServlet = new SubscriptionServlet() { protected JSONObject getJSONfromInput(HttpServletRequest req) { @@ -335,6 +429,8 @@ public class SubscriptionServletTest extends DrServletTestBase { jo.put("privilegedSubscriber", true); jo.put("decompress", true); jo.put("delivery", JSObject); + jo.put("aaf_instance", "legacy"); + jo.put("follow_redirect", false); jo.put("sync", true); jo.put("changeowner", true); return jo; @@ -370,7 +466,7 @@ public class SubscriptionServletTest extends DrServletTestBase { @Test public void Given_Request_Is_HTTP_POST_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception { - when(request.getPathInfo()).thenReturn("/3"); + when(request.getPathInfo()).thenReturn("/123"); subscriptionServlet.doPost(request, response); verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); } @@ -435,6 +531,8 @@ public class SubscriptionServletTest extends DrServletTestBase { jo.put("suspend", true); jo.put("delivery", JSObject); jo.put("privilegedSubscriber", false); + jo.put("aaf_instance", "legacy"); + jo.put("follow_redirect", false); jo.put("decompress", false); jo.put("failed", false); return jo; @@ -498,8 +596,8 @@ public class SubscriptionServletTest extends DrServletTestBase { setValidPathInfoInHttpHeader(); } - private void insertSubscriptionIntoDb() throws SQLException { - Subscription subscription = new Subscription(URL, USER, PASSWORD); + private void changeSubscriptionBackToNormal() throws SQLException { + Subscription subscription = new Subscription("https://172.100.0.5", "user1", "password1"); subscription.setSubid(1); subscription.setSubscriber("user1"); subscription.setFeedid(1); @@ -510,22 +608,23 @@ public class SubscriptionServletTest extends DrServletTestBase { subscription.setSuspended(false); subscription.setPrivilegedSubscriber(false); subscription.setDecompress(false); - subscription.doInsert(db.getConnection()); + subscription.changeOwnerShip(); + subscription.doUpdate(db.getConnection()); } - private void changeSubscriptionBackToNormal() throws SQLException { - Subscription subscription = new Subscription("https://172.100.0.5", "user1", "password1"); - subscription.setSubid(1); - subscription.setSubscriber("user1"); + private void resetAafSubscriptionInDB() throws SQLException { + Subscription subscription = new Subscription("https://172.100.0.5:8080", "user2", "password2"); + subscription.setSubid(2); + subscription.setSubscriber("user2"); subscription.setFeedid(1); SubDelivery subDelivery = new SubDelivery(URL, USER, PASSWORD, true); subscription.setDelivery(subDelivery); subscription.setGroupid(1); subscription.setMetadataOnly(false); subscription.setSuspended(false); - subscription.setPrivilegedSubscriber(false); + subscription.setAafInstance("https://aaf-onap-test.osaaf.org:8095"); subscription.setDecompress(false); - subscription.changeOwnerShip(); + subscription.setPrivilegedSubscriber(false); subscription.doUpdate(db.getConnection()); } } \ No newline at end of file diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilterTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilterTest.java new file mode 100644 index 00000000..5e24c5a8 --- /dev/null +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilterTest.java @@ -0,0 +1,269 @@ +/**- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.dmaap.datarouter.provisioning.utils; + +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.Mock; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.filter.CadiFilter; +import org.onap.dmaap.datarouter.provisioning.BaseServlet; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.api.support.membermodification.MemberMatcher; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +import javax.persistence.EntityManager; +import javax.persistence.EntityManagerFactory; +import javax.persistence.Persistence; +import javax.servlet.FilterChain; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import static org.hamcrest.Matchers.notNullValue; +import static org.mockito.Matchers.argThat; +import static org.mockito.Matchers.eq; +import static org.mockito.Mockito.