1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
23 package org.onap.dmaap.datarouter.provisioning;
25 import org.apache.commons.lang3.reflect.FieldUtils;
26 import org.jetbrains.annotations.NotNull;
27 import org.json.JSONArray;
28 import org.json.JSONObject;
29 import org.junit.Before;
30 import org.junit.Test;
31 import org.junit.runner.RunWith;
32 import org.mockito.Mock;
33 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
34 import org.onap.dmaap.datarouter.authz.Authorizer;
35 import org.onap.dmaap.datarouter.provisioning.beans.Deleteable;
36 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
37 import org.onap.dmaap.datarouter.provisioning.beans.Subscription;
38 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
39 import org.powermock.api.mockito.PowerMockito;
40 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
41 import org.powermock.modules.junit4.PowerMockRunner;
43 import javax.servlet.ServletInputStream;
44 import javax.servlet.ServletOutputStream;
45 import javax.servlet.http.HttpServletRequest;
46 import javax.servlet.http.HttpServletResponse;
47 import java.util.HashSet;
50 import static org.hamcrest.Matchers.notNullValue;
51 import static org.mockito.Mockito.*;
52 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
55 @RunWith(PowerMockRunner.class)
56 @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Subscription")
57 public class SubscriptionServletTest extends DrServletTestBase{
58 private SubscriptionServlet subscriptionServlet;
61 private HttpServletRequest request;
63 private HttpServletResponse response;
66 public void setUp() throws Exception {
68 subscriptionServlet = new SubscriptionServlet();
69 setAuthoriserToReturnRequestIsAuthorized();
70 setPokerToNotCreateTimersWhenDeleteSubscriptionIsCalled();
71 setupValidAuthorisedRequest();
72 setUpValidSecurityOnHttpRequest();
76 public void Given_Request_Is_HTTP_DELETE_SC_Forbidden_Response_Is_Generated() throws Exception {
77 when(request.isSecure()).thenReturn(false);
78 subscriptionServlet.doDelete(request, response);
79 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
83 public void Given_Request_Is_HTTP_DELETE_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
84 setBehalfHeader(null);
85 subscriptionServlet.doDelete(request, response);
86 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
90 public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
91 when(request.getPathInfo()).thenReturn(null);
92 subscriptionServlet.doDelete(request, response);
93 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
97 public void Given_Request_Is_HTTP_DELETE_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
98 setSubscriptionToReturnInvalidSubscriptionIdSupplied();
99 subscriptionServlet.doDelete(request, response);
100 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
104 public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
105 setAuthoriserToReturnRequestNotAuthorized();
106 subscriptionServlet.doDelete(request, response);
107 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
111 public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Fails_An_Internal_Server_Error_Is_Reported() throws Exception {
112 SubscriptionServlet subscriptionServlet = new SubscriptionServlet(){
113 public boolean doDelete(Deleteable deletable){
117 subscriptionServlet.doDelete(request, response);
118 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
122 public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated() throws Exception {
123 SubscriptionServlet subscriptionServlet = new SubscriptionServlet(){
124 public boolean doDelete(Deleteable deletable){
128 subscriptionServlet.doDelete(request, response);
129 verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
133 public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
134 when(request.isSecure()).thenReturn(false);
135 subscriptionServlet.doGet(request, response);
136 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
140 public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
141 setBehalfHeader(null);
142 subscriptionServlet.doGet(request, response);
143 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
147 public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
148 when(request.getPathInfo()).thenReturn(null);
149 subscriptionServlet.doGet(request, response);
150 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
154 public void Given_Request_Is_HTTP_GET_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
155 setSubscriptionToReturnInvalidSubscriptionIdSupplied();
156 subscriptionServlet.doGet(request, response);
157 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
161 public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
162 setAuthoriserToReturnRequestNotAuthorized();
163 subscriptionServlet.doGet(request, response);
164 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
168 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
169 JSONObject JSObject = buildRequestJsonObject();
170 JSONObject jo = new JSONObject();
171 jo.put("name", "stub_name");
172 jo.put("version", "2.0");
173 jo.put("metadataOnly", true);
174 jo.put("suspend", true);
175 jo.put("delivery", JSObject);
176 Subscription sub = new Subscription(jo);
177 PowerMockito.mockStatic(Subscription.class);
178 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(sub);
179 ServletOutputStream outStream = mock(ServletOutputStream.class);
180 when(response.getOutputStream()).thenReturn(outStream);
181 subscriptionServlet.doGet(request, response);
182 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
186 public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
187 when(request.isSecure()).thenReturn(false);
188 subscriptionServlet.doPut(request, response);
189 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
193 public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
194 setBehalfHeader(null);
195 subscriptionServlet.doPut(request, response);
196 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
200 public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
201 when(request.getPathInfo()).thenReturn(null);
202 subscriptionServlet.doPut(request, response);
203 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
207 public void Given_Request_Is_HTTP_PUT_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
208 setSubscriptionToReturnInvalidSubscriptionIdSupplied();
209 subscriptionServlet.doPut(request, response);
210 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
214 public void Given_Request_Is_HTTP_PUT_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
215 setAuthoriserToReturnRequestNotAuthorized();
216 subscriptionServlet.doPut(request, response);
217 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
221 public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
222 when(request.getContentType()).thenReturn("stub_ContentType");
223 subscriptionServlet.doPut(request, response);
224 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
228 public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
229 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
230 ServletInputStream inStream = mock(ServletInputStream.class);
231 when(request.getInputStream()).thenReturn(inStream);
232 subscriptionServlet.doPut(request, response);
233 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
237 public void Given_Request_Is_HTTP_PUT_And_Subscription_Object_Is_Invalid_Bad_Request_Response_Is_Generated() throws Exception {
238 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
239 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
240 protected JSONObject getJSONfromInput(HttpServletRequest req) {
241 JSONObject jo = new JSONObject();
245 subscriptionServlet.doPut(request, response);
246 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
250 public void Given_Request_Is_HTTP_PUT_And_Subscriber_Modified_By_Different_Creator() throws Exception {
251 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
252 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
253 JSONObject JSObject = buildRequestJsonObject();
254 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
255 protected JSONObject getJSONfromInput(HttpServletRequest req) {
256 JSONObject jo = new JSONObject();
257 jo.put("name", "stub_name");
258 jo.put("version", "2.0");
259 jo.put("metadataOnly", true);
260 jo.put("suspend", true);
261 jo.put("delivery", JSObject);
265 subscriptionServlet.doPut(request, response);
266 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
270 public void Given_Request_Is_HTTP_PUT_And_Update_Fails() throws Exception {
271 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
272 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
273 JSONObject JSObject = buildRequestJsonObject();
274 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
275 protected JSONObject getJSONfromInput(HttpServletRequest req) {
276 JSONObject jo = new JSONObject();
277 jo.put("name", "stub_name");
278 jo.put("version", "2.0");
279 jo.put("metadataOnly", true);
280 jo.put("suspend", true);
281 jo.put("delivery", JSObject);
286 protected boolean doUpdate(Updateable bean) {
290 subscriptionServlet.doPut(request, response);
291 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
295 public void Given_Request_Is_HTTP_PUT_And_Update_Succeeds() throws Exception {
296 ServletOutputStream outStream = mock(ServletOutputStream.class);
297 when(response.getOutputStream()).thenReturn(outStream);
298 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
299 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
300 JSONObject JSObject = buildRequestJsonObject();
301 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
302 protected JSONObject getJSONfromInput(HttpServletRequest req) {
303 JSONObject jo = new JSONObject();
304 jo.put("name", "stub_name");
305 jo.put("version", "2.0");
306 jo.put("metadataOnly", true);
307 jo.put("suspend", true);
308 jo.put("delivery", JSObject);
313 protected boolean doUpdate(Updateable bean) {
317 subscriptionServlet.doPut(request, response);
318 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
322 public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
323 when(request.isSecure()).thenReturn(false);
324 subscriptionServlet.doPost(request, response);
325 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
329 public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
330 setBehalfHeader(null);
331 subscriptionServlet.doPost(request, response);
332 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
336 public void Given_Request_Is_HTTP_POST_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
337 when(request.getPathInfo()).thenReturn(null);
338 subscriptionServlet.doPost(request, response);
339 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
343 public void Given_Request_Is_HTTP_POST_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
344 setSubscriptionToReturnInvalidSubscriptionIdSupplied();
345 subscriptionServlet.doPost(request, response);
346 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
