2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017, 2019 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.policy.pap.xacml.rest.components;
23 import static org.junit.Assert.*;
24 import static org.mockito.Mockito.when;
26 import com.att.research.xacml.util.XACMLProperties;
28 import java.lang.reflect.InvocationTargetException;
29 import java.lang.reflect.Method;
30 import java.util.HashMap;
32 import java.util.UUID;
34 import org.junit.After;
35 import org.junit.Before;
36 import org.junit.Test;
37 import org.mockito.Mockito;
38 import org.onap.policy.common.logging.flexlogger.FlexLogger;
39 import org.onap.policy.common.logging.flexlogger.Logger;
40 import org.onap.policy.pap.test.XACMLPAPTest;
41 import org.onap.policy.rest.adapter.PolicyRestAdapter;
43 public class FirewallConfigPolicyTest {
45 private static Logger logger = FlexLogger.getLogger(FirewallConfigPolicyTest.class);
46 PolicyRestAdapter policyAdapter = new PolicyRestAdapter();
47 Map<String, String> attributeMap = new HashMap<>();
48 FirewallConfigPolicy component = null;
49 FirewallConfigPolicy mockFWConfig = null;
50 private XACMLPAPTest papTest;
53 * @throws java.lang.Exception
56 public void setUp() throws Exception {
57 logger.info("setup: enter");
58 System.setProperty(XACMLProperties.XACML_PROPERTIES_NAME, "src/test/resources/xacml.pap.properties");
60 policyAdapter.setPolicyName("FWjunitTest");
61 policyAdapter.setPolicyDescription("test");
62 policyAdapter.setRuleCombiningAlgId("urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-overrides");
63 policyAdapter.setPolicyType("Config");
64 policyAdapter.setConfigPolicyType("Firewall Config");
65 policyAdapter.setEditPolicy(false);
66 policyAdapter.setDomainDir("Test");
67 policyAdapter.setNewFileName("Test.Config_FW_junitTest.1.xml");
68 policyAdapter.setHighestVersion(1);
69 policyAdapter.setVersion(String.valueOf(1));
70 policyAdapter.setPolicyID("urn:xacml:policy:id:" + UUID.randomUUID());
71 policyAdapter.setRuleID("");
72 policyAdapter.setConfigName("testname");
73 policyAdapter.setGuard("True");
74 policyAdapter.setRiskLevel("3");
75 policyAdapter.setRiskType("RiskTest");
76 policyAdapter.setSecurityZone("CraigSecurityZone");
77 policyAdapter.setUserId("API");
79 attributeMap.put("testJunits", "test");
80 policyAdapter.setDynamicFieldConfigAttributes(attributeMap);
82 component = new FirewallConfigPolicy(policyAdapter);
83 mockFWConfig = Mockito.mock(FirewallConfigPolicy.class);
84 papTest = new XACMLPAPTest();
86 logger.info("setUp: exit");
91 * @throws java.lang.Exception
94 public void tearDown() throws Exception {
98 * Test method for {@link org.openecomp.policy.pap.xacml.rest.components.FirewallConfigPolicy#savePolicies()}.
101 public void testSavePolicies() {
102 Map<String, String> successMap = new HashMap<>();
103 successMap.put("success", "success");
105 when(mockFWConfig.savePolicies()).thenReturn(successMap);
106 successMap = mockFWConfig.savePolicies();
107 } catch (Exception e) {
108 logger.error("Exception Occured" + e);
113 * Test method for {@link org.openecomp.policy.pap.xacml.rest.components.FirewallConfigPolicy#prepareToSave()}.
116 public void testPrepareToSave() {
117 logger.debug("test prepareToSave Policy: enter");
119 boolean response = false;
121 when(mockFWConfig.prepareToSave()).thenReturn(true);
122 response = mockFWConfig.prepareToSave();
123 } catch (Exception e) {
124 logger.error("Exception Occured" + e);
126 assertTrue(response);
131 public void testUpdateJson() throws NoSuchMethodException, SecurityException, IllegalAccessException,
132 IllegalArgumentException, InvocationTargetException {
133 FirewallConfigPolicy firewallConfigPolicy = new FirewallConfigPolicy();
134 Method method = firewallConfigPolicy.getClass().getDeclaredMethod("updateFirewallDictionaryData", String.class,
136 method.setAccessible(true);
138 "{\"serviceTypeId\":\"/v0/firewall/pan\",\"configName\":\"TestFwPolicyConfig\",\"deploymentOption\":"
139 + "{\"deployNow\":false},\"securityZoneId\":\"cloudsite:dev1a\",\"serviceGroups\":[{\"name\":"
140 + "\"SSH\",\"description\":\"Sshservice entry in servicelist\",\"type\":\"SERVICE\","
141 + "\"transportProtocol\":\"tcp\",\"appProtocol\":null,\"ports\":\"22\"}],\"addressGroups\":"
