summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDominik Mizyn <d.mizyn@samsung.com>2019-07-15 14:03:18 +0200
committerDominik Mizyn <d.mizyn@samsung.com>2019-07-15 14:04:35 +0200
commitcaa971f0393d349985878a085e3519782335ac1f (patch)
tree1e13946cde3a14cfd3a4cf7e1bebbe2b12185d9e
parentb8a540c2aa08175b2d4c144c6a27d774c8e76acb (diff)
XSS Vulnerability fix in ExternalAccessRolesControllerDashboardController
Custom data validator used to fix this issue. Issue-ID: OJSI-15 Change-Id: I9a978846ffc50d840a676b994aa4fb89248b5372 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java97
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java161
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java2
-rw-r--r--ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperControllerTest.java82
-rw-r--r--ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java306
5 files changed, 436 insertions, 212 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java
index 9ca88c0f..969605ce 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java
@@ -46,6 +46,8 @@ import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Optional;
+import java.util.concurrent.atomic.AtomicReference;
import java.util.jar.Attributes;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -226,22 +228,24 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
@RequestMapping(value = { "/v3/roleFunction" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> saveRoleFunction(HttpServletRequest request, HttpServletResponse response,
@RequestBody String roleFunc) throws Exception {
- PortalRestResponse<String> result = null;
-
if (roleFunc!=null){
SecureString secureRoleFunc = new SecureString(roleFunc);
if(!dataValidator.isValid(secureRoleFunc))
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Provided data is not valid", "Failed");
}
-
+ Optional<PortalRestResponse<String>> result = null;
Map<String, Object> res = getMethod(request, response);
try {
- result = (PortalRestResponse<String>) invokeMethod(res, request, response, roleFunc);
- return result;
+ result = Optional.ofNullable((PortalRestResponse<String>) invokeMethod(res, request, response));
+ if (!result.isPresent()){
+ logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction failed", new Exception("saveRoleFunction failed"));
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "saveRoleFunction failed", "Failed");
+ }
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction failed", e);
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
}
+ return result.get();
}
@SuppressWarnings("unchecked")
@@ -279,7 +283,7 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
return result;
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "deleteRole failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
}
}
@@ -413,16 +417,19 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
"/v3/upload/portal/functions" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> bulkUploadFunctions(HttpServletRequest request, HttpServletResponse response)
throws Exception {
- PortalRestResponse<String> result = null;
+ Optional<PortalRestResponse<String>> result = null;
Map<String, Object> res = getMethod(request, response);
try {
- result = (PortalRestResponse<String>) invokeMethod(res, request, response);
- return result;
+ result = Optional.ofNullable((PortalRestResponse<String>) invokeMethod(res, request, response));
+ if (!result.isPresent()){
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to bulkUploadFunctions", new Exception("Failed to bulkUploadFunctions"));
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadFunctions", "Failed");
+ }
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadFunctions failed", e);
return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
}
-
+ return result.get();
}
@SuppressWarnings("unchecked")
@@ -430,11 +437,15 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
@RequestMapping(value = { "/v3/upload/portal/roles" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> bulkUploadRoles(HttpServletRequest request, HttpServletResponse response)
throws Exception {
- PortalRestResponse<String> result = null;
+ Optional<PortalRestResponse<String>> result;
Map<String, Object> res = getMethod(request, response);
try {
- result = (PortalRestResponse<String>) invokeMethod(res, request, response);
- return result;
+ result = Optional.ofNullable((PortalRestResponse<String>) invokeMethod(res, request, response));
+ if (!result.isPresent()){
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to bulkUploadRoles", new Exception("Failed to bulkUploadRoles"));
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed");
+ }
+ return result.get();
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles failed", e);
return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
@@ -447,11 +458,15 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
"/v3/upload/portal/roleFunctions" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> bulkUploadRoleFunctions(HttpServletRequest request, HttpServletResponse response)
throws Exception {
- PortalRestResponse<String> result = null;
+ Optional<PortalRestResponse<String>> result;
Map<String, Object> res = getMethod(request, response);
try {
- result = (PortalRestResponse<String>) invokeMethod(res, request, response);
- return result;
+ result = Optional.ofNullable((PortalRestResponse<String>) invokeMethod(res, request, response));
+ if (!result.isPresent()){
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to bulkUploadRoleFunctions", new Exception("Failed to bulkUploadRoleFunctions"));
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoleFunctions", "Failed");
+ }
+ return result.get();
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoleFunctions failed", e);
return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
@@ -464,11 +479,15 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
"/v3/upload/portal/userRoles" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> bulkUploadUserRoles(HttpServletRequest request, HttpServletResponse response)
throws Exception {
- PortalRestResponse<String> result = null;
+ Optional<PortalRestResponse<String>> result;
Map<String, Object> res = getMethod(request, response);
try {
- result = (PortalRestResponse<String>) invokeMethod(res, request, response);
- return result;
+ result = Optional.ofNullable((PortalRestResponse<String>) invokeMethod(res, request, response));
+ if (!result.isPresent()){
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to bulkUploadUserRoles", new Exception("Failed to bulkUploadUserRoles"));
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUserRoles", "Failed");
+ }
+ return result.get();
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadUserRoles failed", e);
return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
@@ -482,11 +501,15 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
"/v3/upload/portal/userRole/{roleId}" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> bulkUploadUsersSingleRole(HttpServletRequest request,
HttpServletResponse response, @PathVariable Long roleId) throws Exception {
- PortalRestResponse<String> result = null;
+ Optional<PortalRestResponse<String>> result = null;
Map<String, Object> res = getMethod(request, response);
try {
- result = (PortalRestResponse<String>) invokeMethod(res, request, response, roleId);
- return result;
+ result = Optional.ofNullable((PortalRestResponse<String>) invokeMethod(res, request, response));
+ if (!result.isPresent()){
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to bulkUploadUsersSingleRole", new Exception("Failed to bulkUploadUsersSingleRole"));
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUsersSingleRole", "Failed");
+ }
+ return result.get();
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadUsersSingleRole failed", e);
return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
@@ -499,11 +522,15 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
"/v3/upload/partner/functions" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> bulkUploadPartnerFunctions(HttpServletRequest request,
HttpServletResponse response) throws Exception {
- PortalRestResponse<String> result = null;
+ Optional<PortalRestResponse<String>> result = null;
Map<String, Object> res = getMethod(request, response);
try {
- result = (PortalRestResponse<String>) invokeMethod(res, request, response);
- return result;
+ result = Optional.ofNullable((PortalRestResponse<String>) invokeMethod(res, request, response));
+ if (!result.isPresent()){
