From 907bb776273e1bf41331609c51dc520c3d4fa181 Mon Sep 17 00:00:00 2001 From: Sunil Unnava Date: Tue, 27 Feb 2018 03:09:04 -0500 Subject: Security issues fixes Issue-ID: DMAAP-207 Change-Id: I8c95f2647676fc4c2e754bdc280b97886f53403f Signed-off-by: Sunil Unnava --- .../service/impl/AdminServiceImplemTest.java | 50 +++++++++++++++++----- 1 file changed, 39 insertions(+), 11 deletions(-) (limited to 'src/test') diff --git a/src/test/java/com/att/nsa/cambria/service/impl/AdminServiceImplemTest.java b/src/test/java/com/att/nsa/cambria/service/impl/AdminServiceImplemTest.java index b2db07e..df486d5 100644 --- a/src/test/java/com/att/nsa/cambria/service/impl/AdminServiceImplemTest.java +++ b/src/test/java/com/att/nsa/cambria/service/impl/AdminServiceImplemTest.java @@ -25,23 +25,51 @@ package com.att.nsa.cambria.service.impl; import static org.junit.Assert.*; import java.io.IOException; +import java.util.Date; import com.att.nsa.cambria.beans.DMaaPContext; +import com.att.nsa.cambria.embed.EmbedConfigurationReader; +import com.att.nsa.cambria.utils.ConfigurationReader; import com.att.nsa.configs.ConfigDbException; +import com.att.nsa.drumlin.till.data.sha1HmacSigner; import com.att.nsa.security.ReadWriteSecuredResource.AccessDeniedException; -import org.junit.After; -import org.junit.Before; +import org.junit.AfterClass; +import org.junit.BeforeClass; import org.junit.Test; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; public class AdminServiceImplemTest { + + private static DMaaPContext context = new DMaaPContext(); + + private static EmbedConfigurationReader embedConfigurationReader = new EmbedConfigurationReader(); + + @BeforeClass + public static void setUp() throws Exception { + + final long nowMs = System.currentTimeMillis(); + Date date = new Date(nowMs + 10000); + + final String serverCalculatedSignature = sha1HmacSigner.sign(date.toString(), "password"); + MockHttpServletRequest request = new MockHttpServletRequest(); + request.addHeader("X-Auth", "admin:" + serverCalculatedSignature); + + //NsaSimpleApiKey apiKey = new NsaSimpleApiKey("admin", "password"); + // PowerMockito.when(baseNsaApiDbImpl.loadApiKey("b/7ouTn9FfEw2PQwL0ov/Q==")).thenReturn(apiKey); - @Before - public void setUp() throws Exception { + request.addHeader("X-Date", date); + request.addHeader("Date", date); + MockHttpServletResponse response = new MockHttpServletResponse(); + context.setRequest(request); + context.setResponse(response); + context.setConfigReader(embedConfigurationReader.buildConfigurationReader()); } - @After - public void tearDown() throws Exception { + @AfterClass + public static void tearDown() throws Exception { + embedConfigurationReader.tearDown(); } @@ -51,7 +79,7 @@ public class AdminServiceImplemTest { AdminServiceImpl adminServiceImpl = new AdminServiceImpl(); try { - adminServiceImpl.showConsumerCache(new DMaaPContext()); + adminServiceImpl.showConsumerCache(context); } catch (IOException | AccessDeniedException e) { // TODO Auto-generated catch block e.printStackTrace(); @@ -73,7 +101,7 @@ public class AdminServiceImplemTest { AdminServiceImpl adminServiceImpl = new AdminServiceImpl(); try { - adminServiceImpl.dropConsumerCache(new DMaaPContext()); + adminServiceImpl.dropConsumerCache(context); } catch (IOException | AccessDeniedException e) { // TODO Auto-generated catch block e.printStackTrace(); @@ -95,7 +123,7 @@ public class AdminServiceImplemTest { AdminServiceImpl adminServiceImpl = new AdminServiceImpl(); try { - adminServiceImpl.getBlacklist(new DMaaPContext()); + adminServiceImpl.getBlacklist(context); } catch (IOException | AccessDeniedException e) { // TODO Auto-generated catch block e.printStackTrace(); @@ -117,7 +145,7 @@ public class AdminServiceImplemTest { AdminServiceImpl adminServiceImpl = new AdminServiceImpl(); try { - adminServiceImpl.addToBlacklist(new DMaaPContext(), "120.120.120.120"); + adminServiceImpl.addToBlacklist(context, "120.120.120.120"); } catch (IOException | AccessDeniedException | ConfigDbException e) { // TODO Auto-generated catch block e.printStackTrace(); @@ -139,7 +167,7 @@ public class AdminServiceImplemTest { AdminServiceImpl adminServiceImpl = new AdminServiceImpl(); try { - adminServiceImpl.addToBlacklist(new DMaaPContext(), "120.120.120.120"); + adminServiceImpl.addToBlacklist(context, "120.120.120.120"); } catch (IOException | AccessDeniedException | ConfigDbException e) { // TODO Auto-generated catch block e.printStackTrace(); -- cgit 1.2.3-korg