From 80705cdf2dc38d48c4261a2ece3914234960233e Mon Sep 17 00:00:00 2001 From: Ittay Stern Date: Wed, 3 Apr 2019 12:00:57 +0300 Subject: Extract AlwaysValidRoleValidator from RoleValidator Issue-ID: VID-448 Change-Id: Ic006aceca9c51305d0706df6c2c6062ccaaee3de Signed-off-by: Ittay Stern --- .../org/onap/vid/controller/AaiController.java | 46 ++++---- .../onap/vid/roles/AlwaysValidRoleValidator.java | 43 ++++++++ .../main/java/org/onap/vid/roles/RoleProvider.java | 15 +-- .../java/org/onap/vid/roles/RoleValidator.java | 82 +++------------ .../org/onap/vid/roles/RoleValidatorByRoles.java | 80 ++++++++++++++ .../vid/aai/SubscriberFilteredResultsTest.java | 4 +- .../test/java/org/onap/vid/bl/AaiServiceTest.java | 28 ++--- .../vid/controller/ServicePermissionsTest.java | 16 +-- .../vid/roles/AlwaysValidRoleValidatorTest.java | 43 ++++++++ .../onap/vid/roles/RoleValidatorByRolesTest.java | 114 ++++++++++++++++++++ .../java/org/onap/vid/roles/RoleValidatorTest.java | 116 --------------------- .../org/onap/vid/services/AaiServiceImplTest.java | 5 +- 12 files changed, 354 insertions(+), 238 deletions(-) create mode 100644 vid-app-common/src/main/java/org/onap/vid/roles/AlwaysValidRoleValidator.java create mode 100644 vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorByRoles.java create mode 100644 vid-app-common/src/test/java/org/onap/vid/roles/AlwaysValidRoleValidatorTest.java create mode 100644 vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByRolesTest.java delete mode 100644 vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorTest.java diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController.java b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController.java index a8e1e2b02..124b6cfcb 100644 --- a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController.java +++ b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController.java @@ -20,7 +20,21 @@ package org.onap.vid.controller; +import static org.onap.vid.utils.Logging.getMethodName; + import com.fasterxml.jackson.databind.ObjectMapper; +import java.io.IOException; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.UUID; +import java.util.stream.Collectors; +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.DefaultValue; +import javax.ws.rs.QueryParam; +import javax.ws.rs.WebApplicationException; +import javax.ws.rs.core.Response; import org.apache.commons.lang3.tuple.ImmutablePair; import org.apache.commons.lang3.tuple.Pair; import org.onap.portalsdk.core.controller.RestrictedBaseController; @@ -46,25 +60,15 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.*; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; import org.springframework.web.servlet.HandlerMapping; import org.springframework.web.servlet.ModelAndView; -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.DefaultValue; -import javax.ws.rs.QueryParam; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Response; -import java.io.IOException; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.UUID; -import java.util.stream.Collectors; - -import static org.onap.vid.utils.Logging.getMethodName; - /** * Controller to handle a&ai requests. */ @@ -153,7 +157,7 @@ public class AaiController extends RestrictedBaseController { */ @RequestMapping(value = "/aai_get_services", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity doGetServices(HttpServletRequest request) throws IOException { - RoleValidator roleValidator = new RoleValidator(roleProvider.getUserRoles(request)); + RoleValidator roleValidator = RoleValidator.by(roleProvider.getUserRoles(request)); AaiResponse subscriberList = aaiService.getServices(roleValidator); return aaiResponseToResponseEntity(subscriberList); @@ -277,7 +281,7 @@ public class AaiController extends RestrictedBaseController { public ResponseEntity getFullSubscriberList(HttpServletRequest request) throws IOException { ObjectMapper objectMapper = new ObjectMapper(); ResponseEntity responseEntity; - RoleValidator roleValidator = new RoleValidator(roleProvider.getUserRoles(request)); + RoleValidator roleValidator = RoleValidator.by(roleProvider.getUserRoles(request)); SubscriberFilteredResults subscriberList = aaiService.getFullSubscriberList(roleValidator); if (subscriberList.getHttpCode() == 200) { responseEntity = new ResponseEntity<>(objectMapper.writeValueAsString(subscriberList.getSubscriberList()), HttpStatus.OK); @@ -340,7 +344,7 @@ public class AaiController extends RestrictedBaseController { ObjectMapper objectMapper = new ObjectMapper(); ResponseEntity responseEntity; List roles = roleProvider.getUserRoles(request); - RoleValidator roleValidator = new RoleValidator(roles); + RoleValidator roleValidator = RoleValidator.by(roles); AaiResponse subscriberData = aaiService.getSubscriberData(subscriberId, roleValidator); String httpMessage = subscriberData.getT() != null ? objectMapper.writeValueAsString(subscriberData.getT()) : @@ -369,7 +373,7 @@ public class AaiController extends RestrictedBaseController { ResponseEntity responseEntity; List roles = roleProvider.getUserRoles(request); - RoleValidator roleValidator = new RoleValidator(roles); + RoleValidator roleValidator = RoleValidator.by(roles); AaiResponse searchResult = aaiService.getServiceInstanceSearchResults(subscriberId, instanceIdentifier, roleValidator, owningEntities, projects); @@ -531,7 +535,7 @@ public class AaiController extends RestrictedBaseController { try { ObjectMapper objectMapper = new ObjectMapper(); List roles = roleProvider.getUserRoles(request); - RoleValidator roleValidator = new RoleValidator(roles); + RoleValidator roleValidator = RoleValidator.by(roles); AaiResponse response = aaiService.getTenants(globalCustomerId, serviceType, roleValidator); if (response.getHttpCode() == 200) { responseEntity = new ResponseEntity(objectMapper.writeValueAsString(response.getT()), HttpStatus.OK); diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/AlwaysValidRoleValidator.java b/vid-app-common/src/main/java/org/onap/vid/roles/AlwaysValidRoleValidator.java new file mode 100644 index 000000000..4e5340fc2 --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/roles/AlwaysValidRoleValidator.java @@ -0,0 +1,43 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + +public class AlwaysValidRoleValidator implements RoleValidator { + + AlwaysValidRoleValidator() { + // package visibility, only for RoleValidator's factory + } + + @Override + public boolean isSubscriberPermitted(String subscriberName) { + return true; + } + + @Override + public boolean isServicePermitted(String subscriberName, String serviceType) { + return true; + } + + @Override + public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName) { + return true; + } +} diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleProvider.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleProvider.java index d3d2b80e2..6c0fd3f52 100644 --- a/vid-app-common/src/main/java/org/onap/vid/roles/RoleProvider.java +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleProvider.java @@ -24,6 +24,14 @@ package org.onap.vid.roles; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import io.joshworks.restclient.http.HttpResponse; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import java.util.function.Function; +import java.util.stream.Collectors; +import javax.servlet.http.HttpServletRequest; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.web.support.UserUtils; import org.onap.vid.aai.exceptions.RoleParsingException; @@ -34,11 +42,6 @@ import org.onap.vid.services.AaiService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; -import javax.servlet.http.HttpServletRequest; -import java.util.