From 433947b5ab5e28fc29aee447de934de89a707419 Mon Sep 17 00:00:00 2001 From: "andre.schmid" Date: Thu, 19 Sep 2019 16:14:01 +0100 Subject: Centralize onboarding package validation Change-Id: I3cc58cf15f62008e83cfc7ddb095d07ab216b82a Issue-ID: SDC-2583 Signed-off-by: andre.schmid --- .../sdcrests/vsp/rest/data/PackageArchiveTest.java | 119 --------------------- .../OrchestrationTemplateCandidateImplTest.java | 30 ++---- 2 files changed, 10 insertions(+), 139 deletions(-) delete mode 100644 openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/data/PackageArchiveTest.java (limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org') diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/data/PackageArchiveTest.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/data/PackageArchiveTest.java deleted file mode 100644 index 91a20bd57f..0000000000 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/data/PackageArchiveTest.java +++ /dev/null @@ -1,119 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.openecomp.sdcrests.vsp.rest.data; - -import org.junit.Before; -import org.junit.Test; -import org.mockito.Mock; -import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManager; -import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManagerException; -import org.powermock.reflect.Whitebox; - -import java.io.IOException; -import java.net.URISyntaxException; -import java.nio.file.Files; -import java.nio.file.Paths; - -import static junit.framework.TestCase.assertTrue; -import static org.junit.Assert.assertFalse; -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.MockitoAnnotations.initMocks; -import static org.powermock.api.mockito.PowerMockito.when; - -public class PackageArchiveTest { - private static final String BASE_DIR = "/vspmanager.csar/"; - - @Mock - SecurityManager manager; - - @Before - public void setUp(){ - initMocks(this); - } - - - @Test - public void isSignedTestCheckingWrongFile() throws IOException, - URISyntaxException { - PackageArchive packageArchive = getArchive("notCsar.txt"); - assertFalse("2 or 3 files expected for signed package present or signature valid for " + - "empty file", packageArchive.isSigned()); - } - - @Test - public void isSignedTestWrongPackageStructure2EmptyDirInRoot() throws IOException, - URISyntaxException { - PackageArchive packageArchive = getArchive("signing/2-empty-directories-in-root.zip"); - assertFalse(packageArchive.isSigned()); - } - - @Test - public void isSignedTestWrongPackageStructure2EmptyFilesAndEmptyDirInRoot() throws IOException, - URISyntaxException { - PackageArchive packageArchive = getArchive("signing/2-empty-files-1-empty-directory-in-root.zip"); - assertFalse(packageArchive.isSigned()); - } - - @Test - public void isSignedTestWrongPackageStructure2EmptyFilesAndDirWithContentInRoot() throws IOException, - URISyntaxException { - PackageArchive packageArchive = getArchive("signing/2-empty-files-1-directory-with-contents-in-root.zip"); - assertFalse(packageArchive.isSigned()); - } - - @Test - public void isSignedTestCorrectStructureNoSignature() throws IOException, - URISyntaxException { - PackageArchive packageArchive = getArchive("signing/2-files-in-root.zip"); - assertFalse(packageArchive.isSigned()); - } - - @Test - public void isSignedTestCorrectStructureAndSignatureExists() throws IOException, - URISyntaxException { - PackageArchive packageArchive = getArchive("signing/csar-and-cms-in-root.zip"); - assertTrue(packageArchive.isSigned()); - } - - @Test - public void isSignatureValidTestCorrectStructureAndValidSignatureExists() throws IOException, - URISyntaxException, SecurityManagerException { - PackageArchive packageArchive = getArchive("signing/signed-package.zip"); - Whitebox.setInternalState(packageArchive, "securityManager", manager); - when(manager.verifySignedData(any(), any(), any())).thenReturn(true); - assertTrue("Signature invalid for signed package", - packageArchive.isSignatureValid()); - } - - @Test(expected = SecurityManagerException.class) - public void isSignatureValidTestCorrectStructureAndNotValidSignatureExists() throws IOException, - URISyntaxException, SecurityManagerException { - PackageArchive packageArchive = getArchive("signing/signed-package-tampered-data.zip"); - Whitebox.setInternalState(packageArchive, "securityManager", manager); - when(manager.verifySignedData(any(), any(), any())).thenThrow(new SecurityManagerException("error!")); - packageArchive.isSignatureValid(); - } - - private PackageArchive getArchive(String path) throws URISyntaxException, IOException { - return new PackageArchive(Files.readAllBytes(Paths.get( - PackageArchiveTest.class.getResource(BASE_DIR + path).toURI()))); - } -} diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/services/OrchestrationTemplateCandidateImplTest.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/services/OrchestrationTemplateCandidateImplTest.java index a9dfbb8449..589be207c1 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/services/OrchestrationTemplateCandidateImplTest.