2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017, 2019 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Modifications Copyright (C) 2019 Samsung
8 * ================================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 * ============LICENSE_END=========================================================
23 package org.onap.policy.daoImp;
25 import static org.junit.Assert.assertEquals;
26 import static org.junit.Assert.assertFalse;
27 import static org.junit.Assert.assertTrue;
28 import static org.junit.Assert.fail;
31 import java.util.ArrayList;
32 import java.util.Date;
33 import java.util.List;
34 import java.util.Properties;
36 import javax.script.SimpleBindings;
38 import org.apache.tomcat.dbcp.dbcp2.BasicDataSource;
39 import org.h2.tools.Server;
40 import org.hibernate.SessionFactory;
41 import org.junit.After;
42 import org.junit.Before;
43 import org.junit.Test;
44 import org.onap.policy.common.logging.flexlogger.FlexLogger;
45 import org.onap.policy.common.logging.flexlogger.Logger;
46 import org.onap.policy.conf.HibernateSession;
47 import org.onap.policy.controller.PolicyController;
48 import org.onap.policy.rest.jpa.OnapName;
49 import org.onap.policy.rest.jpa.PolicyEntity;
50 import org.onap.policy.rest.jpa.PolicyRoles;
51 import org.onap.policy.rest.jpa.PolicyVersion;
52 import org.onap.policy.rest.jpa.SystemLogDB;
53 import org.onap.policy.rest.jpa.UserInfo;
54 import org.onap.policy.rest.jpa.WatchPolicyNotificationTable;
55 import org.springframework.orm.hibernate4.LocalSessionFactoryBuilder;
56 import org.springframework.test.annotation.Rollback;
57 import org.springframework.transaction.annotation.Transactional;
59 public class CommonClassDaoImplTest {
61 private static Logger logger = FlexLogger.getLogger(CommonClassDaoImplTest.class);
63 SessionFactory sessionFactory;
65 CommonClassDaoImpl commonClassDao;
70 * @throws Exception Exception
73 public void setUp() throws Exception {
75 BasicDataSource dataSource = new BasicDataSource();
76 dataSource.setDriverClassName("org.h2.Driver");
77 // In-memory DB for testing
78 dataSource.setUrl("jdbc:h2:mem:test");
79 dataSource.setUsername("sa");
80 dataSource.setPassword("");
81 LocalSessionFactoryBuilder sessionBuilder = new LocalSessionFactoryBuilder(dataSource);
82 sessionBuilder.scanPackages("org.onap.*", "com.*");
84 Properties properties = new Properties();
85 properties.put("hibernate.show_sql", "false");
86 properties.put("hibernate.dialect", "org.hibernate.dialect.H2Dialect");
87 properties.put("hibernate.hbm2ddl.auto", "drop");
88 properties.put("hibernate.hbm2ddl.auto", "create");
90 sessionBuilder.addProperties(properties);
91 sessionFactory = sessionBuilder.buildSessionFactory();
93 // Set up dao with SessionFactory
94 commonClassDao = new CommonClassDaoImpl();
95 CommonClassDaoImpl.setSessionfactory(sessionFactory);
96 PolicyController.setLogTableLimit("1");
97 HibernateSession.setSession(sessionFactory);
98 SystemLogDB data1 = new SystemLogDB();
99 data1.setDate(new Date());
100 data1.setLogtype("INFO");
101 data1.setRemote("Test");
102 data1.setSystem("Test");
103 data1.setType("Test");
104 SystemLogDB data2 = new SystemLogDB();
105 data2.setDate(new Date());
106 data2.setLogtype("error");
107 data2.setRemote("Test");
108 data2.setSystem("Test");
109 data2.setType("Test");
110 HibernateSession.getSession().save(data1);
111 HibernateSession.getSession().save(data2);
112 // Create TCP server for troubleshooting
113 server = Server.createTcpServer("-tcpAllowOthers").start();
114 System.out.println("URL: jdbc:h2:" + server.getURL() + "/mem:test");
116 } catch (Exception e) {
117 System.err.println(e);
125 public void testDB() {
128 UserInfo userinfo = new UserInfo();
129 userinfo.setUserLoginId("Test");
130 userinfo.setUserName("Test");
131 commonClassDao.save(userinfo);
132 OnapName onapName = new OnapName();
133 onapName.setOnapName("Test");
134 onapName.setUserCreatedBy(userinfo);
135 onapName.setUserModifiedBy(userinfo);
136 onapName.setModifiedDate(new Date());
137 commonClassDao.save(onapName);
139 List<Object> list = commonClassDao.getData(OnapName.class);
140 assertTrue(list.size() == 1);
141 logger.debug(list.size());
142 logger.debug(list.get(0));
