1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
23 package org.onap.dmaap.datarouter.provisioning;
25 import static org.hamcrest.Matchers.notNullValue;
26 import static org.mockito.Mockito.anyInt;
27 import static org.mockito.Mockito.anyString;
28 import static org.mockito.Mockito.argThat;
29 import static org.mockito.Mockito.eq;
30 import static org.mockito.Mockito.mock;
31 import static org.mockito.Mockito.verify;
32 import static org.mockito.Mockito.when;
33 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
35 import java.util.HashSet;
37 import javax.servlet.ServletOutputStream;
38 import javax.servlet.http.HttpServletRequest;
39 import javax.servlet.http.HttpServletResponse;
41 import ch.qos.logback.classic.spi.ILoggingEvent;
42 import ch.qos.logback.core.read.ListAppender;
43 import org.apache.commons.lang3.reflect.FieldUtils;
44 import org.jetbrains.annotations.NotNull;
45 import org.json.JSONArray;
46 import org.json.JSONObject;
47 import org.junit.Before;
48 import org.junit.Test;
49 import org.junit.runner.RunWith;
50 import org.mockito.Mock;
51 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
52 import org.onap.dmaap.datarouter.authz.Authorizer;
53 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
54 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
55 import org.powermock.api.mockito.PowerMockito;
56 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
57 import org.powermock.modules.junit4.PowerMockRunner;
60 @RunWith(PowerMockRunner.class)
61 @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Feed")
62 public class DRFeedsServletTest extends DrServletTestBase {
64 private static DRFeedsServlet drfeedsServlet;
67 private HttpServletRequest request;
69 private HttpServletResponse response;
71 ListAppender<ILoggingEvent> listAppender;
74 public void setUp() throws Exception {
76 listAppender = setTestLogger(DRFeedsServlet.class);
77 drfeedsServlet = new DRFeedsServlet();
78 setAuthoriserToReturnRequestIsAuthorized();
79 setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
80 setupValidAuthorisedRequest();
81 setUpValidSecurityOnHttpRequest();
82 setUpValidContentHeadersAndJSONOnHttpRequest();
86 public void Given_Request_Is_HTTP_DELETE_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
87 drfeedsServlet.doDelete(request, response);
88 verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
89 verifyEnteringExitCalled(listAppender);
93 public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
95 when(request.isSecure()).thenReturn(false);
96 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
97 drfeedsServlet.doGet(request, response);
98 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
99 verifyEnteringExitCalled(listAppender);
103 public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
105 setBehalfHeader(null);
106 drfeedsServlet.doGet(request, response);
107 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
112 public void Given_Request_Is_HTTP_GET_And_URL_Path_Not_Valid_Then_Bad_Request_Response_Is_Generated()
114 when(request.getRequestURI()).thenReturn("/123");
115 drfeedsServlet.doGet(request, response);
116 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
121 public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
123 setAuthoriserToReturnRequestNotAuthorized();
124 drfeedsServlet.doGet(request, response);
125 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
129 public void Given_Request_Is_HTTP_GET_And_Request_Fails_With_Valid_Name_And_Version() throws Exception {
130 when(request.getParameter("name")).thenReturn("stub_name");
131 when(request.getParameter("version")).thenReturn("stub_version");
132 drfeedsServlet.doGet(request, response);
133 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
137 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds_With_Valid_Name_And_Version() throws Exception {
138 ServletOutputStream outStream = mock(ServletOutputStream.class);
139 when(response.getOutputStream()).thenReturn(outStream);
140 when(request.getParameter("name")).thenReturn("stub_name");
141 when(request.getParameter("version")).thenReturn("stub_version");
142 PowerMockito.mockStatic(Feed.class);
143 Feed feed = mock(Feed.class);
144 PowerMockito.when(Feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(feed);
145 when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
146 drfeedsServlet.doGet(request, response);
147 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
148 verifyEnteringExitCalled(listAppender);
153 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds_With_Invalid_Name_And_Version() throws Exception {
154 ServletOutputStream outStream = mock(ServletOutputStream.class);
155 when(response.getOutputStream()).thenReturn(outStream);
156 drfeedsServlet.doGet(request, response);
157 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
162 public void Given_Request_Is_HTTP_PUT_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
163 drfeedsServlet.doPut(request, response);
164 verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
165 verifyEnteringExitCalled(listAppender);
170 public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
172 when(request.isSecure()).thenReturn(false);
173 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
174 drfeedsServlet.doPost(request, response);
175 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
176 verifyEnteringExitCalled(listAppender);
180 public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
182 setBehalfHeader(null);
183 drfeedsServlet.doPost(request, response);
184 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
189 public void Given_Request_Is_HTTP_POST_And_URL_Path_Not_Valid_Then_Bad_Request_Response_Is_Generated()
191 when(request.getRequestURI()).thenReturn("/123");
192 drfeedsServlet.doPost(request, response);
193 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
198 public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated()
200 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.1");
201 when(request.getContentType()).thenReturn("stub_contentType");
202 drfeedsServlet.doPost(request, response);
204 .sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
208 public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
210 setAuthoriserToReturnRequestNotAuthorized();
211 drfeedsServlet.doPost(request, response);
212 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
