1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
23 package org.onap.dmaap.datarouter.provisioning;
25 import static org.mockito.ArgumentMatchers.eq;
26 import static org.mockito.Mockito.anyString;
27 import static org.mockito.Mockito.mock;
28 import static org.mockito.Mockito.verify;
29 import static org.mockito.Mockito.when;
30 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
32 import java.util.HashSet;
34 import javax.persistence.EntityManager;
35 import javax.persistence.EntityManagerFactory;
36 import javax.persistence.Persistence;
37 import javax.servlet.ServletInputStream;
38 import javax.servlet.ServletOutputStream;
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.http.HttpServletResponse;
41 import org.apache.commons.lang3.reflect.FieldUtils;
42 import org.json.JSONObject;
43 import org.junit.AfterClass;
44 import org.junit.Before;
45 import org.junit.BeforeClass;
46 import org.junit.Test;
47 import org.junit.runner.RunWith;
48 import org.mockito.Mock;
49 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
50 import org.onap.dmaap.datarouter.authz.Authorizer;
51 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
52 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
53 import org.onap.dmaap.datarouter.provisioning.utils.Poker;
54 import org.powermock.core.classloader.annotations.PowerMockIgnore;
55 import org.powermock.modules.junit4.PowerMockRunner;
57 @RunWith(PowerMockRunner.class)
58 @PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*", "com.sun.org.apache.xalan.*"})
59 public class GroupServletTest {
60 private static EntityManagerFactory emf;
61 private static EntityManager em;
62 private GroupServlet groupServlet;
65 private HttpServletRequest request;
68 private HttpServletResponse response;
71 public static void init() {
72 emf = Persistence.createEntityManagerFactory("dr-unit-tests");
73 em = emf.createEntityManager();
75 "org.onap.dmaap.datarouter.provserver.properties",
76 "src/test/resources/h2Database.properties");
80 public static void tearDownClass() {
87 public void setUp() throws Exception {
88 groupServlet = new GroupServlet();
89 setAuthoriserToReturnRequestIsAuthorized();
90 setPokerToNotCreateTimers();
91 setUpValidAuthorisedRequest();
95 public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
96 when(request.isSecure()).thenReturn(false);
97 groupServlet.doGet(request, response);
98 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), anyString());
102 public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
103 setBehalfHeader(null);
104 groupServlet.doGet(request, response);
105 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
109 public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
110 when(request.getPathInfo()).thenReturn(null);
111 groupServlet.doGet(request, response);
112 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
116 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
117 ServletOutputStream outStream = mock(ServletOutputStream.class);
118 when(response.getOutputStream()).thenReturn(outStream);
119 groupServlet.doGet(request, response);
120 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
124 public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
125 when(request.isSecure()).thenReturn(false);
126 groupServlet.doPut(request, response);
127 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), anyString());
131 public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
132 setBehalfHeader(null);
133 groupServlet.doPut(request, response);
134 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
138 public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
139 when(request.getPathInfo()).thenReturn(null);
140 groupServlet.doPut(request, response);
141 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
145 public void Given_Request_Is_HTTP_PUT_And_Group_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
146 when(request.getPathInfo()).thenReturn("/3");
147 groupServlet.doPut(request, response);
148 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), anyString());
152 public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
153 when(request.getContentType()).thenReturn("stub_contentType");
154 groupServlet.doPut(request, response);
155 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), anyString());
159 public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
160 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
161 ServletInputStream inStream = mock(ServletInputStream.class);
162 when(request.getInputStream()).thenReturn(inStream);
163 groupServlet.doPut(request, response);
164 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
168 public void Given_Request_Is_HTTP_PUT_And_Group_Name_Is_Too_Long_Then_Bad_Request_Response_Is_Generated() throws Exception {
169 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
170 GroupServlet groupServlet = overideGetJSONFromInputToReturnAnInvalidGroup(true);
171 groupServlet.doPut(request, response);
172 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
176 public void Given_Request_Is_HTTP_PUT_And_PUT_Fails_Then_Internal_Server_Error_Response_Is_Generated() throws Exception {
177 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
178 GroupServlet groupServlet = overideGetJSONFromInputToReturnAValidGroupWithFail();
179 groupServlet.doPut(request, response);
180 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), anyString());
184 public void Given_Request_Is_HTTP_PUT_And_Request_Succeeds() throws Exception {
185 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
186 GroupServlet groupServlet = overideGetJSONFromInputToReturnGroupInDb();
187 ServletOutputStream outStream = mock(ServletOutputStream.class);
188 when(response.getOutputStream()).thenReturn(outStream);
189 groupServlet.doPut(request, response);
190 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
194 public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
195 when(request.isSecure()).thenReturn(false);
196 groupServlet.doPost(request, response);
197 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), anyString());
201 public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
202 setBehalfHeader(null);
203 groupServlet.doPost(request, response);
204 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
208 public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
209 when(request.getContentType()).thenReturn("stub_contentType");
210 groupServlet.doPost(request, response);
211 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), anyString());
215 public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
216 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
217 ServletInputStream inStream = mock(ServletInputStream.class);
218 when(request.getInputStream()).thenReturn(inStream);
219 groupServlet.doPost(request, response);
220 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
224 public void Given_Request_Is_HTTP_POST_And_Group_Description_Is_Too_Long_Then_Bad_Request_Response_Is_Generated() throws Exception {
225 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
226 GroupServlet groupServlet = overideGetJSONFromInputToReturnAnInvalidGroup(false);
227 groupServlet.doPost(request, response);
228 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
232 public void Given_Request_Is_HTTP_POST_And_Group_Name_Already_Exists_Then_Bad_Request_Response_Is_Generated() throws Exception {
233 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
234 GroupServlet groupServlet = overideGetJSONFromInputToReturnGroupInDb();
235 groupServlet.doPost(request, response);
236 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
240 public void Given_Request_Is_HTTP_POST_And_POST_Fails_Then_Internal_Server_Error_Response_Is_Generated() throws Exception {
241 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
242 GroupServlet groupServlet = overideGetJSONFromInputToReturnAValidGroupWithFail();
243 groupServlet.doPost(request, response);
244 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), anyString());
248 public void Given_Request_Is_HTTP_POST_And_Request_Succeeds() throws Exception {
249 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.group; version=1.0");
250 GroupServlet groupServlet = overideGetJSONFromInputToReturnNewGroupToInsert();
251 ServletOutputStream outStream = mock(ServletOutputStream.class);
252 when(response.getOutputStream()).thenReturn(outStream);
253 groupServlet.doPost(request, response);
254 verify(response).setStatus(eq(HttpServletResponse.SC_CREATED));
258 public void Given_Request_Is_HTTP_DELETE_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
259 groupServlet.doDelete(request, response);
260 verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), anyString());
263 private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
264 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
265 Authorizer authorizer = mock(Authorizer.class);
266 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
267 when(authorizer.decide(request)).thenReturn(authResponse);
268 when(authResponse.isAuthorized()).thenReturn(true);
271 private void setPokerToNotCreateTimers() throws Exception {
272 Poker poker = mock(Poker.class);
273 FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
276 private void setUpValidAuthorisedRequest() throws Exception {
277 setUpValidSecurityOnHttpRequest();
278 setBehalfHeader("Stub_Value");
279 setValidPathInfoInHttpHeader();
282 private void setUpValidSecurityOnHttpRequest() throws Exception {
283 when(request.isSecure()).thenReturn(true);
284 Set<String> authAddressesAndNetworks = new HashSet<String>();
285 authAddressesAndNetworks.add(("127.0.0.1"));
286 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
287 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
290 private void setBehalfHeader(String headerValue) {
291 when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
294 private void setValidPathInfoInHttpHeader() {
295 when(request.getPathInfo()).thenReturn("/1");
298 private GroupServlet overideGetJSONFromInputToReturnAnInvalidGroup(Boolean invalidName) {
299 GroupServlet groupServlet = new GroupServlet() {
300 public JSONObject getJSONfromInput(HttpServletRequest req) {
301 JSONObject invalidGroup = new JSONObject();
302 String invalidEntry = "groupNameThatIsTooLongTooBeValidgroupNameThatIsTooLongTooBeValid";
303 invalidEntry = invalidEntry + invalidEntry + invalidEntry + invalidEntry + invalidEntry;
305 invalidGroup.put("name", invalidEntry);
306 invalidGroup.put("description", "description");
308 invalidGroup.put("name", "groupName");
309 invalidGroup.put("description", invalidEntry);
311 invalidGroup.put("groupid", 2);
312 invalidGroup.put("authid", "User1");
313 invalidGroup.put("classification", "class");
314 invalidGroup.put("members", "stub_members");
321 private GroupServlet overideGetJSONFromInputToReturnAValidGroupWithFail() {
322 GroupServlet groupServlet = new GroupServlet() {
323 public JSONObject getJSONfromInput(HttpServletRequest req) {
324 JSONObject validGroup = new JSONObject();
325 validGroup.put("name", "groupName");
326 validGroup.put("groupid", 2);
327 validGroup.put("description", "Group Description");
328 validGroup.put("authid", "User1");
329 validGroup.put("classification", "class");
330 validGroup.put("members", "stub_members");
334 protected boolean doUpdate(Updateable bean) {
338 protected boolean doInsert(Insertable bean) {
345 private GroupServlet overideGetJSONFromInputToReturnGroupInDb() {
346 GroupServlet groupServlet = new GroupServlet() {
347 public JSONObject getJSONfromInput(HttpServletRequest req) {
348 JSONObject validGroup = new JSONObject();
349 validGroup.put("name", "Group1");
350 validGroup.put("groupid", 2);
351 validGroup.put("description", "Update to the Group");
352 validGroup.put("authid", "Basic dXNlcjE6cGFzc3dvcmQx");
353 validGroup.put("classification", "Class1");
354 validGroup.put("members", "Member1");
361 private GroupServlet overideGetJSONFromInputToReturnNewGroupToInsert() {
362 GroupServlet groupServlet = new GroupServlet() {
363 public JSONObject getJSONfromInput(HttpServletRequest req) {
364 JSONObject validGroup = new JSONObject();
365 validGroup.put("name", "Group2");
366 validGroup.put("groupid", 2);
367 validGroup.put("description", "Second group to be added");
368 validGroup.put("authid", "Basic dXNlcjE6cGFzc3dvcmQx");
369 validGroup.put("classification", "Class2");
370 validGroup.put("members", "Member2");