1 /*******************************************************************************
2 * ============LICENSE_START====================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
21 ******************************************************************************/
23 package org.onap.aaf.cadi.lur.test;
25 import static org.hamcrest.CoreMatchers.is;
26 import static org.junit.Assert.assertThat;
27 import static org.mockito.Mockito.when;
29 import java.io.ByteArrayOutputStream;
30 import java.io.IOException;
31 import java.io.PrintStream;
32 import java.security.Principal;
33 import java.util.ArrayList;
34 import java.util.List;
36 import org.junit.Before;
37 import org.junit.Test;
38 import org.mockito.Mock;
39 import org.mockito.MockitoAnnotations;
40 import org.onap.aaf.cadi.AbsUserCache;
41 import org.onap.aaf.cadi.CredVal.Type;
42 import org.onap.aaf.cadi.Permission;
43 import org.onap.aaf.cadi.PropAccess;
44 import org.onap.aaf.cadi.lur.ConfigPrincipal;
45 import org.onap.aaf.cadi.lur.LocalLur;
46 import org.onap.aaf.cadi.lur.LocalPermission;
48 public class JU_LocalLur {
50 private PropAccess access;
51 private ByteArrayOutputStream outStream;
53 @Mock Permission permMock;
56 public void setup() throws IOException {
57 MockitoAnnotations.initMocks(this);
59 outStream = new ByteArrayOutputStream();
60 access = new PropAccess(new PrintStream(outStream), new String[0]) {
61 @Override public String decrypt(String encrypted, boolean anytext) throws IOException {
62 return rot13(encrypted);
64 @Override public String encrypt(String unencrypted) throws IOException {
65 return rot13(unencrypted);
72 public void test() throws IOException {
73 final String password = "<pass>";
74 final String encrypted = rot13(password);
77 List<AbsUserCache<LocalPermission>.DumpInfo> info;
79 lur = new LocalLur(access, null, null);
80 assertThat(lur.dumpInfo().size(), is(0));
82 lur = new LocalLur(access, "user1", null);
83 info = lur.dumpInfo();
84 assertThat(info.size(), is(1));
85 assertThat(info.get(0).user, is("user1"));
88 assertThat(lur.dumpInfo().size(), is(0));
90 lur = new LocalLur(access, "user1%" + encrypted, null);
91 info = lur.dumpInfo();
92 assertThat(info.size(), is(1));
93 assertThat(info.get(0).user, is("user1@none"));
96 assertThat(lur.dumpInfo().size(), is(0));
98 lur = new LocalLur(access, "user1@domain%" + encrypted, null);
99 info = lur.dumpInfo();
100 assertThat(info.size(), is(1));
101 assertThat(info.get(0).user, is("user1@domain"));
103 lur = new LocalLur(access, "user1@domain%" + encrypted + ":groupA", null);
104 info = lur.dumpInfo();
105 assertThat(info.size(), is(1));
106 assertThat(info.get(0).user, is("user1@domain"));
108 when(permMock.getKey()).thenReturn("groupA");
109 assertThat(lur.handlesExclusively(permMock), is(true));
110 when(permMock.getKey()).thenReturn("groupB");
111 assertThat(lur.handlesExclusively(permMock), is(false));
113 assertThat(lur.fish(null, null), is(false));
115 Principal princ = new ConfigPrincipal("user1@localized", encrypted);
117 lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
118 assertThat(lur.fish(princ, lur.createPerm("groupA")), is(true));
119 assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
120 assertThat(lur.fish(princ, permMock), is(false));
122 princ = new ConfigPrincipal("user1@domain", encrypted);
123 assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
125 princ = new ConfigPrincipal("user1@localized", "badpass");
126 assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
128 assertThat(lur.handles(null), is(false));
130 lur.fishAll(null, null);
132 List<Permission> perms = new ArrayList<>();
133 perms.add(lur.createPerm("groupB"));
134 perms.add(lur.createPerm("groupA"));
135 princ = new ConfigPrincipal("user1@localized", encrypted);
136 lur.fishAll(princ, perms);
137 princ = new ConfigPrincipal("user1@localized", "badpass");
138 lur.fishAll(princ, perms);
140 assertThat(lur.validate(null, null, null, null), is(false));
141 assertThat(lur.validate("user", null, "badpass".getBytes(), null), is(false));
142 assertThat(lur.validate("user1@localized", null, encrypted.getBytes(), null), is(false));
144 lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
145 // Inconsistent on Jenkins only.
146 //assertThat(lur.validate("user1@localized", Type.PASSWORD, encrypted.getBytes(), null), is(true));
148 lur = new LocalLur(access, null, "admin");
149 lur = new LocalLur(access, null, "admin:user1");
150 lur = new LocalLur(access, null, "admin:user1@localized");
151 lur = new LocalLur(access, null, "admin:user1@localized,user2@localized%" + password + ";user:user1@localized");
154 public static String rot13(String input) {
155 StringBuilder sb = new StringBuilder();
156 for (int i = 0; i < input.length(); i++) {
157 char c = input.charAt(i);
158 if (c >= 'a' && c <= 'm') {
160 } else if (c >= 'A' && c <= 'M') {
162 } else if (c >= 'n' && c <= 'z') {
164 } else if (c >= 'N' && c <= 'Z') {
169 return sb.toString();