*; -import java.util.function.Function; -import java.util.stream.Collectors; - /** * Created by Oren on 7/1/17. @@ -159,7 +162,7 @@ public class RoleProvider { } public RoleValidator getUserRolesValidator(HttpServletRequest request) { - return new RoleValidator(getUserRoles(request)); + return RoleValidator.by(getUserRoles(request)); } } diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java index 4b92b6413..d37477610 100644 --- a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java @@ -3,6 +3,7 @@ * VID * ================================================================================ * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * Modifications Copyright (C) 2018 - 2019 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,82 +22,23 @@ package org.onap.vid.roles; import java.util.List; -import java.util.Map; +import org.apache.commons.lang3.StringUtils; import org.onap.portalsdk.core.util.SystemProperties; -import org.onap.vid.mso.rest.RequestDetails; -/** - * Created by Oren on 7/12/17. - */ -public class RoleValidator { - - private boolean disableRoles; - private final List userRoles; - - public RoleValidator(List roles) { - this.userRoles = roles; - disableRoles = SystemProperties.getProperty("role_management_activated").equals("false"); - } - - public boolean isSubscriberPermitted(String subscriberName) { - if (this.disableRoles) { - return true; - } - - for (Role role : userRoles) { - if (role.getSubscribeName().equals(subscriberName)) { - return true; - } - } - return false; - } - - public boolean isServicePermitted(String subscriberName, String serviceType) { - if (this.disableRoles) { - return true; - } - - for (Role role : userRoles) { - if (role.getSubscribeName().equals(subscriberName) && role.getServiceType().equals(serviceType)) { - return true; - } - } - return false; - } +public interface RoleValidator { - boolean isMsoRequestValid(RequestDetails msoRequest) { - if (this.disableRoles) { - return true; - } + static RoleValidator by(List roles) { + boolean disableRoles = + StringUtils.equals(SystemProperties.getProperty("role_management_activated"), "false"); - try { - String globalSubscriberIdRequested = (String) ((Map) ((Map) msoRequest.getAdditionalProperties() - .get("requestDetails")).get("subscriberInfo")).get("globalSubscriberId"); - String serviceType = (String) ((Map) ((Map) msoRequest.getAdditionalProperties().get("requestDetails")) - .get("requestParameters")).get("subscriptionServiceType"); - return isServicePermitted(globalSubscriberIdRequested, serviceType); - } catch (Exception e) { - //Until we'll get the exact information regarding the tenants and the global customer id, we'll return true on unknown requests to mso - return true; - } + return disableRoles + ? new AlwaysValidRoleValidator() + : new RoleValidatorByRoles(roles); } - public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName) { - if (this.disableRoles) { - return true; - } + boolean isSubscriberPermitted(String subscriberName); - for (Role role : userRoles) { - if (role.getSubscribeName().equals(globalCustomerId) - && role.getServiceType().equals(serviceType) - && (role.getTenant() == null || role.getTenant().equalsIgnoreCase(tenantName))) { - return true; - } - } - return false; - } + boolean isServicePermitted(String subscriberName, String serviceType); - void enableRoles() { - this.disableRoles = false; - } + boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName); } diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorByRoles.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorByRoles.java new file mode 100644 index 000000000..ad5b519c4 --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidatorByRoles.java @@ -0,0 +1,80 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + +import java.util.List; +import java.util.Map; +import org.onap.vid.mso.rest.RequestDetails; + +public class RoleValidatorByRoles implements RoleValidator { + + private final List userRoles; + + RoleValidatorByRoles(List roles) { + this.userRoles = roles; + } + + @Override + public boolean isSubscriberPermitted(String subscriberName) { + for (Role role : userRoles) { + if (role.getSubscribeName().equals(subscriberName)) { + return true; + } + } + return false; + } + + @Override + public boolean isServicePermitted(String subscriberName, String serviceType) { + for (Role role : userRoles) { + if (role.getSubscribeName().equals(subscriberName) && role.getServiceType().equals(serviceType)) { + return true; + } + } + return false; + } + + @Override + public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName) { + for (Role role : userRoles) { + if (role.getSubscribeName().equals(globalCustomerId) + && role.getServiceType().equals(serviceType) + && (role.getTenant() == null || role.getTenant().equalsIgnoreCase(tenantName))) { + return true; + } + } + return false; + } + + boolean isMsoRequestValid(RequestDetails msoRequest) { + try { + String globalSubscriberIdRequested = (String) ((Map) ((Map) msoRequest.getAdditionalProperties() + .get("requestDetails")).get("subscriberInfo")).get("globalSubscriberId"); + String serviceType = (String) ((Map) ((Map) msoRequest.getAdditionalProperties().get("requestDetails")) + .get("requestParameters")).get("subscriptionServiceType"); + return isServicePermitted(globalSubscriberIdRequested, serviceType); + } catch (Exception e) { + //Until we'll get the exact information regarding the tenants and the global customer id, we'll return true on unknown requests to mso + return true; + } + } + +} diff --git a/vid-app-common/src/test/java/org/onap/vid/aai/SubscriberFilteredResultsTest.java b/vid-app-common/src/test/java/org/onap/vid/aai/SubscriberFilteredResultsTest.java index 4655292c6..98b35aea4 100644 --- a/vid-app-common/src/test/java/org/onap/vid/aai/SubscriberFilteredResultsTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/aai/SubscriberFilteredResultsTest.java @@ -21,8 +21,6 @@ package org.onap.vid.aai; import java.util.ArrayList; -import java.util.List; - import org.junit.Test; import org.onap.vid.model.SubscriberList; import org.onap.vid.roles.EcompRole; @@ -34,7 +32,7 @@ public class SubscriberFilteredResultsTest { private SubscriberFilteredResults createTestSubject() { ArrayList list = new ArrayList(); list.add(new Role(EcompRole.READ, "a", "a", "a")); - RoleValidator rl=new RoleValidator(list); + RoleValidator rl=RoleValidator.by(list); SubscriberList sl = new SubscriberList(); sl.customer = new ArrayList(); sl.customer.add(new org.onap.vid.model.Subscriber()); diff --git a/vid-app-common/src/test/java/org/onap/vid/bl/AaiServiceTest.java b/vid-app-common/src/test/java/org/onap/vid/bl/AaiServiceTest.java index 9f1dc84c0..1b50681fc 100644 --- a/vid-app-common/src/test/java/org/onap/vid/bl/AaiServiceTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/bl/AaiServiceTest.java @@ -20,15 +20,29 @@ package org.onap.vid.bl; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.arrayWithSize; +import static org.hamcrest.Matchers.equalTo; +import static org.testng.Assert.assertEquals; +import static org.testng.Assert.assertNotNull; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; import org.mockito.InjectMocks; import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.MockitoAnnotations; import org.onap.vid.aai.AaiClientInterface; import org.onap.vid.aai.AaiResponse; -import org.onap.vid.aai.model.*; +import org.onap.vid.aai.model.AaiGetPnfResponse; import org.onap.vid.aai.model.AaiGetPnfs.Pnf; import org.onap.vid.aai.model.AaiGetTenatns.GetTenantsResponse; +import org.onap.vid.aai.model.LogicalLinkResponse; +import org.onap.vid.aai.model.Relationship; +import org.onap.vid.aai.model.RelationshipData; +import org.onap.vid.aai.model.RelationshipList; +import org.onap.vid.aai.model.ServiceRelationships; import org.onap.vid.roles.Role; import org.onap.vid.roles.RoleValidator; import org.onap.vid.services.AaiServiceImpl; @@ -36,16 +50,6 @@ import org.testng.annotations.BeforeMethod; import org.testng.annotations.DataProvider; import org.testng.annotations.Test; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; - -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.arrayWithSize; -import static org.hamcrest.Matchers.equalTo; -import static org.testng.Assert.assertEquals; -import static org.testng.Assert.assertNotNull; - public class AaiServiceTest { @InjectMocks @@ -164,7 +168,7 @@ public class AaiServiceTest { AaiResponse aaiResponse = new AaiResponse<>(getTenantsResponses, null, 200); Mockito.doReturn(aaiResponse).when(aaiClientInterface).getTenants(serviceGlobalCustomerId, serviceServiceType); Role role = new Role(null, userGlobalCustomerId, userServiceType, userTenantName); - RoleValidator