1 package org.openecomp.sdc.be.auditing.impl.usersadmin;
3 import org.junit.Before;
5 import org.junit.runner.RunWith;
6 import org.mockito.ArgumentCaptor;
7 import org.mockito.Captor;
8 import org.mockito.Mock;
9 import org.mockito.junit.MockitoJUnitRunner;
10 import org.openecomp.sdc.be.auditing.api.AuditEventFactory;
11 import org.openecomp.sdc.be.auditing.impl.AuditAuthRequestEventFactory;
12 import org.openecomp.sdc.be.auditing.impl.AuditingManager;
13 import org.openecomp.sdc.be.config.Configuration;
14 import org.openecomp.sdc.be.dao.api.ActionStatus;
15 import org.openecomp.sdc.be.dao.cassandra.AuditCassandraDao;
16 import org.openecomp.sdc.be.dao.cassandra.CassandraOperationStatus;
17 import org.openecomp.sdc.be.dao.impl.AuditingDao;
18 import org.openecomp.sdc.be.model.User;
19 import org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum;
20 import org.openecomp.sdc.be.resources.data.auditing.AuditingGenericEvent;
21 import org.openecomp.sdc.be.resources.data.auditing.AuthEvent;
22 import org.openecomp.sdc.be.resources.data.auditing.GetUsersListEvent;
23 import org.openecomp.sdc.be.resources.data.auditing.UserAccessEvent;
24 import org.openecomp.sdc.be.resources.data.auditing.UserAdminEvent;
25 import org.openecomp.sdc.be.resources.data.auditing.model.CommonAuditData;
26 import org.openecomp.sdc.common.datastructure.AuditingFieldsKeysEnum;
28 import java.util.EnumMap;
30 import static org.assertj.core.api.Assertions.assertThat;
31 import static org.mockito.ArgumentMatchers.any;
32 import static org.mockito.ArgumentMatchers.anyMap;
33 import static org.mockito.ArgumentMatchers.eq;
34 import static org.mockito.Mockito.verify;
35 import static org.mockito.Mockito.when;
36 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.AUTH_STATUS;
37 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.AUTH_URL;
38 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.DESCRIPTION;
39 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.DESIGNER_USER_ROLE;
40 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.EXPECTED_ADD_USER_LOG_STR;
41 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.EXPECTED_AUTH_REQUEST_LOG_STR;
42 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.EXPECTED_DELETE_USER_LOG_STR;
43 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.EXPECTED_GET_USER_LIST_LOG_STR;
44 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.EXPECTED_UPDATE_USER_LOG_STR;
45 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.EXPECTED_USER_ACCESS_LOG_STR;
46 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.MODIFIER_UID;
47 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.REALM;
48 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.REQUEST_ID;
49 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.STATUS_CREATED;
50 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.STATUS_OK;
51 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.TESTER_USER_ROLE;
52 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.UPDATED_USER_EXTENDED_NAME;
53 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.USER_DETAILS;
54 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.USER_EMAIL;
55 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.USER_EXTENDED_NAME;
56 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.USER_ID;
57 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.USER_UID;
58 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.init;
59 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.modifier;
60 import static org.openecomp.sdc.be.auditing.impl.AuditTestUtils.user;
62 @RunWith(MockitoJUnitRunner.class)
63 public class AuditUserEventFuncTest {
65 private static AuditCassandraDao cassandraDao;
67 private ArgumentCaptor<AuditingGenericEvent> eventCaptor;
69 private static AuditingDao auditingDao;
71 private Configuration.ElasticSearchConfig esConfig;
73 private AuditingManager auditingManager;
