1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
23 package org.onap.dmaap.datarouter.provisioning;
25 import ch.qos.logback.classic.spi.ILoggingEvent;
26 import ch.qos.logback.core.read.ListAppender;
27 import org.apache.commons.lang3.reflect.FieldUtils;
28 import org.jetbrains.annotations.NotNull;
29 import org.json.JSONObject;
30 import org.junit.Before;
31 import org.junit.Test;
32 import org.junit.runner.RunWith;
33 import org.mockito.Mock;
34 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
35 import org.onap.dmaap.datarouter.authz.Authorizer;
36 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
37 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
38 import org.onap.dmaap.datarouter.provisioning.beans.Subscription;
39 import org.powermock.api.mockito.PowerMockito;
40 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
41 import org.powermock.modules.junit4.PowerMockRunner;
43 import javax.servlet.ServletOutputStream;
44 import javax.servlet.http.HttpServletRequest;
45 import javax.servlet.http.HttpServletResponse;
46 import java.util.ArrayList;
47 import java.util.HashSet;
48 import java.util.List;
51 import static org.hamcrest.Matchers.notNullValue;
52 import static org.mockito.Mockito.*;
53 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
56 @RunWith(PowerMockRunner.class)
57 @SuppressStaticInitializationFor({"org.onap.dmaap.datarouter.provisioning.beans.Feed", "org.onap.dmaap.datarouter.provisioning.beans.Subscription"})
58 public class SubscribeServletTest extends DrServletTestBase {
59 private static SubscribeServlet subscribeServlet;
62 private HttpServletRequest request;
64 private HttpServletResponse response;
66 ListAppender<ILoggingEvent> listAppender;
69 public void setUp() throws Exception {
71 listAppender = setTestLogger(SubscribeServlet.class);
72 subscribeServlet = new SubscribeServlet();
73 setAuthoriserToReturnRequestIsAuthorized();
74 setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
75 setupValidAuthorisedRequest();
76 setUpValidSecurityOnHttpRequest();
77 setUpValidContentHeadersAndJSONOnHttpRequest();
81 public void Given_Request_Is_HTTP_DELETE_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
82 subscribeServlet.doDelete(request, response);
83 verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
84 verifyEnteringExitCalled(listAppender);
88 public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
89 when(request.isSecure()).thenReturn(false);
90 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
91 subscribeServlet.doGet(request, response);
92 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
93 verifyEnteringExitCalled(listAppender);
97 public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
98 setBehalfHeader(null);
99 subscribeServlet.doGet(request, response);
100 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
105 public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
106 when(request.getPathInfo()).thenReturn(null);
107 subscribeServlet.doGet(request, response);
108 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
112 public void Given_Request_Is_HTTP_GET_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
113 setFeedToReturnInvalidFeedIdSupplied();
114 subscribeServlet.doGet(request, response);
115 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
120 public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
121 setAuthoriserToReturnRequestNotAuthorized();
122 subscribeServlet.doGet(request, response);
123 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
128 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
129 ServletOutputStream outStream = mock(ServletOutputStream.class);
130 when(response.getOutputStream()).thenReturn(outStream);
131 PowerMockito.mockStatic(Subscription.class);
132 List<String> list = new ArrayList<String>();
134 PowerMockito.when(Subscription.getSubscriptionUrlList(anyInt())).thenReturn(list);
135 subscribeServlet.doGet(request, response);
136 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
137 verifyEnteringExitCalled(listAppender);
142 public void Given_Request_Is_HTTP_PUT_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
143 subscribeServlet.doPut(request, response);
144 verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
145 verifyEnteringExitCalled(listAppender);
148 public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
149 when(request.isSecure()).thenReturn(false);
150 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
151 subscribeServlet.doPost(request, response);
152 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
153 verifyEnteringExitCalled(listAppender);
157 public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
158 setBehalfHeader(null);
159 subscribeServlet.doPost(request, response);
160 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
165 public void Given_Request_Is_HTTP_POST_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
166 when(request.getPathInfo()).thenReturn(null);
167 subscribeServlet.doPost(request, response);
168 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
173 public void Given_Request_Is_HTTP_POST_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
174 setFeedToReturnInvalidFeedIdSupplied();
175 subscribeServlet.doPost(request, response);
176 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
180 public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
181 setAuthoriserToReturnRequestNotAuthorized();
182 subscribeServlet.doPost(request, response);
183 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
187 public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
