1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
24 package org.onap.dmaap.datarouter.provisioning;
26 import java.security.NoSuchAlgorithmException;
27 import javax.crypto.SecretKeyFactory;
28 import org.apache.commons.lang3.reflect.FieldUtils;
29 import org.json.JSONObject;
30 import org.junit.Assert;
31 import org.junit.Before;
32 import org.junit.Test;
33 import org.junit.runner.RunWith;
34 import org.mockito.Mock;
35 import org.mockito.Mockito;
36 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
37 import org.onap.dmaap.datarouter.provisioning.beans.FeedAuthorization;
38 import org.onap.dmaap.datarouter.provisioning.beans.Group;
39 import org.onap.dmaap.datarouter.provisioning.beans.Subscription;
40 import org.powermock.api.mockito.PowerMockito;
41 import org.powermock.core.classloader.annotations.PowerMockIgnore;
42 import org.powermock.core.classloader.annotations.PrepareForTest;
43 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
44 import org.powermock.modules.junit4.PowerMockRunner;
47 import javax.servlet.http.HttpServletRequest;
48 import java.util.HashSet;
50 import java.util.UUID;
52 import static org.hamcrest.Matchers.is;
53 import static org.hamcrest.Matchers.nullValue;
54 import static org.junit.Assert.assertEquals;
55 import static org.junit.Assert.assertNull;
56 import static org.junit.Assert.assertThat;
57 import static org.mockito.Matchers.anyInt;
58 import static org.mockito.Mockito.mock;
59 import static org.mockito.Mockito.when;
60 import static org.powermock.api.mockito.PowerMockito.mockStatic;
62 @RunWith(PowerMockRunner.class)
63 @SuppressStaticInitializationFor({"org.onap.dmaap.datarouter.provisioning.beans.Feed",
64 "org.onap.dmaap.datarouter.provisioning.beans.Subscription",
65 "org.onap.dmaap.datarouter.provisioning.beans.Group"})
66 @PowerMockIgnore({"javax.crypto.*"})
67 @PrepareForTest({UUID.class, SecretKeyFactory.class})
68 public class BaseServletTest extends DrServletTestBase {
70 private BaseServlet baseServlet;
73 private HttpServletRequest request;
76 public void setUp() throws Exception {
78 baseServlet = new BaseServlet();
83 public void Given_Request_Path_Info_Is_Valid_Then_Id_Is_Extracted_Correctly() {
84 when(request.getPathInfo()).thenReturn("/123");
85 assertThat(BaseServlet.getIdFromPath(request), is(123));
89 public void Given_Request_Path_Info_Is_Not_Valid_Then_Minus_One_Is_Returned() {
90 when(request.getPathInfo()).thenReturn("/abc");
91 assertThat(BaseServlet.getIdFromPath(request), is(-1));
92 when(request.getPathInfo()).thenReturn("/");
93 assertThat(BaseServlet.getIdFromPath(request), is(-1));
97 public void Given_Remote_Address_Is_Known_And_RequireCerts_Is_True() throws Exception {
98 when(request.isSecure()).thenReturn(true);
99 Set<String> authAddressesAndNetworks = new HashSet<>();
100 authAddressesAndNetworks.add(("127.0.0.1"));
101 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
102 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", true, true);
103 assertNull(baseServlet.isAuthorizedForProvisioning(request));
107 public void Given_Request_Is_GetFeedOwner_And_Feed_Exists() {
108 PowerMockito.mockStatic(Feed.class);
109 Feed feed = mock(Feed.class);
110 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
111 when(feed.getPublisher()).thenReturn("stub_publisher");
112 assertThat(baseServlet.getFeedOwner("3"), is("stub_publisher"));
116 public void Given_Request_Is_GetFeedOwner_And_Feed_Does_Not_Exist(){
117 PowerMockito.mockStatic(Feed.class);
118 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
119 assertThat(baseServlet.getFeedOwner("3"), is(nullValue()));
123 public void Given_Request_Is_GetFeedClassification_And_Feed_Exists(){
124 PowerMockito.mockStatic(Feed.class);