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to bulkUploadPartnerRoleFunctions", new Exception("Failed to bulkUploadPartnerRoleFunctions"));
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadPartnerRoleFunctions", "Failed");
+ }
+ return result.get();
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerFunctions failed", e);
return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
@@ -516,11 +543,15 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
@RequestMapping(value = { "/v3/upload/partner/roles" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> bulkUploadPartnerRoles(HttpServletRequest request, HttpServletResponse response,
@RequestBody List<Role> upload) throws Exception {
- PortalRestResponse<String> result = null;
+ Optional<PortalRestResponse<String>> result = null;
Map<String, Object> res = getMethod(request, response);
try {
- result = (PortalRestResponse<String>) invokeMethod(res, request, response, upload);
- return result;
+ result = Optional.ofNullable((PortalRestResponse<String>) invokeMethod(res, request, response));
+ if (!result.isPresent()){
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to bulkUploadRoles", new Exception("Failed to bulkUploadRoles"));
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed");
+ }
+ return result.get();
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerRoles failed", e);
return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
@@ -533,11 +564,15 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
"/v3/upload/partner/roleFunctions" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> bulkUploadPartnerRoleFunctions(HttpServletRequest request,
HttpServletResponse response) throws Exception {
- PortalRestResponse<String> result = null;
+ Optional<PortalRestResponse<String>> result = null;
Map<String, Object> res = getMethod(request, response);
try {
- result = (PortalRestResponse<String>) invokeMethod(res, request, response);
- return result;
+ result = Optional.ofNullable((PortalRestResponse<String>) invokeMethod(res, request, response));
+ if (!result.isPresent()){
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to bulkUploadPartnerRoleFunctions", new Exception("Failed to bulkUploadPartnerRoleFunctions"));
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadPartnerRoleFunctions", "Failed");
+ }
+ return result.get();
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerRoleFunctions failed", e);
return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
index 5f6818f1..46493d86 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
@@ -69,6 +69,8 @@ import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator;
import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
import org.onap.portalapp.portal.utils.EcompPortalUtils;
import org.onap.portalapp.portal.utils.PortalConstants;
+import org.onap.portalapp.validation.DataValidator;
+import org.onap.portalapp.validation.SecureString;
import org.onap.portalsdk.core.domain.AuditLog;
import org.onap.portalsdk.core.domain.Role;
import org.onap.portalsdk.core.domain.User;
@@ -76,7 +78,6 @@ import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.restful.domain.EcompUser;
import org.onap.portalsdk.core.service.AuditService;
-import org.onap.portalsdk.core.service.UserService;
import org.onap.portalsdk.core.service.UserServiceCentalizedImpl;
import org.onap.portalsdk.core.util.SystemProperties;
import org.onap.portalsdk.core.web.support.UserUtils;
@@ -90,7 +91,6 @@ import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.client.RestTemplate;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
@@ -104,36 +104,39 @@ import io.swagger.annotations.ApiOperation;
@EnableAspectJAutoProxy
@EPAuditLog
public class ExternalAccessRolesController implements BasicAuthenticationController {
-
private static final String ROLE_INVALID_CHARS = "%=():,\"\"";
-
private static final String SUCCESSFULLY_DELETED = "Successfully Deleted";
-
private static final String INVALID_UEB_KEY = "Invalid credentials!";
-
private static final String LOGIN_ID = "LoginId";
-
- RestTemplate template = new RestTemplate();
-
- @Autowired
- private AuditService auditService;
-
private static final String UEBKEY = "uebkey";
- private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesController.class);
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesController.class);
+ private static final DataValidator DATA_VALIDATOR = new DataValidator();
- @Autowired
+ private AuditService auditService;
private ExternalAccessRolesService externalAccessRolesService;
+ private UserServiceCentalizedImpl userservice;
@Autowired
- private UserService userservice = new UserServiceCentalizedImpl();
+ public ExternalAccessRolesController(AuditService auditService,
+ ExternalAccessRolesService externalAccessRolesService,
+ UserServiceCentalizedImpl userservice) {
+ this.auditService = auditService;
+ this.externalAccessRolesService = externalAccessRolesService;
+ this.userservice = userservice;
+ }
+
@ApiOperation(value = "Gets user role for an application.", response = CentralUser.class, responseContainer="List")
@RequestMapping(value = {
"/user/{loginId}" }, method = RequestMethod.GET, produces = "application/json")
public CentralUser getUser(HttpServletRequest request, HttpServletResponse response,
@PathVariable("loginId") String loginId) throws Exception {
-
+ if (!DATA_VALIDATOR.isValid(new SecureString(loginId))){
+ sendErrorResponse(response, new Exception("Data is not valid"));
+ logger.error(EELFLoggerDelegate.errorLogger, "getUser not valid data");
+ return null;
+ }
CentralUser answer = null;
try {
fieldsValidation(request);
@@ -150,6 +153,11 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
"/v1/user/{loginId}" }, method = RequestMethod.GET, produces = "application/json")
public String getV2UserList(HttpServletRequest request, HttpServletResponse response,
@PathVariable("loginId") String loginId) throws Exception {
+ if (!DATA_VALIDATOR.isValid(new SecureString(loginId))){
+ sendErrorResponse(response, new Exception("Data is not valid"));
+ logger.error(EELFLoggerDelegate.errorLogger, "getV2UserList not valid data");
+ return "Data is not valid";
+ }
String answer = null;
try {
fieldsValidation(request);
@@ -300,6 +308,10 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
@PathVariable("code") String code) throws Exception {
CentralV2RoleFunction centralV2RoleFunction = null;
CentralRoleFunction centralRoleFunction = new CentralRoleFunction();
+ if(!DATA_VALIDATOR.isValid(new SecureString(code))){
+ sendErrorResponse(response, new Exception("Data is not valid"));
+ logger.error(EELFLoggerDelegate.errorLogger, "getRoleFunction failed", new Exception("Data is not valid"));
+ }
try {
fieldsValidation(request);
centralV2RoleFunction = externalAccessRolesService.getRoleFunction(code, request.getHeader(UEBKEY));
@@ -318,6 +330,10 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
public CentralV2RoleFunction getV2RoleFunction(HttpServletRequest request, HttpServletResponse response,
@PathVariable("code") String code) throws Exception {
CentralV2RoleFunction centralV2RoleFunction = null;
+ if(!DATA_VALIDATOR.isValid(new SecureString(code))){
+ sendErrorResponse(response, new Exception("Data is not valid"));
+ logger.error(EELFLoggerDelegate.errorLogger, "getV2RoleFunction failed", new Exception("Data is not valid"));
+ }
try {
fieldsValidation(request);
centralV2RoleFunction = externalAccessRolesService.getRoleFunction(code, request.getHeader(UEBKEY));
@@ -334,16 +350,20 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
@ApiOperation(value = "Saves role function for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/roleFunction" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> saveRoleFunction(HttpServletRequest request, HttpServletResponse response,
- @RequestBody String roleFunc) throws Exception {
+ @RequestBody String roleFunc) {
String status = "Successfully saved!";
+ if(!DATA_VALIDATOR.isValid(new SecureString(roleFunc))){
+ logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
+ "Failed to roleFunc, not valid data.", "Failed");
+ }
try {
fieldsValidation(request);
- String data = roleFunc;
- ObjectMapper mapper = new ObjectMapper();
+ ObjectMapper mapper = new ObjectMapper();
List<EPApp> applicationList = externalAccessRolesService.getApp(request.getHeader(UEBKEY));
EPApp requestedApp = applicationList.get(0);
mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
- CentralV2RoleFunction availableRoleFunction = mapper.readValue(data, CentralV2RoleFunction.class);