*; +import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; + +@RunWith(PowerMockRunner.class) +@PrepareForTest({CadiFilter.class}) +public class DRProvCadiFilterTest { + + @Mock + private PropAccess access; + + @Mock + private HttpServletRequest request; + + @Mock + private HttpServletResponse response; + + @Mock + private FilterChain chain; + + private DRProvCadiFilter cadiFilter; + + + private static EntityManagerFactory emf; + private static EntityManager em; + + + @BeforeClass + public static void init() { + emf = Persistence.createEntityManagerFactory("dr-unit-tests"); + em = emf.createEntityManager(); + System.setProperty( + "org.onap.dmaap.datarouter.provserver.properties", + "src/test/resources/h2Database.properties"); + } + + @Before + public void setUp() throws Exception { + cadiFilter = new DRProvCadiFilter(false, access); + } + + @Test + public void Given_doFilter_Called_And_Path_Contains_subs_And_SubId_Is_Incorrectly_Set_Then_Not_Found_Response_Returned() throws Exception{ + setRequestMocking("PUT", "subs"); + + cadiFilter.doFilter(request, response, chain); + verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); + } + + @Test + public void Given_doFilter_called_And_Path_Contains_subs_And_Is_AAF_Subscriber_then_call_Super_doFilter() throws Exception{ + setRequestMocking("PUT", "subs"); + when(request.getPathInfo()).thenReturn("/2"); + PowerMockito.suppress(MemberMatcher.methodsDeclaredIn(CadiFilter.class)); + cadiFilter.doFilter(request, response, chain); + verify(chain, times(0)).doFilter(request, response); + } + + @Test + public void Given_doFilter_called_And_Path_Contains_subs_And_Is_Not_AAF_Subscriber_then_call_chain_doFilter() throws Exception{ + setRequestMocking("PUT", "subs"); + when(request.getPathInfo()).thenReturn("/5"); + + cadiFilter.doFilter(request, response, chain); + verify(chain, times(1)).doFilter(request, response); + } + + @Test + public void Given_doFilter_called_And_FeedId_Is_Incorrectly_Set_Then_Not_Found_Response_Returned () throws Exception{ + setRequestMocking("PUT", "feeds"); + + cadiFilter.doFilter(request, response, chain); + verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); + } + + @Test + public void Given_doFilter_called_And_FeedId_Is_Correctly_Set_And_Is_AAF_Feed_Then_Call_Super_doFilter() throws Exception{ + setRequestMocking("PUT", "feeds"); + when(request.getPathInfo()).thenReturn("/2"); + PowerMockito.suppress(MemberMatcher.methodsDeclaredIn(CadiFilter.class)); + cadiFilter.doFilter(request, response, chain); + verify(chain, times(0)).doFilter(request, response); + } + + @Test + public void Given_doFilter_called_And_FeedId_Is_Correctly_Set_And_Is_Not_AAF_Feed_then_call_chain_doFilter() throws Exception{ + setRequestMocking("PUT", "feeds"); + when(request.getPathInfo()).thenReturn("/1"); + + cadiFilter.doFilter(request, response, chain); + verify(chain, times(1)).doFilter(request, response); + } + + @Test + public void Given_doFilter_called_With_Get_Then_call_chain_doFilter() throws Exception{ + setRequestMocking("GET", "feeds"); + when(request.getPathInfo()).thenReturn("/5"); + + cadiFilter.doFilter(request, response, chain); + verify(chain, times(1)).doFilter(request, response); + } + + + @Test + public void