diff options
Diffstat (limited to 'vid-app-common')
37 files changed, 831 insertions, 614 deletions
diff --git a/vid-app-common/pom.xml b/vid-app-common/pom.xml index 1b786c2c0..94d07dbeb 100755 --- a/vid-app-common/pom.xml +++ b/vid-app-common/pom.xml @@ -9,7 +9,7 @@ inherit from a parent maven module. --> <groupId>org.onap.vid</groupId> <artifactId>vid-app-common</artifactId> - <version>6.0.2-SNAPSHOT</version> + <version>6.0.3-SNAPSHOT</version> <packaging>war</packaging> <name>VID Common</name> <description>VID Common code for opensource version</description> diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController.java b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController.java index 563c9ff20..a9ce40bba 100644 --- a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController.java +++ b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController.java @@ -49,7 +49,6 @@ import org.onap.vid.aai.model.AaiGetTenatns.GetTenantsResponse; import org.onap.vid.aai.util.AAIRestInterface; import org.onap.vid.model.VersionByInvariantIdsRequest; import org.onap.vid.properties.Features; -import org.onap.vid.roles.Role; import org.onap.vid.roles.RoleProvider; import org.onap.vid.roles.RoleValidator; import org.onap.vid.services.AaiService; @@ -137,7 +136,7 @@ public class AaiController extends RestrictedBaseController { @RequestMapping(value = "/aai_get_services", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity<String> doGetServices(HttpServletRequest request) throws IOException { - RoleValidator roleValidator = RoleValidator.by(roleProvider.getUserRoles(request)); + RoleValidator roleValidator = roleProvider.getUserRolesValidator(request); AaiResponse subscriberList = aaiService.getServices(roleValidator); return aaiResponseToResponseEntity(subscriberList); @@ -225,7 +224,7 @@ public class AaiController extends RestrictedBaseController { @RequestMapping(value = "/aai_get_full_subscribers", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity<String> getFullSubscriberList(HttpServletRequest request) throws IOException { ResponseEntity<String> responseEntity; - RoleValidator roleValidator = RoleValidator.by(roleProvider.getUserRoles(request)); + RoleValidator roleValidator = roleProvider.getUserRolesValidator(request); SubscriberFilteredResults subscriberList = aaiService.getFullSubscriberList(roleValidator); if (subscriberList.getHttpCode() == 200) { responseEntity = new ResponseEntity<>(objectMapper.writeValueAsString(subscriberList.getSubscriberList()), @@ -256,8 +255,7 @@ public class AaiController extends RestrictedBaseController { @RequestMapping(value = "/aai_sub_details/{subscriberId}", method = RequestMethod.GET) public ResponseEntity<String> getSubscriberDetails(HttpServletRequest request, @PathVariable("subscriberId") String subscriberId, @RequestParam(value="omitServiceInstances", required = false, defaultValue = "false") boolean omitServiceInstances) throws IOException { - List<Role> roles = roleProvider.getUserRoles(request); - RoleValidator roleValidator = RoleValidator.by(roles); + RoleValidator roleValidator = roleProvider.getUserRolesValidator(request); AaiResponse subscriberData = aaiService.getSubscriberData(subscriberId, roleValidator, featureManager.isActive(Features.FLAG_1906_AAI_SUB_DETAILS_REDUCE_DEPTH) && omitServiceInstances); String httpMessage = subscriberData.getT() != null ? objectMapper.writeValueAsString(subscriberData.getT()) : subscriberData.getErrorMessage(); @@ -274,8 +272,7 @@ public class AaiController extends RestrictedBaseController { @RequestParam(value = "owningEntity", required = false) List<String> owningEntities) throws IOException { ResponseEntity responseEntity; - List<Role> roles = roleProvider.getUserRoles(request); - RoleValidator roleValidator = RoleValidator.by(roles); + RoleValidator roleValidator = roleProvider.getUserRolesValidator(request); AaiResponse<ServiceInstancesSearchResults> searchResult = aaiService .getServiceInstanceSearchResults(subscriberId, instanceIdentifier, roleValidator, owningEntities, projects); @@ -404,8 +401,7 @@ public class AaiController extends RestrictedBaseController { ResponseEntity responseEntity; try { - List<Role> roles = roleProvider.getUserRoles(request); - RoleValidator roleValidator = RoleValidator.by(roles); + RoleValidator roleValidator = roleProvider.getUserRolesValidator(request); AaiResponse<GetTenantsResponse[]> response = aaiService .getTenants(globalCustomerId, serviceType, roleValidator); if (response.getHttpCode() == 200) { diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java index 6431282e7..2d7a9253e 100644 --- a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java +++ b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java @@ -33,6 +33,7 @@ import org.onap.vid.model.aaiTree.Network; import org.onap.vid.model.aaiTree.RelatedVnf; import org.onap.vid.model.aaiTree.VpnBinding; import org.onap.vid.properties.Features; +import org.onap.vid.roles.PermissionPropertiesSubscriberAndServiceType; import org.onap.vid.roles.RoleProvider; import org.onap.vid.services.AaiService; import org.springframework.beans.factory.annotation.Autowired; @@ -94,7 +95,7 @@ public class AaiController2 extends VidRestrictedBaseController { final boolean isEditPermitted = roleProvider .getUserRolesValidator(request) - .isServicePermitted(subscriberId, serviceType); + .isServicePermitted(new PermissionPropertiesSubscriberAndServiceType(subscriberId, serviceType)); return new Permissions(isEditPermitted); } diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java b/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java index 6c8a37262..ce8bbb50c 100644 --- a/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java +++ b/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java @@ -33,7 +33,9 @@ import org.onap.vid.model.ServiceInfo; import org.onap.vid.model.serviceInstantiation.ServiceInstantiation; import org.onap.vid.mso.MsoResponseWrapper2; import org.onap.vid.properties.Features; +import org.onap.vid.roles.AllPermissionProperties; import org.onap.vid.roles.RoleProvider; +import org.onap.vid.roles.RoleValidator; import org.onap.vid.services.AsyncInstantiationBusinessLogic; import org.onap.vid.services.AuditService; import org.onap.vid.utils.SystemPropertiesWrapper; @@ -165,8 +167,15 @@ public class AsyncInstantiationController extends VidRestrictedBaseController { } private void throwExceptionIfAccessDenied(ServiceInstantiation request, HttpServletRequest httpServletRequest, String userId) { - if (featureManager.isActive(Features.FLAG_1906_INSTANTIATION_API_USER_VALIDATION) && !roleProvider.getUserRolesValidator(httpServletRequest).isServicePermitted(request.getGlobalSubscriberId(), request.getSubscriptionServiceType())) { - throw new AccessDeniedException(String.format("User %s is not allowed to make this request", userId)); + if (featureManager.isActive(Features.FLAG_1906_INSTANTIATION_API_USER_VALIDATION)) { + RoleValidator roleValidator = roleProvider.getUserRolesValidator(httpServletRequest); + if (!roleValidator.isServicePermitted(new AllPermissionProperties( + request.getGlobalSubscriberId(), + request.getSubscriptionServiceType(), + request.getOwningEntityId())) + ) { + throw new AccessDeniedException(String.format("User %s is not allowed to make this request", userId)); + } } } } diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/PreLoadController.java b/vid-app-common/src/main/java/org/onap/vid/controller/PreLoadController.java new file mode 100644 index 000000000..ba20997cd --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/controller/PreLoadController.java @@ -0,0 +1,34 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.controller; +import org.springframework.web.bind.annotation.*; +import javax.servlet.http.HttpServletRequest; + +@RestController +@RequestMapping(PreLoadController.PRE_LOAD) +public class PreLoadController extends VidRestrictedBaseController{ + public static final String PRE_LOAD = "preload"; + + @PostMapping() + public Boolean postPreload (HttpServletRequest request) { + return true; + } +} diff --git a/vid-app-common/src/main/java/org/onap/vid/model/ExceptionResponse.java b/vid-app-common/src/main/java/org/onap/vid/model/ExceptionResponse.java index d2e5d637e..f8d5918db 100644 --- a/vid-app-common/src/main/java/org/onap/vid/model/ExceptionResponse.java +++ b/vid-app-common/src/main/java/org/onap/vid/model/ExceptionResponse.java @@ -20,10 +20,9 @@ package org.onap.vid.model; +import org.onap.logging.ref.slf4j.ONAPLogConstants.MDCs; import org.slf4j.MDC; -import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID; - /** * The Class ExceptionResponse. */ @@ -67,7 +66,7 @@ public class ExceptionResponse { public void setException(Exception exception) { setException(exception.getClass().toString().replaceFirst("^.*[\\.$]", "")); - setMessage(exception.getMessage() + " (Request id: " + MDC.get(MDC_KEY_REQUEST_ID) + ")"); + setMessage(exception.getMessage() + " (Request id: " + MDC.get(MDCs.REQUEST_ID) + ")"); } /** diff --git a/vid-app-common/src/main/java/org/onap/vid/model/ServiceInstanceSearchResult.java b/vid-app-common/src/main/java/org/onap/vid/model/ServiceInstanceSearchResult.java index 259405c4e..2665313d7 100644 --- a/vid-app-common/src/main/java/org/onap/vid/model/ServiceInstanceSearchResult.java +++ b/vid-app-common/src/main/java/org/onap/vid/model/ServiceInstanceSearchResult.java @@ -20,11 +20,17 @@ package org.onap.vid.model; -public class ServiceInstanceSearchResult { +import com.fasterxml.jackson.annotation.JsonProperty; +import org.apache.commons.lang3.StringUtils; +import org.onap.vid.roles.WithPermissionPropertiesSubscriberAndServiceType; + +public class ServiceInstanceSearchResult implements WithPermissionPropertiesSubscriberAndServiceType { + + private final String SUBSCRIBER_ID_FRONTEND_ALIAS = "globalCustomerId"; private String serviceInstanceId; - private String globalCustomerId; + private String subscriberId; private String serviceType; @@ -39,13 +45,13 @@ public class ServiceInstanceSearchResult { private boolean isPermitted; public ServiceInstanceSearchResult(){ - } - public ServiceInstanceSearchResult(String serviceInstanceId, String globalCustomerId, String serviceType, + + public ServiceInstanceSearchResult(String serviceInstanceId, String subscriberId, String serviceType, String serviceInstanceName, String subscriberName, String aaiModelInvariantId, String aaiModelVersionId, boolean isPermitted) { this.serviceInstanceId = serviceInstanceId; - this.globalCustomerId = globalCustomerId; + this.subscriberId = subscriberId; this.serviceType = serviceType; this.serviceInstanceName = serviceInstanceName; this.subscriberName = subscriberName; @@ -62,14 +68,17 @@ public class ServiceInstanceSearchResult { this.serviceInstanceId = serviceInstanceId; } - public String getGlobalCustomerId() { - return globalCustomerId; + @Override + @JsonProperty(SUBSCRIBER_ID_FRONTEND_ALIAS) + public String getSubscriberId() { + return subscriberId; } - public void setGlobalCustomerId(String globalCustomerId) { - this.globalCustomerId = globalCustomerId; + public void setSubscriberId(String subscriberId) { + this.subscriberId = subscriberId; } + @Override public String getServiceType() { return serviceType; } @@ -119,21 +128,21 @@ public class ServiceInstanceSearchResult { } @Override - public boolean equals(Object other){ - if (other instanceof ServiceInstanceSearchResult) { - ServiceInstanceSearchResult serviceInstanceSearchResultOther = (ServiceInstanceSearchResult) other; - if (this.getServiceInstanceId().equals(serviceInstanceSearchResultOther.getServiceInstanceId())) { - return true; - } + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; } - return false; + ServiceInstanceSearchResult that = (ServiceInstanceSearchResult) o; + + return StringUtils.equals(serviceInstanceId, that.serviceInstanceId); } @Override public int hashCode() { - int result = 17; - result = 31 * result + serviceInstanceId.hashCode(); - return result; + return serviceInstanceId != null ? serviceInstanceId.hashCode() : 0; } } diff --git a/vid-app-common/src/main/java/org/onap/vid/properties/Features.java b/vid-app-common/src/main/java/org/onap/vid/properties/Features.java index 74f7d4e0b..27190466d 100644 --- a/vid-app-common/src/main/java/org/onap/vid/properties/Features.java +++ b/vid-app-common/src/main/java/org/onap/vid/properties/Features.java @@ -82,8 +82,10 @@ public enum Features implements Feature { FLAG_2004_INSTANTIATION_STATUS_FILTER, FLAG_2004_CREATE_ANOTHER_INSTANCE_FROM_TEMPLATE, FLAG_2004_INSTANTIATION_TEMPLATES_POPUP, + FLAG_2006_VFM_SDNC_PRELOAD_FILES, FLAG_2002_UNLIMITED_MAX, FLAG_MORE_AUDIT_INFO_LINK_ON_AUDIT_INFO, + FLAG_2006_USER_PERMISSIONS_BY_OWNING_ENTITY, ; diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/AlwaysValidRoleValidator.java b/vid-app-common/src/main/java/org/onap/vid/roles/AlwaysValidRoleValidator.java index 4e5340fc2..66eab1810 100644 --- a/vid-app-common/src/main/java/org/onap/vid/roles/AlwaysValidRoleValidator.java +++ b/vid-app-common/src/main/java/org/onap/vid/roles/AlwaysValidRoleValidator.java @@ -27,17 +27,17 @@ public class AlwaysValidRoleValidator implements RoleValidator { } @Override - public boolean isSubscriberPermitted(String subscriberName) { + public boolean isSubscriberPermitted(String subscriberId) { return true; } @Override - public boolean isServicePermitted(String subscriberName, String serviceType) { + public boolean isServicePermitted(WithPermissionProperties permissionProperties) { return true; } @Override - public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName) { + public boolean isTenantPermitted(String subscriberId, String serviceType, String tenantName) { return true; } } diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/PermissionProperties.kt b/vid-app-common/src/main/java/org/onap/vid/roles/PermissionProperties.kt new file mode 100644 index 000000000..dbdd41326 --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/roles/PermissionProperties.kt @@ -0,0 +1,34 @@ +package org.onap.vid.roles + +import org.onap.vid.aai.ServiceSubscription + + +interface WithPermissionProperties + +interface WithPermissionPropertiesSubscriberAndServiceType: WithPermissionProperties { + val subscriberId: String? + val serviceType: String? +} + +interface WithPermissionPropertiesOwningEntity: WithPermissionProperties { + val owningEntityId: String? +} + + +data class AllPermissionProperties( + override val subscriberId: String?, + override val serviceType: String?, + override val owningEntityId: String? +): WithPermissionPropertiesOwningEntity, WithPermissionPropertiesSubscriberAndServiceType + +data class PermissionPropertiesOwningEntity( + override val owningEntityId: String? +): WithPermissionPropertiesOwningEntity + +data class PermissionPropertiesSubscriberAndServiceType( + override val subscriberId: String?, + override val serviceType: String? +) : WithPermissionPropertiesSubscriberAndServiceType { + constructor(serviceSubscription: ServiceSubscription, subscriberId: String?) : this(subscriberId, serviceSubscription.serviceType) +} + diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/Role.java b/vid-app-common/src/main/java/org/onap/vid/roles/Role.java index 454483031..3de894480 100644 --- a/vid-app-common/src/main/java/org/onap/vid/roles/Role.java +++ b/vid-app-common/src/main/java/org/onap/vid/roles/Role.java @@ -20,49 +20,44 @@ package org.onap.vid.roles; -/** - * Created by Oren on 7/1/17. - */ - public class Role { - private EcompRole ecompRole; + private final EcompRole ecompRole; + + private final String subscriberId; - private String subscribeName; + private final String serviceType; - private String serviceType; + private final String tenant; - private String tenant; + private final String owningEntityId; - public Role(EcompRole ecompRole, String subscribeName, String serviceType, String tenant) { + public Role(EcompRole ecompRole, String subscriberId, String serviceType, String tenant, String owningEntityId) { this.ecompRole = ecompRole; - this.subscribeName = subscribeName; + this.subscriberId = subscriberId; this.serviceType = serviceType; this.tenant = tenant; + this.owningEntityId = owningEntityId; } public EcompRole getEcompRole() { return ecompRole; } - - public String getSubscribeName() { - return subscribeName; - } - - public void setSubscribeName(String subscribeName) { - this.subscribeName = subscribeName; + public String getSubscriberId() { + return subscriberId; } public String getServiceType() { return serviceType; } - public String getTenant() { return tenant; } - + public String getOwningEntityId() { + return owningEntityId; + } } diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleProvider.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleProvider.java index 898db332c..c35f5f704 100644 --- a/vid-app-common/src/main/java/org/onap/vid/roles/RoleProvider.java +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleProvider.java @@ -42,11 +42,6 @@ import org.onap.vid.services.AaiService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; - -/** - * Created by Oren on 7/1/17. - */ - @Component public class RoleProvider { @@ -58,16 +53,20 @@ public class RoleProvider { private Function<HttpServletRequest, Integer> getUserIdFunction; private Function<HttpServletRequest, Map> getRolesFunction; + private final RoleValidatorFactory roleValidatorFactory; @Autowired - public RoleProvider(AaiService aaiService) { + public RoleProvider(AaiService aaiService, RoleValidatorFactory roleValidatorFactory) { this.aaiService=aaiService; + this.roleValidatorFactory = roleValidatorFactory; getUserIdFunction = UserUtils::getUserId; getRolesFunction = UserUtils::getRoles; } - RoleProvider(AaiService aaiService, Function<HttpServletRequest, Integer> getUserIdFunction, Function<HttpServletRequest, Map> getRolesFunction) { + RoleProvider(AaiService aaiService, RoleValidatorFactory roleValidatorFactory, + Function<HttpServletRequest, Integer> getUserIdFunction, Function<HttpServletRequest, Map> getRolesFunction) { this.aaiService = aaiService; + this.roleValidatorFactory = roleValidatorFactory; this.getRolesFunction = getRolesFunction; this.getUserIdFunction = getUserIdFunction; } @@ -143,11 +142,13 @@ public class RoleProvider { public Role createRoleFromStringArr(String[] roleParts, String rolePrefix) throws RoleParsingException { String globalCustomerID = replaceSubscriberNameToGlobalCustomerID(roleParts[0], rolePrefix); + String owningEntityId = translateOwningEntityNameToOwningEntityId(roleParts[0]); + try { if (roleParts.length > 2) { - return new Role(EcompRole.READ, globalCustomerID, roleParts[1], roleParts[2]); + return new Role(EcompRole.READ, globalCustomerID, roleParts[1], roleParts[2], owningEntityId); } else { - return new Role(EcompRole.READ, globalCustomerID, roleParts[1], null); + return new Role(EcompRole.READ, globalCustomerID, roleParts[1], null, owningEntityId); } } catch (ArrayIndexOutOfBoundsException e) { if (roleParts.length > 0) @@ -161,8 +162,12 @@ public class RoleProvider { } + private String translateOwningEntityNameToOwningEntityId(String owningEntityName) { + return owningEntityName; // TODO: translate to id + } + public RoleValidator getUserRolesValidator(HttpServletRequest request) { - return RoleValidator.by(getUserRoles(request)); + return roleValidatorFactory.by(getUserRoles(request)); } } diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java index 830c0f50c..14c027392 100644 --- a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java @@ -21,26 +21,11 @@ package org.onap.vid.roles; -import java.util.List; -import org.apache.commons.lang3.StringUtils; -import org.onap.portalsdk.core.util.SystemProperties; - public interface RoleValidator { - static RoleValidator by(List<Role> roles) { - final boolean disableRoles = StringUtils.equals(SystemProperties.getProperty("role_management_activated"), "false"); - return by(roles, disableRoles); - } - - static RoleValidator by(List<Role> roles, boolean disableRoles) { - return disableRoles - ? new AlwaysValidRoleValidator() - : new RoleValidatorByRoles(roles); - } - - boolean isSubscriberPermitted(String subscriberName); + boolean isSubscriberPermitted(String subscriberId); - boolean isServicePermitted(String subscriberName, String serviceType); + boolean isServicePermitted(WithPermissionProperties serviceInstanceSearchResult); - boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName); + boolean isTenantPermitted(String subscriberId, String serviceType, String tenantName); } diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorByOwningEntity.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorByOwningEntity.java new file mode 100644 index 000000000..8d73dc400 --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorByOwningEntity.java @@ -0,0 +1,64 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + + +import java.util.List; +import org.apache.commons.lang3.StringUtils; + +public class RoleValidatorByOwningEntity implements RoleValidator{ + + private final List<Role> userRoles; + + RoleValidatorByOwningEntity(List<Role> roles) { + this.userRoles = roles; + } + + private boolean isOwningEntityIdPermitted(String owningEntityId) { + if (StringUtils.isEmpty(owningEntityId)) { + return false; + } + + return userRoles.stream().anyMatch(userRole -> + StringUtils.equals(userRole.getOwningEntityId(), owningEntityId) + ); + } + + @Override + public boolean isSubscriberPermitted(String subscriberId) { + return false; + } + + @Override + public boolean isServicePermitted(WithPermissionProperties permissionProperties) { + if (permissionProperties instanceof WithPermissionPropertiesOwningEntity) { + String owningEntityId = ((WithPermissionPropertiesOwningEntity) permissionProperties).getOwningEntityId(); + return isOwningEntityIdPermitted(owningEntityId); + } else { + return false; + } + } + + @Override + public boolean isTenantPermitted(String subscriberId, String serviceType, String tenantName) { + return false; + } +} diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorByRoles.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorBySubscriberAndServiceType.java index ad5b519c4..24a00f6e8 100644 --- a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorByRoles.java +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorBySubscriberAndServiceType.java @@ -21,21 +21,20 @@ package org.onap.vid.roles; import java.util.List; -import java.util.Map; -import org.onap.vid.mso.rest.RequestDetails; +import org.apache.commons.lang3.StringUtils; -public class RoleValidatorByRoles implements RoleValidator { +public class RoleValidatorBySubscriberAndServiceType implements RoleValidator { private final List<Role> userRoles; - RoleValidatorByRoles(List<Role> roles) { + RoleValidatorBySubscriberAndServiceType(List<Role> roles) { this.userRoles = roles; } @Override - public boolean isSubscriberPermitted(String subscriberName) { + public boolean isSubscriberPermitted(String subscriberId) { for (Role role : userRoles) { - if (role.getSubscribeName().equals(subscriberName)) { + if (role.getSubscriberId().equals(subscriberId)) { return true; } } @@ -43,19 +42,26 @@ public class RoleValidatorByRoles implements RoleValidator { } @Override - public boolean isServicePermitted(String subscriberName, String serviceType) { - for (Role role : userRoles) { - if (role.getSubscribeName().equals(subscriberName) && role.getServiceType().equals(serviceType)) { - return true; - } + public boolean isServicePermitted(WithPermissionProperties permissionProperties) { + if (permissionProperties instanceof WithPermissionPropertiesSubscriberAndServiceType) { + return isServicePermitted( + (WithPermissionPropertiesSubscriberAndServiceType) permissionProperties + ); } return false; } + private boolean isServicePermitted(WithPermissionPropertiesSubscriberAndServiceType permissionProperties) { + return userRoles.stream().anyMatch(userRole -> + StringUtils.equals(userRole.getSubscriberId(), permissionProperties.getSubscriberId()) + && StringUtils.equals(userRole.getServiceType(), permissionProperties.getServiceType()) + ); + } + @Override - public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName) { + public boolean isTenantPermitted(String subscriberId, String serviceType, String tenantName) { for (Role role : userRoles) { - if (role.getSubscribeName().equals(globalCustomerId) + if (role.getSubscriberId().equals(subscriberId) && role.getServiceType().equals(serviceType) && (role.getTenant() == null || role.getTenant().equalsIgnoreCase(tenantName))) { return true; @@ -64,17 +70,4 @@ public class RoleValidatorByRoles implements RoleValidator { return false; } - boolean isMsoRequestValid(RequestDetails msoRequest) { - try { - String globalSubscriberIdRequested = (String) ((Map) ((Map) msoRequest.getAdditionalProperties() - .get("requestDetails")).get("subscriberInfo")).get("globalSubscriberId"); - String serviceType = (String) ((Map) ((Map) msoRequest.getAdditionalProperties().get("requestDetails")) - .get("requestParameters")).get("subscriptionServiceType"); - return isServicePermitted(globalSubscriberIdRequested, serviceType); - } catch (Exception e) { - //Until we'll get the exact information regarding the tenants and the global customer id, we'll return true on unknown requests to mso - return true; - } - } - } diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorFactory.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorFactory.java new file mode 100644 index 000000000..b171ad7e7 --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorFactory.java @@ -0,0 +1,63 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2020 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + + +import java.util.List; +import org.apache.commons.lang3.StringUtils; +import org.onap.portalsdk.core.util.SystemProperties; +import org.onap.vid.properties.Features; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.togglz.core.manager.FeatureManager; + +@Component +public class RoleValidatorFactory { + private final FeatureManager featureManager; + + @Autowired + public RoleValidatorFactory(FeatureManager featureManager) { + this.featureManager = featureManager; + } + + + public RoleValidator by(List<Role> roles) { + final boolean disableRoles = StringUtils + .equals(SystemProperties.getProperty("role_management_activated"), "false"); + return by(roles, disableRoles); + } + + public RoleValidator by(List<Role> roles, boolean disableRoles) { + + if(disableRoles) { + return new AlwaysValidRoleValidator(); + } + else if (featureManager.isActive(Features.FLAG_2006_USER_PERMISSIONS_BY_OWNING_ENTITY)){ + return new RoleValidatorsComposer( + new RoleValidatorBySubscriberAndServiceType(roles), + new RoleValidatorByOwningEntity(roles) + ); + } + else { + return new RoleValidatorBySubscriberAndServiceType(roles); + } + } +} diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorsComposer.kt b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorsComposer.kt new file mode 100644 index 000000000..d012cb3f3 --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorsComposer.kt @@ -0,0 +1,16 @@ +package org.onap.vid.roles + +class RoleValidatorsComposer(private vararg val roleValidators: RoleValidator) : RoleValidator { + + constructor(roleValidators: Collection<RoleValidator>) : this(*roleValidators.toTypedArray()) + + override fun isServicePermitted(p: WithPermissionProperties): Boolean = + roleValidators.any { it.isServicePermitted(p) } + + override fun isSubscriberPermitted(subscriberId: String?): Boolean = + roleValidators.any { it.isSubscriberPermitted(subscriberId) } + + override fun isTenantPermitted(subscriberId: String?, serviceType: String?, tenantName: String?): Boolean = + roleValidators.any { it.isTenantPermitted(subscriberId, serviceType, tenantName) } + +} diff --git a/vid-app-common/src/main/java/org/onap/vid/services/AaiServiceImpl.java b/vid-app-common/src/main/java/org/onap/vid/services/AaiServiceImpl.java index b3ac16884..696aca5ea 100644 --- a/vid-app-common/src/main/java/org/onap/vid/services/AaiServiceImpl.java +++ b/vid-app-common/src/main/java/org/onap/vid/services/AaiServiceImpl.java @@ -85,6 +85,7 @@ import org.onap.vid.model.aaiTree.NodeType; import org.onap.vid.model.aaiTree.RelatedVnf; import org.onap.vid.model.aaiTree.VpnBinding; import org.onap.vid.model.aaiTree.VpnBindingKt; +import org.onap.vid.roles.PermissionPropertiesSubscriberAndServiceType; import org.onap.vid.roles.RoleValidator; import org.onap.vid.utils.Intersection; import org.onap.vid.utils.Logging; @@ -217,11 +218,11 @@ public class AaiServiceImpl implements AaiService { } else if (key.equals(SERVICE_TYPE)) { serviceInstanceSearchResult.setServiceType(relationshipData.getRelationshipValue()); } else if (key.equals(CUSTOMER_ID)) { - serviceInstanceSearchResult.setGlobalCustomerId(relationshipData.getRelationshipValue()); + serviceInstanceSearchResult.setSubscriberId(relationshipData.getRelationshipValue()); } } - boolean isPermitted = roleValidator.isServicePermitted(serviceInstanceSearchResult.getSubscriberName(), serviceInstanceSearchResult.getServiceType()); + boolean isPermitted = roleValidator.isServicePermitted(serviceInstanceSearchResult); serviceInstanceSearchResult.setIsPermitted(isPermitted); } } @@ -265,10 +266,9 @@ public class AaiServiceImpl implements AaiService { @Override public AaiResponse getSubscriberData(String subscriberId, RoleValidator roleValidator, boolean omitServiceInstances) { AaiResponse<Services> subscriberResponse = aaiClient.getSubscriberData(subscriberId, omitServiceInstances); - String subscriberGlobalId = subscriberResponse.getT().globalCustomerId; for (ServiceSubscription serviceSubscription : subscriberResponse.getT().serviceSubscriptions.serviceSubscription) { - String serviceType = serviceSubscription.serviceType; - serviceSubscription.isPermitted = roleValidator.isServicePermitted(subscriberGlobalId, serviceType); + serviceSubscription.isPermitted = roleValidator.isServicePermitted( + new PermissionPropertiesSubscriberAndServiceType(serviceSubscription, subscriberResponse.getT().globalCustomerId)); } return subscriberResponse; @@ -298,38 +298,43 @@ public class AaiServiceImpl implements AaiService { private List<ServiceInstanceSearchResult> getServicesBySubscriber(String subscriberId, String instanceIdentifier, RoleValidator roleValidator) { AaiResponse<Services> subscriberResponse = aaiClient.getSubscriberData(subscriberId, false); - String subscriberGlobalId = subscriberResponse.getT().globalCustomerId; String subscriberName = subscriberResponse.getT().subscriberName; ServiceSubscriptions serviceSubscriptions = subscriberResponse.getT().serviceSubscriptions; - return getSearchResultsForSubscriptions(serviceSubscriptions, subscriberId, instanceIdentifier, roleValidator, subscriberGlobalId, subscriberName); - + return getSearchResultsForSubscriptions(serviceSubscriptions, subscriberId, instanceIdentifier, roleValidator, subscriberName); } - private ArrayList<ServiceInstanceSearchResult> getSearchResultsForSubscriptions(ServiceSubscriptions serviceSubscriptions, String subscriberId, String instanceIdentifier, RoleValidator roleValidator, String subscriberGlobalId, String subscriberName) { + private ArrayList<ServiceInstanceSearchResult> getSearchResultsForSubscriptions( + ServiceSubscriptions serviceSubscriptions, String subscriberId, String instanceIdentifier, + RoleValidator roleValidator, String subscriberName) { ArrayList<ServiceInstanceSearchResult> results = new ArrayList<>(); if (serviceSubscriptions != null) { for (ServiceSubscription serviceSubscription : serviceSubscriptions.serviceSubscription) { - String serviceType = serviceSubscription.serviceType; - serviceSubscription.isPermitted = roleValidator.isServicePermitted(subscriberGlobalId, serviceType); - ArrayList<ServiceInstanceSearchResult> resultsForSubscription = getSearchResultsForSingleSubscription(serviceSubscription, subscriberId, instanceIdentifier, subscriberName, serviceType); - results.addAll(resultsForSubscription); + serviceSubscription.isPermitted = roleValidator.isServicePermitted(new PermissionPropertiesSubscriberAndServiceType(serviceSubscription, subscriberId)); + results.addAll(getSearchResultsForSingleSubscription( + serviceSubscription, subscriberId, instanceIdentifier, subscriberName, + serviceSubscription.serviceType, roleValidator) + ); } } return results; } - private ArrayList<ServiceInstanceSearchResult> getSearchResultsForSingleSubscription(ServiceSubscription serviceSubscription, String subscriberId, String instanceIdentifier, String subscriberName, String serviceType) { + private ArrayList<ServiceInstanceSearchResult> getSearchResultsForSingleSubscription( + ServiceSubscription serviceSubscription, String subscriberId, String instanceIdentifier, String subscriberName, + String serviceType, RoleValidator roleValidator) { ArrayList<ServiceInstanceSearchResult> results = new ArrayList<>(); if (serviceSubscription.serviceInstances != null) { for (ServiceInstance serviceInstance : serviceSubscription.serviceInstances.serviceInstance) { ServiceInstanceSearchResult serviceInstanceSearchResult = new ServiceInstanceSearchResult(serviceInstance.serviceInstanceId, subscriberId, serviceType, serviceInstance.serviceInstanceName, - subscriberName, serviceInstance.modelInvariantId, serviceInstance.modelVersionId, serviceSubscription.isPermitted); + subscriberName, serviceInstance.modelInvariantId, serviceInstance.modelVersionId, false); + + serviceInstanceSearchResult.setIsPermitted(roleValidator.isServicePermitted(serviceInstanceSearchResult)); if ((instanceIdentifier == null) || (serviceInstanceMatchesIdentifier(instanceIdentifier, serviceInstance))){ results.add(serviceInstanceSearchResult); diff --git a/vid-app-common/src/main/webapp/app/vid/scripts/constants/componentConstants.js b/vid-app-common/src/main/webapp/app/vid/scripts/constants/componentConstants.js index 9cdd5ceb9..1e8a04baf 100755 --- a/vid-app-common/src/main/webapp/app/vid/scripts/constants/componentConstants.js +++ b/vid-app-common/src/main/webapp/app/vid/scripts/constants/componentConstants.js @@ -265,7 +265,8 @@ appDS2 FLAG_FLASH_REPLACE_VF_MODULE: "FLAG_FLASH_REPLACE_VF_MODULE", FLAG_FLASH_MORE_ACTIONS_BUTTON_IN_OLD_VIEW_EDIT: "FLAG_FLASH_MORE_ACTIONS_BUTTON_IN_OLD_VIEW_EDIT", FLAG_SHOW_ORCHESTRATION_TYPE: "FLAG_SHOW_ORCHESTRATION_TYPE", - FLAG_2004_INSTANTIATION_TEMPLATES_POPUP : "FLAG_2004_INSTANTIATION_TEMPLATES_POPUP" + FLAG_2004_INSTANTIATION_TEMPLATES_POPUP : "FLAG_2004_INSTANTIATION_TEMPLATES_POPUP", + FLAG_2006_USER_PERMISSIONS_BY_OWNING_ENTITY: "FLAG_2006_USER_PERMISSIONS_BY_OWNING_ENTITY" } }; diff --git a/vid-app-common/src/test/java/org/onap/vid/aai/SubscriberFilteredResultsTest.java b/vid-app-common/src/test/java/org/onap/vid/aai/SubscriberFilteredResultsTest.java index f9668c960..06ef5d586 100644 --- a/vid-app-common/src/test/java/org/onap/vid/aai/SubscriberFilteredResultsTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/aai/SubscriberFilteredResultsTest.java @@ -33,8 +33,10 @@ import org.onap.vid.model.SubscriberList; import org.onap.vid.roles.EcompRole; import org.onap.vid.roles.Role; import org.onap.vid.roles.RoleValidator; +import org.onap.vid.roles.RoleValidatorFactory; import static org.junit.Assert.assertEquals; +import static org.mockito.Mockito.mock; public class SubscriberFilteredResultsTest { @@ -89,9 +91,7 @@ public class SubscriberFilteredResultsTest { } private void prepareRoleValidator() { - ArrayList<Role> list = new ArrayList<>(); - list.add(new Role(EcompRole.READ, "a", "a", "a")); - roleValidator = RoleValidator.by(list); + roleValidator = mock(RoleValidator.class); } private void prepareSubscriberList() throws IOException { diff --git a/vid-app-common/src/test/java/org/onap/vid/bl/AaiServiceTest.java b/vid-app-common/src/test/java/org/onap/vid/bl/AaiServiceTest.java deleted file mode 100644 index 1d4556535..000000000 --- a/vid-app-common/src/test/java/org/onap/vid/bl/AaiServiceTest.java +++ /dev/null @@ -1,177 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * VID - * ================================================================================ - * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.vid.bl; - -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.arrayWithSize; -import static org.hamcrest.Matchers.equalTo; -import static org.testng.Assert.assertEquals; -import static org.testng.Assert.assertNotNull; - -import java.util.Arrays; -import java.util.Collections; -import java.util.List; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.mockito.MockitoAnnotations; -import org.onap.vid.aai.AaiClientInterface; -import org.onap.vid.aai.AaiResponse; -import org.onap.vid.aai.model.AaiGetPnfResponse; -import org.onap.vid.aai.model.AaiGetPnfs.Pnf; -import org.onap.vid.aai.model.AaiGetTenatns.GetTenantsResponse; -import org.onap.vid.aai.model.LogicalLinkResponse; -import org.onap.vid.aai.model.Relationship; -import org.onap.vid.aai.model.RelationshipData; -import org.onap.vid.aai.model.RelationshipList; -import org.onap.vid.aai.model.ServiceRelationships; -import org.onap.vid.roles.Role; -import org.onap.vid.roles.RoleValidator; -import org.onap.vid.services.AaiServiceImpl; -import org.testng.annotations.BeforeMethod; -import org.testng.annotations.DataProvider; -import org.testng.annotations.Test; - -public class AaiServiceTest { - - @InjectMocks - private AaiServiceImpl aaiService; - - @Mock - private AaiClientInterface aaiClientInterface; - - - - @BeforeMethod - public void initMocks(){ - MockitoAnnotations.initMocks(this); - } - - @Test - public void testGetSpecificPnf(){ - Pnf pnf = Pnf.builder().withPnfId("11111").build(); - AaiResponse<Pnf> aaiResponse = new AaiResponse<>(pnf, "aaaa", 200); - Mockito.doReturn(aaiResponse).when(aaiClientInterface).getSpecificPnf(Mockito.anyString()); - AaiResponse<Pnf> specificPnf = aaiService.getSpecificPnf("1345667"); - assertNotNull(specificPnf); - pnf = specificPnf.getT(); - assertNotNull(pnf); - assertEquals("11111",pnf.getPnfId()); - assertEquals("aaaa",specificPnf.getErrorMessage()); - assertEquals(200,specificPnf.getHttpCode()); - } - - @Test - public void testPnfByRegion(){ - AaiGetPnfResponse aaiGetPnfResponse = new AaiGetPnfResponse(); - AaiResponse<AaiGetPnfResponse> aaiResponse = new AaiResponse<>(aaiGetPnfResponse, "", 200); - Mockito.doReturn(aaiResponse).when(aaiClientInterface).getPNFData(Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString()); - AaiResponse<AaiGetPnfResponse> aaiGetPnfResponseWrapper = aaiService.getPNFData("1345667", "1345667", "1345667", "1345667", "1345667", "1345667", "1345667"); - assertNotNull(aaiGetPnfResponseWrapper); - aaiGetPnfResponse = aaiGetPnfResponseWrapper.getT(); - assertNotNull(aaiGetPnfResponse); - } - - @Test - public void testGetAssociatedPnfs(){ - ServiceRelationships serviceRelationships = createServiceRelationships(); - AaiResponse<ServiceRelationships> aaiResponse = new AaiResponse<>(serviceRelationships, null, 200); - Mockito.doReturn(aaiResponse).when(aaiClientInterface).getServiceInstance(Mockito.anyString(), Mockito.anyString(), Mockito.anyString()); - - LogicalLinkResponse logicalLinkResponse = createLogicalLinkResponse(); - AaiResponse<LogicalLinkResponse> aaiResponse1 = new AaiResponse<>(logicalLinkResponse, null, 200); - Mockito.doReturn(aaiResponse1).when(aaiClientInterface).getLogicalLink("SANITY6758cce9%3ALAG1992%7CSANITY6785cce9%3ALAG1961"); - - List<String> pnfList = aaiService.getServiceInstanceAssociatedPnfs("123", "456", "789"); - assertNotNull(pnfList); - assertEquals(1, pnfList.size()); - assertEquals("SANITY6785cce9", pnfList.get(0)); - } - - private ServiceRelationships createServiceRelationships() { - ServiceRelationships serviceRelationships = new ServiceRelationships(); - serviceRelationships.setServiceInstanceName("test service"); - - RelationshipData logicalLinksRelationshipData = new RelationshipData(); - logicalLinksRelationshipData.setRelationshipKey("logical-link.link-name"); - logicalLinksRelationshipData.setRelationshipValue("SANITY6758cce9:LAG1992|SANITY6785cce9:LAG1961"); - - Relationship logicalLinksRelationship = new Relationship(); - logicalLinksRelationship.setRelatedTo("logical-link"); - logicalLinksRelationship.setRelationDataList(Arrays.asList(logicalLinksRelationshipData)); - - RelationshipList logicalLinksRelationshipsList = new RelationshipList(); - logicalLinksRelationshipsList.setRelationship(Arrays.asList(logicalLinksRelationship)); - - serviceRelationships.setRelationshipList(logicalLinksRelationshipsList); - return serviceRelationships; - } - - private LogicalLinkResponse createLogicalLinkResponse() { - LogicalLinkResponse logicalLinkResponse = new LogicalLinkResponse(); - logicalLinkResponse.setLinkName("SANITY6758cce9:LAG1992|SANITY6785cce9:LAG1961"); - - RelationshipData lagInterfaceRelationshipData = new RelationshipData(); - lagInterfaceRelationshipData.setRelationshipKey("pnf.pnf-name"); - lagInterfaceRelationshipData.setRelationshipValue("SANITY6785cce9"); - - Relationship lagInterfaceRelationship = new Relationship(); - lagInterfaceRelationship.setRelatedTo("lag-interface"); - lagInterfaceRelationship.setRelationDataList(Arrays.asList(lagInterfaceRelationshipData)); - - RelationshipList lagInterfaceRelationshipsList = new RelationshipList(); - lagInterfaceRelationshipsList.setRelationship(Arrays.asList(lagInterfaceRelationship)); - - logicalLinkResponse.setRelationshipList(lagInterfaceRelationshipsList); - - return logicalLinkResponse; - } - - @DataProvider - public static Object[][] getTenantsData() { - return new Object[][] { - {"customer1", "serviceType1", "tenant1", "customer1", "serviceType1", "tenant1", "id-1", true}, - {"customer1", "serviceType1", "TeNant1", "customer1", "serviceType1", "tenant1", "id-1", true}, - {"customer1", "serviceType1", "TENANT1", "customer1", "serviceType1", "tenant1", "id-1", true}, - {"customer1", "serviceType1", "tenant2", "customer1", "serviceType1", "tenant1", "tenant2", false}, - {"customer1", "serviceType1", null, "customer1", "serviceType1", "tenant1", "tenant2", true}, - {"customer2", "serviceType1", "tenant1", "customer1", "serviceType1", "tenant1", "id-1", false}, - {"customer1", "serviceType2", "tenant1", "customer1", "serviceType1", "tenant1", "id-1", false}, - {"customer2", "serviceType1", null, "customer1", "serviceType1", "tenant1", "id-1", false}, - {"customer1", "serviceType2", null, "customer1", "serviceType1", "tenant1", "id-1", false}, - }; - } - - @Test(dataProvider = "getTenantsData") - public void testGetTenants(String userGlobalCustomerId, String userServiceType, String userTenantName, String