roleValidator = new RoleValidator(Collections.singletonList(role)); + RoleValidator roleValidator = RoleValidator.by(Collections.singletonList(role)); AaiResponse actualTenants = aaiService.getTenants(serviceGlobalCustomerId, serviceServiceType, roleValidator); assertThat(actualTenants.getT(), arrayWithSize(1)); diff --git a/vid-app-common/src/test/java/org/onap/vid/controller/ServicePermissionsTest.java b/vid-app-common/src/test/java/org/onap/vid/controller/ServicePermissionsTest.java index abdf31572..36af92c0c 100644 --- a/vid-app-common/src/test/java/org/onap/vid/controller/ServicePermissionsTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/controller/ServicePermissionsTest.java @@ -20,14 +20,6 @@ package org.onap.vid.controller; -import org.jetbrains.annotations.NotNull; -import org.onap.vid.aai.model.Permissions; -import org.onap.vid.roles.RoleProvider; -import org.onap.vid.roles.RoleValidator; -import org.springframework.mock.web.MockHttpServletRequest; -import org.testng.annotations.DataProvider; -import org.testng.annotations.Test; - import static java.lang.Boolean.FALSE; import static java.lang.Boolean.TRUE; import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric; @@ -37,6 +29,14 @@ import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; +import org.jetbrains.annotations.NotNull; +import org.onap.vid.aai.model.Permissions; +import org.onap.vid.roles.RoleProvider; +import org.onap.vid.roles.RoleValidator; +import org.springframework.mock.web.MockHttpServletRequest; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; + public class ServicePermissionsTest { @DataProvider diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/AlwaysValidRoleValidatorTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/AlwaysValidRoleValidatorTest.java new file mode 100644 index 000000000..363c6ff76 --- /dev/null +++ b/vid-app-common/src/test/java/org/onap/vid/roles/AlwaysValidRoleValidatorTest.java @@ -0,0 +1,43 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + +import static org.testng.Assert.assertTrue; + +import org.testng.annotations.Test; + +public class AlwaysValidRoleValidatorTest { + + @Test + public void testIsSubscriberPermitted() { + assertTrue(new AlwaysValidRoleValidator().isSubscriberPermitted("any")); + } + + @Test + public void testIsServicePermitted() { + assertTrue(new AlwaysValidRoleValidator().isServicePermitted("any", "any")); + } + + @Test + public void testIsTenantPermitted() { + assertTrue(new AlwaysValidRoleValidator().isTenantPermitted("any", "any", "any")); + } +} \ No newline at end of file diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByRolesTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByRolesTest.java new file mode 100644 index 000000000..9362ec9d7 --- /dev/null +++ b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorByRolesTest.java @@ -0,0 +1,114 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.roles; + + +import static org.assertj.core.api.Assertions.assertThat; + +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableMap; +import java.util.List; +import java.util.Map; +import org.onap.vid.mso.rest.RequestDetails; +import org.testng.annotations.BeforeMethod; +import org.testng.annotations.Test; + +public class RoleValidatorByRolesTest { + + private static final String SAMPLE_SUBSCRIBER = "sampleSubscriber"; + private static final String NOT_MATCHING_SUBSCRIBER = "notMatchingSubscriber"; + private static final String SAMPLE_SERVICE_TYPE = "sampleServiceType"; + private static final String NOT_MATCHING_TENANT = "notMatchingTenant"; + private static final String SAMPLE_TENANT = "sampleTenant"; + + private static final Role SAMPLE_ROLE = new Role(EcompRole.READ, SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SAMPLE_TENANT); + + private List roles = ImmutableList.of(SAMPLE_ROLE); + private Map subscriberInfo = ImmutableMap.of("globalSubscriberId", SAMPLE_SUBSCRIBER); + private Map requestParameters = ImmutableMap.of("subscriptionServiceType", SAMPLE_SERVICE_TYPE); + private Map requestDetailsProperties = ImmutableMap.of("subscriberInfo", subscriberInfo, "requestParameters", requestParameters); + private RequestDetails requestDetails; + private RoleValidatorByRoles roleValidator; + + @BeforeMethod + public void setUp() { + roleValidator = new RoleValidatorByRoles(roles); + requestDetails = new RequestDetails(); + } + + @Test + public void shouldPermitSubscriberWhenNameMatchesAndRolesAreEnabled() { + assertThat(roleValidator.isSubscriberPermitted(SAMPLE_SUBSCRIBER)).isTrue(); + } + + @Test + public void shouldNotPermitSubscriberWhenNameNotMatches() { + assertThat(roleValidator.isSubscriberPermitted(NOT_MATCHING_SUBSCRIBER)).isFalse(); + } + + @Test + public void shouldPermitServiceWhenNamesMatches() { + assertThat(roleValidator.isServicePermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE)).isTrue(); + } + + + @Test + public void shouldNotPermitServiceWhenSubscriberNameNotMatches() { + assertThat(roleValidator.isServicePermitted(NOT_MATCHING_SUBSCRIBER, SAMPLE_SERVICE_TYPE)).isFalse(); + } + + @Test + public void shouldNotPermitServiceWhenServiceTypeNotMatches() { + assertThat(roleValidator.isServicePermitted(SAMPLE_SUBSCRIBER, NOT_MATCHING_SUBSCRIBER)).isFalse(); + } + + @Test + public void shouldPermitTenantWhenNameMatches() { + assertThat(roleValidator.isTenantPermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SAMPLE_TENANT)).isTrue(); + } + + + @Test + public void shouldNotPermitTenantWhenNameNotMatches() { + assertThat(roleValidator.isTenantPermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, NOT_MATCHING_TENANT)).isFalse(); + } + + @Test + public void shouldValidateProperlySORequest() { + requestDetails.setAdditionalProperty("requestDetails", requestDetailsProperties); + + assertThat(roleValidator.isMsoRequestValid(requestDetails)).isTrue(); + } + + @Test + public void shouldValidateUnknownSORequest() { + assertThat(roleValidator.isMsoRequestValid(new RequestDetails())).isTrue(); + } + + @Test + public void shouldRejectSORequestWhenSubscriberNotMatches() { + Map subscriberInfo = ImmutableMap.of("globalSubscriberId", "sample"); + Map requestDetailsProperties = ImmutableMap.of("subscriberInfo", subscriberInfo, "requestParameters", requestParameters); + requestDetails.setAdditionalProperty("requestDetails", requestDetailsProperties); + + assertThat(roleValidator.isMsoRequestValid(requestDetails)).isFalse(); + } +} diff --git a/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorTest.java b/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorTest.java deleted file mode 100644 index 69ec3458e..000000000 --- a/vid-app-common/src/test/java/org/onap/vid/roles/RoleValidatorTest.java +++ /dev/null @@ -1,116 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * VID - * ================================================================================ - * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.vid.roles; - - -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableMap; -import org.onap.vid.mso.rest.RequestDetails; -import org.testng.annotations.BeforeMethod; -import org.testng.annotations.Test; - -import java.util.List; -import java.util.Map; - -import static org.assertj.core.api.Assertions.assertThat; - -public class RoleValidatorTest { - - private static final String SAMPLE_SUBSCRIBER = "sampleSubscriber"; - private static final String NOT_MATCHING_SUBSCRIBER = "notMatchingSubscriber"; - private static final String SAMPLE_SERVICE_TYPE = "sampleServiceType"; - private static final String NOT_MATCHING_TENANT = "notMatchingTenant"; - private static final String SAMPLE_TENANT = "sampleTenant"; - - private static final Role SAMPLE_ROLE = new Role(EcompRole.READ, SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SAMPLE_TENANT); - - private List roles = ImmutableList.of(SAMPLE_ROLE); - private Map subscriberInfo = ImmutableMap.of("globalSubscriberId", SAMPLE_SUBSCRIBER); - private Map requestParameters = ImmutableMap.of("subscriptionServiceType", SAMPLE_SERVICE_TYPE); - private Map requestDetailsProperties = ImmutableMap.of("subscriberInfo", subscriberInfo, "requestParameters", requestParameters); - private