Given_doFilter_called_With_POST_Then_call_chain_doFilter() throws Exception{ + setRequestMocking("POST", "subscribe"); + + cadiFilter.doFilter(request, response, chain); + verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); + + } + + @Test + public void Given_doFilter_called_With_POST_And_FeedId_Is_Incorrectly_Set_Then_Not_Found_Response_Returned() throws Exception{ + setRequestMocking("POST", "subscribe"); + + cadiFilter.doFilter(request, response, chain); + verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); + + } + + @Test + public void Given_doFilter_called_With_POST_And_Exclude_AAF_Is_NULL_Then_Bad_Request_Response_Returned() throws Exception{ + setRequestMocking("POST", "subscribe"); + when(request.getPathInfo()).thenReturn("/2"); + + cadiFilter.doFilter(request, response, chain); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + + } + + @Test + public void Given_doFilter_called_With_POST_And_Exclude_AAF_Equals_True_Then_Call_Chain_doFilter() throws Exception{ + setRequestMocking("POST", "subscribe"); + when(request.getPathInfo()).thenReturn("/2"); + when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("true"); + + cadiFilter.doFilter(request, response, chain); + verify(chain, times(1)).doFilter(request, response); + + } + + @Test + public void Given_doFilter_called_With_POST_And_Exclude_AAF_Equals_False_Then_Call_Super_doFilter() throws Exception{ + setRequestMocking("POST", "subscribe"); + when(request.getPathInfo()).thenReturn("/2"); + when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("false"); + PowerMockito.suppress(MemberMatcher.methodsDeclaredIn(CadiFilter.class)); + + cadiFilter.doFilter(request, response, chain); + verify(chain, times(0)).doFilter(request, response); + + } + + @Test + public void Given_doFilter_called_With_POST_And_Is_Not_AAF_Exclude_AAF_Equals_Then_Call_Chain_doFilter() throws Exception{ + setRequestMocking("POST", "subscribe"); + when(request.getPathInfo()).thenReturn("/5"); + when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("false"); + + cadiFilter.doFilter(request, response, chain); + verify(chain, times(1)).doFilter(request, response); + + } + + @Test + public void Given_doFilter_called_With_POST_And_Path_Not_Includes_subscribe_And_Exclude_AAF_Is_NULL_Then_Bad_Request_Response_Returned() throws Exception{ + setRequestMocking("POST", "other"); + when(request.getPathInfo()).thenReturn("/5"); + + cadiFilter.doFilter(request, response, chain); + verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class))); + + } + + @Test + public void Given_doFilter_called_With_POST_And_Path_Not_Includes_subscribe_And_Exclude_AAF_Equals_True_Then_Call_Chain_doFilter() throws Exception{ + setRequestMocking("POST", "other"); + when(request.getPathInfo()).thenReturn("/5"); + when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("true"); + + cadiFilter.doFilter(request, response, chain); + verify(chain, times(1)).doFilter(request, response); + + } + + @Test + public void Given_doFilter_called_With_POST_And_Path_Not_Includes_subscribe_And_Exclude_AAF_Equals_False_Then_Call_Super_doFilter() throws Exception{ + setRequestMocking("POST", "other"); + when(request.getPathInfo()).thenReturn("/5"); + when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("false"); + PowerMockito.suppress(MemberMatcher.methodsDeclaredIn(CadiFilter.class)); + + cadiFilter.doFilter(request, response, chain); + verify(chain, times(0)).doFilter(request, response); + + } + + @Test + public void Given_doFilter_Called_And_Path_Contains_subs_And_getSubId_Throws_NumberFormatException_then_Not_Found_response_returned() throws Exception{ + setRequestMocking("PUT", "subs"); + when(request.getPathInfo()).thenReturn("5/"); + cadiFilter.doFilter(request, response, chain); + verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); + + } + + @Test + public void Given_doFilter_called_And_FeedId_Throws_Set_Then_Not_Found_Response_Returned () throws Exception{ + setRequestMocking("PUT", "feeds"); + when(request.getPathInfo()).thenReturn("//5"); + cadiFilter.doFilter(request, response, chain); + verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class))); + } + + private void setRequestMocking(String method, String servletPath) + { + when(request.getRemoteAddr()).thenReturn(null); + when(request.getHeader(BEHALF_HEADER)).thenReturn(null); + when(request.getAttribute(BaseServlet.CERT_ATTRIBUTE)).thenReturn(null); + when(request.getMethod()).thenReturn(method); + when(request.getServletPath()).thenReturn(servletPath); + } + + } diff --git a/datarouter-prov/src/test/resources/create.sql b/datarouter-prov/src/test/resources/create.sql index 9412adf2..1fb30c90 100755 --- a/datarouter-prov/src/test/resources/create.sql +++ b/datarouter-prov/src/test/resources/create.sql @@ -2,7 +2,7 @@ CREATE TABLE FEEDS ( FEEDID INT UNSIGNED NOT NULL PRIMARY KEY, GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0, NAME VARCHAR(255) NOT NULL, - VERSION VARCHAR(20) NOT NULL, + VERSION VARCHAR(20) NULL, DESCRIPTION VARCHAR(1000), BUSINESS_DESCRIPTION VARCHAR(1000) DEFAULT NULL, AUTH_CLASS VARCHAR(32) NOT NULL, @@ -14,13 +14,14 @@ CREATE TABLE FEEDS ( DELETED BOOLEAN DEFAULT FALSE, LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP, SUSPENDED BOOLEAN DEFAULT FALSE, - CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP + CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + AAF_INSTANCE VARCHAR(256) ); CREATE TABLE FEED_ENDPOINT_IDS ( FEEDID INT UNSIGNED NOT NULL, - USERID VARCHAR(20) NOT NULL, - PASSWORD VARCHAR(32) NOT NULL + USERID VARCHAR(60) NOT NULL, + PASSWORD VARCHAR(100) NOT NULL ); CREATE TABLE FEED_ENDPOINT_ADDRS ( @@ -33,8 +34,9 @@ CREATE TABLE SUBSCRIPTIONS ( FEEDID INT UNSIGNED NOT NULL, GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0, DELIVERY_URL VARCHAR(256), - DELIVERY_USER VARCHAR(20), - DELIVERY_PASSWORD VARCHAR(32), + FOLLOW_REDIRECTS TINYINT(1) NOT NULL DEFAULT 0, + DELIVERY_USER VARCHAR(60), + DELIVERY_PASSWORD VARCHAR(100), DELIVERY_USE100 BOOLEAN DEFAULT FALSE, METADATA_ONLY BOOLEAN DEFAULT FALSE, SUBSCRIBER VARCHAR(8) NOT NULL, @@ -43,8 +45,9 @@ CREATE TABLE SUBSCRIPTIONS ( LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP, SUSPENDED BOOLEAN DEFAULT FALSE, PRIVILEGED_SUBSCRIBER BOOLEAN DEFAULT FALSE, + CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP, DECOMPRESS BOOLEAN DEFAULT FALSE, - CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP + AAF_INSTANCE VARCHAR(256) ); @@ -87,7 +90,7 @@ CREATE TABLE LOG_RECORDS ( CREATE TABLE INGRESS_ROUTES ( SEQUENCE INT UNSIGNED NOT NULL, FEEDID INT UNSIGNED NOT NULL, - USERID VARCHAR(20), + USERID VARCHAR(50), SUBNET VARCHAR(44), NODESET INT UNSIGNED NOT NULL ); @@ -136,7 +139,7 @@ INSERT INTO PARAMETERS VALUES ('DELIVERY_MAX_RETRY_INTERVAL', '3600'), ('DELIVERY_FILE_PROCESS_INTERVAL', '600'), ('DELIVERY_RETRY_RATIO', '2'), - ('LOGROLL_INTERVAL', '300'), + ('LOGROLL_INTERVAL', '30'), ('PROV_AUTH_ADDRESSES', 'dmaap-dr-prov|dmaap-dr-node'), ('PROV_AUTH_SUBJECTS', ''), ('PROV_MAXFEED_COUNT', '10000'), @@ -149,11 +152,17 @@ INSERT INTO PARAMETERS VALUES INSERT INTO GROUPS(GROUPID, AUTHID, NAME, DESCRIPTION, CLASSIFICATION, MEMBERS) VALUES (1, 'Basic dXNlcjE6cGFzc3dvcmQx', 'Group1', 'First Group for testing', 'Class1', 'Member1'); -INSERT INTO