From 21a8761f684745bb300e075c7e98ad897ace9eed Mon Sep 17 00:00:00 2001
From: st782s <statta@research.att.com>
Date: Tue, 30 Jan 2018 17:29:36 -0500
Subject: Security/ Package Name changes

Issue-ID: PORTAL-174, PORTAL-157, PORTAL-156, PORTAL-148, PORTAL-145,
PORTAL-140, PORTAL-133, PORTAL-121, PORTAL-111, PORTAL-88

Includes security fixes, Role Centralization, replace certain ECOMP
occurrences etc

Change-Id: I3c8b706709c6b92e646e3cbe50c2d660e8a46ef4
Signed-off-by: st782s <statta@research.att.com>
---
 .../test/controller/WidgetFileControllerTest.java  |  74 ++++++++
 .../controller/WidgetsCatalogControllerTest.java   | 195 +++++++++++++++++++++
 .../test/service/WidgetCatalogServiceTest.java     | 124 +++++++++++++
 3 files changed, 393 insertions(+)
 create mode 100644 ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/controller/WidgetFileControllerTest.java
 create mode 100644 ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/controller/WidgetsCatalogControllerTest.java
 create mode 100644 ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/service/WidgetCatalogServiceTest.java

(limited to 'ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap')

diff --git a/ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/controller/WidgetFileControllerTest.java b/ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/controller/WidgetFileControllerTest.java
new file mode 100644
index 00000000..db6ddc36
--- /dev/null
+++ b/ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/controller/WidgetFileControllerTest.java
@@ -0,0 +1,74 @@
+package org.onap.portalapp.widget.test.controller;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.times;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+import org.mockito.runners.MockitoJUnitRunner;
+import org.onap.portalapp.widget.controller.DatabaseFileUploadController;
+import org.onap.portalapp.widget.service.impl.StorageServiceImpl;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+
+
+@RunWith(MockitoJUnitRunner.class)
+public class WidgetFileControllerTest {
+	private MockMvc mockMvc;
+	
+	@Mock
+	private StorageServiceImpl storageService;
+	
+	@InjectMocks
+	private DatabaseFileUploadController controller;
+	
+	@Before
+	public void setUp() {
+		MockitoAnnotations.initMocks(this);
+		mockMvc = MockMvcBuilders.standaloneSetup(controller).build();
+	}
+	
+	@Test
+	public void getWidgetMarkup_NoError() throws Exception{
+		ArgumentCaptor<Long> storageServiceArg = ArgumentCaptor.forClass(Long.class);
+		Long widgetId = new Long(1);
+		mockMvc.perform(MockMvcRequestBuilders.get("/microservices/markup/" + widgetId)).andReturn();;
+		Mockito.verify(storageService, times(1)).getWidgetMarkup(storageServiceArg.capture());
+		assertEquals(storageServiceArg.getValue(), widgetId);
+	}
+	
+	@Test
+	public void getWidgetController_NoError() throws Exception{
+		ArgumentCaptor<Long> storageServiceArg = ArgumentCaptor.forClass(Long.class);
+		Long widgetId = new Long(1);
+		mockMvc.perform(MockMvcRequestBuilders.get("/microservices/" + widgetId + "/controller.js")).andReturn();;
+		Mockito.verify(storageService, times(1)).getWidgetController(storageServiceArg.capture());
+		assertEquals(storageServiceArg.getValue(), widgetId);
+	}
+	
+	@Test
+	public void getWidgetFramework_NoError() throws Exception{
+		ArgumentCaptor<Long> storageServiceArg = ArgumentCaptor.forClass(Long.class);
+		Long widgetId = new Long(1);
+		mockMvc.perform(MockMvcRequestBuilders.get("/microservices/" + widgetId + "/framework.js")).andReturn();;
+		Mockito.verify(storageService, times(1)).getWidgetFramework(storageServiceArg.capture());
+		assertEquals(storageServiceArg.getValue(), widgetId);
+	}
+	
+	@Test
+	public void getWidgetCSS_NoError() throws Exception{
+		ArgumentCaptor<Long> storageServiceArg = ArgumentCaptor.forClass(Long.class);
+		Long widgetId = new Long(1);
+		mockMvc.perform(MockMvcRequestBuilders.get("/microservices/" + widgetId + "/styles.css")).andReturn();;
+		Mockito.verify(storageService, times(1)).getWidgetCSS(storageServiceArg.capture());
+		assertEquals(storageServiceArg.getValue(), widgetId);
+	}
+	
+}
