From 7bc81973c823789debc000858f7777d120709ac4 Mon Sep 17 00:00:00 2001
From: Ittay Stern <ittay.stern@att.com>
Date: Tue, 11 Feb 2020 13:56:54 +0200
Subject: Filter owning-entities from /category_parameter by permissions

Implemented in CategoryParameterServiceWithRoles and injected
to MaintenanceController, but still reachable because
shouldTreatPermissions() is "false".

Issue-ID: VID-758

Change-Id: I716202ca944af9b0de9c151d75d50b5df41a8171
Signed-off-by: Ittay Stern <ittay.stern@att.com>
---
 .../vid/controller/PropertyControllerTest.java     |   3 +-
 .../CategoryParameterServiceWithRolesTest.kt       | 114 +++++++++++++++++++++
 2 files changed, 116 insertions(+), 1 deletion(-)
 create mode 100644 vid-app-common/src/test/java/org/onap/vid/services/CategoryParameterServiceWithRolesTest.kt

(limited to 'vid-app-common/src/test/java/org')

diff --git a/vid-app-common/src/test/java/org/onap/vid/controller/PropertyControllerTest.java b/vid-app-common/src/test/java/org/onap/vid/controller/PropertyControllerTest.java
index fd8fdcf54..7fcf0fe38 100644
--- a/vid-app-common/src/test/java/org/onap/vid/controller/PropertyControllerTest.java
+++ b/vid-app-common/src/test/java/org/onap/vid/controller/PropertyControllerTest.java
@@ -39,6 +39,7 @@ import org.onap.vid.category.CategoryParameterOptionRep;
 import org.onap.vid.category.CategoryParametersResponse;
 import org.onap.vid.model.CategoryParameter.Family;
 import org.onap.vid.services.CategoryParameterService;
+import org.onap.vid.services.CategoryParameterServiceWithRoles;
 import org.onap.vid.utils.SystemPropertiesWrapper;
 import org.springframework.http.MediaType;
 import org.springframework.test.web.servlet.MockMvc;
@@ -58,7 +59,7 @@ public class PropertyControllerTest {
     private ObjectMapper objectMapper;
 
     @Mock
-    private CategoryParameterService service;
+    private CategoryParameterServiceWithRoles service;
     @Mock
     private SystemPropertiesWrapper systemPropertiesWrapper;
 
