1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
23 package org.onap.dmaap.datarouter.provisioning;
25 import org.apache.commons.lang3.reflect.FieldUtils;
26 import org.json.JSONObject;
27 import org.junit.AfterClass;
28 import org.junit.Before;
29 import org.junit.BeforeClass;
30 import org.junit.Test;
31 import org.junit.runner.RunWith;
32 import org.mockito.Mock;
33 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
34 import org.onap.dmaap.datarouter.authz.Authorizer;
35 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
36 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
37 import org.onap.dmaap.datarouter.provisioning.utils.Poker;
38 import org.powermock.modules.junit4.PowerMockRunner;
40 import javax.persistence.EntityManager;
41 import javax.persistence.EntityManagerFactory;
42 import javax.persistence.Persistence;
43 import javax.servlet.ServletInputStream;
44 import javax.servlet.ServletOutputStream;
45 import javax.servlet.http.HttpServletRequest;
46 import javax.servlet.http.HttpServletResponse;
47 import java.util.HashSet;
50 import static org.hamcrest.Matchers.notNullValue;
51 import static org.mockito.Matchers.argThat;
52 import static org.mockito.Matchers.eq;
53 import static org.mockito.Mockito.*;
54 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
56 @RunWith(PowerMockRunner.class)
57 public class GroupServletTest {
58 private static EntityManagerFactory emf;
59 private static EntityManager em;
60 private GroupServlet groupServlet;
63 private HttpServletRequest request;
66 private HttpServletResponse response;
69 public static void init() {
70 emf = Persistence.createEntityManagerFactory("dr-unit-tests");
71 em = emf.createEntityManager();
73 "org.onap.dmaap.datarouter.provserver.properties",
74 "src/test/resources/h2Database.properties");
78 public static void tearDownClass() {
85 public void setUp() throws Exception {
86 groupServlet = new GroupServlet();
87 setAuthoriserToReturnRequestIsAuthorized();
88 setPokerToNotCreateTimers();
89 setUpValidAuthorisedRequest();
93 public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
94 when(request.isSecure()).thenReturn(false);
95 groupServlet.doGet(request, response);
96 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
100 public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
101 setBehalfHeader(null);
102 groupServlet.doGet(request, response);
103 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
107 public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
108 when(request.getPathInfo()).thenReturn(null);
109 groupServlet.doGet(request, response);
110 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
114 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
115 ServletOutputStream outStream = mock(ServletOutputStream.class);
116 when(response.getOutputStream()).thenReturn(outStream);
117 groupServlet.doGet(request, response);
118 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
122 public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
123 when(request.isSecure()).thenReturn(false);
124 groupServlet.doPut(request, response);
125 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
129 public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
130 setBehalfHeader(null);
131 groupServlet.doPut(request, response);
132 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
136 public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
137 when(request.getPathInfo()).thenReturn(null);
138 groupServlet.doPut(request, response);
139 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
143 public void Given_Request_Is_HTTP_PUT_And_Group_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
144 when(request.getPathInfo()).thenReturn("/3");
145 groupServlet.doPut(request, response);
146 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
150 public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
151 when(request.getContentType()).thenReturn("stub_contentType");
152 groupServlet.doPut(request, response);
153 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
157 public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
158 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
159 ServletInputStream inStream = mock(ServletInputStream.class);
160 when(request.getInputStream()).thenReturn(inStream);
161 groupServlet.doPut(request, response);
162 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
166 public void Given_Request_Is_HTTP_PUT_And_Group_Name_Is_Too_Long_Then_Bad_Request_Response_Is_Generated() throws Exception {
167 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
168 GroupServlet groupServlet = overideGetJSONFromInputToReturnAnInvalidGroup(true);
169 groupServlet.doPut(request, response);
170 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
174 public void Given_Request_Is_HTTP_PUT_And_PUT_Fails_Then_Internal_Server_Error_Response_Is_Generated() throws Exception {
175 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
176 GroupServlet groupServlet = overideGetJSONFromInputToReturnAValidGroupWithFail();
177 groupServlet.doPut(request, response);
178 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
182 public void Given_Request_Is_HTTP_PUT_And_Request_Succeeds() throws Exception {
183 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
184 GroupServlet groupServlet = overideGetJSONFromInputToReturnGroupInDb();
185 ServletOutputStream outStream = mock(ServletOutputStream.class);
186 when(response.getOutputStream()).thenReturn(outStream);
187 groupServlet.doPut(request, response);
188 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
192 public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
193 when(request.isSecure()).thenReturn(false);
194 groupServlet.doPost(request, response);
195 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
199 public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
200 setBehalfHeader(null);
201 groupServlet.doPost(request, response);
202 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
206 public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