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/services/OrchestrationTemplateCandidateImplTest.java @@ -27,12 +27,12 @@ import static org.mockito.MockitoAnnotations.initMocks; import static org.powermock.api.mockito.PowerMockito.mock; import static org.powermock.api.mockito.PowerMockito.mockStatic; import static org.powermock.api.mockito.PowerMockito.when; -import static org.powermock.api.mockito.PowerMockito.whenNew; import java.io.IOException; import java.util.Arrays; import java.util.Optional; import java.util.UUID; +import javax.activation.DataHandler; import javax.ws.rs.core.Response; import org.apache.commons.lang3.tuple.Pair; import org.apache.cxf.jaxrs.ext.multipart.Attachment; @@ -52,7 +52,6 @@ import org.openecomp.sdc.vendorsoftwareproduct.OrchestrationTemplateCandidateMan import org.openecomp.sdc.vendorsoftwareproduct.OrchestrationTemplateCandidateManagerFactory; import org.openecomp.sdc.vendorsoftwareproduct.VendorSoftwareProductManager; import org.openecomp.sdc.vendorsoftwareproduct.VspManagerFactory; -import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManagerException; import org.openecomp.sdc.vendorsoftwareproduct.types.OrchestrationTemplateActionResponse; import org.openecomp.sdc.vendorsoftwareproduct.types.UploadFileResponse; import org.openecomp.sdc.vendorsoftwareproduct.types.UploadFileStatus; @@ -62,7 +61,6 @@ import org.openecomp.sdc.vendorsoftwareproduct.types.candidateheat.Module; import org.openecomp.sdcrests.vendorsoftwareproducts.types.FileDataStructureDto; import org.openecomp.sdcrests.vendorsoftwareproducts.types.OrchestrationTemplateActionResponseDto; import org.openecomp.sdcrests.vendorsoftwareproducts.types.UploadFileResponseDto; -import org.openecomp.sdcrests.vsp.rest.data.PackageArchive; import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; @@ -78,8 +76,6 @@ public class OrchestrationTemplateCandidateImplTest { @Mock private VendorSoftwareProductManager vendorSoftwareProductManager; @Mock - private PackageArchive packageArchive; - @Mock private VspManagerFactory vspManagerFactory; @Mock private ActivityLogManager activityLogManager; @@ -100,19 +96,15 @@ public class OrchestrationTemplateCandidateImplTest { public void setUp(){ try { initMocks(this); - packageArchive = mock(PackageArchive.class); mockStatic(VspManagerFactory.class); when(VspManagerFactory.getInstance()).thenReturn(vspManagerFactory); when(vspManagerFactory.createInterface()).thenReturn(vendorSoftwareProductManager); mockStatic(ActivityLogManagerFactory.class); when(ActivityLogManagerFactory.getInstance()).thenReturn(activityLogManagerFactory); when(activityLogManagerFactory.createInterface()).thenReturn(activityLogManager); - whenNew(PackageArchive.class).withAnyArguments().thenReturn(packageArchive); mockStatic(OrchestrationTemplateCandidateManagerFactory.class); when(OrchestrationTemplateCandidateManagerFactory.getInstance()).thenReturn(orchestrationTemplateCandidateManagerFactory); when(orchestrationTemplateCandidateManagerFactory.createInterface()).thenReturn(candidateManager); - when(packageArchive.getArchiveFileName()).thenReturn(Optional.of("test")); - when(packageArchive.getPackageFileContents()).thenReturn(new byte[0]); UploadFileResponse uploadFileResponse = new UploadFileResponse(); uploadFileResponse.setOnboardingType(OnboardingTypesEnum.ZIP); uploadFileResponse.setNetworkPackageName("test"); @@ -163,36 +155,34 @@ public class OrchestrationTemplateCandidateImplTest { } @Test - public void uploadSignedTest() throws SecurityManagerException { - when(packageArchive.isSigned()).thenReturn(true); - when(packageArchive.isSignatureValid()).thenReturn(true); + public void uploadSignedTest() { orchestrationTemplateCandidate = new OrchestrationTemplateCandidateImpl(); - Response response = orchestrationTemplateCandidate.upload("1", "1", mockAttachment(), "1"); + Response response = orchestrationTemplateCandidate.upload("1", "1", mockAttachment("filename.zip"), "1"); assertEquals(Response.Status.OK.getStatusCode(), response.getStatus()); } @Test public void uploadNotSignedTest(){ - when(packageArchive.isSigned()).thenReturn(false); orchestrationTemplateCandidate = new OrchestrationTemplateCandidateImpl(); - Response response = orchestrationTemplateCandidate.upload("1", "1", mockAttachment(), "1"); + Response response = orchestrationTemplateCandidate.upload("1", "1", mockAttachment("filename.csar"), "1"); assertEquals(Response.Status.OK.getStatusCode(), response.getStatus()); } - private Attachment mockAttachment() { + private Attachment mockAttachment(final String fileName) { final Attachment attachment = mock(Attachment.class); when(attachment.getContentDisposition()).thenReturn(new ContentDisposition("test")); + final DataHandler dataHandler = mock(DataHandler.class); + when(dataHandler.getName()).thenReturn(fileName); + when(attachment.getDataHandler()).thenReturn(dataHandler); final byte[] bytes = "upload package Test".getBytes(); when(attachment.getObject(ArgumentMatchers.any())).thenReturn(bytes); return attachment; } @Test - public void uploadSignNotValidTest() throws SecurityManagerException { - when(packageArchive.isSigned()).thenReturn(true); - when(packageArchive.isSignatureValid()).thenReturn(false); + public void uploadSignNotValidTest() { orchestrationTemplateCandidate = new OrchestrationTemplateCandidateImpl(); - Response response = orchestrationTemplateCandidate.upload("1", "1", mockAttachment(), "1"); + Response response = orchestrationTemplateCandidate.upload("1", "1", mockAttachment("filename.zip"), "1"); assertEquals(Response.Status.OK.getStatusCode(), response.getStatus()); assertFalse(((UploadFileResponseDto)response.getEntity()).getErrors().isEmpty()); } -- cgit 1.2.3-korg