diff --git a/ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/controller/WidgetsCatalogControllerTest.java b/ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/controller/WidgetsCatalogControllerTest.java
new file mode 100644
index 00000000..cf3d6ce5
--- /dev/null
+++ b/ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/controller/WidgetsCatalogControllerTest.java
@@ -0,0 +1,195 @@
+package org.onap.portalapp.widget.test.controller;
+
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Matchers.any;
+import static org.mockito.Mockito.times;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.codec.binary.Base64;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+import org.mockito.runners.MockitoJUnitRunner;
+import org.onap.portalapp.widget.controller.WidgetsCatalogController;
+import org.onap.portalapp.widget.domain.ValidationRespond;
+import org.onap.portalapp.widget.domain.WidgetCatalog;
+import org.onap.portalapp.widget.service.StorageService;
+import org.onap.portalapp.widget.service.WidgetCatalogService;
+import org.springframework.http.MediaType;
+import org.springframework.test.util.ReflectionTestUtils;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.web.multipart.MultipartFile;
+
+@RunWith(MockitoJUnitRunner.class)
+public class WidgetsCatalogControllerTest {
+
+	private MockMvc mockMvc;
+	
+	@Mock
+	private WidgetCatalogService widgetService;
+	
+	@Mock
+	private StorageService storageService;
+	
+	@InjectMocks
+	private WidgetsCatalogController controller;
+	
+	@Before
+	public void setUp() {
+		MockitoAnnotations.initMocks(this);
+		mockMvc = MockMvcBuilders.standaloneSetup(controller).build();
+	}
+	
+	@Test
+	public void getWidgetCatalog_ValidAuthorization_NoError() throws Exception {	
+		List<WidgetCatalog> list = new ArrayList<WidgetCatalog>();
+		WidgetCatalog widget = new WidgetCatalog();
+		widget.setId(1);
+		widget.setName("junit");
+		list.add(widget);
+		Mockito.when(widgetService.getWidgetCatalog()).thenReturn(list);
+		
+		String security_user = "user";
+		String security_pass = "password";
+		
+		ReflectionTestUtils.setField(controller, "security_user", security_user, String.class);
+		ReflectionTestUtils.setField(controller, "security_pass", security_pass, String.class);
+		
+		String basic_auth = "Basic " + new String(Base64.encodeBase64((security_user + ":" + security_pass).getBytes()));
+		mockMvc.perform(get("/microservices/widgetCatalog/").header("Authorization", basic_auth))
+		.andExpect(status().isOk())
+		.andExpect(jsonPath("$[0].id", is(1)))
+		.andExpect(jsonPath("$[0].name", is("junit")));
+	}
+	  
+	@Test
+	public void getWidgetCatalog_InValidAuthorization_Unauthorized() throws Exception {	
+
+		String security_user = "user";
+		String security_pass = "password";
+		String wrong_pass = "wrong";
+		
+		ReflectionTestUtils.setField(controller, "security_user", security_user, String.class);
+		ReflectionTestUtils.setField(controller, "security_pass", security_pass, String.class);
+		
+		String basic_auth = "Basic " + new String(Base64.encodeBase64((security_user + ":" + wrong_pass).getBytes()));
+		mockMvc.perform(get("/microservices/widgetCatalog/").header("Authorization", basic_auth))
+		.andExpect(status().isUnauthorized());
+	}
+	
+	@Test
+	public void getWidgetCatalog_NoAuthorization_BadRequest() throws Exception {	
+		List<WidgetCatalog> list = new ArrayList<WidgetCatalog>();
+		WidgetCatalog widget = new WidgetCatalog();
+		list.add(widget);
+		Mockito.when(widgetService.getWidgetCatalog()).thenReturn(list);
+		
+		mockMvc.perform(get("/microservices/widgetCatalog/"))
+		.andExpect(status().isBadRequest());
+	}
+	
+	
+	@Test
+	public void saveWidgetCatalog_ValidAuthorization_NoError() throws Exception {	
+		ValidationRespond respond = new ValidationRespond(true, null);
+		Mockito.when(storageService.checkZipFile(any(MultipartFile.class))).thenReturn(respond);
+		
+		String security_user = "user";
+		String security_pass = "password";
+		
+		ReflectionTestUtils.setField(controller, "security_user", security_user, String.class);
+		ReflectionTestUtils.setField(controller, "security_pass", security_pass, String.class);