+ CentralV2RoleFunction availableRoleFunction = mapper.readValue(roleFunc, CentralV2RoleFunction.class);
CentralV2RoleFunction domainRoleFunction = null;
boolean isCentralV2Version = false;
if(availableRoleFunction.getType()!=null && availableRoleFunction.getAction()!= null) {
@@ -405,8 +425,8 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
MDC.remove(SystemProperties.MDC_TIMER);
} else {
logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction failed");
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR,
- "Failed to saveRoleFunction for '" + availableRoleFunction.getCode() + "'", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
+ "Failed to saveRoleFunction for '" + availableRoleFunction.getCode() + "'", "Failed");
}
} catch (Exception e) {
if (e.getMessage() == null ||e.getMessage().contains(INVALID_UEB_KEY)) {
@@ -415,15 +435,20 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, status, "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, status, "Success");
}
@ApiOperation(value = "Deletes role function for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/roleFunction/{code}" }, method = RequestMethod.DELETE, produces = "application/json")
public PortalRestResponse<String> deleteRoleFunction(HttpServletRequest request, HttpServletResponse response,
- @PathVariable("code") String code) throws Exception {
+ @PathVariable("code") String code) {
+ if(!DATA_VALIDATOR.isValid(new SecureString(code))){
+ logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunction failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
+ "Failed to deleteRoleFunction, not valid data.", "Failed");
+ }
try {
fieldsValidation(request);
EPUser user = externalAccessRolesService.getUser(request.getHeader(LOGIN_ID)).get(0);
@@ -454,8 +479,8 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
MDC.remove(SystemProperties.MDC_TIMER);
} else {
logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunction failed");
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR,
- "Failed to deleteRoleFunction for '" + code + "'", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
+ "Failed to deleteRoleFunction for '" + code + "'", "Failed");
}
} catch (Exception e) {
if (e.getMessage().contains(INVALID_UEB_KEY)) {
@@ -473,7 +498,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
@ApiOperation(value = "Saves role for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/role" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> saveRole(HttpServletRequest request, HttpServletResponse response,
- @RequestBody Role role) throws Exception {
+ @RequestBody Role role) {
try {
fieldsValidation(request);
ExternalRequestFieldsValidator saveRoleResult = null;
@@ -526,15 +551,20 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
logger.error(EELFLoggerDelegate.errorLogger, "saveRole failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully Saved", "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully Saved", "Success");
}
@ApiOperation(value = "Deletes role for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/deleteRole/{code}" }, method = RequestMethod.DELETE, produces = "application/json")
public PortalRestResponse<String> deleteRole(HttpServletRequest request, HttpServletResponse response,
- @PathVariable String code) throws Exception {
+ @PathVariable String code) {
+ if(!DATA_VALIDATOR.isValid(new SecureString(code))){
+ logger.error(EELFLoggerDelegate.errorLogger, "deleteRole failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
+ "Failed to deleteRole, not valid data.", "Failed");
+ }
try {
fieldsValidation(request);
boolean deleteResponse = externalAccessRolesService.deleteRoleForApplication(code,
@@ -566,8 +596,8 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
MDC.remove(SystemProperties.MDC_TIMER);
} else {
logger.error(EELFLoggerDelegate.errorLogger, "deleteRole failed");
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR,
- "Failed to deleteRole for '" + code + "'", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
+ "Failed to deleteRole for '" + code + "'", "Failed");
}
} catch (Exception e) {
if (e.getMessage().contains(INVALID_UEB_KEY)) {
@@ -576,9 +606,9 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
}
logger.error(EELFLoggerDelegate.errorLogger, "deleteRole failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, SUCCESSFULLY_DELETED, "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, SUCCESSFULLY_DELETED, "Success");
}
@ApiOperation(value = "Gets active roles for an application.", response = CentralRole.class, responseContainer = "Json")
@@ -615,7 +645,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
@ApiOperation(value = "deletes user roles for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/deleteDependcyRoleRecord/{roleId}" }, method = RequestMethod.DELETE, produces = "application/json")
public PortalRestResponse<String> deleteDependencyRoleRecord(HttpServletRequest request, HttpServletResponse response,
- @PathVariable("roleId") Long roleId) throws Exception {
+ @PathVariable("roleId") Long roleId) {
ExternalRequestFieldsValidator removeResult = null;
try {
fieldsValidation(request);
@@ -642,7 +672,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
@ApiOperation(value = "deletes roles for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/v2/deleteRole/{roleId}" }, method = RequestMethod.DELETE, produces = "application/json")
public PortalRestResponse<String> deleteRole(HttpServletRequest request, HttpServletResponse response,
- @PathVariable("roleId") Long roleId) throws Exception {
+ @PathVariable("roleId") Long roleId) {
ExternalRequestFieldsValidator removeResult = null;
try {
fieldsValidation(request);
@@ -668,63 +698,63 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
@ApiOperation(value = "Bulk upload functions for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/upload/portal/functions" }, method = RequestMethod.POST, produces = "application/json")
- public PortalRestResponse<String> bulkUploadFunctions(HttpServletRequest request, HttpServletResponse response) throws Exception {
+ public PortalRestResponse<String> bulkUploadFunctions(HttpServletRequest request, HttpServletResponse response) {
Integer result = 0;
try {
result = externalAccessRolesService.bulkUploadFunctions(request.getHeader(UEBKEY));
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadFunctions failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadFunctions", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadFunctions", "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success");
}
@ApiOperation(value = "Bulk upload roles for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/upload/portal/roles" }, method = RequestMethod.POST, produces = "application/json")
- public PortalRestResponse<String> bulkUploadRoles(HttpServletRequest request, HttpServletResponse response) throws Exception {
+ public PortalRestResponse<String> bulkUploadRoles(HttpServletRequest request, HttpServletResponse response) {
Integer result = 0;
try {
result = externalAccessRolesService.bulkUploadRoles(request.getHeader(UEBKEY));
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success");
}
@ApiOperation(value = "Bulk upload role functions for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/upload/portal/roleFunctions" }, method = RequestMethod.POST, produces = "application/json")
- public PortalRestResponse<String> bulkUploadRoleFunctions(HttpServletRequest request, HttpServletResponse response) throws Exception {
+ public PortalRestResponse<String> bulkUploadRoleFunctions(HttpServletRequest request, HttpServletResponse response) {
Integer result = 0;
try {
result = externalAccessRolesService.bulkUploadRolesFunctions(request.getHeader(UEBKEY));
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoleFunctions failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoleFunctions", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoleFunctions", "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success");
}
@ApiOperation(value = "Bulk upload user roles for an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/upload/portal/userRoles" }, method = RequestMethod.POST, produces = "application/json")
- public PortalRestResponse<String> bulkUploadUserRoles(HttpServletRequest request, HttpServletResponse response) throws Exception {
+ public PortalRestResponse<String> bulkUploadUserRoles(HttpServletRequest request, HttpServletResponse response) {
Integer result = 0;
try {
result = externalAccessRolesService.bulkUploadUserRoles(request.getHeader(UEBKEY));
