2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.policy.daoImp;
23 import static org.junit.Assert.assertEquals;
24 import static org.junit.Assert.assertFalse;
25 import static org.junit.Assert.assertTrue;
26 import static org.junit.Assert.fail;
29 import java.util.ArrayList;
30 import java.util.Date;
31 import java.util.List;
32 import java.util.Properties;
34 import javax.script.SimpleBindings;
36 import org.apache.tomcat.dbcp.dbcp2.BasicDataSource;
37 import org.h2.tools.Server;
38 import org.hibernate.SessionFactory;
39 import org.junit.After;
40 import org.junit.Before;
41 import org.junit.Test;
42 import org.onap.policy.common.logging.flexlogger.FlexLogger;
43 import org.onap.policy.common.logging.flexlogger.Logger;
44 import org.onap.policy.conf.HibernateSession;
45 import org.onap.policy.controller.PolicyController;
46 import org.onap.policy.rest.jpa.OnapName;
47 import org.onap.policy.rest.jpa.PolicyEntity;
48 import org.onap.policy.rest.jpa.PolicyRoles;
49 import org.onap.policy.rest.jpa.PolicyVersion;
50 import org.onap.policy.rest.jpa.SystemLogDB;
51 import org.onap.policy.rest.jpa.UserInfo;
52 import org.onap.policy.rest.jpa.WatchPolicyNotificationTable;
53 import org.springframework.orm.hibernate4.LocalSessionFactoryBuilder;
54 import org.springframework.test.annotation.Rollback;
55 import org.springframework.transaction.annotation.Transactional;
57 public class CommonClassDaoImplTest{
59 private static Logger logger = FlexLogger.getLogger(CommonClassDaoImplTest.class);
61 SessionFactory sessionFactory;
63 CommonClassDaoImpl commonClassDao;
66 public void setUp() throws Exception{
68 BasicDataSource dataSource = new BasicDataSource();
69 dataSource.setDriverClassName("org.h2.Driver");
70 // In-memory DB for testing
71 dataSource.setUrl("jdbc:h2:mem:test");
72 dataSource.setUsername("sa");
73 dataSource.setPassword("");
74 LocalSessionFactoryBuilder sessionBuilder = new LocalSessionFactoryBuilder(dataSource);
75 sessionBuilder.scanPackages("org.onap.*", "com.*");
77 Properties properties = new Properties();
78 properties.put("hibernate.show_sql", "false");
79 properties.put("hibernate.dialect", "org.hibernate.dialect.H2Dialect");
80 properties.put("hibernate.hbm2ddl.auto", "drop");
81 properties.put("hibernate.hbm2ddl.auto", "create");
83 sessionBuilder.addProperties(properties);
84 sessionFactory = sessionBuilder.buildSessionFactory();
86 // Set up dao with SessionFactory
87 commonClassDao = new CommonClassDaoImpl();
88 CommonClassDaoImpl.setSessionfactory(sessionFactory);
89 PolicyController.setLogTableLimit("1");
90 HibernateSession.setSession(sessionFactory);
91 SystemLogDB data1 = new SystemLogDB();
92 data1.setDate(new Date());
93 data1.setLogtype("INFO");
94 data1.setRemote("Test");
95 data1.setSystem("Test");
96 data1.setType("Test");
97 SystemLogDB data2 = new SystemLogDB();
98 data2.setDate(new Date());
99 data2.setLogtype("error");
100 data2.setRemote("Test");
101 data2.setSystem("Test");
102 data2.setType("Test");
103 HibernateSession.getSession().save(data1);
104 HibernateSession.getSession().save(data2);
105 // Create TCP server for troubleshooting
106 server = Server.createTcpServer("-tcpAllowOthers").start();
107 System.out.println("URL: jdbc:h2:" + server.getURL() + "/mem:test");
110 System.err.println(e);
118 public void testDB(){
121 UserInfo userinfo = new UserInfo();
122 userinfo.setUserLoginId("Test");
123 userinfo.setUserName("Test");
124 commonClassDao.save(userinfo);
125 OnapName onapName = new OnapName();
126 onapName.setOnapName("Test");
127 onapName.setUserCreatedBy(userinfo);
128 onapName.setUserModifiedBy(userinfo);
129 onapName.setModifiedDate(new Date());
130 commonClassDao.save(onapName);
133 List<Object> list = commonClassDao.getData(OnapName.class);
134 assertTrue(list.size() == 1);
135 logger.debug(list.size());
136 logger.debug(list.get(0));
138 logger.debug("Exception Occured"+e);
146 public void testUser(){
149 UserInfo userinfo = new UserInfo();
150 String loginId_userName = "Test";
151 userinfo.setUserLoginId(loginId_userName);