78 auditingManager = new AuditingManager(auditingDao, cassandraDao);
82 public void testNewUserAccessEvent() {
83 AuditEventFactory factory = new AuditUserAccessEventFactory(
84 CommonAuditData.newBuilder()
85 .description(DESCRIPTION)
87 .requestId(REQUEST_ID)
90 when(auditingDao.addRecord(any(AuditingGenericEvent.class), eq(AuditingActionEnum.USER_ACCESS.getAuditingEsType())))
91 .thenReturn(ActionStatus.OK);
92 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
94 assertThat(auditingManager.auditEvent(factory)).isEqualTo(EXPECTED_USER_ACCESS_LOG_STR);
95 verifyUserAccessEvent();
99 public void testOldUserAccessEvent() {
100 EnumMap<AuditingFieldsKeysEnum, Object> auditingFields = new EnumMap<>(AuditingFieldsKeysEnum.class);
101 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_ACTION, AuditingActionEnum.USER_ACCESS.getName());
102 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_USER_UID, user.getFirstName() + " " + user.getLastName() + '(' + user.getUserId() + ')');
103 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_STATUS, STATUS_OK);
104 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_DESC, DESCRIPTION);
105 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_REQUEST_ID, REQUEST_ID);
107 when(auditingDao.addRecord(anyMap(), eq(AuditingActionEnum.USER_ACCESS.getAuditingEsType())))
108 .thenReturn(ActionStatus.OK);
109 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
111 assertThat(auditingManager.auditEvent(auditingFields)).isEqualTo(EXPECTED_USER_ACCESS_LOG_STR);
112 verifyUserAccessEvent();
116 public void testNewUserAdminEventForAddUser() {
118 user.setRole(DESIGNER_USER_ROLE);
119 user.setEmail(USER_EMAIL);
121 AuditEventFactory factory = new AuditUserAdminEventFactory(AuditingActionEnum.ADD_USER,
122 CommonAuditData.newBuilder()
123 .description(DESCRIPTION)
124 .status(STATUS_CREATED)
125 .requestId(REQUEST_ID)
127 modifier, null, user);
129 when(auditingDao.addRecord(any(AuditingGenericEvent.class), eq(AuditingActionEnum.ADD_USER.getAuditingEsType())))
130 .thenReturn(ActionStatus.OK);
131 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
133 assertThat(auditingManager.auditEvent(factory)).isEqualTo(EXPECTED_ADD_USER_LOG_STR);
134 verifyUserEvent(AuditingActionEnum.ADD_USER.getName());
138 public void testOldUserAdminEventForAddUser() {
139 user.setRole(TESTER_USER_ROLE);
140 user.setEmail(USER_EMAIL);
142 EnumMap<AuditingFieldsKeysEnum, Object> auditingFields = new EnumMap<>(AuditingFieldsKeysEnum.class);
143 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_ACTION, AuditingActionEnum.ADD_USER.getName());
144 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_MODIFIER_NAME, modifier.getFirstName() + " " + modifier.getLastName());
145 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_MODIFIER_UID, modifier.getUserId());
146 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_STATUS, STATUS_CREATED);
147 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_DESC, DESCRIPTION);
148 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_REQUEST_ID, REQUEST_ID);
149 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_USER_BEFORE, null);
150 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_USER_AFTER, USER_EXTENDED_NAME);
152 when(auditingDao.addRecord(anyMap(), eq(AuditingActionEnum.ADD_USER.getAuditingEsType())))
153 .thenReturn(ActionStatus.OK);
154 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
156 assertThat(auditingManager.auditEvent(auditingFields)).isEqualTo(EXPECTED_ADD_USER_LOG_STR);
157 verifyUserEvent(AuditingActionEnum.ADD_USER.getName());
161 public void testNewUserAdminEventForUpdateUser() {
163 user.setRole(DESIGNER_USER_ROLE);
164 user.setEmail(USER_EMAIL);
166 User updated = new User(user);
167 updated.setRole(TESTER_USER_ROLE);
169 AuditEventFactory builder = new AuditUserAdminEventFactory(AuditingActionEnum.UPDATE_USER,