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadUserRoles failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUserRoles", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUserRoles", "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success");
}
@ApiOperation(value = "Bulk upload users for renamed role of an application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/upload/portal/userRole/{roleId}" }, method = RequestMethod.POST, produces = "application/json")
- public PortalRestResponse<String> bulkUploadUsersSingleRole(HttpServletRequest request, HttpServletResponse response, @PathVariable Long roleId) throws Exception {
+ public PortalRestResponse<String> bulkUploadUsersSingleRole(HttpServletRequest request, HttpServletResponse response, @PathVariable Long roleId) {
Integer result = 0;
try {
String roleName = request.getHeader("RoleName");
@@ -732,50 +762,53 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadUsersSingleRole failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUsersSingleRole", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUsersSingleRole", "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success");
}
@ApiOperation(value = "Bulk upload functions for an partner application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/upload/partner/functions" }, method = RequestMethod.POST, produces = "application/json")
- public PortalRestResponse<String> bulkUploadPartnerFunctions(HttpServletRequest request, HttpServletResponse response) throws Exception {
+ public PortalRestResponse<String> bulkUploadPartnerFunctions(HttpServletRequest request, HttpServletResponse response) {
Integer addedFunctions = 0;
try {
addedFunctions = externalAccessRolesService.bulkUploadPartnerFunctions(request.getHeader(UEBKEY));
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadFunctions failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadFunctions", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadFunctions", "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: '"+addedFunctions+"' functions", "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK,
+ "Successfully added: '" + addedFunctions + "' functions", "Success");
}
@ApiOperation(value = "Bulk upload roles for an partner application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/upload/partner/roles" }, method = RequestMethod.POST, produces = "application/json")
- public PortalRestResponse<String> bulkUploadPartnerRoles(HttpServletRequest request, HttpServletResponse response, @RequestBody List<Role> upload) throws Exception {
+ public PortalRestResponse<String> bulkUploadPartnerRoles(HttpServletRequest request, HttpServletResponse response, @RequestBody List<Role> upload) {
try {
externalAccessRolesService.bulkUploadPartnerRoles(request.getHeader(UEBKEY), upload);
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added", "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added", "Success");
}
@ApiOperation(value = "Bulk upload role functions for an partner application.", response = PortalRestResponse.class, responseContainer = "Json")
@RequestMapping(value = { "/upload/partner/roleFunctions" }, method = RequestMethod.POST, produces = "application/json")
- public PortalRestResponse<String> bulkUploadPartnerRoleFunctions(HttpServletRequest request, HttpServletResponse response) throws Exception {
+ public PortalRestResponse<String> bulkUploadPartnerRoleFunctions(HttpServletRequest request, HttpServletResponse response) {
Integer addedRoleFunctions = 0;
try {
addedRoleFunctions = externalAccessRolesService.bulkUploadPartnerRoleFunctions(request.getHeader(UEBKEY));
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerRoleFunctions failed", e);
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadPartnerRoleFunctions", "Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadPartnerRoleFunctions",
+ "Failed");
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: '"+addedRoleFunctions + "' role functions", "Success");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK,
+ "Successfully added: '" + addedRoleFunctions + "' role functions", "Success");
}
@ApiOperation(value = "Gets all functions along with global functions", response = List.class, responseContainer = "Json")
@@ -856,6 +889,10 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
@RequestMapping(value = { "/v2/user/{loginId}" }, method = RequestMethod.GET, produces = "application/json")
public String getEcompUser(HttpServletRequest request, HttpServletResponse response,
@PathVariable("loginId") String loginId) throws Exception {
+ if(!DATA_VALIDATOR.isValid(new SecureString(loginId))){
+ sendErrorResponse(response, new Exception("getEcompUser failed"));
+ logger.error(EELFLoggerDelegate.errorLogger, "getEcompUser failed", new Exception("getEcompUser failed"));
+ }
EcompUser user = new EcompUser();
ObjectMapper mapper = new ObjectMapper();
String answer = null;
@@ -868,7 +905,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
user = UserUtils.convertToEcompUser(ecompUser);
List<EcompRole> missingRolesOfUser = externalAccessRolesService.missingUserApplicationRoles(request.getHeader(UEBKEY), loginId, user.getRoles());
if (missingRolesOfUser.size() > 0) {
- Set<EcompRole> roles = new TreeSet<EcompRole>(missingRolesOfUser);
+ Set<EcompRole> roles = new TreeSet<>(missingRolesOfUser);
user.getRoles().addAll(roles);
}
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java
index c976629a..a319c6b3 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java
@@ -79,7 +79,7 @@ public class RolesController implements BasicAuthenticationController {
private ExternalAccessRolesService externalAccessRolesService;
@Autowired
- ExternalAccessRolesController externalAccessRolesController = new ExternalAccessRolesController();
+ ExternalAccessRolesController externalAccessRolesController;
@ApiOperation(value = "Gets roles for an application which is upgraded to newer version.", response = CentralV2Role.class, responseContainer = "Json")
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperControllerTest.java
index 5f49c744..8ef2d32a 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperControllerTest.java
@@ -466,11 +466,11 @@ public class AuxApiRequestMapperControllerTest {
PowerMockito.mockStatic(AopUtils.class);
Mockito.when(AopUtils.isAopProxy(Matchers.anyObject())).thenReturn(false);
Mockito.when(mockedRequest.getMethod()).thenReturn("POST");
- PortalRestResponse res = new PortalRestResponse();
- res.setStatus(PortalRestStatusEnum.ERROR);
- res.setMessage("Failed to bulkUploadFunctions");
- res.setResponse("Failed");
- assertEquals(res, auxApiRequestMapperController.bulkUploadFunctions(mockedRequest, mockedResponse));
+ PortalRestResponse expected = new PortalRestResponse();
+ expected.setStatus(PortalRestStatusEnum.ERROR);
+ expected.setMessage("Failed to bulkUploadFunctions");
+ expected.setResponse("Failed");
+ assertEquals(expected, auxApiRequestMapperController.bulkUploadFunctions(mockedRequest, mockedResponse));
}
@Test
@@ -483,11 +483,13 @@ public class AuxApiRequestMapperControllerTest {
PowerMockito.mockStatic(AopUtils.class);
Mockito.when(AopUtils.isAopProxy(Matchers.anyObject())).thenReturn(false);
Mockito.when(mockedRequest.getMethod()).thenReturn("POST");
- PortalRestResponse res = new PortalRestResponse();
- res.setStatus(PortalRestStatusEnum.ERROR);
- res.setMessage("Failed to bulkUploadRoles");
- res.setResponse("Failed");
- assertEquals(res, auxApiRequestMapperController.bulkUploadRoles(mockedRequest, mockedResponse));
+ PortalRestResponse expected = new PortalRestResponse();
+ expected.setStatus(PortalRestStatusEnum.ERROR);
+ expected.setMessage("Failed to bulkUploadRoles");
+ expected.setResponse("Failed");
+ PortalRestResponse actual = auxApiRequestMapperController.bulkUploadRoles(mockedRequest, mockedResponse);
+ System.out.println(actual.toString());
+ assertEquals(expected, actual);
}
@Test
@@ -500,11 +502,11 @@ public class AuxApiRequestMapperControllerTest {
PowerMockito.mockStatic(AopUtils.class);
Mockito.when(AopUtils.isAopProxy(Matchers.anyObject())).thenReturn(false);
Mockito.when(mockedRequest.getMethod()).thenReturn("POST");
- PortalRestResponse res = new PortalRestResponse();
- res.setStatus(PortalRestStatusEnum.ERROR);
- res.setMessage("Failed to bulkUploadRoleFunctions");
- res.setResponse("Failed");
- assertEquals(res, auxApiRequestMapperController.bulkUploadRoleFunctions(mockedRequest, mockedResponse));
+ PortalRestResponse expected = new PortalRestResponse();
+ expected.setStatus(PortalRestStatusEnum.ERROR);
+ expected.setMessage("Failed to bulkUploadRoleFunctions");