188 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.1");
189 when(request.getContentType()).thenReturn("stub_contentType");
190 subscribeServlet.doPost(request, response);
191 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
195 public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
196 subscribeServlet.doPost(request, response);
197 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
201 public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated() throws Exception {
202 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxSubs", 0, true);
203 SubscribeServlet subscribeServlet = new SubscribeServlet() {
204 protected JSONObject getJSONfromInput(HttpServletRequest req) {
205 return new JSONObject();
208 subscribeServlet.doPost(request, response);
209 verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), argThat(notNullValue(String.class)));
213 public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception {
214 PowerMockito.mockStatic(Subscription.class);
215 PowerMockito.when(Subscription.getSubscriptionMatching(mock(Subscription.class))).thenReturn(null);
216 PowerMockito.when(Subscription.countActiveSubscriptions()).thenReturn(0);
217 JSONObject JSObject = buildRequestJsonObject();
218 SubscribeServlet subscribeServlet = new SubscribeServlet() {
219 protected JSONObject getJSONfromInput(HttpServletRequest req) {
220 JSONObject jo = new JSONObject();
221 jo.put("name", "stub_name");
222 jo.put("version", "2.0");
223 jo.put("metadataOnly", true);
224 jo.put("suspend", true);
225 jo.put("delivery", JSObject);
226 jo.put("sync", false);
231 protected boolean doInsert(Insertable bean) {
235 subscribeServlet.doPost(request, response);
236 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
241 public void Given_Request_Is_HTTP_POST_And_Change_On_Feeds_Succeeds_A_STATUS_OK_Response_Is_Generated() throws Exception {
242 ServletOutputStream outStream = mock(ServletOutputStream.class);
243 when(response.getOutputStream()).thenReturn(outStream);
244 PowerMockito.mockStatic(Subscription.class);
245 PowerMockito.when(Subscription.getSubscriptionMatching(mock(Subscription.class))).thenReturn(null);
246 JSONObject JSObject = buildRequestJsonObject();
247 SubscribeServlet subscribeServlet = new SubscribeServlet() {
248 protected JSONObject getJSONfromInput(HttpServletRequest req) {
249 JSONObject jo = new JSONObject();
250 jo.put("name", "stub_name");
251 jo.put("version", "2.0");
252 jo.put("metadataOnly", true);
253 jo.put("suspend", true);
254 jo.put("delivery", JSObject);
255 jo.put("sync", true);
260 protected boolean doInsert(Insertable bean) {
264 subscribeServlet.doPost(request, response);
265 verify(response).setStatus(eq(HttpServletResponse.SC_CREATED));
266 verifyEnteringExitCalled(listAppender);
271 private JSONObject buildRequestJsonObject() {
272 JSONObject JSObject = new JSONObject();
273 JSObject.put("url", "https://stub_address");
274 JSObject.put("use100", "true");
275 JSObject.put("password", "stub_password");
276 JSObject.put("user", "stub_user");
280 private void setUpValidSecurityOnHttpRequest() throws Exception {
281 when(request.isSecure()).thenReturn(true);
282 Set<String> authAddressesAndNetworks = new HashSet<String>();
283 authAddressesAndNetworks.add(("127.0.0.1"));
284 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
285 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
286 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxSubs", 100, true);
289 private void setBehalfHeader(String headerValue) {
290 when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
293 private void setValidPathInfoInHttpHeader() {
294 when(request.getPathInfo()).thenReturn("/123");
297 private void setFeedToReturnInvalidFeedIdSupplied() {
298 PowerMockito.mockStatic(Feed.class);
299 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
302 private void setFeedToReturnValidFeedForSuppliedId() {
303 PowerMockito.mockStatic(Feed.class);
304 Feed feed = mock(Feed.class);
305 PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
306 when(feed.isDeleted()).thenReturn(false);
307 when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
308 when(feed.getPublisher()).thenReturn("Stub_Value");
309 when(feed.getName()).thenReturn("stub_name");
310 when(feed.getVersion()).thenReturn("1.0");
311 when(feed.asLimitedJSONObject()).thenReturn(mock(JSONObject.class));
314 private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
315 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
316 Authorizer authorizer = mock(Authorizer.class);
317 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
318 when(authorizer.decide(request)).thenReturn(authResponse);
319 when(authResponse.isAuthorized()).thenReturn(false);
322 private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
323 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
324 Authorizer authorizer = mock(Authorizer.class);
325 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
326 when(authorizer.decide(request)).thenReturn(authResponse);
327 when(authResponse.isAuthorized()).thenReturn(true);
330 private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
331 Poker poker = mock(Poker.class);
332 FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
335 private void setupValidAuthorisedRequest() throws Exception {
336 setUpValidSecurityOnHttpRequest();
337 setBehalfHeader("Stub_Value");
338 setValidPathInfoInHttpHeader();
339 setFeedToReturnValidFeedForSuppliedId();
342 private void setUpValidContentHeadersAndJSONOnHttpRequest() {
343 when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0");
344 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");