170 CommonAuditData.newBuilder()
171 .description(DESCRIPTION)
173 .requestId(REQUEST_ID)
175 modifier, user, updated);
177 when(auditingDao.addRecord(any(AuditingGenericEvent.class), eq(AuditingActionEnum.UPDATE_USER.getAuditingEsType())))
178 .thenReturn(ActionStatus.OK);
179 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
181 assertThat(auditingManager.auditEvent(builder)).isEqualTo(EXPECTED_UPDATE_USER_LOG_STR);
182 verifyUserEvent(AuditingActionEnum.UPDATE_USER.getName());
186 public void testOldUserAdminEventForUpdateUser() {
187 user.setRole(DESIGNER_USER_ROLE);
188 user.setEmail(USER_EMAIL);
190 User updated = new User(user);
191 updated.setRole(TESTER_USER_ROLE);
193 EnumMap<AuditingFieldsKeysEnum, Object> auditingFields = new EnumMap<>(AuditingFieldsKeysEnum.class);
194 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_ACTION, AuditingActionEnum.UPDATE_USER.getName());
195 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_MODIFIER_NAME, modifier.getFirstName() + " " + modifier.getLastName());
196 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_MODIFIER_UID, modifier.getUserId());
197 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_STATUS, STATUS_OK);
198 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_DESC, DESCRIPTION);
199 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_REQUEST_ID, REQUEST_ID);
200 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_USER_BEFORE, USER_EXTENDED_NAME);
201 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_USER_AFTER, UPDATED_USER_EXTENDED_NAME);
203 when(auditingDao.addRecord(anyMap(), eq(AuditingActionEnum.UPDATE_USER.getAuditingEsType())))
204 .thenReturn(ActionStatus.OK);
205 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
207 assertThat(auditingManager.auditEvent(auditingFields)).isEqualTo(EXPECTED_UPDATE_USER_LOG_STR);
208 verifyUserEvent(AuditingActionEnum.UPDATE_USER.getName());
212 public void testNewUserAdminEventForDeleteUser() {
214 user.setRole(DESIGNER_USER_ROLE);
215 user.setEmail(USER_EMAIL);
217 AuditEventFactory factory = new AuditUserAdminEventFactory(AuditingActionEnum.DELETE_USER,
218 CommonAuditData.newBuilder()
219 .description(DESCRIPTION)
221 .requestId(REQUEST_ID)
223 modifier, user, null);
225 when(auditingDao.addRecord(any(AuditingGenericEvent.class), eq(AuditingActionEnum.DELETE_USER.getAuditingEsType())))
226 .thenReturn(ActionStatus.OK);
227 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
229 assertThat(auditingManager.auditEvent(factory)).isEqualTo(EXPECTED_DELETE_USER_LOG_STR);
230 verifyUserEvent(AuditingActionEnum.DELETE_USER.getName());
234 public void testOldUserAdminEventForDeleteUser() {
235 user.setRole(TESTER_USER_ROLE);
236 user.setEmail(USER_EMAIL);
238 EnumMap<AuditingFieldsKeysEnum, Object> auditingFields = new EnumMap<>(AuditingFieldsKeysEnum.class);
239 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_ACTION, AuditingActionEnum.DELETE_USER.getName());
240 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_MODIFIER_NAME, modifier.getFirstName() + " " + modifier.getLastName());
241 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_MODIFIER_UID, modifier.getUserId());
242 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_STATUS, STATUS_OK);
243 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_DESC, DESCRIPTION);
244 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_REQUEST_ID, REQUEST_ID);
245 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_USER_BEFORE, USER_EXTENDED_NAME);
246 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_USER_AFTER, null);
248 when(auditingDao.addRecord(anyMap(), eq(AuditingActionEnum.DELETE_USER.getAuditingEsType())))
249 .thenReturn(ActionStatus.OK);
250 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
252 assertThat(auditingManager.auditEvent(auditingFields)).isEqualTo(EXPECTED_DELETE_USER_LOG_STR);