+ expected.setResponse("Failed");
+ assertEquals(expected, auxApiRequestMapperController.bulkUploadRoleFunctions(mockedRequest, mockedResponse));
}
@Test
@@ -517,11 +519,11 @@ public class AuxApiRequestMapperControllerTest {
PowerMockito.mockStatic(AopUtils.class);
Mockito.when(AopUtils.isAopProxy(Matchers.anyObject())).thenReturn(false);
Mockito.when(mockedRequest.getMethod()).thenReturn("POST");
- PortalRestResponse res = new PortalRestResponse();
- res.setStatus(PortalRestStatusEnum.ERROR);
- res.setMessage("Failed to bulkUploadUserRoles");
- res.setResponse("Failed");
- assertEquals(res, auxApiRequestMapperController.bulkUploadUserRoles(mockedRequest, mockedResponse));
+ PortalRestResponse expected = new PortalRestResponse();
+ expected.setStatus(PortalRestStatusEnum.ERROR);
+ expected.setMessage("Failed to bulkUploadUserRoles");
+ expected.setResponse("Failed");
+ assertEquals(expected, auxApiRequestMapperController.bulkUploadUserRoles(mockedRequest, mockedResponse));
}
@Test
@@ -534,11 +536,11 @@ public class AuxApiRequestMapperControllerTest {
PowerMockito.mockStatic(AopUtils.class);
Mockito.when(AopUtils.isAopProxy(Matchers.anyObject())).thenReturn(false);
Mockito.when(mockedRequest.getMethod()).thenReturn("POST");
- PortalRestResponse res = new PortalRestResponse();
- res.setStatus(PortalRestStatusEnum.ERROR);
- res.setMessage("Failed to bulkUploadUsersSingleRole");
- res.setResponse("Failed");
- assertEquals(res,
+ PortalRestResponse expected = new PortalRestResponse();
+ expected.setStatus(PortalRestStatusEnum.ERROR);
+ expected.setMessage("Failed to bulkUploadUsersSingleRole");
+ expected.setResponse("Failed");
+ assertEquals(expected,
auxApiRequestMapperController.bulkUploadUsersSingleRole(mockedRequest, mockedResponse, (long) 1));
}
@@ -552,11 +554,11 @@ public class AuxApiRequestMapperControllerTest {
PowerMockito.mockStatic(AopUtils.class);
Mockito.when(AopUtils.isAopProxy(Matchers.anyObject())).thenReturn(false);
Mockito.when(mockedRequest.getMethod()).thenReturn("POST");
- PortalRestResponse res = new PortalRestResponse();
- res.setStatus(PortalRestStatusEnum.ERROR);
- res.setMessage("Failed to bulkUploadPartnerRoleFunctions");
- res.setResponse("Failed");
- assertEquals(res, auxApiRequestMapperController.bulkUploadPartnerFunctions(mockedRequest, mockedResponse));
+ PortalRestResponse expected = new PortalRestResponse();
+ expected.setStatus(PortalRestStatusEnum.ERROR);
+ expected.setMessage("Failed to bulkUploadPartnerRoleFunctions");
+ expected.setResponse("Failed");
+ assertEquals(expected, auxApiRequestMapperController.bulkUploadPartnerFunctions(mockedRequest, mockedResponse));
}
@Test
@@ -570,11 +572,11 @@ public class AuxApiRequestMapperControllerTest {
Mockito.when(AopUtils.isAopProxy(Matchers.anyObject())).thenReturn(false);
Mockito.when(mockedRequest.getMethod()).thenReturn("POST");
List<Role> upload = new ArrayList<>();
- PortalRestResponse res = new PortalRestResponse();
- res.setStatus(PortalRestStatusEnum.ERROR);
- res.setMessage("Failed to bulkUploadRoles");
- res.setResponse("Failed");
- assertEquals(res, auxApiRequestMapperController.bulkUploadPartnerRoles(mockedRequest, mockedResponse, upload));
+ PortalRestResponse expected = new PortalRestResponse();
+ expected.setStatus(PortalRestStatusEnum.ERROR);
+ expected.setMessage("Failed to bulkUploadRoles");
+ expected.setResponse("Failed");
+ assertEquals(expected, auxApiRequestMapperController.bulkUploadPartnerRoles(mockedRequest, mockedResponse, upload));
}
@Test
@@ -587,11 +589,11 @@ public class AuxApiRequestMapperControllerTest {
PowerMockito.mockStatic(AopUtils.class);
Mockito.when(AopUtils.isAopProxy(Matchers.anyObject())).thenReturn(false);
Mockito.when(mockedRequest.getMethod()).thenReturn("POST");
- PortalRestResponse res = new PortalRestResponse();
- res.setStatus(PortalRestStatusEnum.ERROR);
- res.setMessage("Failed to bulkUploadPartnerRoleFunctions");
- res.setResponse("Failed");
- assertEquals(res, auxApiRequestMapperController.bulkUploadPartnerRoleFunctions(mockedRequest, mockedResponse));
+ PortalRestResponse expected = new PortalRestResponse();
+ expected.setStatus(PortalRestStatusEnum.ERROR);
+ expected.setMessage("Failed to bulkUploadPartnerRoleFunctions");
+ expected.setResponse("Failed");
+ assertEquals(expected, auxApiRequestMapperController.bulkUploadPartnerRoleFunctions(mockedRequest, mockedResponse));
}
@Test
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java
index b476a72d..3373ef92 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java
@@ -103,7 +103,7 @@ public class ExternalAccessRolesControllerTest {
@Mock
ExternalAccessRolesService externalAccessRolesService = new ExternalAccessRolesServiceImpl();
@InjectMocks
- ExternalAccessRolesController externalAccessRolesController = new ExternalAccessRolesController();
+ ExternalAccessRolesController externalAccessRolesController;
@Mock
UserService userservice = new UserServiceCentalizedImpl();
@Mock
@@ -186,6 +186,18 @@ public class ExternalAccessRolesControllerTest {
}
@Test
+ public void getUserXSSTest() throws Exception {
+ String loginId = "<script ~~~>alert(0%0)</script ~~~>";
+ String expected = getXSSKeyJson();
+ StringWriter sw = new StringWriter();
+ PrintWriter writer = new PrintWriter(sw);
+ Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
+ externalAccessRolesController.getUser(mockedRequest, mockedResponse, loginId);
+ String actual = sw.getBuffer().toString().trim();
+ assertEquals(expected, actual);
+ }
+
+ @Test
public void getV2UserListTest() throws Exception {
String expectedCentralUser = "test";
String loginId = "test";
@@ -223,8 +235,8 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getRolesForAppCentralRoleTest() throws Exception {
- List<CentralRole> expectedCentralRoleList = new ArrayList<CentralRole>();
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<CentralRole> expectedCentralRoleList = new ArrayList<>();
+ List<EPApp> applicationList = new ArrayList<>();
List<CentralV2Role> centralV2RoleList = new ArrayList<>();
List<CentralRole> centralRoleList = new ArrayList<>();
EPApp app = mockApp();
@@ -246,7 +258,7 @@ public class ExternalAccessRolesControllerTest {
@Test(expected = NullPointerException.class)
public void getRolesForAppCentralRoleExceptionTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
List<CentralV2Role> centralV2RoleList = new ArrayList<>();
List<CentralRole> centralRoleList = new ArrayList<>();
EPApp app = mockApp();
@@ -268,8 +280,8 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getV2RolesForAppTest() throws Exception {
- List<CentralRole> expectedCentralRoleList = new ArrayList<CentralRole>();
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<CentralRole> expectedCentralRoleList = new ArrayList<>();
+ List<EPApp> applicationList = new ArrayList<>();
List<CentralV2Role> centralV2Role = new ArrayList<>();
EPApp app = mockApp();
app.setCentralAuth(true);
@@ -288,8 +300,8 @@ public class ExternalAccessRolesControllerTest {
@Test(expected = NullPointerException.class)
public void getV2RolesForAppExceptionTest() throws Exception {
- List<CentralRole> expectedCentralRoleList = new ArrayList<CentralRole>();
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<CentralRole> expectedCentralRoleList = new ArrayList<>();
+ List<EPApp> applicationList = new ArrayList<>();
List<CentralV2Role> centralV2Role = new ArrayList<>();
EPApp app = mockApp();
app.setCentralAuth(true);
@@ -308,7 +320,7 @@ public class ExternalAccessRolesControllerTest {
@Test(expected = NullPointerException.class)
public void getRolesForAppTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
List<CentralV2Role> answer = new ArrayList<>();
EPApp app = mockApp();
applicationList.add(app);
@@ -320,7 +332,7 @@ public class ExternalAccessRolesControllerTest {
@Test(expected = NullPointerException.class)
public void getRolesForAppExceptionTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
applicationList.add(app);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
@@ -332,9 +344,9 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getRoleFunctionsListTest() throws Exception {
- List<CentralRole> expectedCentralRoleList = new ArrayList<CentralRole>();
- List<CentralRoleFunction> roleFuncList = new ArrayList<CentralRoleFunction>();
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<CentralRole> expectedCentralRoleList = new ArrayList<>();
+ List<CentralRoleFunction> roleFuncList = new ArrayList<>();
+ List<EPApp> applicationList = new ArrayList<>();
List<CentralV2RoleFunction> centralV2RoleFunction = new ArrayList<>();