serviceGlobalCustomerId, - String serviceServiceType, String serviceTenantName, String serviceTenantId, boolean expectedIsPermitted) { - GetTenantsResponse[] getTenantsResponses = new GetTenantsResponse[] {new GetTenantsResponse(null, null, serviceTenantName, serviceTenantId, expectedIsPermitted)}; - AaiResponse<GetTenantsResponse[]> aaiResponse = new AaiResponse<>(getTenantsResponses, null, 200); - Mockito.doReturn(aaiResponse).when(aaiClientInterface).getTenants(serviceGlobalCustomerId, serviceServiceType); - Role role = new Role(null, userGlobalCustomerId, userServiceType, userTenantName); - RoleValidator roleValidator = RoleValidator.by(Collections.singletonList(role)); - AaiResponse<GetTenantsResponse[]> actualTenants = aaiService.getTenants(serviceGlobalCustomerId, serviceServiceType, roleValidator); - - assertThat(actualTenants.getT(), arrayWithSize(1)); - assertThat(actualTenants.getT()[0].tenantName, equalTo(serviceTenantName)); - //assertThat(actualTenants.getT()[0].isPermitted, equalTo(expectedIsPermitted)); - } -} diff --git a/vid-app-common/src/test/java/org/onap/vid/controller/AaiControllerTest.java b/vid-app-common/src/test/java/org/onap/vid/controller/AaiControllerTest.java index 521102383..202263c41 100644 --- a/vid-app-common/src/test/java/org/onap/vid/controller/AaiControllerTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/controller/AaiControllerTest.java @@ -23,11 +23,13 @@ package org.onap.vid.controller; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.core.Is.is; +import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.isA; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; @@ -68,8 +70,11 @@ import org.onap.vid.aai.model.PortDetailsTranslator.PortDetailsOk; import org.onap.vid.aai.util.AAIRestInterface; import org.onap.vid.model.VersionByInvariantIdsRequest; import org.onap.vid.properties.Features; +import org.onap.vid.roles.AlwaysValidRoleValidator; import org.onap.vid.roles.RoleProvider; -import org.onap.vid.roles.RoleValidatorByRoles; +import org.onap.vid.roles.RoleValidator; +import org.onap.vid.roles.RoleValidatorBySubscriberAndServiceType; +import org.onap.vid.roles.RoleValidatorFactory; import org.onap.vid.services.AaiService; import org.onap.vid.utils.SystemPropertiesWrapper; import org.onap.vid.utils.Unchecked; @@ -92,6 +97,8 @@ public class AaiControllerTest { @Mock private RoleProvider roleProvider; @Mock + private RoleValidator roleValidator; + @Mock private SystemPropertiesWrapper systemPropertiesWrapper; @Mock private FeatureManager featureManager; @@ -103,6 +110,7 @@ public class AaiControllerTest { public void setUp() { aaiController = new AaiController(aaiService, aaiRestInterface, roleProvider, systemPropertiesWrapper, featureManager); + when(roleProvider.getUserRolesValidator(any())).thenReturn(roleValidator); mockMvc = MockMvcBuilders.standaloneSetup(aaiController).build(); } @@ -408,7 +416,7 @@ public class AaiControllerTest { String okResponseBody = "OK_RESPONSE"; AaiResponse<String> aaiResponse = new AaiResponse<>(okResponseBody, "", HttpStatus.OK.value()); given(featureManager.isActive(Features.FLAG_1906_AAI_SUB_DETAILS_REDUCE_DEPTH)).willReturn(isFeatureActive); - given(aaiService.getSubscriberData(eq(subscriberId), isA(RoleValidatorByRoles.class), + given(aaiService.getSubscriberData(eq(subscriberId), isA(RoleValidator.class), eq(isFeatureActive && omitServiceInstances))) .willReturn(aaiResponse); @@ -479,7 +487,7 @@ public class AaiControllerTest { String okResponseBody = "OK_RESPONSE"; AaiResponse<String> aaiResponse = new AaiResponse<>(okResponseBody, "", HttpStatus.OK.value()); given(featureManager.isActive(Features.FLAG_1906_AAI_SUB_DETAILS_REDUCE_DEPTH)).willReturn(isFeatureActive); - given(aaiService.getSubscriberData(eq(subscriberId), isA(RoleValidatorByRoles.class), + given(aaiService.getSubscriberData(eq(subscriberId), isA(RoleValidator.class), eq(isFeatureActive && omitServiceInstances))) .willReturn(aaiResponse); diff --git a/vid-app-common/src/test/java/org/onap/vid/controller/LoggerControllerTest.java b/vid-app-common/src/test/java/org/onap/vid/controller/LoggerControllerTest.java index f0d840929..6f584ed3d 100644 --- a/vid-app-common/src/test/java/org/onap/vid/controller/LoggerControllerTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/controller/LoggerControllerTest.java @@ -66,7 +66,7 @@ public class LoggerControllerTest { @Test public void shouldThrowNotAuthorizedException_whenUserIsNotAuthorizedToGetLogs() throws Exception { - List<Role> list = ImmutableList.of(new Role(EcompRole.READ, "subName1", "servType1", "tenant1")); + List<Role> list = ImmutableList.of(new Role(EcompRole.READ, "subName1", "servType1", "tenant1", "owningEntityId")); given(provider.getUserRoles(argThat(req -> req.getRequestedSessionId().equals("id1")))).willReturn(list); given(provider.userPermissionIsReadLogs(list)).willReturn(false); @@ -80,7 +80,7 @@ public class LoggerControllerTest { @Test public void shouldReturnLastAndOneBeforeLogLines_whenLimitIs2() throws Exception { - List<Role> list = ImmutableList.of(new Role(EcompRole.READ, "subName1", "servType1", "tenant1")); + List<Role> list = ImmutableList.of(new Role(EcompRole.READ, "subName1", "servType1", "tenant1", "owningEntityId")); given(provider.getUserRoles(argThat(req -> req.getRequestedSessionId().equals("id1")))).willReturn(list); given(provider.userPermissionIsReadLogs(list)).willReturn(true); @@ -96,7 +96,7 @@ public class LoggerControllerTest { @Test public void shouldReturnEmptyString_whenLogFileIsEmpty() throws Exception { - List<Role> list = ImmutableList.of(new Role(EcompRole.READ, "subName1", "servType1", "tenant1")); + List<Role> list = ImmutableList.of(new Role(EcompRole.READ, "subName1", "servType1", "tenant1", "owningEntityId")); given(provider.getUserRoles(argThat(req -> req.getRequestedSessionId().equals("id1")))).willReturn(list); given(provider.userPermissionIsReadLogs(list)).willReturn(true); @@ -111,7 +111,7 @@ public class LoggerControllerTest { @Test public void shouldReturnEmptyString_whenDebugLogFileIsEmpty() throws Exception { - List<Role> list = ImmutableList.of(new Role(EcompRole.READ, "subName1", "servType1", "tenant1")); + List<Role> list = ImmutableList.of(new Role(EcompRole.READ, "subName1", "servType1", "tenant1", "owningEntityId")); given(provider.getUserRoles(argThat(req -> req.getRequestedSessionId().equals("id1")))).willReturn(list); given(provider.userPermissionIsReadLogs(list)).willReturn(true); diff --git a/vid-app-common/src/test/java/org/onap/vid/controller/ServicePermissionsTest.java b/vid-app-common/src/test/java/org/onap/vid/controller/ServicePermissionsTest.java index ac3da50ab..3b7dbfbb8 100644 --- a/vid-app-common/src/test/java/org/onap/vid/controller/ServicePermissionsTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/controller/ServicePermissionsTest.java @@ -31,6 +31,7 @@ import static org.mockito.Mockito.when; import org.jetbrains.annotations.NotNull; import org.onap.vid.aai.model.Permissions; +import org.onap.vid.roles.PermissionPropertiesSubscriberAndServiceType; import org.onap.vid.roles.RoleProvider; import org.onap.vid.roles.RoleValidator; import org.springframework.mock.web.MockHttpServletRequest; @@ -53,7 +54,7 @@ public class ServicePermissionsTest { RoleProvider roleProvider = mock(RoleProvider.class); RoleValidator roleValidator = mock(RoleValidator.class); when(roleProvider.getUserRolesValidator(any())).thenReturn(roleValidator); - when(roleValidator.isServicePermitted(subscriberId, serviceType)).thenReturn(expected); + when(roleValidator.isServicePermitted(new PermissionPropertiesSubscriberAndServiceType(subscriberId, serviceType))).thenReturn(expected); AaiController2 aaiController2 = new AaiController2(null, roleProvider, null, null); diff --git a/vid-app-common/src/test/java/org/onap/vid/model/ServiceInstanceSearchResultTest.java b/vid-app-common/src/test/java/org/onap/vid/model/ServiceInstanceSearchResultTest.java index 5168a5c63..b777375ef 100644 --- a/vid-app-common/src/test/java/org/onap/vid/model/ServiceInstanceSearchResultTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/model/ServiceInstanceSearchResultTest.java @@ -20,183 +20,47 @@ package org.onap.vid.model; -import org.junit.Test; +import static com.google.code.beanmatchers.BeanMatchers.hasValidBeanConstructor; +import static com.google.code.beanmatchers.BeanMatchers.hasValidBeanEqualsFor; +import static com.google.code.beanmatchers.BeanMatchers.hasValidBeanHashCodeFor; +import static com.google.code.beanmatchers.BeanMatchers.hasValidGettersAndSetters; +import static net.javacrumbs.jsonunit.JsonMatchers.jsonNodeAbsent; +import static net.javacrumbs.jsonunit.JsonMatchers.jsonPartEquals; +import static org.apache.commons.lang3.ArrayUtils.toArray; +import static org.hamcrest.CoreMatchers.allOf; +import static org.hamcrest.MatcherAssert.assertThat; + +import org.testng.annotations.Test; public class ServiceInstanceSearchResultTest { - private ServiceInstanceSearchResult createTestSubject() { - return new ServiceInstanceSearchResult(); - } - - @Test - public void testGetServiceInstanceId() throws Exception { - ServiceInstanceSearchResult testSubject; - String result; - - // default test - testSubject = createTestSubject(); - result = testSubject.getServiceInstanceId(); - } - - @Test - public void testSetServiceInstanceId() throws Exception { - ServiceInstanceSearchResult testSubject; - String serviceInstanceId = ""; - - // default test - testSubject = createTestSubject(); - testSubject.setServiceInstanceId(serviceInstanceId); - } - - @Test - public void testGetGlobalCustomerId() throws Exception { - ServiceInstanceSearchResult testSubject; - String result; - - // default test - testSubject = createTestSubject(); - result = testSubject.getGlobalCustomerId(); - } - - @Test - public void testSetGlobalCustomerId() throws Exception { - ServiceInstanceSearchResult testSubject; - String globalCustomerId = ""; - - // default test - testSubject = createTestSubject(); - testSubject.setGlobalCustomerId(globalCustomerId); - } - - @Test - public void testGetServiceType() throws Exception { - ServiceInstanceSearchResult testSubject; - String result; - - // default test - testSubject = createTestSubject(); - result = testSubject.getServiceType(); - } - - @Test - public void testSetServiceType() throws Exception { - ServiceInstanceSearchResult testSubject; - String serviceType = ""; - - // default test - testSubject = createTestSubject(); - testSubject.setServiceType(serviceType); - } - - @Test - public void testGetServiceInstanceName() throws Exception { - ServiceInstanceSearchResult testSubject; - String result; - - // default test - testSubject = createTestSubject(); - result = testSubject.getServiceInstanceName(); - } - - @Test - public void testSetServiceInstanceName() throws Exception { - ServiceInstanceSearchResult testSubject; - String serviceInstanceName = ""; - - // default test - testSubject = createTestSubject(); - testSubject.setServiceInstanceName(serviceInstanceName); - } - - @Test - public void testGetSubscriberName() throws Exception { - ServiceInstanceSearchResult testSubject; - String result; - - // default test - testSubject = createTestSubject(); - result = testSubject.getSubscriberName(); - } - - @Test - public void testSetSubscriberName() throws Exception { - ServiceInstanceSearchResult testSubject; - String subscriberName = ""; - - // default test - testSubject = createTestSubject(); - testSubject.setSubscriberName(subscriberName); - } - @Test - public void testGetAaiModelInvariantId() throws Exception { - ServiceInstanceSearchResult testSubject; - String result; - - // default test - testSubject = createTestSubject(); - result = testSubject.getAaiModelInvariantId(); - } - - @Test - public void testSetAaiModelInvariantId() throws Exception { - ServiceInstanceSearchResult testSubject; - String aaiModelInvariantId = ""; - - // default test - testSubject = createTestSubject(); - testSubject.setAaiModelInvariantId(aaiModelInvariantId); - } - - @Test - public void testGetAaiModelVersionId() throws Exception { - ServiceInstanceSearchResult testSubject; - String result; - - // default test - testSubject = createTestSubject(); - result = testSubject.getAaiModelVersionId(); + public void shouldHaveValidGettersAndSetters() { + assertThat(ServiceInstanceSearchResult.class, hasValidGettersAndSetters()); } @Test - public void testSetAaiModelVersionId() throws Exception { - ServiceInstanceSearchResult testSubject; - String aaiModelVersionId = ""; - - // default test - testSubject = createTestSubject(); - testSubject.setAaiModelVersionId(aaiModelVersionId); - } - - @Test - public void testGetIsPermitted() throws Exception { - ServiceInstanceSearchResult testSubject; - boolean result; - - // default test - testSubject = createTestSubject(); - result = testSubject.getIsPermitted(); + public void shouldHaveValidConstructor() { + assertThat(ServiceInstanceSearchResult.class, hasValidBeanConstructor()); } @Test - public void testSetIsPermitted() throws Exception { - ServiceInstanceSearchResult testSubject; - boolean isPermitted = false; + public void shouldHaveValidEqualsAndHashCode() { + String[] propertiesToEqualBy = toArray("serviceInstanceId"); - // default test - testSubject = createTestSubject(); - testSubject.setIsPermitted(isPermitted); + assertThat(ServiceInstanceSearchResult.class, allOf( + hasValidBeanHashCodeFor(propertiesToEqualBy), + hasValidBeanEqualsFor(propertiesToEqualBy)) + ); } @Test - public void testEquals() throws Exception { - ServiceInstanceSearchResult testSubject; - Object other = null; - boolean result; + public void subscriberId_shouldBeSerializedAsGlobalCustomerId() { + ServiceInstanceSearchResult underTest = new ServiceInstanceSearchResult(); + underTest.setSubscriberId("example"); - // default test - testSubject = createTestSubject(); - result = testSubject.equals(other); + assertThat(underTest, jsonPartEquals("globalCustomerId", "example")); + assertThat(underTest, jsonNodeAbsent("subscriberId")); } } diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/AlwaysValidRoleValidatorTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/AlwaysValidRoleValidatorTest.java index 363c6ff76..6826b1e4a 100644 --- a/vid-app-common/src/test/java/org/onap/vid/roles/AlwaysValidRoleValidatorTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/roles/AlwaysValidRoleValidatorTest.java @@ -33,7 +33,8 @@ public class AlwaysValidRoleValidatorTest { @Test public void testIsServicePermitted() { - assertTrue(new AlwaysValidRoleValidator().isServicePermitted("any", "any")); + WithPermissionProperties emptyPermissionProperties = new WithPermissionProperties() {}; + assertTrue(new AlwaysValidRoleValidator().isServicePermitted(emptyPermissionProperties)); } @Test diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/RoleProviderTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/RoleProviderTest.java index c1033d2d0..8d81c929c 100644 --- a/vid-app-common/src/test/java/org/onap/vid/roles/RoleProviderTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/roles/RoleProviderTest.java @@ -22,6 +22,7 @@ package org.onap.vid.roles; import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.when; import static org.mockito.MockitoAnnotations.initMocks; @@ -42,7 +43,7 @@ import org.testng.annotations.Test; public class RoleProviderTest { private static final String SAMPLE_SUBSCRIBER = "sampleSubscriber"; - private static final String SAMPLE_CUSTOMER_ID = "sampleCustomerId"; + private static final String SAMPLE_SUBSCRIBER_ID = "subscriberId"; private static final String SERVICE_TYPE_LOGS = "LOGS"; private static final String TENANT_PERMITTED = "PERMITTED"; private static final String SAMPLE_SERVICE = "sampleService"; @@ -58,13 +59,16 @@ public class RoleProviderTest { @Mock private AaiResponse<SubscriberList> subscriberListResponse; + @Mock + private RoleValidatorFactory roleValidatorFactory; + private RoleProvider roleProvider; @BeforeMethod public void setUp() { initMocks(this); - roleProvider = new RoleProvider(aaiService, httpServletRequest -> 5, httpServletRequest -> createRoles()); + roleProvider = new RoleProvider(aaiService, roleValidatorFactory, httpServletRequest -> 5, httpServletRequest -> createRoles()); } @Test @@ -83,7 +87,7 @@ public class RoleProviderTest { Role role = roleProvider.createRoleFromStringArr(roleParts, SAMPLE_ROLE_PREFIX); assertThat(role.getEcompRole()).isEqualTo(EcompRole.READ); - assertThat(role.getSubscribeName()).isEqualTo(SAMPLE_CUSTOMER_ID); + assertThat(role.getSubscriberId()).isEqualTo(SAMPLE_SUBSCRIBER_ID); assertThat(role.getTenant()).isEqualTo(SAMPLE_TENANT); assertThat(role.getServiceType()).isEqualTo(SAMPLE_SERVICE); } @@ -97,7 +101,7 @@ public class RoleProviderTest { Role role = roleProvider.createRoleFromStringArr(roleParts, SAMPLE_ROLE_PREFIX); assertThat(role.getEcompRole()).isEqualTo(EcompRole.READ); - assertThat(role.getSubscribeName()).isEqualTo(SAMPLE_CUSTOMER_ID); + assertThat(role.getSubscriberId()).isEqualTo(SAMPLE_SUBSCRIBER_ID); assertThat(role.getServiceType()).isEqualTo(SAMPLE_SERVICE); assertThat(role.getTenant()).isNullOrEmpty(); } @@ -111,7 +115,7 @@ public class RoleProviderTest { @Test public void shouldProperlyRetrieveUserRolesWhenPermissionIsDifferentThanRead() { - Role expectedRole = new Role(EcompRole.READ, SAMPLE_CUSTOMER_ID, SAMPLE_SERVICE, SAMPLE_TENANT); + Role expectedRole = new Role(EcompRole.READ, SAMPLE_SUBSCRIBER_ID, SAMPLE_SERVICE, SAMPLE_TENANT, owningEntityId()); setSubscribers(); List<Role> userRoles = roleProvider.getUserRoles(request); @@ -121,7 +125,7 @@ public class RoleProviderTest { Role actualRole = userRoles.get(0); assertThat(actualRole.getTenant()).isEqualTo(expectedRole.getTenant()); - assertThat(actualRole.getSubscribeName()).isEqualTo(expectedRole.getSubscribeName()); + assertThat(actualRole.getSubscriberId()).isEqualTo(expectedRole.getSubscriberId()); assertThat(actualRole.getServiceType()).isEqualTo(expectedRole.getServiceType()); } @@ -132,21 +136,38 @@ public class RoleProviderTest { @Test public void shouldReturnNotReadOnlyPermissionWhenRolesArePresent() { - assertThat(roleProvider.userPermissionIsReadOnly(Lists.list(new Role(EcompRole.READ, SAMPLE_SUBSCRIBER, SAMPLE_SERVICE, SAMPLE_TENANT)))).isFalse(); + assertThat(roleProvider.userPermissionIsReadOnly(Lists.list(new Role( + EcompRole.READ, SAMPLE_SUBSCRIBER, SAMPLE_SERVICE, SAMPLE_TENANT, owningEntityId())))).isFalse(); } @Test public void userShouldHavePermissionToReadLogsWhenServiceAndTenantAreCorrect() { - Role withoutPermission = new Role(EcompRole.READ, SAMPLE_SUBSCRIBER, SAMPLE_SERVICE, SAMPLE_TENANT); - Role withPermission = new Role(EcompRole.READ, SAMPLE_SUBSCRIBER, SERVICE_TYPE_LOGS, TENANT_PERMITTED); + Role withoutPermission = new Role(EcompRole.READ, SAMPLE_SUBSCRIBER, SAMPLE_SERVICE, SAMPLE_TENANT, owningEntityId()); + Role withPermission = new Role(EcompRole.READ, SAMPLE_SUBSCRIBER, SERVICE_TYPE_LOGS, TENANT_PERMITTED, owningEntityId()); assertThat(roleProvider.userPermissionIsReadLogs(Lists.list(withoutPermission, withPermission))).isTrue(); } + @Test + public void getUserRolesValidator_shouldReturnValidatorFromFactory() { + RoleValidator expectedRoleValidator = new AlwaysValidRoleValidator(); + when(roleValidatorFactory.by(any())).thenReturn(expectedRoleValidator); + + RoleValidator result = roleProvider.getUserRolesValidator(request); + + assertThat(result).isEqualTo(expectedRoleValidator); + } + + private String owningEntityId() { + // while translateOwningEntityNameToOwningEntityId does nothing, no translation happens. + // this will be changed later. + return SAMPLE_SUBSCRIBER; + } + private void setSubscribers() { Subscriber subscriber = new Subscriber(); subscriber.subscriberName = SAMPLE_SUBSCRIBER; - subscriber.globalCustomerId = SAMPLE_CUSTOMER_ID; + subscriber.globalCustomerId = SAMPLE_SUBSCRIBER_ID; SubscriberList subscriberList = new SubscriberList(Lists.list(subscriber)); when(aaiService.getFullSubscriberList()).thenReturn(subscriberListResponse); when(subscriberListResponse.getT()).thenReturn(subscriberList); diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByOwningEntityTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByOwningEntityTest.java new file mode 100644 index 000000000..d84ac6edd --- /dev/null +++ b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByOwningEntityTest.java @@ -0,0 +1,90 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.withSettings; +import static org.testng.Assert.assertFalse; + +import com.google.common.collect.ImmutableList; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; + +public class RoleValidatorByOwningEntityTest { + + private static final String OWNING_ENTITY_ID = "owningEntityId"; + private static final String SUBSCRIBER_NAME = "subscriber_name"; + private static final String NOT_MATCHING_OWNING_ENTITY_ID = "notMatchingOwningEntityId"; + + private static final String SERVICE_TYPE = "serviceType"; + private static final String GLOBAL_CUSTOMER_ID = "globalCustomerId"; + private static final String TENANT_NAME = "tenantName"; + + + private RoleValidatorByOwningEntity roleValidatorByOwningEntity; + + @BeforeMethod + public void setup() { + final Role SAMPLE_ROLE = new Role(EcompRole.READ, "", "", "", OWNING_ENTITY_ID); + roleValidatorByOwningEntity = new