143 } catch (Exception e) {
144 logger.debug("Exception Occured" + e);
152 public void testUser() {
155 UserInfo userinfo = new UserInfo();
156 String loginIdUserName = "Test";
157 userinfo.setUserLoginId(loginIdUserName);
158 userinfo.setUserName(loginIdUserName);
159 commonClassDao.save(userinfo);
161 List<Object> dataCur = commonClassDao.getDataByQuery("from UserInfo", new SimpleBindings());
163 assertEquals(1, dataCur.size());
164 UserInfo cur = (UserInfo) dataCur.get(0);
165 assertEquals(loginIdUserName, cur.getUserLoginId());
166 assertEquals(loginIdUserName, cur.getUserName());
168 assertFalse(dataCur.isEmpty());
170 } catch (Exception e) {
171 logger.debug("Exception Occured" + e);
179 public void getDataByQuery_DashboardController() {
182 PolicyEntity pe = new PolicyEntity();
183 String name = "TestPolicy";
184 pe.setPolicyName(name);
185 pe.setPolicyData("dummyData");
187 pe.setScope("dummyScope");
188 pe.setDescription("descr");
189 pe.setDeleted(false);
190 pe.setCreatedBy("Test");
191 commonClassDao.save(pe);
193 List<Object> dataCur = commonClassDao.getDataByQuery("from PolicyEntity", new SimpleBindings());
195 assertTrue(1 == dataCur.size());
196 assertTrue(dataCur.get(0) instanceof PolicyEntity);
197 assertEquals(name, ((PolicyEntity) dataCur.get(0)).getPolicyName());
198 assertEquals(pe, (dataCur.get(0)));
200 } catch (Exception e) {
201 logger.debug("Exception Occured" + e);
209 public void getDataByQuery_AutoPushController() {
212 PolicyVersion pv = new PolicyVersion();
213 pv.setActiveVersion(2);
214 pv.setPolicyName("myPname");
216 pv.setCreatedBy("Test");
217 pv.setModifiedBy("Test");
219 PolicyVersion pv2 = new PolicyVersion();
220 pv2.setActiveVersion(1);
221 pv2.setPolicyName("test");
223 pv2.setCreatedBy("Test");
224 pv2.setModifiedBy("Test");
226 commonClassDao.save(pv);
227 commonClassDao.save(pv2);
231 String query = "From PolicyVersion where policy_name like :scope and id > 0";
232 SimpleBindings params = new SimpleBindings();
233 params.put("scope", scope);
234 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
236 assertTrue(1 == dataCur.size());
237 assertEquals(pv, dataCur.get(0));
239 } catch (Exception e) {
240 logger.debug("Exception Occured" + e);
248 public void getDataByQuery_PolicyNotificationMail() {
251 WatchPolicyNotificationTable watch = new WatchPolicyNotificationTable();
252 watch.setLoginIds("Test");
253 watch.setPolicyName("bananaWatch");
254 commonClassDao.save(watch);
256 String policyFileName = "banana";
257 if (policyFileName.contains("/")) {
258 policyFileName = policyFileName.substring(0, policyFileName.indexOf("/"));
259 policyFileName = policyFileName.replace("/", File.separator);
261 if (policyFileName.contains("\\")) {
262 policyFileName = policyFileName.substring(0, policyFileName.indexOf("\\"));
263 policyFileName = policyFileName.replace("\\", "\\\\");
266 // Current Implementation
267 policyFileName += "%";
268 String query = "from WatchPolicyNotificationTable where policyName like:policyFileName";
269 SimpleBindings params = new SimpleBindings();
270 params.put("policyFileName", policyFileName);
271 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
274 assertTrue(dataCur.size() == 1);
275 assertTrue(dataCur.get(0) instanceof WatchPolicyNotificationTable);
276 assertEquals(watch, dataCur.get(0));
278 } catch (Exception e) {
279 logger.debug("Exception Occured" + e);
287 public void getDataByQuery_PolicyController() {
290 PolicyEntity pe = new PolicyEntity();
291 String name = "actionDummy";
292 pe.setPolicyName(name);
293 pe.setPolicyData("dummyData");
295 pe.setScope("dummyScope");
296 pe.setDescription("descr");
297 pe.setDeleted(false);
298 pe.setCreatedBy("Test");
299 commonClassDao.save(pe);
301 String dbCheckName = "dummyScope:action";
303 // Current Implementation
304 String query = "FROM PolicyEntity where policyName like :splitDBCheckName1 and scope = :splitDBCheckName0";
305 SimpleBindings params = new SimpleBindings();
306 String[] splitDbCheckName = dbCheckName.split(":");
307 params.put("splitDBCheckName1", splitDbCheckName[1] + "%");
308 params.put("splitDBCheckName0", splitDbCheckName[0]);
309 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
312 assertTrue(dataCur.size() == 1);