EPApp app = mockApp();
app.setCentralAuth(true);
@@ -366,8 +378,8 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getV2RoleFunctionsListTest() throws Exception {
- List<CentralV2RoleFunction> expectedCentralV2RoleFunctionList = new ArrayList<CentralV2RoleFunction>();
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<CentralV2RoleFunction> expectedCentralV2RoleFunctionList = new ArrayList<>();
+ List<EPApp> applicationList = new ArrayList<>();
List<CentralV2RoleFunction> centralV2RoleFunction = new ArrayList<>();
EPApp app = mockApp();
app.setCentralAuth(true);
@@ -398,7 +410,7 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getRoleInfoValidationTest() throws Exception {
CentralRole expectedCentralRole = null;
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
long roleId = 1;
CentralV2Role centralV2Role = new CentralV2Role();
EPApp app = mockApp();
@@ -446,7 +458,7 @@ public class ExternalAccessRolesControllerTest {
public void getV2RoleInfoValidationTest() throws Exception {
CentralV2Role expectedCentralRole = new CentralV2Role();
expectedCentralRole.setActive(false);
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
long roleId = 1;
CentralV2Role centralV2Role = new CentralV2Role();
EPApp app = mockApp();
@@ -491,10 +503,10 @@ public class ExternalAccessRolesControllerTest {
}
@Test
- public void getV2RoleFunctionTest() throws HttpClientErrorException, Exception {
+ public void getV2RoleFunctionTest() throws Exception {
CentralV2RoleFunction expectedCentralV2RoleFunction = new CentralV2RoleFunction();
expectedCentralV2RoleFunction.setCode("test");
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
String code = "test";
CentralV2RoleFunction centralV2RoleFunction = new CentralV2RoleFunction();
centralV2RoleFunction.setCode("test");
@@ -512,10 +524,11 @@ public class ExternalAccessRolesControllerTest {
assertEquals(actualCentralV2RoleFunction.getCode(), expectedCentralV2RoleFunction.getCode());
}
+
@Test
- public void getV2RoleFunctionNullCheckTest() throws HttpClientErrorException, Exception {
+ public void getV2RoleFunctionNullCheckTest() throws Exception {
CentralV2RoleFunction expectedCentralV2RoleFunction = new CentralV2RoleFunction();
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
String code = "test";
CentralV2RoleFunction centralV2RoleFunction = null;
EPApp app = mockApp();
@@ -586,13 +599,40 @@ public class ExternalAccessRolesControllerTest {
}
@Test
+ public void getRoleFunctionXSSTest() throws Exception {
+ String expected = getXSSKeyJson();
+ EPApp mockApp = mockApp();
+ mockApp.setCentralAuth(true);
+ List<EPApp> mockAppList = new ArrayList<>();
+ mockAppList.add(mockApp);
+ StringWriter sw = new StringWriter();
+ PrintWriter writer = new PrintWriter(sw);
+ Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
+ CentralV2RoleFunction roleFunction1 = new CentralV2RoleFunction();
+ CentralRoleFunction roleFunction2 = new CentralRoleFunction();
+ roleFunction1.setCode("test2");
+ String code = "<script>alert(‘XSS’)</script>";
+ Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
+ Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(mockAppList);
+ ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
+ Mockito.when(externalAccessRolesService.getNameSpaceIfExists(mockAppList.get(0))).thenReturn(response);
+ Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader("uebkey")))
+ .thenReturn(roleFunction1);
+ CentralRoleFunction returnedValue = externalAccessRolesController.getRoleFunction(mockedRequest, mockedResponse,
+ code);
+ assertEquals(returnedValue, roleFunction2);
+ String result = sw.getBuffer().toString().trim();
+ assertEquals(expected, result);
+ }
+
+ @Test
public void saveRoleFunctionIfIsNotDeletedTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
applicationList.add(app);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage(null);
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -609,13 +649,13 @@ public class ExternalAccessRolesControllerTest {
@Test
public void saveRoleFunctionExceptionTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
app.setCentralAuth(true);
applicationList.add(app);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage(null);
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -627,10 +667,9 @@ public class ExternalAccessRolesControllerTest {
assertEquals(portalRestResponse, expectedportalRestResponse);
}
- @SuppressWarnings("static-access")
@Test
public void saveRoleFunctionTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPUser user = mockUser.mockEPUser();
List<EPUser> userList = new ArrayList<>();
userList.add(user);
@@ -648,7 +687,7 @@ public class ExternalAccessRolesControllerTest {
saveRoleFunc.setAppId(app.getId());
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully saved!");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -670,13 +709,54 @@ public class ExternalAccessRolesControllerTest {
}
@Test
+ public void saveRoleFunctionXSSTest() throws Exception {
+ List<EPApp> applicationList = new ArrayList<>();
+ EPUser user = mockUser.mockEPUser();
+ List<EPUser> userList = new ArrayList<>();
+ userList.add(user);
+ EPApp app = mockApp();
+ app.setCentralAuth(true);
+ applicationList.add(app);
+ JSONObject roleFunc = new JSONObject();
+ roleFunc.put("type", "<script>alert(“XSS”)</script> ");
+ roleFunc.put("code", "test_instance");
+ roleFunc.put("action", "test_action");
+ roleFunc.put("name", "test_name");
+ ObjectMapper mapper = new ObjectMapper();
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+ CentralV2RoleFunction saveRoleFunc = mapper.readValue(roleFunc.toString(), CentralV2RoleFunction.class);
+ saveRoleFunc.setAppId(app.getId());
+ Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
+ PortalRestResponse<String> portalRestResponse = null;
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
+ expectedportalRestResponse.setMessage("Failed to roleFunc, not valid data.");
+ expectedportalRestResponse.setResponse("Failed");
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+ Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
+ Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(applicationList);
+ ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
+ Mockito.when(externalAccessRolesService.getNameSpaceIfExists(applicationList.get(0))).thenReturn(response);
+ Mockito.when(externalAccessRolesService.getRoleFunction("test_type|test_instance|test_action", app.getUebKey()))
+ .thenReturn(null);
+ Mockito.when(externalAccessRolesService.saveCentralRoleFunction(Matchers.any(CentralV2RoleFunction.class),
+ Matchers.any(EPApp.class))).thenReturn(true);
+ Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader(Matchers.anyString())))
+ .thenReturn(userList);
+ Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(Matchers.anyString())))
+ .thenReturn(applicationList);
+ portalRestResponse = externalAccessRolesController.saveRoleFunction(mockedRequest, mockedResponse,
+ roleFunc.toString());
+ assertEquals(expectedportalRestResponse, portalRestResponse);
+ }
+
+ @Test
public void deleteRoleFunctionTest() throws Exception {
PowerMockito.mockStatic(EcompPortalUtils.class);
PowerMockito.mockStatic(SystemProperties.class);
PowerMockito.mockStatic(EPCommonSystemProperties.class);
PowerMockito.mockStatic(PortalConstants.class);
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully Deleted");
expectedportalRestResponse.setResponse("Success");
EPUser user = mockUser.mockEPUser();
@@ -700,6 +780,36 @@ public class ExternalAccessRolesControllerTest {
}
@Test
+ public void deleteRoleFunctionXSSTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(PortalConstants.class);
+ PortalRestResponse<String> portalRestResponse = null;
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
+ expectedportalRestResponse.setMessage("Failed to deleteRoleFunction, not valid data.");
+ expectedportalRestResponse.setResponse("Failed");
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+ EPUser user = mockUser.mockEPUser();
+ List<EPUser> userList = new ArrayList<>();
+ userList.add(user);
+ EPApp app = mockApp();
+ app.setCentralAuth(true);
+ List<EPApp> appList = new ArrayList<>();
+ appList.add(app);
+ String code = "<script>alert(‘XSS’)</script>";
+ Mockito.when(mockedRequest.getHeader("LoginId")).thenReturn("guestT");
+ Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
+ Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
+ ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
+ Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
+ Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LoginId"))).thenReturn(userList);
