1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
23 package org.onap.dmaap.datarouter.provisioning;
25 import org.apache.commons.lang3.reflect.FieldUtils;
26 import org.jetbrains.annotations.NotNull;
27 import org.json.JSONArray;
28 import org.json.JSONObject;
29 import org.junit.Before;
30 import org.junit.Test;
31 import org.junit.runner.RunWith;
32 import org.mockito.Mock;
33 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
34 import org.onap.dmaap.datarouter.authz.Authorizer;
35 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
36 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
37 import org.powermock.api.mockito.PowerMockito;
38 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
39 import org.powermock.modules.junit4.PowerMockRunner;
41 import javax.servlet.ServletInputStream;
42 import javax.servlet.ServletOutputStream;
43 import javax.servlet.http.HttpServletRequest;
44 import javax.servlet.http.HttpServletResponse;
45 import java.util.HashSet;
48 import static org.hamcrest.Matchers.notNullValue;
49 import static org.mockito.Mockito.*;
50 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
53 @RunWith(PowerMockRunner.class)
54 @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Feed")
55 public class FeedServletTest extends DrServletTestBase {
57 private static FeedServlet feedServlet;
60 private HttpServletRequest request;
62 private HttpServletResponse response;
65 public void setUp() throws Exception {
67 feedServlet = new FeedServlet();
68 setAuthoriserToReturnRequestIsAuthorized();
69 setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
70 setUpValidAuthorisedRequest();
71 setUpValidSecurityOnHttpRequest();
72 setUpValidContentHeadersAndJSONOnHttpRequest();
76 public void Given_Request_Is_HTTP_DELETE_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
78 when(request.isSecure()).thenReturn(false);
79 feedServlet.doDelete(request, response);
80 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
85 public void Given_Request_Is_HTTP_DELETE_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
87 setBehalfHeader(null);
88 feedServlet.doDelete(request, response);
89 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
94 public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
96 when(request.getPathInfo()).thenReturn(null);
97 feedServlet.doDelete(request, response);
98 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
103 public void Given_Request_Is_HTTP_DELETE_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
105 setFeedToReturnInvalidFeedIdSupplied();
106 feedServlet.doDelete(request, response);
107 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
112 public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
114 setAuthoriserToReturnRequestNotAuthorized();
115 feedServlet.doDelete(request, response);
116 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
121 public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Fails_An_Internal_Server_Error_Is_Reported()
123 FeedServlet feedServlet = new FeedServlet() {
124 protected boolean doUpdate(Updateable bean) {
128 feedServlet.doDelete(request, response);
130 .sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
135 public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated()
137 FeedServlet feedServlet = new FeedServlet() {
138 protected boolean doUpdate(Updateable bean) {
142 feedServlet.doDelete(request, response);
143 verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
147 public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
149 when(request.isSecure()).thenReturn(false);
150 feedServlet.doGet(request, response);
151 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
155 public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
157 setBehalfHeader(null);
158 feedServlet.doGet(request, response);
159 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
164 public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
166 when(request.getPathInfo()).thenReturn(null);
167 feedServlet.doGet(request, response);
168 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
173 public void Given_Request_Is_HTTP_GET_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
175 setFeedToReturnInvalidFeedIdSupplied();
176 feedServlet.doGet(request, response);
177 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
182 public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
184 setAuthoriserToReturnRequestNotAuthorized();
185 feedServlet.doGet(request, response);
186 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
191 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
192 ServletOutputStream outStream = mock(ServletOutputStream.class);
193 when(response.getOutputStream()).thenReturn(outStream);
194 feedServlet.doGet(request, response);
195 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
200 public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
202 when(request.isSecure()).thenReturn(false);
203 feedServlet.doPut(request, response);
204 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
208 public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
210 setBehalfHeader(null);
211 feedServlet.doPut(request, response);
212 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
217 public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
219 when(request.getPathInfo()).thenReturn(null);
220 feedServlet.doPut(request, response);
221 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
226 public void Given_Request_Is_HTTP_PUT_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
228 setFeedToReturnInvalidFeedIdSupplied();
229 feedServlet.doPut(request, response);
230 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
234 public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated()
236 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.feed-fail; version=2.0");
237 when(request.getContentType()).thenReturn("stub_contentType");
238 feedServlet.doPut(request, response);
240 .sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
244 public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated()
246 ServletInputStream inStream = mock(ServletInputStream.class);
247 when(request.getInputStream()).thenReturn(inStream);
248 feedServlet.doPut(request, response);
249 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
253 public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Invalid_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
254 FeedServlet feedServlet = new FeedServlet() {
255 protected JSONObject getJSONfromInput(HttpServletRequest req) {
256 return new JSONObject();
259 feedServlet.doPut(request, response);
260 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
264 public void Given_Request_Is_HTTP_PUT_And_Feed_Change_Is_Not_Publisher_Who_Requested_Feed_Bad_Request_Response_Is_Generated() throws Exception {