RequestDetails requestDetails; - private RoleValidator roleValidator; - - @BeforeMethod - public void setUp() { - roleValidator = new RoleValidator(roles); - roleValidator.enableRoles(); - requestDetails = new RequestDetails(); - } - - @Test - public void shouldPermitSubscriberWhenNameMatchesAndRolesAreEnabled() { - assertThat(roleValidator.isSubscriberPermitted(SAMPLE_SUBSCRIBER)).isTrue(); - } - - @Test - public void shouldNotPermitSubscriberWhenNameNotMatches() { - assertThat(roleValidator.isSubscriberPermitted(NOT_MATCHING_SUBSCRIBER)).isFalse(); - } - - @Test - public void shouldPermitServiceWhenNamesMatches() { - assertThat(roleValidator.isServicePermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE)).isTrue(); - } - - - @Test - public void shouldNotPermitServiceWhenSubscriberNameNotMatches() { - assertThat(roleValidator.isServicePermitted(NOT_MATCHING_SUBSCRIBER, SAMPLE_SERVICE_TYPE)).isFalse(); - } - - @Test - public void shouldNotPermitServiceWhenServiceTypeNotMatches() { - assertThat(roleValidator.isServicePermitted(SAMPLE_SUBSCRIBER, NOT_MATCHING_SUBSCRIBER)).isFalse(); - } - - @Test - public void shouldPermitTenantWhenNameMatches() { - assertThat(roleValidator.isTenantPermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, SAMPLE_TENANT)).isTrue(); - } - - - @Test - public void shouldNotPermitTenantWhenNameNotMatches() { - assertThat(roleValidator.isTenantPermitted(SAMPLE_SUBSCRIBER, SAMPLE_SERVICE_TYPE, NOT_MATCHING_TENANT)).isFalse(); - } - - @Test - public void shouldValidateProperlySORequest() { - requestDetails.setAdditionalProperty("requestDetails", requestDetailsProperties); - - assertThat(roleValidator.isMsoRequestValid(requestDetails)).isTrue(); - } - - @Test - public void shouldValidateUnknownSORequest() { - assertThat(roleValidator.isMsoRequestValid(new RequestDetails())).isTrue(); - } - - @Test - public void shouldRejectSORequestWhenSubscriberNotMatches() { - Map subscriberInfo = ImmutableMap.of("globalSubscriberId", "sample"); - Map requestDetailsProperties = ImmutableMap.of("subscriberInfo", subscriberInfo, "requestParameters", requestParameters); - requestDetails.setAdditionalProperty("requestDetails", requestDetailsProperties); - - assertThat(roleValidator.isMsoRequestValid(requestDetails)).isFalse(); - } -} diff --git a/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceImplTest.java b/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceImplTest.java index 59cee89b2..e9f94ca0e 100644 --- a/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceImplTest.java +++ b/vid-app-common/src/test/java/org/onap/vid/services/AaiServiceImplTest.java @@ -44,6 +44,7 @@ import org.onap.vid.aai.model.AaiGetServicesRequestModel.GetServicesAAIRespone; import org.onap.vid.aai.model.AaiGetTenatns.GetTenantsResponse; import org.onap.vid.aai.model.VnfResult; import org.onap.vid.roles.RoleValidator; +import org.onap.vid.roles.RoleValidatorByRoles; public class AaiServiceImplTest { @@ -137,7 +138,7 @@ public class AaiServiceImplTest { when(response.getT()).thenReturn(new GetTenantsResponse[]{ permittedTenant, unpermittedTenant }); when(aaiClient.getTenants(globalCustomerId, serviceType)).thenReturn(response); - RoleValidator roleValidator = mock(RoleValidator.class); + RoleValidator roleValidator = mock(RoleValidatorByRoles.class); when(roleValidator.isTenantPermitted(globalCustomerId, serviceType, "permitted_tenant")).thenReturn(true); when(roleValidator.isTenantPermitted(globalCustomerId, serviceType, "unpermitted_tenant")).thenReturn(false); @@ -202,7 +203,7 @@ public class AaiServiceImplTest { @SuppressWarnings("unchecked") public void getServicesShouldMarkAllServicesAsPermitted() { // given - RoleValidator roleValidator = modelGenerator.nextObject(RoleValidator.class); + RoleValidator roleValidator = modelGenerator.nextObject(RoleValidatorByRoles.class); GetServicesAAIRespone inputPayload = modelGenerator.nextObject(GetServicesAAIRespone.class); assertThat(inputPayload.service.stream().allMatch(service -> service.isPermitted)).isFalse(); -- cgit 1.2.3-korg