+ Mockito.when(externalAccessRolesService.deleteCentralRoleFunction(code, app)).thenReturn(true);
+ portalRestResponse = externalAccessRolesController.deleteRoleFunction(mockedRequest, mockedResponse, code);
+ assertEquals(portalRestResponse, expectedportalRestResponse);
+ }
+
+ @Test
public void getActiveRolesTest() throws Exception {
String reason = getInvalidKeyJson();
StringWriter sw = new StringWriter();
@@ -717,9 +827,9 @@ public class ExternalAccessRolesControllerTest {
List<CentralRole> expectedRolesList = null;
EPApp app = mockApp();
app.setCentralAuth(true);
- List<EPApp> appList = new ArrayList<EPApp>();
+ List<EPApp> appList = new ArrayList<>();
appList.add(app);
- List<CentralV2Role> cenRoles = new ArrayList<CentralV2Role>();
+ List<CentralV2Role> cenRoles = new ArrayList<>();
Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
@@ -757,10 +867,19 @@ public class ExternalAccessRolesControllerTest {
return reason;
}
+ private String getXSSKeyJson() throws JsonProcessingException {
+ final Map<String, String> uebkeyResponse = new HashMap<>();
+ String reason = "";
+ ObjectMapper mapper = new ObjectMapper();
+ uebkeyResponse.put("error", "Data is not valid");
+ reason = mapper.writeValueAsString(uebkeyResponse);
+ return reason;
+ }
+
@Test
- public void deleteDependcyRoleRecordExceptionTest() throws Exception {
+ public void deleteDependcyRoleRecordExceptionTest() {
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Invalid credentials!");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -776,7 +895,7 @@ public class ExternalAccessRolesControllerTest {
Mockito.when(externalAccessRolesService.bulkUploadFunctions(mockedRequest.getHeader(uebKey)))
.thenReturn(result);
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully added: 0");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -789,7 +908,7 @@ public class ExternalAccessRolesControllerTest {
Mockito.when(externalAccessRolesService.bulkUploadFunctions(mockedRequest.getHeader(uebKey)))
.thenThrow(httpClientErrorException);
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Failed to bulkUploadFunctions");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -801,7 +920,7 @@ public class ExternalAccessRolesControllerTest {
public void bulkUploadRolesTest() throws Exception {
Integer result = 0;
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully added: 0");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -815,7 +934,7 @@ public class ExternalAccessRolesControllerTest {
Mockito.when(externalAccessRolesService.bulkUploadRoles(mockedRequest.getHeader(uebKey)))
.thenThrow(httpClientErrorException);
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Failed to bulkUploadRoles");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -827,7 +946,7 @@ public class ExternalAccessRolesControllerTest {
public void bulkUploadRoleFunctionsTest() throws Exception {
Integer result = 0;
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully added: 0");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -842,7 +961,7 @@ public class ExternalAccessRolesControllerTest {
Mockito.when(externalAccessRolesService.bulkUploadRolesFunctions(mockedRequest.getHeader(uebKey)))
.thenThrow(httpClientErrorException);
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Failed to bulkUploadRoleFunctions");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -854,7 +973,7 @@ public class ExternalAccessRolesControllerTest {
public void bulkUploadUserRolesTest() throws Exception {
Integer result = 0;
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully added: 0");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -869,7 +988,7 @@ public class ExternalAccessRolesControllerTest {
Mockito.when(externalAccessRolesService.bulkUploadUserRoles(mockedRequest.getHeader(uebKey)))
.thenThrow(httpClientErrorException);
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Failed to bulkUploadUserRoles");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -878,9 +997,9 @@ public class ExternalAccessRolesControllerTest {
}
@Test
- public void bulkUploadPartnerFunctionsTest() throws Exception {
+ public void bulkUploadPartnerFunctionsTest() {
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully added: '0' functions");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -889,9 +1008,9 @@ public class ExternalAccessRolesControllerTest {
}
@Test
- public void bulkUploadPartnerRolesTest() throws Exception {
+ public void bulkUploadPartnerRolesTest() {
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully added");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -902,9 +1021,9 @@ public class ExternalAccessRolesControllerTest {
}
@Test
- public void bulkUploadPartnerRolesExceptionTest() throws Exception {
+ public void bulkUploadPartnerRolesExceptionTest() {
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully added");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -942,10 +1061,10 @@ public class ExternalAccessRolesControllerTest {
}
@Test
- public void saveRoleExceptionTest() throws Exception {
+ public void saveRoleExceptionTest() {
Role role = new Role();
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Invalid credentials!");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -954,10 +1073,10 @@ public class ExternalAccessRolesControllerTest {
}
@Test
- public void deleteRoleExceptionTest() throws Exception {
+ public void deleteRoleExceptionTest() {
String role = "TestNew";
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Invalid credentials!");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -966,9 +1085,9 @@ public class ExternalAccessRolesControllerTest {
}
@Test
- public void bulkUploadPartnerRoleFunctionsTest() throws Exception {
+ public void bulkUploadPartnerRoleFunctionsTest() {
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully added: '0' role functions");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -986,7 +1105,7 @@ public class ExternalAccessRolesControllerTest {
StringWriter sw = new StringWriter();
PrintWriter writer = new PrintWriter(sw);
Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
app.setCentralAuth(true);
applicationList.add(app);
@@ -1012,7 +1131,7 @@ public class ExternalAccessRolesControllerTest {
@Test(expected = NullPointerException.class)
public void deleteRoleV2Test() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
applicationList.add(app);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
@@ -1020,7 +1139,7 @@ public class ExternalAccessRolesControllerTest {
"Success");
Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(Matchers.anyLong(), Matchers.anyString(),
Matchers.anyString())).thenReturn(externalRequestFieldsValidator);
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully Deleted");
expectedportalRestResponse.setResponse("Success");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
@@ -1031,12 +1150,12 @@ public class ExternalAccessRolesControllerTest {
@Test
public void deleteRoleV2InvalidUebKeyTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
applicationList.add(app);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey)))
.thenThrow(new Exception("Invalid credentials!"));
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Invalid credentials!");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -1047,12 +1166,12 @@ public class ExternalAccessRolesControllerTest {
@Test
public void deleteRoleV2InvalidUebKeyWithDiffErrorTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
applicationList.add(app);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey)))
.thenThrow(new Exception("test"));
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("test");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -1063,7 +1182,7 @@ public class ExternalAccessRolesControllerTest {
@Test(expected = NullPointerException.class)
public void deleteRoleV2ExceptionTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
applicationList.add(app);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
@@ -1071,7 +1190,7 @@ public class ExternalAccessRolesControllerTest {
"failed");
Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(Matchers.anyLong(), Matchers.anyString(),
Matchers.anyString())).thenReturn(externalRequestFieldsValidator);
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Failed to deleteRole");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -1082,7 +1201,7 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getEpUserNullTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
app.setUebKey("uebKey");
app.setCentralAuth(true);