253 verifyUserEvent(AuditingActionEnum.DELETE_USER.getName());
257 public void testNewGetUserListEvent() {
259 AuditEventFactory factory = new AuditGetUsersListEventFactory(
260 CommonAuditData.newBuilder()
261 .description(DESCRIPTION)
263 .requestId(REQUEST_ID)
267 when(auditingDao.addRecord(any(AuditingGenericEvent.class), eq(AuditingActionEnum.GET_USERS_LIST.getAuditingEsType())))
268 .thenReturn(ActionStatus.OK);
269 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
271 assertThat(auditingManager.auditEvent(factory)).isEqualTo(EXPECTED_GET_USER_LIST_LOG_STR);
272 verifyGetUserListEvent();
276 public void testOldGetUserListEvent() {
277 EnumMap<AuditingFieldsKeysEnum, Object> auditingFields = new EnumMap<>(AuditingFieldsKeysEnum.class);
278 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_ACTION, AuditingActionEnum.GET_USERS_LIST.getName());
279 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_MODIFIER_NAME, user.getFirstName() + " " + user.getLastName());
280 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_MODIFIER_UID, user.getUserId());
281 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_STATUS, STATUS_OK);
282 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_DESC, DESCRIPTION);
283 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_REQUEST_ID, REQUEST_ID);
284 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_USER_DETAILS, USER_DETAILS);
286 when(auditingDao.addRecord(anyMap(), eq(AuditingActionEnum.GET_USERS_LIST.getAuditingEsType())))
287 .thenReturn(ActionStatus.OK);
288 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
290 assertThat(auditingManager.auditEvent(auditingFields)).isEqualTo(EXPECTED_GET_USER_LIST_LOG_STR);
291 verifyGetUserListEvent();
295 public void testNewAuthRequestEvent() {
297 AuditEventFactory factory = new AuditAuthRequestEventFactory(
298 CommonAuditData.newBuilder()
299 .description(DESCRIPTION)
301 .requestId(REQUEST_ID)
303 USER_ID, AUTH_URL, REALM, AUTH_STATUS);
305 when(auditingDao.addRecord(any(AuditingGenericEvent.class), eq(AuditingActionEnum.AUTH_REQUEST.getAuditingEsType())))
306 .thenReturn(ActionStatus.OK);
307 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
309 assertThat(auditingManager.auditEvent(factory)).isEqualTo(EXPECTED_AUTH_REQUEST_LOG_STR);
310 verifyAuthRequestEvent();
314 public void testOldAuthRequestEvent() {
315 EnumMap<AuditingFieldsKeysEnum, Object> auditingFields = new EnumMap<>(AuditingFieldsKeysEnum.class);
316 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_ACTION, AuditingActionEnum.AUTH_REQUEST.getName());
317 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_AUTH_USER, USER_ID);
318 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_STATUS, STATUS_OK);
319 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_DESC, DESCRIPTION);
320 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_REQUEST_ID, REQUEST_ID);
321 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_AUTH_REALM, REALM);
322 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_AUTH_URL, AUTH_URL);
323 auditingFields.put(AuditingFieldsKeysEnum.AUDIT_AUTH_STATUS, AUTH_STATUS);
325 when(auditingDao.addRecord(anyMap(), eq(AuditingActionEnum.AUTH_REQUEST.getAuditingEsType())))
326 .thenReturn(ActionStatus.OK);
327 when(cassandraDao.saveRecord(any(AuditingGenericEvent.class))).thenReturn(CassandraOperationStatus.OK);
329 assertThat(auditingManager.auditEvent(auditingFields)).isEqualTo(EXPECTED_AUTH_REQUEST_LOG_STR);
330 verifyAuthRequestEvent();
334 private void verifyUserEvent(String action) {
335 verify(cassandraDao).saveRecord(eventCaptor.capture());
336 UserAdminEvent storedEvent = (UserAdminEvent) eventCaptor.getValue();
337 assertThat(storedEvent.getModifier()).isEqualTo(MODIFIER_UID);
338 assertThat(storedEvent.getDesc()).isEqualTo(DESCRIPTION);
339 // assertThat(storedEvent.getRequestId()).isEqualTo(REQUEST_ID); - it is not filled out by the old code!!!