+		
+		String basic_auth = "Basic " + new String(Base64.encodeBase64((security_user + ":" + security_pass).getBytes()));
+		mockMvc.perform(MockMvcRequestBuilders.fileUpload("/microservices/widgetCatalog/").file("file", null)
+				.param("widget", "{}")
+				.header("Authorization", basic_auth)
+				.contentType(MediaType.MULTIPART_FORM_DATA))
+		.andExpect(jsonPath("$.valid", is(true)));
+		
+		Mockito.verify(widgetService, times(1)).saveWidgetCatalog(any(WidgetCatalog.class));
+	}
+	
+	
+	@Test
+	public void updateWidgetCatalog_ValidAuthorization_NoError() throws Exception {	
+		String security_user = "user"; 
+		String security_pass = "password";
+		Long widgetId = new Long(1);
+		ArgumentCaptor<Long> widgetServiceArg = ArgumentCaptor.forClass(Long.class);
+		
+		ReflectionTestUtils.setField(controller, "security_user", security_user, String.class);
+		ReflectionTestUtils.setField(controller, "security_pass", security_pass, String.class);
+		
+		String basic_auth = "Basic " + new String(Base64.encodeBase64((security_user + ":" + security_pass).getBytes()));
+		mockMvc.perform(put("/microservices/widgetCatalog/" + widgetId).contentType(MediaType.APPLICATION_JSON).content("{}").header("Authorization", basic_auth));
+		
+		Mockito.verify(widgetService, times(1)).updateWidgetCatalog(widgetServiceArg.capture(), any(WidgetCatalog.class));
+		assertEquals(widgetServiceArg.getValue(), widgetId);
+	}
+	
+	
+	@Test
+	public void updateWidgetCatalogwithFiles_ValidAuthorization_NoError() throws Exception {
+		ValidationRespond respond = new ValidationRespond(true, null);
+		Mockito.when(storageService.checkZipFile(any(MultipartFile.class))).thenReturn(respond);
+		
+		String security_user = "user";
+		String security_pass = "password";
+		Long widgetId = new Long(1);
+		ArgumentCaptor<Long> widgetServiceArg = ArgumentCaptor.forClass(Long.class);
+		ArgumentCaptor<Long> storageServiceArg = ArgumentCaptor.forClass(Long.class);
+		
+		ReflectionTestUtils.setField(controller, "security_user", security_user, String.class);
+		ReflectionTestUtils.setField(controller, "security_pass", security_pass, String.class);
+		
+		String basic_auth = "Basic " + new String(Base64.encodeBase64((security_user + ":" + security_pass).getBytes()));
+		mockMvc.perform(MockMvcRequestBuilders.fileUpload("/microservices/widgetCatalog/" + widgetId).file("file", null)
+				.param("widget", "{}")
+				.header("Authorization", basic_auth)
+				.contentType(MediaType.MULTIPART_FORM_DATA))
+		.andExpect(jsonPath("$.valid", is(true)));
+		
+		Mockito.verify(widgetService, times(1)).updateWidgetCatalog(widgetServiceArg.capture(), any(WidgetCatalog.class));
+		assertEquals(widgetServiceArg.getValue(), widgetId);
+	}
+	
+	@Test
+	public void deleteOnboardingWidget_ValidAuthorization_NoError() throws Exception {
+		
+		String security_user = "user";
+		String security_pass = "password";
+		Long widgetId = new Long(1);
+		
+		ReflectionTestUtils.setField(controller, "security_user", security_user, String.class);
+		ReflectionTestUtils.setField(controller, "security_pass", security_pass, String.class);
+		
+		String basic_auth = "Basic " + new String(Base64.encodeBase64((security_user + ":" + security_pass).getBytes()));
+		mockMvc.perform(MockMvcRequestBuilders.delete("/microservices/widgetCatalog/" + widgetId)
+				.header("Authorization", basic_auth));
+		ArgumentCaptor<Long> widgetServiceArg = ArgumentCaptor.forClass(Long.class);
+		ArgumentCaptor<Long> storageServiceArg = ArgumentCaptor.forClass(Long.class);
+		
+		Mockito.verify(widgetService, times(1)).deleteWidgetCatalog(widgetServiceArg.capture());
+		assertEquals(widgetServiceArg.getValue(), widgetId);
+		Mockito.verify(storageService, times(1)).deleteWidgetFile(storageServiceArg.capture());
+		assertEquals(storageServiceArg.getValue(), widgetId);
+	}
+	
+	
+}
diff --git a/ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/service/WidgetCatalogServiceTest.java b/ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/service/WidgetCatalogServiceTest.java
new file mode 100644
index 00000000..9076884b