RoleValidatorByOwningEntity(ImmutableList.of(SAMPLE_ROLE)); + } + + @Test + public void testIsSubscriberPermitted() { + assertFalse(roleValidatorByOwningEntity.isSubscriberPermitted(SUBSCRIBER_NAME)); + } + + @Test + public void isServicePermitted_owningEntityMatch_returnTrue() { + PermissionPropertiesOwningEntity permittedOwningEntity = + new PermissionPropertiesOwningEntity(OWNING_ENTITY_ID); + + assertThat(roleValidatorByOwningEntity.isServicePermitted(permittedOwningEntity), is(true)); + } + + @DataProvider + public static Object[][] nonMatchingPermissionProperties() { + return new Object[][]{ + {new PermissionPropertiesOwningEntity(NOT_MATCHING_OWNING_ENTITY_ID)}, + {new PermissionPropertiesOwningEntity("")}, + {new WithPermissionProperties() {}}, + {mock(PermissionPropertiesOwningEntity.class, + withSettings().name("PermissionPropertiesOwningEntity with null owningEntityId"))}, + {new PermissionPropertiesSubscriberAndServiceType(OWNING_ENTITY_ID, OWNING_ENTITY_ID)}, + }; + } + + @Test(dataProvider = "nonMatchingPermissionProperties") + public void isServicePermitted_nonMatchingPermissionProperties_returnFalse(WithPermissionProperties permissionProperties) { + assertThat(permissionProperties.toString(), roleValidatorByOwningEntity.isServicePermitted( + permissionProperties + ), is(false)); + } + + @Test + public void testIsTenantPermitted() { + assertFalse(roleValidatorByOwningEntity.isTenantPermitted(GLOBAL_CUSTOMER_ID, SERVICE_TYPE, TENANT_NAME)); + } + +} diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByRolesTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByRolesTest.java deleted file mode 100644 index 9362ec9d7..000000000 --- a/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByRolesTest.java +++ /dev/null @@ -1,114 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * VID - * ================================================================================ - * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.vid.roles; - - -import static org.assertj.core.api.Assertions.assertThat; - -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableMap; -import java.util.List; -import java.util.Map; -import org.onap.vid.mso.rest.RequestDetails; -import org.testng.annotations.BeforeMethod; -import org.testng.annotations.Test; - -public class RoleValidatorByRolesTest { - - private static final String SAMPLE_SUBSCRIBER = "sampleSubscriber"; - private static final String NOT_MATCHING_SUBSCRIBER = "notMatchingSubscriber"; - private static final String SAMPLE_SERVICE_TYPE = "sampleServiceType"; - private static final String NOT_MATCHING_TENANT = "notMatchingTenant"; - private static final String SAMPLE_TENANT = "sampleTenant"; - - private static final Role SAMPLE_ROLE = new Role(EcompRole.READ, SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SAMPLE_TENANT); - - private List<Role> roles = ImmutableList.of(SAMPLE_ROLE); - private Map<String, Object> subscriberInfo = ImmutableMap.of("globalSubscriberId", SAMPLE_SUBSCRIBER); - private Map<String, Object> requestParameters = ImmutableMap.of("subscriptionServiceType", SAMPLE_SERVICE_TYPE); - private Map<String, Object> requestDetailsProperties = ImmutableMap.of("subscriberInfo", subscriberInfo, "requestParameters", requestParameters); - private RequestDetails requestDetails; - private RoleValidatorByRoles roleValidator; - - @BeforeMethod - public void setUp() { - roleValidator = new RoleValidatorByRoles(roles); - requestDetails = new RequestDetails(); - } - - @Test - public void shouldPermitSubscriberWhenNameMatchesAndRolesAreEnabled() { - assertThat(roleValidator.isSubscriberPermitted(SAMPLE_SUBSCRIBER)).isTrue(); - } - - @Test - public void shouldNotPermitSubscriberWhenNameNotMatches() { - assertThat(roleValidator.isSubscriberPermitted(NOT_MATCHING_SUBSCRIBER)).isFalse(); - } - - @Test - public void shouldPermitServiceWhenNamesMatches() { - assertThat(roleValidator.isServicePermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE)).isTrue(); - } - - - @Test - public void shouldNotPermitServiceWhenSubscriberNameNotMatches() { - assertThat(roleValidator.isServicePermitted(NOT_MATCHING_SUBSCRIBER, SAMPLE_SERVICE_TYPE)).isFalse(); - } - - @Test - public void shouldNotPermitServiceWhenServiceTypeNotMatches() { - assertThat(roleValidator.isServicePermitted(SAMPLE_SUBSCRIBER, NOT_MATCHING_SUBSCRIBER)).isFalse(); - } - - @Test - public void shouldPermitTenantWhenNameMatches() { - assertThat(roleValidator.isTenantPermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SAMPLE_TENANT)).isTrue(); - } - - - @Test - public void shouldNotPermitTenantWhenNameNotMatches() { - assertThat(roleValidator.isTenantPermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, NOT_MATCHING_TENANT)).isFalse(); - } - - @Test - public void shouldValidateProperlySORequest() { - requestDetails.setAdditionalProperty("requestDetails", requestDetailsProperties); - - assertThat(roleValidator.isMsoRequestValid(requestDetails)).isTrue(); - } - - @Test - public void shouldValidateUnknownSORequest() { - assertThat(roleValidator.isMsoRequestValid(new RequestDetails())).isTrue(); - } - - @Test - public void shouldRejectSORequestWhenSubscriberNotMatches() { - Map<String, Object> subscriberInfo = ImmutableMap.of("globalSubscriberId", "sample"); - Map<String, Object> requestDetailsProperties = ImmutableMap.of("subscriberInfo", subscriberInfo, "requestParameters", requestParameters); - requestDetails.setAdditionalProperty("requestDetails", requestDetailsProperties); - - assertThat(roleValidator.isMsoRequestValid(requestDetails)).isFalse(); - } -} diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorBySubscriberAndServiceTypeTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorBySubscriberAndServiceTypeTest.java new file mode 100644 index 000000000..b6958cd67 --- /dev/null +++ b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorBySubscriberAndServiceTypeTest.java @@ -0,0 +1,111 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + + +import static org.assertj.core.api.Assertions.assertThat; + +import com.google.common.collect.ImmutableList; +import java.util.List; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.Test; + +public class RoleValidatorBySubscriberAndServiceTypeTest { + + private static final String SAMPLE_SUBSCRIBER = "sampleSubscriber"; + private static final String NOT_MATCHING_SUBSCRIBER = "notMatchingSubscriber"; + private static final String SAMPLE_SERVICE_TYPE = "sampleServiceType"; + private static final String NOT_MATCHING_TENANT = "notMatchingTenant"; + private static final String SAMPLE_TENANT = "sampleTenant"; + private static final String SOME_OWNING_ENTITY_ID = "someOwningEntityId"; + + private static final Role SAMPLE_ROLE = new Role( + EcompRole.READ, SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SAMPLE_TENANT, SOME_OWNING_ENTITY_ID); + + private List<Role> roles = ImmutableList.of(SAMPLE_ROLE); + private RoleValidatorBySubscriberAndServiceType roleValidatorBySubscriberAndServiceType; + + @BeforeMethod + public void setUp() { + roleValidatorBySubscriberAndServiceType = new RoleValidatorBySubscriberAndServiceType(roles); + } + + @Test + public void shouldPermitSubscriberWhenNameMatchesAndRolesAreEnabled() { + assertThat(roleValidatorBySubscriberAndServiceType.isSubscriberPermitted(SAMPLE_SUBSCRIBER)).isTrue(); + } + + @Test + public void shouldNotPermitSubscriberWhenNameNotMatches() { + assertThat(roleValidatorBySubscriberAndServiceType.isSubscriberPermitted(NOT_MATCHING_SUBSCRIBER)).isFalse(); + } + + @Test + public void shouldPermitServiceWhenNamesMatches() { + assertThat(roleValidatorBySubscriberAndServiceType.isServicePermitted( + new PermissionPropertiesSubscriberAndServiceType(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE))).isTrue(); + } + + @Test + public void isServicePermitted_serviceWithAllPermissionProperties_isPermitted() { + assertThat(roleValidatorBySubscriberAndServiceType.isServicePermitted( + new AllPermissionProperties(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SOME_OWNING_ENTITY_ID))).isTrue(); + } + + @Test + public void shouldNotPermitServiceWhenSubscriberNameNotMatches() { + assertThat( + roleValidatorBySubscriberAndServiceType.isServicePermitted( + new PermissionPropertiesSubscriberAndServiceType(NOT_MATCHING_SUBSCRIBER, SAMPLE_SERVICE_TYPE))).isFalse(); + } + + @Test + public void shouldNotPermitServiceWhenServiceTypeNotMatches() { + assertThat(roleValidatorBySubscriberAndServiceType.isServicePermitted( + new PermissionPropertiesSubscriberAndServiceType(SAMPLE_SUBSCRIBER, NOT_MATCHING_SUBSCRIBER))).isFalse(); + } + + @Test + public void isServicePermitted_owningEntityPermissionProperties_isNotPermitted() { + assertThat(roleValidatorBySubscriberAndServiceType.isServicePermitted( + new PermissionPropertiesOwningEntity(SAMPLE_SUBSCRIBER))).isFalse(); + } + + @Test + public void shouldPermitTenantWhenNameMatches() { + assertThat(roleValidatorBySubscriberAndServiceType + .isTenantPermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SAMPLE_TENANT)).isTrue(); + } + + @Test + public void shouldPermitTenantWhenNameMatchesCaseInsensitive() { + assertThat(roleValidatorBySubscriberAndServiceType + .isTenantPermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SAMPLE_TENANT.toUpperCase())).isTrue(); + } + + + @Test + public void shouldNotPermitTenantWhenNameNotMatches() { + assertThat(roleValidatorBySubscriberAndServiceType + .isTenantPermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, NOT_MATCHING_TENANT)).isFalse(); + } + +} diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorFactoryTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorFactoryTest.java new file mode 100644 index 000000000..b3c71c547 --- /dev/null +++ b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorFactoryTest.java @@ -0,0 +1,77 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2020 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + +import static java.util.Collections.emptyList; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.instanceOf; +import static org.mockito.Mockito.when; + +import java.util.Collections; +import java.util.List; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.MockitoAnnotations; +import org.onap.vid.properties.Features; +import org.testng.annotations.AfterMethod; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; +import org.togglz.core.manager.FeatureManager; + +public class RoleValidatorFactoryTest { + + @InjectMocks + private RoleValidatorFactory roleValidatorFactory; + + @Mock + private FeatureManager featureManager; + + @BeforeClass + public void initMocks() { + MockitoAnnotations.initMocks(this); + } + + @AfterMethod + public void reset() { + Mockito.reset(featureManager); + } + + @Test (dataProvider = "presetRoleValidatorClass") + public void returnRoleValidatorByGivenClass_And_RoleManagementActivated_And_FeatureFlag(Class expectedClass,boolean isDisabledRoles, boolean flagActive ) { + + when(featureManager.isActive(Features.FLAG_2006_USER_PERMISSIONS_BY_OWNING_ENTITY)).thenReturn(flagActive); + RoleValidator roleValidator = roleValidatorFactory.by(emptyList(), isDisabledRoles); + assertThat(roleValidator, instanceOf(expectedClass)); + } + + @DataProvider + public static Object[][] presetRoleValidatorClass() { + return new Object[][] { + {RoleValidatorsComposer.class, false, true}, + {AlwaysValidRoleValidator.class, true, true}, + {RoleValidatorBySubscriberAndServiceType.class, false, false}, + {AlwaysValidRoleValidator.class, true, false} + }; + } + +}