216 public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated()
218 drfeedsServlet.doPost(request, response);
219 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
223 public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated()
225 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxFeeds", 0, true);
226 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
227 protected JSONObject getJSONfromInput(HttpServletRequest req) {
228 return new JSONObject();
231 drfeedsServlet.doPost(request, response);
232 verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), argThat(notNullValue(String.class)));
236 public void Given_Request_Is_HTTP_POST_And_Feed_Is_Not_Valid_Object_Bad_Request_Response_Is_Generated()
238 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
239 JSONObject JSObject = buildRequestJsonObject();
241 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
242 protected JSONObject getJSONfromInput(HttpServletRequest req) {
243 JSONObject jo = new JSONObject();
248 drfeedsServlet.doPost(request, response);
249 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
253 public void Given_Request_Is_HTTP_POST_And_Feed_Already_Exists_Bad_Request_Response_Is_Generated()
255 setFeedToReturnInvalidFeedIdSupplied();
256 JSONObject JSObject = buildRequestJsonObject();
257 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
258 protected JSONObject getJSONfromInput(HttpServletRequest req) {
259 JSONObject jo = new JSONObject();
260 jo.put("name", "not_stub_name");
261 jo.put("version", "1.0");
262 jo.put("authorization", JSObject);
266 drfeedsServlet.doPost(request, response);
267 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
271 public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception {
272 JSONObject JSObject = buildRequestJsonObject();
273 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
274 protected JSONObject getJSONfromInput(HttpServletRequest req) {
275 JSONObject jo = new JSONObject();
276 jo.put("name", "stub_name");
277 jo.put("version", "2.0");
278 jo.put("authorization", JSObject);
283 protected boolean doInsert(Insertable bean) {
287 drfeedsServlet.doPost(request, response);
289 .sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
294 public void Given_Request_Is_HTTP_POST_And_Change_On_Feeds_Succeeds_A_STATUS_OK_Response_Is_Generated()
296 ServletOutputStream outStream = mock(ServletOutputStream.class);
297 when(response.getOutputStream()).thenReturn(outStream);
298 JSONObject JSObject = buildRequestJsonObject();
299 DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
300 protected JSONObject getJSONfromInput(HttpServletRequest req) {
301 JSONObject jo = new JSONObject();
302 jo.put("name", "stub_name");
303 jo.put("version", "1.0");
304 jo.put("authorization", JSObject);
309 protected boolean doInsert(Insertable bean) {
313 drfeedsServlet.doPost(request, response);
314 verify(response).setStatus(eq(HttpServletResponse.SC_CREATED));
315 verifyEnteringExitCalled(listAppender);
319 private JSONObject buildRequestJsonObject() {
320 JSONObject JSObject = new JSONObject();
321 JSONArray endpointIDs = new JSONArray();
322 JSONObject JOEndpointIDs = new JSONObject();
323 JOEndpointIDs.put("id", "stub_endpoint_id");
324 JOEndpointIDs.put("password", "stub_endpoint_password");
325 endpointIDs.put(JOEndpointIDs);
327 JSONArray endpointAddresses = new JSONArray();
328 endpointAddresses.put("127.0.0.1");
330 JSObject.put("classification", "stub_classification");
331 JSObject.put("endpoint_ids", endpointIDs);
332 JSObject.put("endpoint_addrs", endpointAddresses);
336 private void setUpValidSecurityOnHttpRequest() throws Exception {
337 when(request.isSecure()).thenReturn(true);
338 Set<String> authAddressesAndNetworks = new HashSet<String>();
339 authAddressesAndNetworks.add(("127.0.0.1"));
341 .writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks,
343 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
344 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxFeeds", 100, true);
347 private void setBehalfHeader(String headerValue) {
348 when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
351 private void setValidPathInfoInHttpHeader() {
352 when(request.getPathInfo()).thenReturn("/123");
355 private void setFeedToReturnInvalidFeedIdSupplied() {
356 PowerMockito.mockStatic(Feed.class);
357 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
358 when(Feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(mock(Feed.class));
361 private void setFeedToReturnValidFeedForSuppliedId() {
362 PowerMockito.mockStatic(Feed.class);
363 Feed feed = mock(Feed.class);
364 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
365 when(feed.isDeleted()).thenReturn(false);
366 when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
367 when(feed.getPublisher()).thenReturn("Stub_Value");
368 when(feed.getName()).thenReturn("stub_name");
369 when(feed.getVersion()).thenReturn("1.0");
370 when(feed.asLimitedJSONObject()).thenReturn(mock(JSONObject.class));
371 PowerMockito.when(feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(null);
374 private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
375 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
376 Authorizer authorizer = mock(Authorizer.class);
377 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
378 when(authorizer.decide(request)).thenReturn(authResponse);
379 when(authResponse.isAuthorized()).thenReturn(false);
382 private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
383 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
384 Authorizer authorizer = mock(Authorizer.class);
385 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
386 when(authorizer.decide(request)).thenReturn(authResponse);
387 when(authResponse.isAuthorized()).thenReturn(true);
390 private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
391 Poker poker = mock(Poker.class);
392 FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
395 private void setupValidAuthorisedRequest() throws Exception {
396 setUpValidSecurityOnHttpRequest();
397 setBehalfHeader("Stub_Value");
398 setValidPathInfoInHttpHeader();
399 setFeedToReturnValidFeedForSuppliedId();
402 private void setUpValidContentHeadersAndJSONOnHttpRequest() {
403 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.0");
404 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");