152 userinfo.setUserName(loginId_userName);
153 commonClassDao.save(userinfo);
156 List<Object> dataCur = commonClassDao.getDataByQuery("from UserInfo", new SimpleBindings());
158 assertEquals(1, dataCur.size());
159 UserInfo cur = (UserInfo) dataCur.get(0);
160 assertEquals(loginId_userName, cur.getUserLoginId());
161 assertEquals(loginId_userName, cur.getUserName());
163 assertFalse(dataCur.isEmpty());
166 logger.debug("Exception Occured"+e);
174 public void getDataByQuery_DashboardController(){
177 PolicyEntity pe = new PolicyEntity();
178 String name = "TestPolicy";
179 pe.setPolicyName(name);
180 pe.setPolicyData("dummyData");
182 pe.setScope("dummyScope");
183 pe.setDescription("descr");
184 pe.setDeleted(false);
185 pe.setCreatedBy("Test");
186 commonClassDao.save(pe);
188 List<Object> dataCur = commonClassDao.getDataByQuery("from PolicyEntity", new SimpleBindings());
190 assertTrue(1 == dataCur.size());
191 assertTrue( dataCur.get(0) instanceof PolicyEntity);
192 assertEquals( name, ((PolicyEntity)dataCur.get(0)).getPolicyName());
193 assertEquals( pe, ((PolicyEntity)dataCur.get(0)));
197 logger.debug("Exception Occured"+e);
205 public void getDataByQuery_AutoPushController(){
208 PolicyVersion pv = new PolicyVersion();
209 pv.setActiveVersion(2);
210 pv.setPolicyName("myPname");
212 pv.setCreatedBy("Test");
213 pv.setModifiedBy("Test");
215 PolicyVersion pv2 = new PolicyVersion();
216 pv2.setActiveVersion(1);
217 pv2.setPolicyName("test");
219 pv2.setCreatedBy("Test");
220 pv2.setModifiedBy("Test");
222 commonClassDao.save(pv);
223 commonClassDao.save(pv2);
227 String query = "From PolicyVersion where policy_name like :scope and id > 0";
228 SimpleBindings params = new SimpleBindings();
229 params.put("scope", scope);
230 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
233 assertTrue(1 == dataCur.size());
234 assertEquals(pv, (PolicyVersion) dataCur.get(0));
237 logger.debug("Exception Occured"+e);
245 public void getDataByQuery_PolicyNotificationMail(){
248 WatchPolicyNotificationTable watch = new WatchPolicyNotificationTable();
249 String policyFileName = "banana";
250 watch.setLoginIds("Test");
251 watch.setPolicyName("bananaWatch");
252 commonClassDao.save(watch);
254 if(policyFileName.contains("/")){
255 policyFileName = policyFileName.substring(0, policyFileName.indexOf("/"));
256 policyFileName = policyFileName.replace("/", File.separator);
258 if(policyFileName.contains("\\")){
259 policyFileName = policyFileName.substring(0, policyFileName.indexOf("\\"));
260 policyFileName = policyFileName.replace("\\", "\\\\");
264 // Current Implementation
265 policyFileName += "%";
266 String query = "from WatchPolicyNotificationTable where policyName like:policyFileName";
267 SimpleBindings params = new SimpleBindings();
268 params.put("policyFileName", policyFileName);
269 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
272 assertTrue(dataCur.size() == 1);
273 assertTrue(dataCur.get(0) instanceof WatchPolicyNotificationTable);
274 assertEquals(watch, (WatchPolicyNotificationTable) dataCur.get(0));
277 logger.debug("Exception Occured"+e);
286 public void getDataByQuery_PolicyController(){
289 PolicyEntity pe = new PolicyEntity();
290 String name = "actionDummy";
291 pe.setPolicyName(name);
292 pe.setPolicyData("dummyData");
294 pe.setScope("dummyScope");
295 pe.setDescription("descr");
296 pe.setDeleted(false);
297 pe.setCreatedBy("Test");
298 commonClassDao.save(pe);
300 String dbCheckName = "dummyScope:action";
301 String[] splitDBCheckName = dbCheckName.split(":");
304 // Current Implementation
305 String query = "FROM PolicyEntity where policyName like :splitDBCheckName1 and scope = :splitDBCheckName0";
306 SimpleBindings params = new SimpleBindings();
307 params.put("splitDBCheckName1", splitDBCheckName[1] + "%");
308 params.put("splitDBCheckName0", splitDBCheckName[0]);
309 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
312 assertTrue(dataCur.size() == 1);
313 assertTrue(dataCur.get(0) instanceof PolicyEntity);
314 assertEquals(pe, (PolicyEntity) dataCur.get(0));