\ No newline at end of file diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorsComposerTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorsComposerTest.java new file mode 100644 index 000000000..c0892dafb --- /dev/null +++ b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorsComposerTest.java @@ -0,0 +1,110 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2020 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + +import static java.util.stream.Collectors.toList; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.verifyZeroInteractions; +import static org.mockito.Mockito.withSettings; + +import com.google.common.collect.ImmutableSet; +import java.util.function.Function; +import java.util.stream.Stream; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; + +public class RoleValidatorsComposerTest { + + private RoleValidator alwaysTrueRoles; + private RoleValidator alwaysFalseRoles; + + @DataProvider + public static Object[][] allInterfaceFunctions() { + return Stream.<Function<RoleValidator, Boolean>>of( + (RoleValidator o) -> o.isSubscriberPermitted("subscriberId"), + (RoleValidator o) -> o.isServicePermitted(new WithPermissionProperties() {}), + (RoleValidator o) -> o.isTenantPermitted("subscriberId", "serviceType", "tenantName") + ).map(it -> new Object[]{it}).collect(toList()).toArray(new Object[][]{}); + } + + @BeforeMethod + public void setUp() { + alwaysTrueRoles = mock(RoleValidator.class, withSettings().defaultAnswer(o -> true)); + alwaysFalseRoles = mock(RoleValidator.class); + } + + @Test(dataProvider = "allInterfaceFunctions") + public void emptyComposite_returnsFalse(Function<RoleValidator, Boolean> interfaceFunction) { + RoleValidatorsComposer underTest = new RoleValidatorsComposer(); + + assertThat( + interfaceFunction.apply(underTest), + is(false) + ); + + } + + @Test(dataProvider = "allInterfaceFunctions") + public void falseAndTrueComposite_returnsTrue(Function<RoleValidator, Boolean> interfaceFunction) { + RoleValidatorsComposer underTest = + new RoleValidatorsComposer(alwaysFalseRoles, alwaysFalseRoles, alwaysTrueRoles); + + assertThat( + interfaceFunction.apply(underTest), + is(true) + ); + } + + @Test(dataProvider = "allInterfaceFunctions") + public void trueAndFalseComposite_returnsTrueAndShortCircuits(Function<RoleValidator, Boolean> interfaceFunction) { + RoleValidatorsComposer underTest = new RoleValidatorsComposer(alwaysTrueRoles, alwaysFalseRoles); + + assertThat( + interfaceFunction.apply(underTest), + is(true) + ); + + verifyZeroInteractions(alwaysFalseRoles); + } + + @Test(dataProvider = "allInterfaceFunctions") + public void falseAndFalseComposite_returnsFalse(Function<RoleValidator, Boolean> interfaceFunction) { + RoleValidatorsComposer underTest = new RoleValidatorsComposer(alwaysFalseRoles, alwaysFalseRoles); + + assertThat( + interfaceFunction.apply(underTest), + is(false) + ); + } + + @Test + public void secondaryConstructor_givenSetIfValidators_returnsTrue() { + RoleValidatorsComposer underTest = new RoleValidatorsComposer( + ImmutableSet.of(alwaysTrueRoles) + ); + + assertThat(underTest.isSubscriberPermitted("anything"), is(true)); + } + +} diff --git a/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceImplTest.java b/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceImplTest.java index d3b2a48b1..a37482624 100644 --- a/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceImplTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceImplTest.java @@ -183,7 +183,7 @@ public class AaiServiceImplTest { AaiResponse<Services> aaiResponseServices = new AaiResponse<>(services, null, HttpStatus.SC_OK); when(aaiClient.getSubscriberData(SUBSCRIBER_ID, false)).thenReturn(aaiResponseServices); - when(roleValidator.isServicePermitted(eq(GLOBAL_CUSTOMER_ID), anyString())).thenReturn(Boolean.TRUE); + when(roleValidator.isServicePermitted(any())).thenReturn(Boolean.TRUE); AaiResponse actualResponse = aaiService.getSubscriberData(SUBSCRIBER_ID, roleValidator, false); List<ServiceSubscription> actualServiceSubscriptions = ((AaiResponse<Services>) actualResponse) diff --git a/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceTest.java b/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceTest.java index 6aa67051e..338657b51 100644 --- a/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceTest.java @@ -23,6 +23,12 @@ package org.onap.vid.services; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.arrayWithSize; import static org.hamcrest.Matchers.equalTo; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.ArgumentMatchers.eq; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; +import static org.mockito.Mockito.withSettings; import static org.testng.Assert.assertEquals; import static org.testng.Assert.assertNotNull; @@ -49,6 +55,7 @@ import org.onap.vid.aai.model.ServiceRelationships; import org.onap.vid.model.aaiTree.AAITreeNode; import org.onap.vid.roles.Role; import org.onap.vid.roles.RoleValidator; +import org.onap.vid.roles.RoleValidatorFactory; import org.testng.annotations.BeforeMethod; import org.testng.annotations.DataProvider; import org.testng.annotations.Test; @@ -61,6 +68,9 @@ public class AaiServiceTest { @Mock private AaiClientInterface aaiClientInterface; + @Mock + private RoleValidatorFactory roleValidatorFactory; + @BeforeMethod public void initMocks(){ MockitoAnnotations.initMocks(this); @@ -68,7 +78,7 @@ public class AaiServiceTest { @Test public void testGetSpecificPnf(){ - Pnf pnf = new Pnf("11111", null, null, null, null, null, null); + Pnf pnf = Pnf.builder().withPnfId("11111").build(); AaiResponse<Pnf> aaiResponse = new AaiResponse<>(pnf, "aaaa", 200); Mockito.doReturn(aaiResponse).when(aaiClientInterface).getSpecificPnf(Mockito.anyString()); AaiResponse<Pnf> specificPnf = aaiService.getSpecificPnf("1345667"); @@ -150,8 +160,6 @@ public class AaiServiceTest { public static Object[][] getTenantsData() { return new Object[][] { {"customer1", "serviceType1", "tenant1", "customer1", "serviceType1", "tenant1", "id-1", true}, - {"customer1", "serviceType1", "TeNant1", "customer1", "serviceType1", "tenant1", "id-1", true}, - {"customer1", "serviceType1", "TENANT1", "customer1", "serviceType1", "tenant1", "id-1", true}, {"customer1", "serviceType1", "tenant2", "customer1", "serviceType1", "tenant1", "tenant2", false}, {"customer1", "serviceType1", null, "customer1", "serviceType1", "tenant1", "tenant2", true}, {"customer2", "serviceType1", "tenant1", "customer1", "serviceType1", "tenant1", "id-1", false}, @@ -162,14 +170,20 @@ public class AaiServiceTest { } @Test(dataProvider = "getTenantsData") - public void testGetTenants(String userGlobalCustomerId, String userServiceType, String userTenantName, String serviceGlobalCustomerId, - String serviceServiceType, String serviceTenantName, String serviceTenantId, boolean expectedIsPermitted) { + public void testGetTenants(String userGlobalCustomerId, String userServiceType, String userTenantName, + String serviceGlobalCustomerId, String serviceServiceType, String serviceTenantName, + String serviceTenantId, boolean expectedIsPermitted) { GetTenantsResponse[] getTenantsResponses = new GetTenantsResponse[] {new GetTenantsResponse(null, null, serviceTenantName, serviceTenantId, false)}; AaiResponse<GetTenantsResponse[]> aaiResponse = new AaiResponse<>(getTenantsResponses, null, 200); Mockito.doReturn(aaiResponse).when(aaiClientInterface).getTenants(serviceGlobalCustomerId, serviceServiceType); - Role role = new Role(null, userGlobalCustomerId, userServiceType, userTenantName); - RoleValidator roleValidator = RoleValidator.by(Collections.singletonList(role), false); - AaiResponse<GetTenantsResponse[]> actualTenants = aaiService.getTenants(serviceGlobalCustomerId, serviceServiceType, roleValidator); + + RoleValidator roleValidatorMock = mock(RoleValidator.class); + when(roleValidatorMock.isTenantPermitted( + eq(userGlobalCustomerId), eq(userServiceType), + (userTenantName == null) ? anyString() : eq(userTenantName)) + ).thenReturn(true); + + AaiResponse<GetTenantsResponse[]> actualTenants = aaiService.getTenants(serviceGlobalCustomerId, serviceServiceType, roleValidatorMock); assertThat(actualTenants.getT(), arrayWithSize(1)); assertThat(actualTenants.getT()[0].tenantName, equalTo(serviceTenantName)); diff --git a/vid-app-common/src/test/resources/payload_jsons/vfmodule/upgrade_vfmodule_e2e__fe_input_cypress.json b/vid-app-common/src/test/resources/payload_jsons/vfmodule/upgrade_vfmodule_e2e__fe_input_cypress.json index d215a4331..16d369ba7 100644 --- a/vid-app-common/src/test/resources/payload_jsons/vfmodule/upgrade_vfmodule_e2e__fe_input_cypress.json +++ b/vid-app-common/src/test/resources/payload_jsons/vfmodule/upgrade_vfmodule_e2e__fe_input_cypress.json @@ -111,7 +111,7 @@ "rollbackOnFailure": false, "isALaCarte": true, "collectionResources": {}, - "testApi": "VNF_API", + "testApi": "GR_API", "vidNotions": { "instantiationUI": "legacy", "modelCategory": "other", diff --git a/vid-app-common/src/test/resources/payload_jsons/vfmodule/upgrade_vfmodule_e2e__payload_to_mso.json b/vid-app-common/src/test/resources/payload_jsons/vfmodule/upgrade_vfmodule_e2e__payload_to_mso.json index 91f80e9f1..5c258f66b 100644 --- a/vid-app-common/src/test/resources/payload_jsons/vfmodule/upgrade_vfmodule_e2e__payload_to_mso.json +++ b/vid-app-common/src/test/resources/payload_jsons/vfmodule/upgrade_vfmodule_e2e__payload_to_mso.json @@ -36,7 +36,7 @@ "retainAssignments": false, "usePreload" : true, "userParams": [], - "testApi": "VNF_API" + "testApi": "GR_API" }, "modelInfo": { "modelType": "vfModule", diff --git a/vid-app-common/version.properties b/vid-app-common/version.properties index 819a8c054..ce5339b64 100755 --- a/vid-app-common/version.properties +++ b/vid-app-common/version.properties @@ -4,7 +4,7 @@ major=6 minor=0 -patch=2 +patch=3 base_version=${major}.${minor}.${patch} |