diff options
Diffstat (limited to 'main/src')
8 files changed, 60 insertions, 53 deletions
diff --git a/main/src/main/java/org/onap/policy/pap/main/config/WebSecurityConfig.java b/main/src/main/java/org/onap/policy/pap/main/config/WebSecurityConfig.java index 4c344405..7d854598 100644 --- a/main/src/main/java/org/onap/policy/pap/main/config/WebSecurityConfig.java +++ b/main/src/main/java/org/onap/policy/pap/main/config/WebSecurityConfig.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2021 Bell Canada. All rights reserved. + * Modifications Copyright (C) 2023 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,20 +21,30 @@ package org.onap.policy.pap.main.config; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.SecurityFilterChain; +/** + * Configure how access to this module's REST end points is secured. + */ @Configuration -@EnableWebSecurity -public class WebSecurityConfig extends WebSecurityConfigurerAdapter { - - @Override - protected void configure(HttpSecurity http) throws Exception { - http.authorizeRequests().antMatchers().authenticated().anyRequest().authenticated().and().httpBasic(); - // disable csrf as the endpoints are meant for non browser clients - http.csrf().disable(); +public class WebSecurityConfig { + /** + * Return the configuration of how access to this module's REST end points is secured. + * + * @param http the HTTP security settings + * @return the HTTP security settings + */ + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http + .httpBasic() + .and() + .authorizeHttpRequests().anyRequest().authenticated() + .and() + .csrf().disable(); + return http.build(); } - -} +}
\ No newline at end of file diff --git a/main/src/main/java/org/onap/policy/pap/main/service/PdpStatisticsService.java b/main/src/main/java/org/onap/policy/pap/main/service/PdpStatisticsService.java index db340041..eba34f30 100644 --- a/main/src/main/java/org/onap/policy/pap/main/service/PdpStatisticsService.java +++ b/main/src/main/java/org/onap/policy/pap/main/service/PdpStatisticsService.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START======================================================= - * Copyright (C) 2022 Bell Canada. All rights reserved. + * Copyright (C) 2022 Bell Canada. All rights reserved. + * Modifications Copyright (C) 2023 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -101,6 +102,7 @@ public class PdpStatisticsService { List<PdpStatistics> pdpStatistics = new ArrayList<>(pdpStatisticsList.size()); for (PdpStatistics pdpStatisticsItem : pdpStatisticsList) { + @SuppressWarnings("deprecation") var jpaPdpStatistics = pdpStatisticsRepository.getById(pdpStatisticsItem.getGeneratedId()); pdpStatistics.add(jpaPdpStatistics.toAuthorative()); } diff --git a/main/src/test/java/org/onap/policy/pap/main/comm/CommonRequestBase.java b/main/src/test/java/org/onap/policy/pap/main/comm/CommonRequestBase.java index 2a4cdc4c..7fe1360f 100644 --- a/main/src/test/java/org/onap/policy/pap/main/comm/CommonRequestBase.java +++ b/main/src/test/java/org/onap/policy/pap/main/comm/CommonRequestBase.java @@ -3,7 +3,7 @@ * ONAP PAP * ================================================================================ * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. - * Modifications Copyright (C) 2021-2022 Nordix Foundation. + * Modifications Copyright (C) 2021-2023 Nordix Foundation. * Modifications Copyright (C) 2022 Bell Canada. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); @@ -23,7 +23,7 @@ package org.onap.policy.pap.main.comm; import static org.mockito.ArgumentMatchers.any; -import static org.mockito.Mockito.doAnswer; +import static org.mockito.Mockito.lenient; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; @@ -112,20 +112,20 @@ public class CommonRequestBase { listener = mock(RequestListener.class); PdpParameters pdpParams = mock(PdpParameters.class); - doAnswer((Answer<Object>) invocation -> { + lenient().doAnswer((Answer<Object>) invocation -> { queue.add(invocation.getArgument(0, QueueToken.class)); return null; }).when(publisher).enqueue(any()); - when(timers.register(any(), any())).thenReturn(timer); + lenient().when(timers.register(any(), any())).thenReturn(timer); PdpStateChangeParameters stateParams = mock(PdpStateChangeParameters.class); - when(stateParams.getMaxRetryCount()).thenReturn(RETRIES); - when(pdpParams.getStateChangeParameters()).thenReturn(stateParams); + lenient().when(stateParams.getMaxRetryCount()).thenReturn(RETRIES); + lenient().when(pdpParams.getStateChangeParameters()).thenReturn(stateParams); PdpUpdateParameters updateParams = mock(PdpUpdateParameters.class); - when(updateParams.getMaxRetryCount()).thenReturn(RETRIES); - when(pdpParams.getUpdateParameters()).thenReturn(updateParams); + lenient().when(updateParams.getMaxRetryCount()).thenReturn(RETRIES); + lenient().when(pdpParams.getUpdateParameters()).thenReturn(updateParams); reqParams = new RequestParams().setMaxRetryCount(RETRIES).setModifyLock(lock).setPdpPublisher(publisher) .setResponseDispatcher(dispatcher).setTimers(timers); diff --git a/main/src/test/java/org/onap/policy/pap/main/comm/PdpModifyRequestMapTest.java b/main/src/test/java/org/onap/policy/pap/main/comm/PdpModifyRequestMapTest.java index 6ff989cd..40284496 100644 --- a/main/src/test/java/org/onap/policy/pap/main/comm/PdpModifyRequestMapTest.java +++ b/main/src/test/java/org/onap/policy/pap/main/comm/PdpModifyRequestMapTest.java @@ -3,7 +3,7 @@ * ONAP PAP * ================================================================================ * Copyright (C) 2019, 2021 AT&T Intellectual Property. All rights reserved. - * Modifications Copyright (C) 2020-2021 Nordix Foundation. + * Modifications Copyright (C) 2020-2021,2023 Nordix Foundation. * Modifications Copyright (C) 2022 Bell Canada. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); @@ -73,7 +73,7 @@ import org.onap.policy.pap.main.comm.msgdata.RequestListener; import org.onap.policy.pap.main.parameters.PdpModifyRequestMapParams; import org.onap.policy.pap.main.service.PdpGroupService; import org.onap.policy.pap.main.service.PolicyStatusService; -import org.powermock.reflect.Whitebox; +import org.springframework.test.util.ReflectionTestUtils; @RunWith(MockitoJUnitRunner.class) public class PdpModifyRequestMapTest extends CommonRequestBase { @@ -148,8 +148,8 @@ public class PdpModifyRequestMapTest extends CommonRequestBase { @Test public void testPdpModifyRequestMap() { - assertSame(mapParams, Whitebox.getInternalState(map, "params")); - assertSame(lock, Whitebox.getInternalState(map, "modifyLock")); + assertSame(mapParams, ReflectionTestUtils.getField(map, "params")); + assertSame(lock, ReflectionTestUtils.getField(map, "modifyLock")); } @Test @@ -726,7 +726,7 @@ public class PdpModifyRequestMapTest extends CommonRequestBase { * @return the request's listener */ private RequestListener getListener(Request request) { - return Whitebox.getInternalState(request, "listener"); + return (RequestListener) ReflectionTestUtils.getField(request, "listener"); } private PdpGroup makeGroup(String name) { diff --git a/main/src/test/java/org/onap/policy/pap/main/comm/msgdata/UpdateReqTest.java b/main/src/test/java/org/onap/policy/pap/main/comm/msgdata/UpdateReqTest.java index 6ea874d8..53e78e52 100644 --- a/main/src/test/java/org/onap/policy/pap/main/comm/msgdata/UpdateReqTest.java +++ b/main/src/test/java/org/onap/policy/pap/main/comm/msgdata/UpdateReqTest.java @@ -3,7 +3,7 @@ * ONAP PAP * ================================================================================ * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. - * Modifications Copyright (C) 2021 Nordix Foundation. + * Modifications Copyright (C) 2021,2023 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -42,6 +42,8 @@ import java.util.TreeSet; import java.util.stream.Collectors; import org.junit.Before; import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.junit.MockitoJUnitRunner; import org.onap.policy.models.pdp.concepts.PdpStateChange; import org.onap.policy.models.pdp.concepts.PdpStatus; import org.onap.policy.models.pdp.concepts.PdpUpdate; @@ -49,6 +51,7 @@ import org.onap.policy.models.tosca.authorative.concepts.ToscaConceptIdentifier; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.pap.main.comm.CommonRequestBase; +@RunWith(MockitoJUnitRunner.class) public class UpdateReqTest extends CommonRequestBase { private UpdateReq data; @@ -60,6 +63,7 @@ public class UpdateReqTest extends CommonRequestBase { * * @throws Exception if an error occurs */ + @Override @Before public void setUp() throws Exception { super.setUp(); diff --git a/main/src/test/java/org/onap/policy/pap/main/rest/CommonPapRestServer.java b/main/src/test/java/org/onap/policy/pap/main/rest/CommonPapRestServer.java index 96e36df1..ca81ab7d 100644 --- a/main/src/test/java/org/onap/policy/pap/main/rest/CommonPapRestServer.java +++ b/main/src/test/java/org/onap/policy/pap/main/rest/CommonPapRestServer.java @@ -1,6 +1,6 @@ /* * ============LICENSE_START======================================================= - * Copyright (C) 2019 Nordix Foundation. + * Copyright (C) 2019,2023 Nordix Foundation. * Modifications Copyright (C) 2019, 2021 AT&T Intellectual Property. * Modifications Copyright (C) 2021-2022 Bell Canada. All rights reserved. * ================================================================================ @@ -55,14 +55,14 @@ import org.onap.policy.pap.main.PapConstants; import org.onap.policy.pap.main.PolicyPapApplication; import org.onap.policy.pap.main.parameters.CommonTestData; import org.onap.policy.pap.main.startstop.PapActivator; -import org.powermock.reflect.Whitebox; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; +import org.springframework.boot.test.web.server.LocalServerPort; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; import org.springframework.test.context.DynamicPropertyRegistry; import org.springframework.test.context.DynamicPropertySource; import org.springframework.test.context.junit4.SpringRunner; +import org.springframework.test.util.ReflectionTestUtils; /** * Class to perform unit test of {@link PapRestControllerV1}. @@ -174,8 +174,8 @@ public abstract class CommonPapRestServer { } private void markActivator(boolean wasAlive) { - Object manager = Whitebox.getInternalState(papActivator, "serviceManager"); - AtomicBoolean running = Whitebox.getInternalState(manager, "running"); + Object manager = ReflectionTestUtils.getField(papActivator, "serviceManager"); + AtomicBoolean running = (AtomicBoolean) ReflectionTestUtils.getField(manager, "running"); running.set(wasAlive); } diff --git a/main/src/test/java/org/onap/policy/pap/main/rest/TestActuatorEndpoints.java b/main/src/test/java/org/onap/policy/pap/main/rest/TestActuatorEndpoints.java index 06875556..3fdb1f42 100644 --- a/main/src/test/java/org/onap/policy/pap/main/rest/TestActuatorEndpoints.java +++ b/main/src/test/java/org/onap/policy/pap/main/rest/TestActuatorEndpoints.java @@ -1,6 +1,6 @@ /* * ============LICENSE_START======================================================= - * Copyright (C) 2022 Nordix Foundation. + * Copyright (C) 2022-2023 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -34,10 +34,7 @@ import org.onap.policy.common.utils.services.Registry; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.test.context.TestConfiguration; -import org.springframework.core.annotation.Order; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; @@ -72,25 +69,18 @@ public class TestActuatorEndpoints { @Test public void testMetricsEndpoint() throws Exception { - mock.perform(get("/plain-metrics")).andDo(print()) + mock.perform(get("/plain-metrics").with(SecurityMockMvcRequestPostProcessors.httpBasic( + "policyAdmin", "zb!XztG34"))) + .andDo(print()) .andExpect(status().isOk()) .andExpect(jsonPath("$").isNotEmpty()); } @Test public void testPrometheusEndpoint() throws Exception { - mock.perform(get("/metrics")).andDo(print()) + mock.perform(get("/metrics").with(SecurityMockMvcRequestPostProcessors.httpBasic("policyAdmin", "zb!XztG34"))) + .andDo(print()) .andExpect(status().isOk()) .andExpect(jsonPath("$").isNotEmpty()); } - - @TestConfiguration - @Order(1) - public static class TestSecurityConfig extends WebSecurityConfigurerAdapter { - @Override - protected void configure(HttpSecurity httpSecurity) throws Exception { - httpSecurity.csrf().disable() - .authorizeRequests().anyRequest().permitAll(); - } - } } diff --git a/main/src/test/java/org/onap/policy/pap/main/rest/TestProviderBase.java b/main/src/test/java/org/onap/policy/pap/main/rest/TestProviderBase.java index 434863b5..d969c565 100644 --- a/main/src/test/java/org/onap/policy/pap/main/rest/TestProviderBase.java +++ b/main/src/test/java/org/onap/policy/pap/main/rest/TestProviderBase.java @@ -3,7 +3,7 @@ * ONAP PAP * ================================================================================ * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. - * Modifications Copyright (C) 2021 Nordix Foundation. + * Modifications Copyright (C) 2021,2023 Nordix Foundation. * Modifications Copyright (C) 2021-2022 Bell Canada. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); @@ -51,7 +51,7 @@ import org.onap.policy.models.tosca.authorative.concepts.ToscaConceptIdentifier; import org.onap.policy.models.tosca.authorative.concepts.ToscaConceptIdentifierOptVersion; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.pap.main.PapConstants; -import org.powermock.reflect.Whitebox; +import org.springframework.test.util.ReflectionTestUtils; public class TestProviderBase extends ProviderSuper { private static final String EXPECTED_EXCEPTION = "expected exception"; @@ -92,8 +92,8 @@ public class TestProviderBase extends ProviderSuper { @Test public void testProviderBase() { - assertSame(lockit, Whitebox.getInternalState(prov, "updateLock")); - assertSame(reqmap, Whitebox.getInternalState(prov, "requestMap")); + assertSame(lockit, ReflectionTestUtils.getField(prov, "updateLock")); + assertSame(reqmap, ReflectionTestUtils.getField(prov, "requestMap")); } @Test |