@@ -1095,7 +1214,7 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getEpUserTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
app.setUebKey("uebKey");
app.setCentralAuth(true);
@@ -1103,7 +1222,7 @@ public class ExternalAccessRolesControllerTest {
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response);
- String user = "{\"id\":null,\"created\":null,\"modified\":null,\"createdId\":null,\"modifiedId\":null,\"rowNum\":null,\"auditUserId\":null,\"auditTrail\":null,\"orgId\":null,\"managerId\":null,\"firstName\":\"test\",\"middleInitial\":null,\"lastName\":null,\"phone\":null,\"fax\":null,\"cellular\":null,\"email\":null,\"addressId\":null,\"alertMethodCd\":null,\"hrid\":null,\"orgUserId\":null,\"orgCode\":null,\"address1\":null,\"address2\":null,\"city\":null,\"state\":null,\"zipCode\":null,\"country\":null,\"orgManagerUserId\":null,\"locationClli\":null,\"businessCountryCode\":null,\"businessCountryName\":null,\"businessUnit\":null,\"businessUnitName\":null,\"department\":null,\"departmentName\":null,\"companyCode\":null,\"company\":null,\"zipCodeSuffix\":null,\"jobTitle\":null,\"commandChain\":null,\"siloStatus\":null,\"costCenter\":null,\"financialLocCode\":null,\"loginId\":null,\"loginPwd\":null,\"lastLoginDate\":null,\"active\":false,\"internal\":false,\"selectedProfileId\":null,\"timeZoneId\":null,\"online\":false,\"chatId\":null,\"userApps\":[],\"pseudoRoles\":[],\"defaultUserApp\":null,\"roles\":[],\"fullName\":\"test null\"}";
+ String user = "{\"id\":null,\"created\":null,\"modified\":null,\"createdId\":null,\"modifiedId\":null,\"rowNum\":null,\"auditUserId\":null,\"auditTrail\":null,\"orgId\":null,\"managerId\":null,\"firstName\":\"test\",\"middleInitial\":null,\"lastName\":null,\"phone\":null,\"fax\":null,\"cellular\":null,\"email\":null,\"addressId\":null,\"alertMethodCd\":null,\"hrid\":null,\"orgUserId\":null,\"orgCode\":null,\"address1\":null,\"address2\":null,\"city\":null,\"state\":null,\"zipCode\":null,\"country\":null,\"orgManagerUserId\":null,\"locationClli\":null,\"businessCountryCode\":null,\"businessCountryName\":null,\"businessUnit\":null,\"businessUnitName\":null,\"department\":null,\"departmentName\":null,\"companyCode\":null,\"company\":null,\"zipCodeSuffix\":null,\"jobTitle\":null,\"commandChain\":null,\"siloStatus\":null,\"costCenter\":null,\"financialLocCode\":null,\"loginId\":null,\"loginPwd\":null,\"lastLoginDate\":null,\"active\":false,\"internal\":false,\"selectedProfileId\":null,\"timeZoneId\":null,\"online\":false,\"chatId\":null,\"userApps\":[],\"pseudoRoles\":[],\"roles\":[]}";
Mockito.when(externalAccessRolesService.getV2UserWithRoles("test12", mockedRequest.getHeader(uebKey)))
.thenReturn(user);
User EPuser = new User();
@@ -1115,7 +1234,7 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getEpUserExceptionTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
app.setCentralAuth(true);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
@@ -1127,7 +1246,7 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getEPRolesOfApplicationTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
app.setUebKey("uebKey");
app.setCentralAuth(true);
@@ -1152,7 +1271,7 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getEPRolesOfApplicationNullTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
app.setUebKey("uebKey");
app.setCentralAuth(true);
@@ -1171,7 +1290,7 @@ public class ExternalAccessRolesControllerTest {
@Test
public void getEPRolesOfApplicationExceptionTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
app.setCentralAuth(true);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList);
@@ -1188,7 +1307,7 @@ public class ExternalAccessRolesControllerTest {
PowerMockito.mockStatic(EPCommonSystemProperties.class);
PowerMockito.mockStatic(PortalConstants.class);
PortalRestResponse<String> actualPortalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully Saved");
expectedportalRestResponse.setResponse("Success");
EPUser user = mockUser.mockEPUser();
@@ -1220,7 +1339,7 @@ public class ExternalAccessRolesControllerTest {
PowerMockito.mockStatic(EPCommonSystemProperties.class);
PowerMockito.mockStatic(PortalConstants.class);
PortalRestResponse<String> actualPortalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully Saved");
expectedportalRestResponse.setResponse("Success");
EPUser user = mockUser.mockEPUser();
@@ -1252,7 +1371,7 @@ public class ExternalAccessRolesControllerTest {
PowerMockito.mockStatic(EPCommonSystemProperties.class);
PowerMockito.mockStatic(PortalConstants.class);
PortalRestResponse<String> actualPortalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully Saved");
expectedportalRestResponse.setResponse("Failed");
EPUser user = mockUser.mockEPUser();
@@ -1279,7 +1398,7 @@ public class ExternalAccessRolesControllerTest {
@Test(expected = NullPointerException.class)
public void saveRoleNullExceptionTest() throws Exception {
- List<EPApp> applicationList = new ArrayList<EPApp>();
+ List<EPApp> applicationList = new ArrayList<>();
EPApp app = mockApp();
applicationList.add(app);
Role role = new Role();
@@ -1288,7 +1407,7 @@ public class ExternalAccessRolesControllerTest {
"failed");
Mockito.when(externalAccessRolesService.deleteDependencyRoleRecord(Matchers.anyLong(), Matchers.anyString(),
Matchers.anyString())).thenReturn(externalRequestFieldsValidator);
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Failed to deleteRole");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
@@ -1304,7 +1423,7 @@ public class ExternalAccessRolesControllerTest {
PowerMockito.mockStatic(EPCommonSystemProperties.class);
PowerMockito.mockStatic(PortalConstants.class);
PortalRestResponse<String> actualPortalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Successfully Deleted");
expectedportalRestResponse.setResponse("Success");
EPUser user = mockUser.mockEPUser();
@@ -1329,13 +1448,44 @@ public class ExternalAccessRolesControllerTest {
}
@Test
+ public void deleteRoleXSSTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(PortalConstants.class);
+ PortalRestResponse<String> actualPortalRestResponse = null;
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
+ expectedportalRestResponse.setMessage("Failed to deleteRole, not valid data.");
+ expectedportalRestResponse.setResponse("Failed");
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+ EPUser user = mockUser.mockEPUser();
+ List<EPUser> userList = new ArrayList<>();
+ userList.add(user);
+ EPApp app = mockApp();
+ app.setCentralAuth(true);
+ List<EPApp> appList = new ArrayList<>();
+ appList.add(app);
+ String code = "<img src=xss onerror=alert(1)>";
+ boolean deleteResponse = true;
+ Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
+ Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);
+ ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND);
+ Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response);
+ Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LoginId"))).thenReturn(userList);
+ Mockito.when(externalAccessRolesService.deleteRoleForApplication(code, mockedRequest.getHeader("uebkey")))
+ .thenReturn(deleteResponse);
+ actualPortalRestResponse = externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, code);
+ assertEquals(actualPortalRestResponse.getStatus(), expectedportalRestResponse.getStatus());
+ }
+
+ @Test
public void deleteRoleNegativeTest() throws Exception {
PowerMockito.mockStatic(EcompPortalUtils.class);
PowerMockito.mockStatic(SystemProperties.class);
PowerMockito.mockStatic(EPCommonSystemProperties.class);
PowerMockito.mockStatic(PortalConstants.class);
PortalRestResponse<String> actualPortalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Failed to delete Role for 'test");
expectedportalRestResponse.setResponse("Failed");
EPUser user = mockUser.mockEPUser();
@@ -1363,13 +1513,13 @@ public class ExternalAccessRolesControllerTest {
public void deleteDependcyRoleRecordTest() throws Exception {
ExternalRequestFieldsValidator removeResult = new ExternalRequestFieldsValidator(true, "success");
PortalRestResponse<String> portalRestResponse = null;
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("Invalid credentials!");
expectedportalRestResponse.setResponse("Failed");
expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
long roleId = 123;
String LoginId = "loginId";
- List<EPApp> appList = new ArrayList<EPApp>();
+ List<EPApp> appList = new ArrayList<>();
Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey);
Mockito.when(mockedRequest.getHeader("LoginId")).thenReturn(LoginId);
Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList);