1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
23 package org.onap.dmaap.datarouter.provisioning;
25 import org.apache.commons.lang3.reflect.FieldUtils;
26 import org.jetbrains.annotations.NotNull;
27 import org.json.JSONArray;
28 import org.json.JSONObject;
29 import org.junit.Before;
30 import org.junit.Test;
31 import org.junit.runner.RunWith;
32 import org.mockito.Mock;
33 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
34 import org.onap.dmaap.datarouter.authz.Authorizer;
35 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
36 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
37 import org.powermock.api.mockito.PowerMockito;
38 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
39 import org.powermock.modules.junit4.PowerMockRunner;
41 import javax.servlet.ServletOutputStream;
42 import javax.servlet.http.HttpServletRequest;
43 import javax.servlet.http.HttpServletResponse;
44 import java.util.HashSet;
47 import static org.hamcrest.Matchers.notNullValue;
48 import static org.mockito.Mockito.*;
49 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
52 @RunWith(PowerMockRunner.class)
53 @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Feed")
54 public class DRFeedsServletTest extends DrServletTestBase {
55 private static DRFeedsServlet drfeedsServlet;
58 private HttpServletRequest request;
60 private HttpServletResponse response;
63 public void setUp() throws Exception {
65 drfeedsServlet = new DRFeedsServlet();
66 setAuthoriserToReturnRequestIsAuthorized();
67 setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
68 setupValidAuthorisedRequest();
69 setUpValidSecurityOnHttpRequest();
70 setUpValidContentHeadersAndJSONOnHttpRequest();
74 public void Given_Request_Is_HTTP_DELETE_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
75 drfeedsServlet.doDelete(request, response);
76 verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
80 public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
81 when(request.isSecure()).thenReturn(false);
82 drfeedsServlet.doGet(request, response);
83 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
87 public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
88 setBehalfHeader(null);
89 drfeedsServlet.doGet(request, response);
90 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
95 public void Given_Request_Is_HTTP_GET_And_URL_Path_Not_Valid_Then_Bad_Request_Response_Is_Generated() throws Exception {
96 when(request.getRequestURI()).thenReturn("/123");
97 drfeedsServlet.doGet(request, response);
98 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
103 public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
104 setAuthoriserToReturnRequestNotAuthorized();
105 drfeedsServlet.doGet(request, response);
106 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
110 public void Given_Request_Is_HTTP_GET_And_Request_Fails_With_Valid_Name_And_Version() throws Exception {
111 when(request.getParameter("name")).thenReturn("stub_name");
112 when(request.getParameter("version")).thenReturn("stub_version");
113 drfeedsServlet.doGet(request, response);
114 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
118 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds_With_Valid_Name_And_Version() throws Exception {
119 ServletOutputStream outStream = mock(ServletOutputStream.class);
120 when(response.getOutputStream()).thenReturn(outStream);
121 when(request.getParameter("name")).thenReturn("stub_name");
122 when(request.getParameter("version")).thenReturn("stub_version");
123 PowerMockito.mockStatic(Feed.class);
124 Feed feed = mock(Feed.class);
125 PowerMockito.when(Feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(feed);
126 when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
127 drfeedsServlet.doGet(request, response);
128 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
133 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds_With_Invalid_Name_And_Version() throws Exception {
134 ServletOutputStream outStream = mock(ServletOutputStream.class);
135 when(response.getOutputStream()).thenReturn(outStream);
136 drfeedsServlet.doGet(request, response);
137 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
142 public void Given_Request_Is_HTTP_PUT_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
143 drfeedsServlet.doPut(request, response);
144 verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
149 public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
150 when(request.isSecure()).thenReturn(false);
151 drfeedsServlet.doPost(request, response);
152 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
156 public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
157 setBehalfHeader(null);
158 drfeedsServlet.doPost(request, response);
159 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
164 public void Given_Request_Is_HTTP_POST_And_URL_Path_Not_Valid_Then_Bad_Request_Response_Is_Generated() throws Exception {
165 when(request.getRequestURI()).thenReturn("/123");
166 drfeedsServlet.doPost(request, response);
167 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
172 public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
173 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.feed; version=1.1");
174 when(request.getContentType()).thenReturn("stub_contentType");
175 drfeedsServlet.doPost(request, response);
176 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
180 public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
181 setAuthoriserToReturnRequestNotAuthorized();
182 drfeedsServlet.doPost(request, response);
183 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
187 public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
188 drfeedsServlet.doPost(request, response);
189 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
193 public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated() throws Exception {
194 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxFeeds", 0, true);
195 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