--- /dev/null
+++ b/ecomp-portal-widget-ms/widget-ms/src/test/java/org/onap/portalapp/widget/test/service/WidgetCatalogServiceTest.java
@@ -0,0 +1,124 @@
+package org.onap.portalapp.widget.test.service;
+
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.mockito.Mockito.RETURNS_DEEP_STUBS;
+
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.hibernate.Criteria;
+import org.hibernate.Session;
+import org.hibernate.SessionFactory;
+import org.hibernate.Transaction;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.ExpectedException;
+import org.junit.runner.RunWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+import org.mockito.runners.MockitoJUnitRunner;
+import org.onap.portalapp.widget.domain.RoleApp;
+import org.onap.portalapp.widget.domain.WidgetCatalog;
+import org.onap.portalapp.widget.service.impl.WidgetCatalogServiceImpl;
+
+
+@RunWith(MockitoJUnitRunner.class)
+public class WidgetCatalogServiceTest {
+	
+	@Mock
+	private SessionFactory mockedSessionFactory;
+
+	@InjectMocks
+	private WidgetCatalogServiceImpl widgetCatalogService;
+
+	@Before
+	public void setUp() {
+		MockitoAnnotations.initMocks(this);
+	}
+	
+	@Test
+	public void getWidgetCatalog_NoError() throws Exception{
+		Session mockedSession = Mockito.mock(Session.class);
+		Criteria mockedCriteria = Mockito.mock(Criteria.class);
+		
+		List<WidgetCatalog> list = new ArrayList<WidgetCatalog>();
+		WidgetCatalog widget = new WidgetCatalog();
+		widget.setId(1);
+		widget.setName("junit");
+		list.add(widget);
+		
+		Mockito.when(mockedSessionFactory.getCurrentSession()).thenReturn(mockedSession);
+		Mockito.when(mockedSession.createCriteria(WidgetCatalog.class)).thenReturn(mockedCriteria);
+		Mockito.when(mockedCriteria.setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY)).thenReturn(mockedCriteria);
+		Mockito.when(mockedCriteria.list()).thenReturn(list);
+		
+		List<WidgetCatalog> result = widgetCatalogService.getWidgetCatalog();
+		assertNotNull(result);
+		assertEquals(result, list);
+	}
+	
+	
+	@Test
+	public void saveWidgetCatalog_NoError() throws Exception{
+		Set<RoleApp> set = new HashSet<RoleApp>();
+		WidgetCatalog widget = new WidgetCatalog();
+		widget.setId(1);
+		widget.setName("junit");
+		widget.setAllowAllUser("1");
+		widget.setWidgetRoles(set);
+		
+		Session mockedSession = Mockito.mock(Session.class);
+		Transaction mockedTransaction = Mockito.mock(Transaction.class);
+		Mockito.when(mockedSessionFactory.openSession()).thenReturn(mockedSession);
+		Mockito.when(mockedSession.beginTransaction()).thenReturn(mockedTransaction);
+		long widgetId = widgetCatalogService.saveWidgetCatalog(widget);
+		assertNotNull(widgetId);
+		assertEquals(widgetId, 1);
+	}
+	
+	@Rule public ExpectedException thrown = ExpectedException.none();
+	
+	
+	@Test
+	public void deleteWidgetCatalog_NoError() throws Exception{
+		long widgetId =1 ;
+		WidgetCatalog widget = new WidgetCatalog();
+		widget.setId(1);
+		widget.setName("junit");
+
+		Session mockedSession = Mockito.mock(Session.class, RETURNS_DEEP_STUBS);
+		Transaction mockedTransaction = Mockito.mock(Transaction.class);
+		
+		Mockito.when(mockedSessionFactory.getCurrentSession()).thenReturn(mockedSession);
+		Mockito.when(mockedSession.beginTransaction()).thenReturn(mockedTransaction);
+		Mockito.when(mockedSession.get(WidgetCatalog.class, widgetId)).thenReturn(widget);
+		
+		widgetCatalogService.deleteWidgetCatalog(widgetId);
+	}
+	
+	@Test
+	public void updateWidgetCatalog_NoError() throws Exception{
+		long widgetId =1 ;
+		WidgetCatalog widget = new WidgetCatalog();
+		widget.setId(1);
+		widget.setName("junit");
+
+		Session mockedSession = Mockito.mock(Session.class, RETURNS_DEEP_STUBS);
+		Transaction mockedTransaction = Mockito.mock(Transaction.class);
+		
+		Mockito.when(mockedSessionFactory.getCurrentSession()).thenReturn(mockedSession);
+		Mockito.when(mockedSession.beginTransaction()).thenReturn(mockedTransaction);
+		Mockito.when(mockedSession.get(WidgetCatalog.class, widgetId)).thenReturn(widget);
+		
+		widgetCatalogService.deleteWidgetCatalog(widgetId);
+	}
+	
+	
+}
-- 
cgit 1.2.3-korg