265 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
266 JSONObject JSObject = buildRequestJsonObject();
267 FeedServlet feedServlet = new FeedServlet() {
268 protected JSONObject getJSONfromInput(HttpServletRequest req) {
269 JSONObject jo = new JSONObject();
270 jo.put("name", "stub_name");
271 jo.put("version", "1.0");
272 jo.put("authorization", JSObject);
277 feedServlet.doPut(request, response);
278 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
282 public void Given_Request_Is_HTTP_PUT_And_Feed_Name_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception {
283 JSONObject JSObject = buildRequestJsonObject();
284 FeedServlet feedServlet = new FeedServlet() {
285 protected JSONObject getJSONfromInput(HttpServletRequest req) {
286 JSONObject jo = new JSONObject();
287 jo.put("name", "not_stub_name");
288 jo.put("version", "1.0");
289 jo.put("authorization", JSObject);
293 feedServlet.doPut(request, response);
294 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
298 public void Given_Request_Is_HTTP_PUT_And_Feed_Version_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception {
299 JSONObject JSObject = buildRequestJsonObject();
300 FeedServlet feedServlet = new FeedServlet() {
301 protected JSONObject getJSONfromInput(HttpServletRequest req) {
302 JSONObject jo = new JSONObject();
303 jo.put("name", "stub_name");
304 jo.put("version", "2.0");
305 jo.put("authorization", JSObject);
309 feedServlet.doPut(request, response);
310 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
314 public void Given_Request_Is_HTTP_PUT_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
315 JSONObject JSObject = buildRequestJsonObject();
316 FeedServlet feedServlet = new FeedServlet() {
317 protected JSONObject getJSONfromInput(HttpServletRequest req) {
318 JSONObject jo = new JSONObject();
319 jo.put("name", "stub_name");
320 jo.put("version", "1.0");
321 jo.put("authorization", JSObject);
325 setAuthoriserToReturnRequestNotAuthorized();
326 feedServlet.doPut(request, response);
327 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
331 public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Fails_A_STATUS_OK_Response_Is_Generated() throws Exception {
332 ServletOutputStream outStream = mock(ServletOutputStream.class);
333 when(response.getOutputStream()).thenReturn(outStream);
335 JSONObject JSObject = buildRequestJsonObject();
336 FeedServlet feedServlet = new FeedServlet() {
337 protected JSONObject getJSONfromInput(HttpServletRequest req) {
338 JSONObject jo = new JSONObject();
339 jo.put("name", "stub_name");
340 jo.put("version", "1.0");
341 jo.put("authorization", JSObject);
346 protected boolean doUpdate(Updateable bean) {
350 feedServlet.doPut(request, response);
351 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
355 public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Suceeds_A_STATUS_OK_Response_Is_Generated() throws Exception {
356 ServletOutputStream outStream = mock(ServletOutputStream.class);
357 when(response.getOutputStream()).thenReturn(outStream);
358 JSONObject JSObject = buildRequestJsonObject();
359 FeedServlet feedServlet = new FeedServlet() {
360 protected JSONObject getJSONfromInput(HttpServletRequest req) {
361 JSONObject jo = new JSONObject();
362 jo.put("name", "stub_name");
363 jo.put("version", "1.0");
364 jo.put("authorization", JSObject);
369 protected boolean doUpdate(Updateable bean) {
373 feedServlet.doPut(request, response);
374 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
378 public void Given_Request_Is_HTTP_POST_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
379 feedServlet.doPost(request, response);
380 verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
384 private JSONObject buildRequestJsonObject() {
385 JSONObject JSObject = new JSONObject();
386 JSONArray endpointIDs = new JSONArray();
387 JSONObject JOEndpointIDs = new JSONObject();
388 JOEndpointIDs.put("id", "stub_endpoint_id");
389 JOEndpointIDs.put("password", "stub_endpoint_password");
390 endpointIDs.put(JOEndpointIDs);
392 JSONArray endpointAddresses = new JSONArray();
393 endpointAddresses.put("127.0.0.1");
395 JSObject.put("classification", "stub_classification");
396 JSObject.put("endpoint_ids", endpointIDs);
397 JSObject.put("endpoint_addrs", endpointAddresses);
401 private void setUpValidSecurityOnHttpRequest() throws Exception {
402 when(request.isSecure()).thenReturn(true);
403 Set<String> authAddressesAndNetworks = new HashSet<String>();
404 authAddressesAndNetworks.add(("127.0.0.1"));
406 .writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks,
408 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
411 private void setBehalfHeader(String headerValue) {
412 when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
415 private void setValidPathInfoInHttpHeader() {
416 when(request.getPathInfo()).thenReturn("/123");
419 private void setFeedToReturnInvalidFeedIdSupplied() {
420 PowerMockito.mockStatic(Feed.class);
421 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
424 private void setFeedToReturnValidFeedForSuppliedId() {
425 PowerMockito.mockStatic(Feed.class);
426 Feed feed = mock(Feed.class);
427 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
428 when(feed.isDeleted()).thenReturn(false);
429 when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
430 when(feed.getPublisher()).thenReturn("Stub_Value");
431 when(feed.getName()).thenReturn("stub_name");
432 when(feed.getVersion()).thenReturn("1.0");
433 when(feed.asLimitedJSONObject()).thenReturn(mock(JSONObject.class));
436 private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
437 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
438 Authorizer authorizer = mock(Authorizer.class);
439 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
440 when(authorizer.decide(request)).thenReturn(authResponse);
441 when(authResponse.isAuthorized()).thenReturn(false);
444 private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
445 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
446 Authorizer authorizer = mock(Authorizer.class);
447 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
448 when(authorizer.decide(request)).thenReturn(authResponse);
449 when(authResponse.isAuthorized()).thenReturn(true);
452 private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
453 Poker poker = mock(Poker.class);
454 FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
457 private void setUpValidAuthorisedRequest() throws Exception {
458 setUpValidSecurityOnHttpRequest();
459 setBehalfHeader("Stub_Value");
460 setValidPathInfoInHttpHeader();
461 setFeedToReturnValidFeedForSuppliedId();
464 private void setUpValidContentHeadersAndJSONOnHttpRequest() {
465 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.feed; version=1.0");
466 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");