diff --git a/vid-app-common/src/test/java/org/onap/vid/services/CategoryParameterServiceWithRolesTest.kt b/vid-app-common/src/test/java/org/onap/vid/services/CategoryParameterServiceWithRolesTest.kt
new file mode 100644
index 000000000..2582012d9
--- /dev/null
+++ b/vid-app-common/src/test/java/org/onap/vid/services/CategoryParameterServiceWithRolesTest.kt
@@ -0,0 +1,114 @@
+package org.onap.vid.services
+
+import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
+import com.fasterxml.jackson.module.kotlin.readValue
+import net.javacrumbs.jsonunit.JsonMatchers.jsonEquals
+import net.javacrumbs.jsonunit.JsonMatchers.jsonPartEquals
+import org.hamcrest.CoreMatchers.allOf
+import org.hamcrest.MatcherAssert.assertThat
+import org.intellij.lang.annotations.Language
+import org.mockito.ArgumentMatchers.any
+import org.mockito.InjectMocks
+import org.mockito.Mock
+import org.mockito.Mockito
+import org.mockito.Mockito.mock
+import org.mockito.invocation.InvocationOnMock
+import org.onap.vid.category.CategoryParameterOptionRep
+import org.onap.vid.category.CategoryParametersResponse
+import org.onap.vid.roles.RoleProvider
+import org.onap.vid.roles.RoleValidator
+import org.onap.vid.services.CategoryParameterServiceWithRoles.OwningEntityOptionRep
+import org.onap.vid.testUtils.TestUtils
+import org.testng.annotations.BeforeMethod
+import org.testng.annotations.Test
+import org.togglz.core.manager.FeatureManager
+import javax.servlet.http.HttpServletRequest
+import org.mockito.Mockito.`when` as _when
+
+class CategoryParameterServiceWithRolesTest {
+
+    @Mock lateinit var categoryParameterService: CategoryParameterService
+    @Mock lateinit var featureManager: FeatureManager
+    @Mock lateinit var roleProvider: RoleProvider
+    @Mock lateinit var request: HttpServletRequest
+
+    private lateinit var alwaysTrueRoles: RoleValidator
+    private lateinit var alwaysFalseRoles: RoleValidator
+
+    @InjectMocks
+    lateinit var categoryParameterServiceWithRoles: CategoryParameterServiceWithRoles;
+
+    @BeforeMethod
+    fun initMocks() {
+        TestUtils.initMockitoMocks(this)
+
+        alwaysTrueRoles = mock(RoleValidator::class.java, Mockito.withSettings().defaultAnswer { o: InvocationOnMock? -> true })
+        alwaysFalseRoles = mock(RoleValidator::class.java)
+    }
+
+    @Test
+    fun `treatPermissions -- given no permissions -- owningEntity lists is empty, the rest left intact`() {
+        _when(roleProvider.getUserRolesValidator(any())).thenReturn(alwaysFalseRoles)
+
+        assertThat(
+                categoryParameterServiceWithRoles.treatPermissions(categoryParametersResponse),
+                allOf(
+                    jsonPartEquals("categoryParameters.owningEntity", emptyList<Any>()),
+                    jsonEquals<CategoryParametersResponse>(categoryParametersResponse)
+                            .whenIgnoringPaths("categoryParameters.owningEntity")
+                )
+        )
+    }
+
+    @Test
+    fun `treatPermissions -- given all permissions -- response left intact`() {
+        _when(roleProvider.getUserRolesValidator(any())).thenReturn(alwaysTrueRoles)
+
+        assertThat(
+                categoryParameterServiceWithRoles.treatPermissions(categoryParametersResponse),
+                jsonEquals(categoryParametersResponse)
+        )
+    }
+
+    @Test
+    fun `treatPermissions -- given permission to WayneHolland -- only one owningEntity WayneHolland is left`() {
+        val wayneHolland = CategoryParameterOptionRep("d61e6f2d-12fa-4cc2-91df-7c244011d6fc", "WayneHolland")
+
+        val roleValidatorForWayneHolland = mock(RoleValidator::class.java)
+        _when(roleValidatorForWayneHolland.isServicePermitted(OwningEntityOptionRep(wayneHolland))).thenReturn(true)
+
+        _when(roleProvider.getUserRolesValidator(any())).thenReturn(roleValidatorForWayneHolland)
+
+        assertThat(
+                categoryParameterServiceWithRoles.treatPermissions(categoryParametersResponse),
+                jsonPartEquals("categoryParameters.owningEntity", listOf(wayneHolland))
+        )
+    }
+
+
+
+    @Language("JSON") val categoryParametersResponse: CategoryParametersResponse =
+        jacksonObjectMapper().readValue("""
+            {
+              "categoryParameters": {
+                "lineOfBusiness": [
+                  { "id": "ONAP", "name": "ONAP" },
+                  { "id": "zzz1", "name": "zzz1" }
+                ],
+                "owningEntity": [
+                  { "id": "b1a9a80e-71b8-4176-9ac6-d265bf30e9d9", "name": "Melissa" },
+                  { "id": "d61e6f2d-12fa-4cc2-91df-7c244011d6fc", "name": "WayneHolland" }
+                ],
+                "project": [
+                  { "id": "WATKINS", "name": "WATKINS" },
+                  { "id": "yyy1", "name": "yyy1" }
+                ],
+                "platform": [
+                  { "id": "platform", "name": "platform" },
+                  { "id": "xxx1", "name": "xxx1" }
+                ]
+              }
+            }""")
+
+
+}
\ No newline at end of file
-- 
cgit 1.2.3-korg