125 Feed feed = mock(Feed.class);
126 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
127 FeedAuthorization fAuth = mock(FeedAuthorization.class);
128 when(feed.getAuthorization()).thenReturn(fAuth);
129 when(fAuth.getClassification()).thenReturn("stub_classification");
130 assertThat(baseServlet.getFeedClassification("3"), is("stub_classification"));
134 public void Given_Request_Is_GetFeedClassification_And_Feed_Does_Not_Exist() {
135 PowerMockito.mockStatic(Feed.class);
136 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
137 assertThat(baseServlet.getFeedClassification("3"), is(nullValue()));
141 public void Given_Request_Is_GetSubscriptionOwner_And_Subscription_Exists() {
142 PowerMockito.mockStatic(Subscription.class);
143 Subscription subscription = mock(Subscription.class);
144 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(subscription);
145 when(subscription.getSubscriber()).thenReturn("stub_subscriber");
146 assertThat(baseServlet.getSubscriptionOwner("3"), is("stub_subscriber"));
150 public void Given_Request_Is_GetSubscriptionOwner_And_Subscription_Does_Not_Exist() {
151 PowerMockito.mockStatic(Subscription.class);
152 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(null);
153 assertThat(baseServlet.getSubscriptionOwner("3"), is(nullValue()));
157 public void Given_Request_Is_GetGroupByFeedGroupId_And_User_Is_A_Member_Of_Group() {
158 PowerMockito.mockStatic(Feed.class);
159 Feed feed = mock(Feed.class);
160 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
161 when(feed.getGroupid()).thenReturn(3);
162 PowerMockito.mockStatic(Group.class);
163 Group group = mock(Group.class);
164 when(group.getMembers()).thenReturn("{id: stub_user}");
165 PowerMockito.when(Group.getGroupById(anyInt())).thenReturn(group);
166 when(group.getAuthid()).thenReturn("stub_authID");
167 assertThat(baseServlet.getGroupByFeedGroupId("stub_user", "3"), is("stub_authID"));
171 public void Given_Request_Is_GetGroupByFeedGroupId_And_User_Is_Not_A_Member_Of_Group() {
172 PowerMockito.mockStatic(Feed.class);
173 Feed feed = mock(Feed.class);
174 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
175 when(feed.getGroupid()).thenReturn(3);
176 PowerMockito.mockStatic(Group.class);
177 Group group = mock(Group.class);
178 when(group.getMembers()).thenReturn("{id: stub_otherUser}");
179 PowerMockito.when(Group.getGroupById(anyInt())).thenReturn(group);
180 when(group.getAuthid()).thenReturn("stub_authID");
181 assertThat(baseServlet.getGroupByFeedGroupId("stub_user", "3"), is(nullValue()));
185 public void Given_Request_Is_GetGroupBySubGroupId_And_User_Is_A_Member_Of_Group() {
186 PowerMockito.mockStatic(Subscription.class);
187 Subscription subscription = mock(Subscription.class);
188 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(subscription);
189 when(subscription.getGroupid()).thenReturn(3);
190 PowerMockito.mockStatic(Group.class);
191 Group group = mock(Group.class);
192 when(group.getMembers()).thenReturn("{id: stub_user}");
193 PowerMockito.when(Group.getGroupById(anyInt())).thenReturn(group);
194 when(group.getAuthid()).thenReturn("stub_authID");
195 assertThat(baseServlet.getGroupBySubGroupId("stub_user", "3"), is("stub_authID"));
199 public void Given_Request_Is_GetGroupBySubGroupId_And_User_Is_Not_A_Member_Of_Group() {
200 PowerMockito.mockStatic(Subscription.class);
201 Subscription subscription = mock(Subscription.class);
202 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(subscription);
203 when(subscription.getGroupid()).thenReturn(3);
204 PowerMockito.mockStatic(Group.class);
205 Group group = mock(Group.class);
206 when(group.getMembers()).thenReturn("{id: stub_otherUser}");