350 public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
351 when(request.getContentType()).thenReturn("stub_ContentType");
352 subscriptionServlet.doPost(request, response);
353 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
357 public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
358 when(request.getHeader(anyString())).thenReturn("application/vnd.att-dr.subscription-control");
359 setAuthoriserToReturnRequestNotAuthorized();
360 subscriptionServlet.doPost(request, response);
361 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
365 public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
366 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription-control; version=1.0");
367 ServletInputStream inStream = mock(ServletInputStream.class);
368 when(request.getInputStream()).thenReturn(inStream);
369 subscriptionServlet.doPost(request, response);
370 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
374 public void Given_Request_Is_HTTP_POST_And_Post_Fails() throws Exception {
375 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
376 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription-control; version=1.0");
377 JSONObject JSObject = buildRequestJsonObject();
378 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
379 protected JSONObject getJSONfromInput(HttpServletRequest req) {
380 JSONObject jo = new JSONObject();
381 jo.put("name", "stub_name");
382 jo.put("version", "2.0");
383 jo.put("metadataOnly", true);
384 jo.put("suspend", true);
385 jo.put("delivery", JSObject);
389 subscriptionServlet.doPost(request, response);
390 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
394 public void Given_Request_Is_HTTP_POST_And_Post_Succeeds() throws Exception {
395 ServletOutputStream outStream = mock(ServletOutputStream.class);
396 when(response.getOutputStream()).thenReturn(outStream);
397 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
398 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription-control; version=1.0");
399 JSONObject JSObject = buildRequestJsonObject();
400 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
401 protected JSONObject getJSONfromInput(HttpServletRequest req) {
402 JSONObject jo = new JSONObject();
403 jo.put("name", "stub_name");
404 jo.put("version", "2.0");
405 jo.put("metadataOnly", true);
406 jo.put("suspend", true);
407 jo.put("delivery", JSObject);
408 jo.put("failed", false);
412 subscriptionServlet.doPost(request, response);
413 verify(response).setStatus(eq(HttpServletResponse.SC_ACCEPTED));
417 private JSONObject buildRequestJsonObject() {
418 JSONObject JSObject = new JSONObject();
419 JSObject.put("url", "https://stub_address");
420 JSObject.put("use100", "true");
421 JSObject.put("password", "stub_password");
422 JSObject.put("user", "stub_user");
426 private void initialiseBaseServletToBypassRetreiviingInitialisationParametersFromDatabase() throws IllegalAccessException {
427 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "startmsgFlag", false, true);
428 SynchronizerTask synchronizerTask = mock(SynchronizerTask.class);
429 when(synchronizerTask.getState()).thenReturn(SynchronizerTask.UNKNOWN);
430 FieldUtils.writeDeclaredStaticField(SynchronizerTask.class, "synctask", synchronizerTask, true);
433 private void setUpValidSecurityOnHttpRequest() throws Exception {
434 when(request.isSecure()).thenReturn(true);
435 Set<String> authAddressesAndNetworks = new HashSet<String>();
436 authAddressesAndNetworks.add(("127.0.0.1"));
437 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
438 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
441 private void setBehalfHeader(String headerValue) {
442 when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
445 private void setValidPathInfoInHttpHeader() {
446 when(request.getPathInfo()).thenReturn("/123");
449 private void setSubscriptionToReturnInvalidSubscriptionIdSupplied() {
450 PowerMockito.mockStatic(Subscription.class);
451 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(null);
454 private void setSubscriptionToReturnValidSubscriptionForSuppliedId() {
455 PowerMockito.mockStatic(Subscription.class);
456 Subscription subscription = mock(Subscription.class);
457 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(subscription);
458 when(subscription.getSubscriber()).thenReturn("Stub_Value");
459 when(subscription.asJSONObject()).thenReturn(mock(JSONObject.class));
462 private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
463 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
464 Authorizer authorizer = mock(Authorizer.class);
465 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
466 when(authorizer.decide(request)).thenReturn(authResponse);
467 when(authResponse.isAuthorized()).thenReturn(false);
470 private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
471 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
472 Authorizer authorizer = mock(Authorizer.class);
473 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
474 when(authorizer.decide(request)).thenReturn(authResponse);
475 when(authResponse.isAuthorized()).thenReturn(true);
478 private void setPokerToNotCreateTimersWhenDeleteSubscriptionIsCalled() throws Exception {
479 Poker poker = mock(Poker.class);
480 FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
483 private void setupValidAuthorisedRequest() throws Exception {
484 setUpValidSecurityOnHttpRequest();
485 setBehalfHeader("Stub_Value");
486 setValidPathInfoInHttpHeader();
487 setSubscriptionToReturnValidSubscriptionForSuppliedId();