317 logger.debug("Exception Occured"+e);
325 public void getDataByQuery_PolicyNotificationController(){
328 WatchPolicyNotificationTable watch = new WatchPolicyNotificationTable();
329 String finalName = "banana"; // Policy File Name
330 String userId = "Test";
331 watch.setLoginIds(userId);
332 watch.setPolicyName(finalName);
333 commonClassDao.save(watch);
336 // Current Implementation
337 String query = "from WatchPolicyNotificationTable where POLICYNAME = :finalName and LOGINIDS = :userId";
338 SimpleBindings params = new SimpleBindings();
339 params.put("finalName", finalName);
340 params.put("userId", userId);
341 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
344 assertTrue(dataCur.size() == 1);
345 assertTrue(dataCur.get(0) instanceof WatchPolicyNotificationTable);
346 assertEquals(watch, (WatchPolicyNotificationTable) dataCur.get(0) );
349 logger.debug("Exception Occured"+e);
355 /* Test for SQL Injection Protection
361 public void getDataByQuery_PolicyNotificationController_Injection(){
364 WatchPolicyNotificationTable watch = new WatchPolicyNotificationTable();
365 String userId = "Test";
366 watch.setLoginIds(userId);
367 watch.setPolicyName("banana");
368 commonClassDao.save(watch);
370 WatchPolicyNotificationTable watch2 = new WatchPolicyNotificationTable();
371 watch2.setLoginIds(userId);
372 watch2.setPolicyName("banana2");
373 commonClassDao.save(watch2);
375 // SQL Injection attempt
376 String finalName = "banana' OR '1'='1";
379 // Current Implementation
380 String query = "from WatchPolicyNotificationTable where POLICYNAME = :finalName and LOGINIDS = :userId";
381 SimpleBindings params = new SimpleBindings();
382 params.put("finalName", finalName);
383 params.put("userId", userId);
384 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
387 assertTrue(dataCur.size() <= 1);
389 if(dataCur.size() >= 1){
390 assertTrue(dataCur.get(0) instanceof WatchPolicyNotificationTable);
391 assertFalse(watch.equals((WatchPolicyNotificationTable) dataCur.get(0)));
392 assertFalse(watch.equals((WatchPolicyNotificationTable) dataCur.get(0)));
395 logger.debug("Exception Occured"+e);
401 public void testCommonClassDaoImplMethods(){
403 UserInfo userInfo = new UserInfo();
404 userInfo.setUserLoginId("TestID");
405 userInfo.setUserName("Test");
406 commonClassDao.save(userInfo);
407 List<Object> data = commonClassDao.getDataById(UserInfo.class, "userLoginId:userName", "TestID:Test");
408 assertTrue(data.size() == 1);
409 UserInfo userInfoUpdate = (UserInfo) data.get(0);
410 userInfoUpdate.setUserName("Test1");
411 commonClassDao.update(userInfoUpdate);
412 List<String> data1 = commonClassDao.getDataByColumn(UserInfo.class, "userLoginId");
413 assertTrue(data1.size() == 1);
414 UserInfo data2 = (UserInfo) commonClassDao.getEntityItem(UserInfo.class, "userLoginId:userName", "TestID:Test1");
415 assertTrue("TestID".equals(data2.getUserLoginId()));
416 List<Object> data3 = commonClassDao.checkDuplicateEntry("TestID:Test1", "userLoginId:userName", UserInfo.class);
417 assertTrue(data3.size() == 1);
418 PolicyRoles roles = new PolicyRoles();
419 roles.setRole("admin");
420 roles.setLoginId(userInfo);
421 roles.setScope("test");
422 commonClassDao.save(roles);
423 List<PolicyRoles> roles1 = commonClassDao.getUserRoles();
424 assertTrue(roles1.size() == 1);
425 List<String> multipleData = new ArrayList<>();
426 multipleData.add("TestID:Test1");
427 List<Object> data4 = commonClassDao.getMultipleDataOnAddingConjunction(UserInfo.class, "userLoginId:userName", multipleData);
428 assertTrue(data4.size() == 1);
429 commonClassDao.delete(data2);
431 logger.debug("Exception Occured"+e);
439 public final void testGetLoggingData() {
440 SystemLogDbDaoImpl system = new SystemLogDbDaoImpl();
441 PolicyController.setjUnit(true);
443 assertTrue(system.getLoggingData() != null);
450 public final void testGetSystemAlertData() {
451 SystemLogDbDaoImpl system = new SystemLogDbDaoImpl();
452 PolicyController.setjUnit(true);
454 assertTrue(system.getSystemAlertData() != null);
461 public void deleteDB(){
462 sessionFactory.close();