207 when(request.getContentType()).thenReturn("stub_contentType");
208 groupServlet.doPost(request, response);
209 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
213 public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
214 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
215 ServletInputStream inStream = mock(ServletInputStream.class);
216 when(request.getInputStream()).thenReturn(inStream);
217 groupServlet.doPost(request, response);
218 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
222 public void Given_Request_Is_HTTP_POST_And_Group_Description_Is_Too_Long_Then_Bad_Request_Response_Is_Generated() throws Exception {
223 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
224 GroupServlet groupServlet = overideGetJSONFromInputToReturnAnInvalidGroup(false);
225 groupServlet.doPost(request, response);
226 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
230 public void Given_Request_Is_HTTP_POST_And_Group_Name_Already_Exists_Then_Bad_Request_Response_Is_Generated() throws Exception {
231 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
232 GroupServlet groupServlet = overideGetJSONFromInputToReturnGroupInDb();
233 groupServlet.doPost(request, response);
234 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
238 public void Given_Request_Is_HTTP_POST_And_POST_Fails_Then_Internal_Server_Error_Response_Is_Generated() throws Exception {
239 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
240 GroupServlet groupServlet = overideGetJSONFromInputToReturnAValidGroupWithFail();
241 groupServlet.doPost(request, response);
242 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
246 public void Given_Request_Is_HTTP_POST_And_Request_Succeeds() throws Exception {
247 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
248 GroupServlet groupServlet = overideGetJSONFromInputToReturnNewGroupToInsert();
249 ServletOutputStream outStream = mock(ServletOutputStream.class);
250 when(response.getOutputStream()).thenReturn(outStream);
251 groupServlet.doPost(request, response);
252 verify(response).setStatus(eq(HttpServletResponse.SC_CREATED));
256 public void Given_Request_Is_HTTP_DELETE_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
257 groupServlet.doDelete(request, response);
258 verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
261 private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
262 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
263 Authorizer authorizer = mock(Authorizer.class);
264 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
265 when(authorizer.decide(request)).thenReturn(authResponse);
266 when(authResponse.isAuthorized()).thenReturn(true);
269 private void setPokerToNotCreateTimers() throws Exception {
270 Poker poker = mock(Poker.class);
271 FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
274 private void setUpValidAuthorisedRequest() throws Exception {
275 setUpValidSecurityOnHttpRequest();
276 setBehalfHeader("Stub_Value");
277 setValidPathInfoInHttpHeader();
280 private void setUpValidSecurityOnHttpRequest() throws Exception {
281 when(request.isSecure()).thenReturn(true);
282 Set<String> authAddressesAndNetworks = new HashSet<String>();
283 authAddressesAndNetworks.add(("127.0.0.1"));
284 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
285 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
288 private void setBehalfHeader(String headerValue) {
289 when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
292 private void setValidPathInfoInHttpHeader() {
293 when(request.getPathInfo()).thenReturn("/1");
296 private GroupServlet overideGetJSONFromInputToReturnAnInvalidGroup(Boolean invalidName) {
297 GroupServlet groupServlet = new GroupServlet() {
298 public JSONObject getJSONfromInput(HttpServletRequest req) {
299 JSONObject invalidGroup = new JSONObject();
300 String invalidEntry = "groupNameThatIsTooLongTooBeValidgroupNameThatIsTooLongTooBeValid";
301 invalidEntry = invalidEntry + invalidEntry + invalidEntry + invalidEntry + invalidEntry;
303 invalidGroup.put("name", invalidEntry);
304 invalidGroup.put("description", "description");
306 invalidGroup.put("name", "groupName");
307 invalidGroup.put("description", invalidEntry);
309 invalidGroup.put("groupid", 2);
310 invalidGroup.put("authid", "User1");
311 invalidGroup.put("classification", "class");
312 invalidGroup.put("members", "stub_members");
319 private GroupServlet overideGetJSONFromInputToReturnAValidGroupWithFail() {
320 GroupServlet groupServlet = new GroupServlet() {
321 public JSONObject getJSONfromInput(HttpServletRequest req) {
322 JSONObject validGroup = new JSONObject();
323 validGroup.put("name", "groupName");
324 validGroup.put("groupid", 2);
325 validGroup.put("description", "Group Description");
326 validGroup.put("authid", "User1");
327 validGroup.put("classification", "class");
328 validGroup.put("members", "stub_members");
332 protected boolean doUpdate(Updateable bean) {
336 protected boolean doInsert(Insertable bean) {
343 private GroupServlet overideGetJSONFromInputToReturnGroupInDb() {
344 GroupServlet groupServlet = new GroupServlet() {
345 public JSONObject getJSONfromInput(HttpServletRequest req) {
346 JSONObject validGroup = new JSONObject();
347 validGroup.put("name", "Group1");
348 validGroup.put("groupid", 2);
349 validGroup.put("description", "Update to the Group");
350 validGroup.put("authid", "Basic dXNlcjE6cGFzc3dvcmQx");
351 validGroup.put("classification", "Class1");
352 validGroup.put("members", "Member1");
359 private GroupServlet overideGetJSONFromInputToReturnNewGroupToInsert() {
360 GroupServlet groupServlet = new GroupServlet() {
361 public JSONObject getJSONfromInput(HttpServletRequest req) {
362 JSONObject validGroup = new JSONObject();
363 validGroup.put("name", "Group2");
364 validGroup.put("groupid", 2);
365 validGroup.put("description", "Second group to be added");
366 validGroup.put("authid", "Basic dXNlcjE6cGFzc3dvcmQx");
367 validGroup.put("classification", "Class2");
368 validGroup.put("members", "Member2");