SUBSCRIPTIONS(SUBID, FEEDID, DELIVERY_URL, DELIVERY_USER, DELIVERY_PASSWORD, DELIVERY_USE100, METADATA_ONLY, SUBSCRIBER, SUSPENDED, GROUPID, PRIVILEGED_SUBSCRIBER, DECOMPRESS) -VALUES (1, 1, 'https://172.100.0.5:8080', 'user1', 'password1', true, false, 'user1', false, 1, false, false); +INSERT INTO SUBSCRIPTIONS(SUBID, FEEDID, DELIVERY_URL, FOLLOW_REDIRECTS, DELIVERY_USER, DELIVERY_PASSWORD, DELIVERY_USE100, METADATA_ONLY, SUBSCRIBER, SUSPENDED, GROUPID, PRIVILEGED_SUBSCRIBER, AAF_INSTANCE, DECOMPRESS) +VALUES (1, 1, 'https://172.100.0.5:8080', 0, 'user1', 'password1', true, false, 'user1', false, 1, false, 'legacy', false); -INSERT INTO SUBSCRIPTIONS(SUBID, FEEDID, DELIVERY_URL, DELIVERY_USER, DELIVERY_PASSWORD, SUBSCRIBER, SELF_LINK, LOG_LINK) -VALUES (23, 1, 'http://delivery_url', 'user1', 'somepassword', 'sub123', 'selflink', 'loglink'); +INSERT INTO SUBSCRIPTIONS(SUBID, FEEDID, DELIVERY_URL, FOLLOW_REDIRECTS, DELIVERY_USER, DELIVERY_PASSWORD, DELIVERY_USE100, METADATA_ONLY, SUBSCRIBER, SUSPENDED, GROUPID, AAF_INSTANCE) +VALUES (2, 1, 'https://172.100.0.5:8080', 0, 'user2', 'password2', true, true, 'subsc2', false, 1, '*'); + +INSERT INTO SUBSCRIPTIONS(SUBID, FEEDID, DELIVERY_URL, FOLLOW_REDIRECTS, DELIVERY_USER, DELIVERY_PASSWORD, DELIVERY_USE100, METADATA_ONLY, SUBSCRIBER, SUSPENDED, GROUPID, AAF_INSTANCE) +VALUES (3, 1, 'https://172.100.0.5:8080', 0, 'user3', 'password3', true, true, 'subsc3', false, 1, '*'); + +INSERT INTO SUBSCRIPTIONS(SUBID, FEEDID, DELIVERY_URL, DELIVERY_USER, DELIVERY_PASSWORD, SUBSCRIBER, SELF_LINK, LOG_LINK, AAF_INSTANCE) +VALUES (23, 1, 'http://delivery_url', 'user1', 'somepassword', 'sub123', 'selflink', 'loglink', 'legacy'); INSERT INTO FEED_ENDPOINT_IDS(FEEDID, USERID, PASSWORD) VALUES (1, 'USER', 'PASSWORD'); @@ -164,6 +173,12 @@ VALUES (1, '172.0.0.1'); INSERT INTO FEEDS(FEEDID, GROUPID, NAME, VERSION, DESCRIPTION, BUSINESS_DESCRIPTION, AUTH_CLASS, PUBLISHER, SELF_LINK, PUBLISH_LINK, SUBSCRIBE_LINK, LOG_LINK) VALUES (1, 1,'Feed1','v0.1', 'First Feed for testing', 'First Feed for testing', 'auth_class', 'pub','self_link','publish_link','subscribe_link','log_link'); +INSERT INTO FEEDS(FEEDID, GROUPID, NAME, VERSION, DESCRIPTION, BUSINESS_DESCRIPTION, AUTH_CLASS, PUBLISHER, SELF_LINK, PUBLISH_LINK, SUBSCRIBE_LINK, LOG_LINK, AAF_INSTANCE) +VALUES (2, 1,'AafFeed','v0.1', 'AAF Feed for testing', 'AAF Feed for testing', 'auth_class', 'pub','self_link','publish_link','subscribe_link','log_link','*'); + +INSERT INTO FEEDS(FEEDID, GROUPID, NAME, VERSION, DESCRIPTION, BUSINESS_DESCRIPTION, AUTH_CLASS, PUBLISHER, SELF_LINK, PUBLISH_LINK, SUBSCRIBE_LINK, LOG_LINK, AAF_INSTANCE) +VALUES (3, 1,'DeleteableAafFeed','v0.1', 'AAF Feed3 for testing', 'AAF Feed3 for testing', 'auth_class', 'pub','self_link','publish_link','subscribe_link','log_link','*'); + insert into INGRESS_ROUTES(SEQUENCE, FEEDID , USERID, SUBNET, NODESET) VALUES (1,1,'user',null,2); diff --git a/datarouter-prov/src/test/resources/h2Database.properties b/datarouter-prov/src/test/resources/h2Database.properties index a7ed3fa0..fee9c688 100755 --- a/datarouter-prov/src/test/resources/h2Database.properties +++ b/datarouter-prov/src/test/resources/h2Database.properties @@ -28,4 +28,5 @@ org.onap.dmaap.datarouter.provserver.isaddressauthenabled = true org.onap.dmaap.datarouter.provserver.https.relaxation = false org.onap.dmaap.datarouter.provserver.accesslog.dir = unit-test-logs org.onap.dmaap.datarouter.provserver.spooldir = unit-test-logs/spool -org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 \ No newline at end of file +org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 +org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# \ No newline at end of file -- cgit 1.2.3-korg