207 PowerMockito.when(Group.getGroupById(anyInt())).thenReturn(group);
208 when(group.getAuthid()).thenReturn("stub_authID");
209 assertThat(baseServlet.getGroupBySubGroupId("stub_user", "3"), is(nullValue()));
213 public void Given_Request_Has_Empty_RequestId_And_InvocationId_Headers_Generate_MDC_Values() {
214 when(request.getHeader("X-ONAP-RequestID")).thenReturn("");
215 when(request.getHeader("X-InvocationID")).thenReturn("");
216 mockStatic(UUID.class);
217 when(UUID.randomUUID().toString()).thenReturn("123", "456");
218 baseServlet.setIpFqdnRequestIDandInvocationIDForEelf("doDelete", request);
219 Assert.assertNotEquals("123", MDC.get("RequestId"));
220 Assert.assertNotEquals("456", MDC.get("InvocationId"));
224 public void Given_Request_Has_RequestId_And_InvocationId_Headers_Set_MDC_Values() {
225 when(request.getHeader("X-ONAP-RequestID")).thenReturn("123");
226 when(request.getHeader("X-InvocationID")).thenReturn("456");
227 baseServlet.setIpFqdnRequestIDandInvocationIDForEelf("doDelete", request);
228 Assert.assertEquals("123", MDC.get("RequestId"));
229 Assert.assertEquals("456", MDC.get("InvocationId"));
233 public void Given_Json_Object_Requires_Mask_Encrypt() throws NoSuchAlgorithmException {
234 PowerMockito.mockStatic(SecretKeyFactory.class);
235 SecretKeyFactory secretKeyFactory = PowerMockito.mock(SecretKeyFactory.class);
236 PowerMockito.when(SecretKeyFactory.getInstance(Mockito.anyString())).thenReturn(secretKeyFactory);
237 BaseServlet.maskJSON(getJsonObject(), "password", true);
241 public void Given_Json_Object_Requires_Mask_Decrypt() throws NoSuchAlgorithmException {
242 PowerMockito.mockStatic(SecretKeyFactory.class);
243 SecretKeyFactory secretKeyFactory = PowerMockito.mock(SecretKeyFactory.class);
244 PowerMockito.when(SecretKeyFactory.getInstance(Mockito.anyString())).thenReturn(secretKeyFactory);
245 BaseServlet.maskJSON(getJsonObject(), "password", false);
248 public JSONObject getJsonObject() {
249 return new JSONObject("{\"authorization\": {\n" + " \"endpoint_addrs\": [\n" + " ],\n"
250 + " \"classification\": \"unclassified\",\n"
251 + " \"endpoint_ids\": [\n" + " {\n"
252 + " \"password\": \"dradmin\",\n"
253 + " \"id\": \"dradmin\"\n" + " },\n" + " {\n"
254 + " \"password\": \"demo123456!\",\n"
255 + " \"id\": \"onap\"\n" + " }\n" + " ]\n" + " }}");
259 public void Given_BaseServlet_Verify_Cadi_Feed_Permission() {
260 assertEquals("org.onap.dmaap-dr.feed|legacy|publish", baseServlet.getFeedPermission("legacy", "publish"));
261 assertEquals("org.onap.dmaap-dr.feed|legacy|suspend", baseServlet.getFeedPermission("legacy", "suspend"));
262 assertEquals("org.onap.dmaap-dr.feed|legacy|restore", baseServlet.getFeedPermission("legacy", "restore"));
263 assertEquals("org.onap.dmaap-dr.feed|org.onap.dmaap-dr.NoInstanceDefined|restore", baseServlet.getFeedPermission(null, "restore"));
264 assertEquals("org.onap.dmaap-dr.feed|legacy|*", baseServlet.getFeedPermission("legacy", "default"));
268 public void Given_BaseServlet_Verify_Cadi_Sub_Permission() {
269 assertEquals("org.onap.dmaap-dr.feed|legacy|subscribe", baseServlet.getSubscriberPermission("legacy", "subscribe"));
270 assertEquals("org.onap.dmaap-dr.sub|legacy|suspend", baseServlet.getSubscriberPermission("legacy", "suspend"));
271 assertEquals("org.onap.dmaap-dr.sub|legacy|restore", baseServlet.getSubscriberPermission("legacy", "restore"));
272 assertEquals("org.onap.dmaap-dr.sub|legacy|publish", baseServlet.getSubscriberPermission("legacy", "publish"));
273 assertEquals("org.onap.dmaap-dr.sub|org.onap.dmaap-dr.NoInstanceDefined|restore", baseServlet.getSubscriberPermission(null, "restore"));
274 assertEquals("org.onap.dmaap-dr.sub|legacy|*", baseServlet.getSubscriberPermission("legacy", "default"));