196 protected JSONObject getJSONfromInput(HttpServletRequest req) {
197 return new JSONObject();
200 drfeedsServlet.doPost(request, response);
201 verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), argThat(notNullValue(String.class)));
205 public void Given_Request_Is_HTTP_POST_And_Feed_Is_Not_Valid_Object_Bad_Request_Response_Is_Generated() throws Exception {
206 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
207 JSONObject JSObject = buildRequestJsonObject();
209 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
210 protected JSONObject getJSONfromInput(HttpServletRequest req) {
211 JSONObject jo = new JSONObject();
216 drfeedsServlet.doPost(request, response);
217 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
221 public void Given_Request_Is_HTTP_POST_And_Feed_Already_Exists_Bad_Request_Response_Is_Generated() throws Exception {
222 setFeedToReturnInvalidFeedIdSupplied();
223 JSONObject JSObject = buildRequestJsonObject();
224 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
225 protected JSONObject getJSONfromInput(HttpServletRequest req) {
226 JSONObject jo = new JSONObject();
227 jo.put("name", "not_stub_name");
228 jo.put("version", "1.0");
229 jo.put("authorization", JSObject);
233 drfeedsServlet.doPost(request, response);
234 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
238 public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception {
239 JSONObject JSObject = buildRequestJsonObject();
240 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
241 protected JSONObject getJSONfromInput(HttpServletRequest req) {
242 JSONObject jo = new JSONObject();
243 jo.put("name", "stub_name");
244 jo.put("version", "2.0");
245 jo.put("authorization", JSObject);
250 protected boolean doInsert(Insertable bean) {
254 drfeedsServlet.doPost(request, response);
255 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
260 public void Given_Request_Is_HTTP_POST_And_Change_On_Feeds_Succeeds_A_STATUS_OK_Response_Is_Generated() throws Exception {
261 ServletOutputStream outStream = mock(ServletOutputStream.class);
262 when(response.getOutputStream()).thenReturn(outStream);
263 JSONObject JSObject = buildRequestJsonObject();
264 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
265 protected JSONObject getJSONfromInput(HttpServletRequest req) {
266 JSONObject jo = new JSONObject();
267 jo.put("name", "stub_name");
268 jo.put("version", "1.0");
269 jo.put("authorization", JSObject);
274 protected boolean doInsert(Insertable bean) {
278 drfeedsServlet.doPost(request, response);
279 verify(response).setStatus(eq(HttpServletResponse.SC_CREATED));
283 private JSONObject buildRequestJsonObject() {
284 JSONObject JSObject = new JSONObject();
285 JSONArray endpointIDs = new JSONArray();
286 JSONObject JOEndpointIDs = new JSONObject();
287 JOEndpointIDs.put("id", "stub_endpoint_id");
288 JOEndpointIDs.put("password", "stub_endpoint_password");
289 endpointIDs.put(JOEndpointIDs);
291 JSONArray endpointAddresses = new JSONArray();
292 endpointAddresses.put("127.0.0.1");
294 JSObject.put("classification", "stub_classification");
295 JSObject.put("endpoint_ids", endpointIDs);
296 JSObject.put("endpoint_addrs", endpointAddresses);
300 private void setUpValidSecurityOnHttpRequest() throws Exception {
301 when(request.isSecure()).thenReturn(true);
302 Set<String> authAddressesAndNetworks = new HashSet<String>();
303 authAddressesAndNetworks.add(("127.0.0.1"));
304 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
305 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
306 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxFeeds", 100, true);
309 private void setBehalfHeader(String headerValue) {
310 when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
313 private void setValidPathInfoInHttpHeader() {
314 when(request.getPathInfo()).thenReturn("/123");
317 private void setFeedToReturnInvalidFeedIdSupplied() {
318 PowerMockito.mockStatic(Feed.class);
319 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
320 when(Feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(mock(Feed.class));
323 private void setFeedToReturnValidFeedForSuppliedId() {
324 PowerMockito.mockStatic(Feed.class);
325 Feed feed = mock(Feed.class);
326 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
327 when(feed.isDeleted()).thenReturn(false);
328 when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
329 when(feed.getPublisher()).thenReturn("Stub_Value");
330 when(feed.getName()).thenReturn("stub_name");
331 when(feed.getVersion()).thenReturn("1.0");
332 when(feed.asLimitedJSONObject()).thenReturn(mock(JSONObject.class));
333 PowerMockito.when(feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(null);
336 private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
337 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
338 Authorizer authorizer = mock(Authorizer.class);
339 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
340 when(authorizer.decide(request)).thenReturn(authResponse);
341 when(authResponse.isAuthorized()).thenReturn(false);
344 private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
345 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
346 Authorizer authorizer = mock(Authorizer.class);
347 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
348 when(authorizer.decide(request)).thenReturn(authResponse);
349 when(authResponse.isAuthorized()).thenReturn(true);
352 private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
353 Poker poker = mock(Poker.class);
354 FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
357 private void setupValidAuthorisedRequest() throws Exception {
358 setUpValidSecurityOnHttpRequest();
359 setBehalfHeader("Stub_Value");
360 setValidPathInfoInHttpHeader();
361 setFeedToReturnValidFeedForSuppliedId();
364 private void setUpValidContentHeadersAndJSONOnHttpRequest() {
365 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.feed; version=1.0");
366 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");