340 assertThat(storedEvent.getServiceInstanceId()).isNull();
341 assertThat(storedEvent.getAction()).isEqualTo(action);
342 if (action.equals(AuditingActionEnum.ADD_USER.getName())) {
343 //TODO enable this test after deleting the old auditEvent method
344 // assertThat(storedEvent.getUserBefore()).isNull();
345 assertThat(storedEvent.getUserAfter()).isEqualTo(USER_EXTENDED_NAME);
346 assertThat(storedEvent.getStatus()).isEqualTo(STATUS_CREATED);
348 else if (action.equals(AuditingActionEnum.UPDATE_USER.getName())){
349 assertThat(storedEvent.getUserBefore()).isEqualTo(USER_EXTENDED_NAME);
350 assertThat(storedEvent.getUserAfter()).isEqualTo(UPDATED_USER_EXTENDED_NAME);
351 assertThat(storedEvent.getStatus()).isEqualTo(STATUS_OK);
354 assertThat(storedEvent.getUserBefore()).isEqualTo(USER_EXTENDED_NAME);
355 //TODO enable this test after deleting the old auditEvent method
356 // assertThat(storedEvent.getUserAfter()).isNull();
357 assertThat(storedEvent.getStatus()).isEqualTo(STATUS_OK);
361 private void verifyGetUserListEvent() {
362 verify(cassandraDao).saveRecord(eventCaptor.capture());
363 GetUsersListEvent storedEvent = (GetUsersListEvent) eventCaptor.getValue();
364 assertThat(storedEvent.getModifier()).isEqualTo(USER_UID);
365 assertThat(storedEvent.getDesc()).isEqualTo(DESCRIPTION);
366 assertThat(storedEvent.getServiceInstanceId()).isNull();
367 assertThat(storedEvent.getAction()).isEqualTo(AuditingActionEnum.GET_USERS_LIST.getName());
370 private void verifyUserAccessEvent() {
371 verify(cassandraDao).saveRecord(eventCaptor.capture());
372 UserAccessEvent storedEvent = (UserAccessEvent) eventCaptor.getValue();
373 assertThat(storedEvent.getUserUid()).isEqualTo(USER_UID);
374 assertThat(storedEvent.getStatus()).isEqualTo(STATUS_OK);
375 assertThat(storedEvent.getDesc()).isEqualTo(DESCRIPTION);
376 assertThat(storedEvent.getRequestId()).isNotBlank();
377 assertThat(storedEvent.getServiceInstanceId()).isNull();
378 assertThat(storedEvent.getAction()).isEqualTo(AuditingActionEnum.USER_ACCESS.getName());
381 private void verifyAuthRequestEvent() {
382 verify(cassandraDao).saveRecord(eventCaptor.capture());
383 AuthEvent storedEvent = (AuthEvent) eventCaptor.getValue();
384 assertThat(storedEvent.getUser()).isEqualTo(USER_ID);
385 assertThat(storedEvent.getStatus()).isEqualTo(STATUS_OK);
386 assertThat(storedEvent.getDesc()).isEqualTo(DESCRIPTION);
387 assertThat(storedEvent.getRequestId()).isNotBlank();
388 assertThat(storedEvent.getServiceInstanceId()).isNull();
389 assertThat(storedEvent.getAuthStatus()).isEqualTo(AUTH_STATUS);
390 assertThat(storedEvent.getUrl()).isEqualTo(AUTH_URL);
391 assertThat(storedEvent.getRealm()).isEqualTo(REALM);
392 assertThat(storedEvent.getAction()).isEqualTo(AuditingActionEnum.AUTH_REQUEST.getName());