313 assertTrue(dataCur.get(0) instanceof PolicyEntity);
314 assertEquals(pe, dataCur.get(0));
316 } catch (Exception e) {
317 logger.debug("Exception Occured" + e);
325 public void getDataByQuery_PolicyNotificationController() {
328 WatchPolicyNotificationTable watch = new WatchPolicyNotificationTable();
329 String finalName = "banana"; // Policy File Name
330 String userId = "Test";
331 watch.setLoginIds(userId);
332 watch.setPolicyName(finalName);
333 commonClassDao.save(watch);
335 // Current Implementation
336 String query = "from WatchPolicyNotificationTable where POLICYNAME = :finalName and LOGINIDS = :userId";
337 SimpleBindings params = new SimpleBindings();
338 params.put("finalName", finalName);
339 params.put("userId", userId);
340 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
343 assertTrue(dataCur.size() == 1);
344 assertTrue(dataCur.get(0) instanceof WatchPolicyNotificationTable);
345 assertEquals(watch, dataCur.get(0));
347 } catch (Exception e) {
348 logger.debug("Exception Occured" + e);
354 * Test for SQL Injection Protection
360 public void getDataByQuery_PolicyNotificationController_Injection() {
363 WatchPolicyNotificationTable watch = new WatchPolicyNotificationTable();
364 String userId = "Test";
365 watch.setLoginIds(userId);
366 watch.setPolicyName("banana");
367 commonClassDao.save(watch);
369 WatchPolicyNotificationTable watch2 = new WatchPolicyNotificationTable();
370 watch2.setLoginIds(userId);
371 watch2.setPolicyName("banana2");
372 commonClassDao.save(watch2);
374 // SQL Injection attempt
375 String finalName = "banana' OR '1'='1";
377 // Current Implementation
378 String query = "from WatchPolicyNotificationTable where POLICYNAME = :finalName and LOGINIDS = :userId";
379 SimpleBindings params = new SimpleBindings();
380 params.put("finalName", finalName);
381 params.put("userId", userId);
382 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
385 assertTrue(dataCur.size() <= 1);
387 if (dataCur.size() >= 1) {
388 assertTrue(dataCur.get(0) instanceof WatchPolicyNotificationTable);
389 assertFalse(watch.equals(dataCur.get(0)));
390 assertFalse(watch.equals(dataCur.get(0)));
392 } catch (Exception e) {
393 logger.debug("Exception Occured" + e);
399 public void testCommonClassDaoImplMethods() {
401 UserInfo userInfo = new UserInfo();
402 userInfo.setUserLoginId("TestID");
403 userInfo.setUserName("Test");
404 commonClassDao.save(userInfo);
405 List<Object> data = commonClassDao.getDataById(UserInfo.class, "userLoginId:userName", "TestID:Test");
406 assertTrue(data.size() == 1);
407 UserInfo userInfoUpdate = (UserInfo) data.get(0);
408 userInfoUpdate.setUserName("Test1");
409 commonClassDao.update(userInfoUpdate);
410 List<String> data1 = commonClassDao.getDataByColumn(UserInfo.class, "userLoginId");
411 assertTrue(data1.size() == 1);
413 (UserInfo) commonClassDao.getEntityItem(UserInfo.class, "userLoginId:userName", "TestID:Test1");
414 assertTrue("TestID".equals(data2.getUserLoginId()));
416 commonClassDao.checkDuplicateEntry("TestID:Test1", "userLoginId:userName", UserInfo.class);
417 assertTrue(data3.size() == 1);
418 PolicyRoles roles = new PolicyRoles();
419 roles.setRole("admin");
420 roles.setLoginId(userInfo);
421 roles.setScope("test");
422 commonClassDao.save(roles);
423 List<PolicyRoles> roles1 = commonClassDao.getUserRoles();
424 assertTrue(roles1.size() == 1);
425 List<String> multipleData = new ArrayList<>();
426 multipleData.add("TestID:Test1");
427 List<Object> data4 = commonClassDao.getMultipleDataOnAddingConjunction(UserInfo.class,
428 "userLoginId:userName", multipleData);
429 assertTrue(data4.size() == 1);
430 commonClassDao.delete(data2);
431 } catch (Exception e) {
432 logger.debug("Exception Occured" + e);
438 public final void testGetLoggingData() {
439 SystemLogDbDaoImpl system = new SystemLogDbDaoImpl();
440 PolicyController.setjUnit(true);
442 assertTrue(system.getLoggingData() != null);
443 } catch (Exception e) {
449 public final void testGetSystemAlertData() {
450 SystemLogDbDaoImpl system = new SystemLogDbDaoImpl();
451 PolicyController.setjUnit(true);
453 assertTrue(system.getSystemAlertData() != null);
454 } catch (Exception e) {
460 public void deleteDB() {
461 sessionFactory.close();