142 + "[{\"name\":\"test\",\"description\":\"Destination\",\"members\":[{\"type\":\"SUBNET\",\"value\":"
143 + "\"127.0.0.1/12\"}]},{\"name\":\"TestServers\",\"description\":"
144 + "\"SourceTestServers for firsttesting\",\"members\":[{\"type\":\"SUBNET\",\"value\":"
145 + "\"127.0.0.1/23\"}]}],\"firewallRuleList\":[{\"position\":\"1\",\"ruleName\":"
146 + "\"FWRuleTestServerToTest\",\"fromZones\":[\"UntrustedZoneTestName\"],\"toZones\":"
147 + "[\"TrustedZoneTestName\"],\"negateSource\":false,\"negateDestination\":false,\"sourceList\":"
148 + "[{\"type\":\"REFERENCE\",\"name\":\"TestServers\"}],\"destinationList\":[{\"type\":"
149 + "\"REFERENCE\",\"name\":\"Test\"}],\"sourceServices\":[],\"destServices\":[{\"type\":"
150 + "\"REFERENCE\",\"name\":\"SSH\"}],\"action\":\"accept\",\"description\":"
151 + "\"FWrule for Test source to Test destination\",\"enabled\":true,\"log\":true}]}";
152 String prevJsonBody =
153 "{\"serviceTypeId\":\"/v0/firewall/pan\",\"configName\":\"TestFwPolicy1Config\","
154 + "\"deploymentOption\":{\"deployNow\":false},\"securityZoneId\":\"cloudsite:dev\","
155 + "\"vendorServiceId\":\"test\",\"vendorSpecificData\":{\"idMap\":[{\"Id\":\"cloudsite:dev1a\","
156 + "\"vendorId\":\"deviceGroup:dev\"}]},\"serviceGroups\":[{\"name\":\"SSH\",\"description\":"
157 + "\"Ssh service entry in service list\",\"type\":\"SERVICE\",\"transportProtocol\":\"tcp\","
158 + "\"appProtocol\":null,\"ports\":\"22\"}],\"addressGroups\":[{\"name\":\"Test\",\"description\":"
159 + "\"Destination Test\",\"members\":[{\"type\":\"SUBNET\",\"value\":\"127.0.0.1/12\"}]},{\"name\":"
160 + "\"TestServers\",\"description\":\"Source TestServers for first testing\",\"members\":[{\"type\":"
161 + "\"SUBNET\",\"value\":\"127.0.0.1/23\"}]}],\"firewallRuleList\":[{\"position\":\"1\",\"ruleName\":"
162 + "\"FWRuleTestServerTot\",\"fromZones\":[\"UntrustedZoneTestName\"],\"toZones\":"
163 + "[\"TrustedZoneTName\"],\"negateSource\":false,\"negateDestination\":false,\"sourceList\":"
164 + "[{\"type\":\"REFERENCE\",\"name\":\"TServers\"}],\"destinationList\":[{\"type\":\"REFERENCE\","
165 + "\"name\":\"Test\"}],\"sourceServices\":[],\"destServices\":[{\"type\":\"REFERENCE\",\"name\":"
166 + "\"SSH\"}],\"action\":\"accept\",\"description\":\"FW rule for HOHO source to CiscoVCE destination\","
167 + "\"enabled\":true,\"log\":true}]}";
168 assertTrue((Boolean) method.invoke(firewallConfigPolicy, jsonBody, prevJsonBody));
172 public void testInsertJson() throws NoSuchMethodException, SecurityException, IllegalAccessException,
173 IllegalArgumentException, InvocationTargetException {
174 FirewallConfigPolicy firewallConfigPolicy = new FirewallConfigPolicy();
175 Method method = firewallConfigPolicy.getClass().getDeclaredMethod("insertFirewallDicionaryData", String.class);
176 method.setAccessible(true);
178 "{\"serviceTypeId\":\"/v0/firewall/pan\",\"configName\":\"TestFwPolicyConfig\",\"deploymentOption\":"
179 + "{\"deployNow\":false},\"securityZoneId\":\"cloudsite:dev1a\",\"serviceGroups\":[{\"name\":\"SSH\","
180 + "\"description\":\"Sshservice entry in servicelist\",\"type\":\"SERVICE\",\"transportProtocol\":"
181 + "\"tcp\",\"appProtocol\":null,\"ports\":\"22\"}],\"addressGroups\":[{\"name\":\"test\","
182 + "\"description\":\"Destination\",\"members\":[{\"type\":\"SUBNET\",\"value\":\"127.0.0.1/12\"}]},"
183 + "{\"name\":\"TestServers\",\"description\":\"SourceTestServers for firsttesting\",\"members\":"
184 + "[{\"type\":\"SUBNET\",\"value\":\"127.0.0.1/23\"}]}],\"firewallRuleList\":[{\"position\":\"1\","
185 + "\"ruleName\":\"FWRuleTestServerToTest\",\"fromZones\":[\"UntrustedZoneTestName\"],\"toZones\":"
186 + "[\"TrustedZoneTestName\"],\"negateSource\":false,\"negateDestination\":false,\"sourceList\":"
187 + "[{\"type\":\"REFERENCE\",\"name\":\"TestServers\"}],\"destinationList\":[{\"type\":\"REFERENCE\","
188 + "\"name\":\"Test\"}],\"sourceServices\":[],\"destServices\":[{\"type\":\"REFERENCE\",\"name\":"
189 + "\"SSH\"}],\"action\":\"accept\",\"description\":\"FWrule for Test source to Test destination\","
190 + "\"enabled\":true,\"log\":true}]}";
191 assertTrue((Boolean) method.invoke(firewallConfigPolicy, jsonBody));