1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
23 package org.onap.dmaap.datarouter.provisioning;
25 import org.apache.commons.lang3.reflect.FieldUtils;
26 import org.jetbrains.annotations.NotNull;
27 import org.json.JSONObject;
28 import org.junit.Before;
29 import org.junit.Test;
30 import org.junit.runner.RunWith;
31 import org.mockito.Mock;
32 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
33 import org.onap.dmaap.datarouter.authz.Authorizer;
34 import org.onap.dmaap.datarouter.provisioning.beans.Deleteable;
35 import org.onap.dmaap.datarouter.provisioning.beans.Subscription;
36 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
37 import org.powermock.api.mockito.PowerMockito;
38 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
39 import org.powermock.modules.junit4.PowerMockRunner;
41 import javax.servlet.ServletInputStream;
42 import javax.servlet.ServletOutputStream;
43 import javax.servlet.http.HttpServletRequest;
44 import javax.servlet.http.HttpServletResponse;
45 import java.util.HashSet;
48 import static org.hamcrest.Matchers.notNullValue;
49 import static org.mockito.Mockito.*;
50 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
53 @RunWith(PowerMockRunner.class)
54 @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Subscription")
55 public class SubscriptionServletTest extends DrServletTestBase {
56 private SubscriptionServlet subscriptionServlet;
59 private HttpServletRequest request;
61 private HttpServletResponse response;
64 public void setUp() throws Exception {
66 subscriptionServlet = new SubscriptionServlet();
67 setAuthoriserToReturnRequestIsAuthorized();
68 setPokerToNotCreateTimersWhenDeleteSubscriptionIsCalled();
69 setupValidAuthorisedRequest();
70 setUpValidSecurityOnHttpRequest();
74 public void Given_Request_Is_HTTP_DELETE_SC_Forbidden_Response_Is_Generated() throws Exception {
75 when(request.isSecure()).thenReturn(false);
76 subscriptionServlet.doDelete(request, response);
77 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
81 public void Given_Request_Is_HTTP_DELETE_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
82 setBehalfHeader(null);
83 subscriptionServlet.doDelete(request, response);
84 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
88 public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
89 when(request.getPathInfo()).thenReturn(null);
90 subscriptionServlet.doDelete(request, response);
91 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
95 public void Given_Request_Is_HTTP_DELETE_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
96 setSubscriptionToReturnInvalidSubscriptionIdSupplied();
97 subscriptionServlet.doDelete(request, response);
98 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
102 public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
103 setAuthoriserToReturnRequestNotAuthorized();
104 subscriptionServlet.doDelete(request, response);
105 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
109 public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Fails_An_Internal_Server_Error_Is_Reported() throws Exception {
110 SubscriptionServlet subscriptionServlet = new SubscriptionServlet(){
111 public boolean doDelete(Deleteable deletable){
115 subscriptionServlet.doDelete(request, response);
116 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
120 public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated() throws Exception {
121 SubscriptionServlet subscriptionServlet = new SubscriptionServlet(){
122 public boolean doDelete(Deleteable deletable){
126 subscriptionServlet.doDelete(request, response);
127 verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
131 public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
132 when(request.isSecure()).thenReturn(false);
133 subscriptionServlet.doGet(request, response);
134 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
138 public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
139 setBehalfHeader(null);
140 subscriptionServlet.doGet(request, response);
141 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
145 public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
146 when(request.getPathInfo()).thenReturn(null);
147 subscriptionServlet.doGet(request, response);
148 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
152 public void Given_Request_Is_HTTP_GET_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
153 setSubscriptionToReturnInvalidSubscriptionIdSupplied();
154 subscriptionServlet.doGet(request, response);
155 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
159 public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
160 setAuthoriserToReturnRequestNotAuthorized();
161 subscriptionServlet.doGet(request, response);
162 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
166 public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
167 JSONObject JSObject = buildRequestJsonObject();
168 JSONObject jo = new JSONObject();
169 jo.put("name", "stub_name");
170 jo.put("version", "2.0");
171 jo.put("metadataOnly", true);
172 jo.put("suspend", true);
173 jo.put("delivery", JSObject);
174 jo.put("sync", true);
175 Subscription sub = new Subscription(jo);
176 PowerMockito.mockStatic(Subscription.class);
177 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(sub);
178 ServletOutputStream outStream = mock(ServletOutputStream.class);
