catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAuthorizationHandlerTest.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * SDC
   4  * ================================================================================
   5  * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.openecomp.sdc.be.impl.aaf;
  22
  23 import org.aspectj.lang.JoinPoint;
  24 import org.aspectj.lang.Signature;
  25 import org.hibernate.validator.internal.util.annotationfactory.AnnotationDescriptor;
  26 import org.hibernate.validator.internal.util.annotationfactory.AnnotationFactory;
  27 import org.junit.Before;
  28 import org.junit.Test;
  29 import org.junit.runner.RunWith;
  30 import org.mockito.Mock;
  31 import org.mockito.MockitoAnnotations;
  32 import org.mockito.junit.MockitoJUnitRunner;
  33 import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
  34 import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
  35 import org.openecomp.sdc.be.components.impl.aaf.RoleAuthorizationHandler;
  36 import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
  37 import org.openecomp.sdc.be.config.ConfigurationManager;
  38 import org.openecomp.sdc.be.dao.api.ActionStatus;
  39 import org.openecomp.sdc.be.servlets.BeGenericServlet;
  40 import org.openecomp.sdc.common.api.FilterDecisionEnum;
  41 import org.openecomp.sdc.common.impl.ExternalConfiguration;
  42 import org.openecomp.sdc.common.impl.FSConfigurationSource;
  43 import org.openecomp.sdc.common.util.ThreadLocalsHolder;
  44
  45 import javax.servlet.http.HttpServletRequest;
  46
  47 import static org.assertj.core.api.Assertions.assertThat;
  48 import static org.assertj.core.api.Assertions.catchThrowable;
  49 import static org.mockito.Mockito.when;
  50
  51 @RunWith(MockitoJUnitRunner.Silent.class)
  52 public class RoleAuthorizationHandlerTest {
  53
  54     private RoleAuthorizationHandler roleAuthorizationHandler;
  55     @Mock
  56     JoinPoint joinPoint;
  57     @Mock
  58     Signature signature;
  59     @Mock
  60     BeGenericServlet beGenericServlet;
  61     @Mock
  62     HttpServletRequest httpServletRequest;
  63
  64     @Before
  65     public void setUp() {
  66         MockitoAnnotations.initMocks(this);
  67         when(joinPoint.getSignature()).thenReturn(signature);
  68         when(signature.toShortString()).thenReturn("methodName");
  69         when(joinPoint.getThis()).thenReturn(beGenericServlet);
  70         when(beGenericServlet.getServletRequest()).thenReturn(httpServletRequest);
  71         ThreadLocalsHolder.setApiType(FilterDecisionEnum.EXTERNAL);
  72         new ConfigurationManager(new FSConfigurationSource(ExternalConfiguration.getChangeListener(), "src/test/resources/config/catalog-be/auth"));
  73         roleAuthorizationHandler = new RoleAuthorizationHandler();
  74     }
  75
  76     @Test
  77     public void testAuthorizeRoleOnePermittedRole() {
  78         String[] permsAllowed = {AafPermission.PermNames.WRITE_VALUE};
  79         AnnotationDescriptor<PermissionAllowed> permissionDescriptor = new AnnotationDescriptor<PermissionAllowed>(PermissionAllowed.class);
  80         permissionDescriptor.setValue("value", permsAllowed);
  81         PermissionAllowed rolesAllowed = (PermissionAllowed) AnnotationFactory.create(permissionDescriptor);
  82         when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission()))
  83                 .thenReturn(true);
  84         roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed);
  85     }
  86
  87     @Test
  88     public void testAuthorizeRoleTwoPermittedRole() {
  89         String[] permsAllowed = {AafPermission.PermNames.WRITE_VALUE, AafPermission.PermNames.READ_VALUE};
  90         AnnotationDescriptor<PermissionAllowed> permissionDescriptor = new AnnotationDescriptor<PermissionAllowed>(PermissionAllowed.class);
  91         permissionDescriptor.setValue("value", permsAllowed);
  92         PermissionAllowed rolesAllowed = (PermissionAllowed)AnnotationFactory.create(permissionDescriptor);
  93         when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission()))
  94                 .thenReturn(true);
  95         roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed);
  96     }
  97
  98     @Test
  99     public void testAuthorizeRoleNonPermittedRole() {
 100         String[] permsAllowed = {AafPermission.PermNames.WRITE_VALUE, AafPermission.PermNames.READ_VALUE};
 101         AnnotationDescriptor<PermissionAllowed> permissionDescriptor = new AnnotationDescriptor<PermissionAllowed>(PermissionAllowed.class);
 102         permissionDescriptor.setValue("value", permsAllowed);
 103         PermissionAllowed rolesAllowed = (PermissionAllowed)AnnotationFactory.create(permissionDescriptor);
 104         when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission()))
 105                 .thenReturn(false);
 106
 107         ComponentException thrown = (ComponentException) catchThrowable(()->roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed));
 108         assertThat(thrown.getActionStatus()).isEqualTo(ActionStatus.AUTH_FAILED);
 109     }
 110
 111     @Test
 112     public void testAuthorizeRoleEmptyRole() {
 113         String[] permsAllowed = {};
 114         AnnotationDescriptor<PermissionAllowed> permissionDescriptor = new AnnotationDescriptor<PermissionAllowed>(PermissionAllowed.class);
 115         permissionDescriptor.setValue("value", permsAllowed);
 116         PermissionAllowed rolesAllowed = (PermissionAllowed)AnnotationFactory.create(permissionDescriptor);
 117
 118         ComponentException thrown = (ComponentException) catchThrowable(()->roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed));
 119         assertThat(thrown.getActionStatus()).isEqualTo(ActionStatus.AUTH_FAILED);
 120     }
 121 }