179 when(response.getOutputStream()).thenReturn(outStream);
180 subscriptionServlet.doGet(request, response);
181 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
185 public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
186 when(request.isSecure()).thenReturn(false);
187 subscriptionServlet.doPut(request, response);
188 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
192 public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
193 setBehalfHeader(null);
194 subscriptionServlet.doPut(request, response);
195 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
199 public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
200 when(request.getPathInfo()).thenReturn(null);
201 subscriptionServlet.doPut(request, response);
202 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
206 public void Given_Request_Is_HTTP_PUT_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
207 setSubscriptionToReturnInvalidSubscriptionIdSupplied();
208 subscriptionServlet.doPut(request, response);
209 verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
213 public void Given_Request_Is_HTTP_PUT_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
214 setAuthoriserToReturnRequestNotAuthorized();
215 subscriptionServlet.doPut(request, response);
216 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
220 public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
221 when(request.getContentType()).thenReturn("stub_ContentType");
222 subscriptionServlet.doPut(request, response);
223 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
227 public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
228 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
229 ServletInputStream inStream = mock(ServletInputStream.class);
230 when(request.getInputStream()).thenReturn(inStream);
231 subscriptionServlet.doPut(request, response);
232 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
236 public void Given_Request_Is_HTTP_PUT_And_Subscription_Object_Is_Invalid_Bad_Request_Response_Is_Generated() throws Exception {
237 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
238 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
239 protected JSONObject getJSONfromInput(HttpServletRequest req) {
240 JSONObject jo = new JSONObject();
244 subscriptionServlet.doPut(request, response);
245 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
249 public void Given_Request_Is_HTTP_PUT_And_Subscriber_Modified_By_Different_Creator() throws Exception {
250 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
251 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
252 JSONObject JSObject = buildRequestJsonObject();
253 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
254 protected JSONObject getJSONfromInput(HttpServletRequest req) {
255 JSONObject jo = new JSONObject();
256 jo.put("name", "stub_name");
257 jo.put("version", "2.0");
258 jo.put("metadataOnly", true);
259 jo.put("suspend", true);
260 jo.put("delivery", JSObject);
261 jo.put("sync", true);
265 subscriptionServlet.doPut(request, response);
266 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
270 public void Given_Request_Is_HTTP_PUT_And_Update_Fails() throws Exception {
271 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
272 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
273 JSONObject JSObject = buildRequestJsonObject();
274 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
275 protected JSONObject getJSONfromInput(HttpServletRequest req) {
276 JSONObject jo = new JSONObject();
277 jo.put("name", "stub_name");
278 jo.put("version", "2.0");
279 jo.put("metadataOnly", true);
280 jo.put("suspend", true);
281 jo.put("delivery", JSObject);
282 jo.put("sync", true);
287 protected boolean doUpdate(Updateable bean) {
291 subscriptionServlet.doPut(request, response);
292 verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
296 public void Given_Request_Is_HTTP_PUT_And_Update_Succeeds() throws Exception {
297 ServletOutputStream outStream = mock(ServletOutputStream.class);
298 when(response.getOutputStream()).thenReturn(outStream);
299 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
300 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
301 JSONObject JSObject = buildRequestJsonObject();
302 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
303 protected JSONObject getJSONfromInput(HttpServletRequest req) {
304 JSONObject jo = new JSONObject();
305 jo.put("name", "stub_name");
306 jo.put("version", "2.0");
307 jo.put("metadataOnly", true);
308 jo.put("suspend", true);
309 jo.put("delivery", JSObject);
310 jo.put("sync", true);
315 protected boolean doUpdate(Updateable bean) {
319 subscriptionServlet.doPut(request, response);
320 verify(response).setStatus(eq(HttpServletResponse.SC_OK));
324 public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
325 when(request.isSecure()).thenReturn(false);
326 subscriptionServlet.doPost(request, response);
327 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
331 public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
332 setBehalfHeader(null);
333 subscriptionServlet.doPost(request, response);
334 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
338 public void Given_Request_Is_HTTP_POST_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
339 when(request.getPathInfo()).thenReturn(null);
340 subscriptionServlet.doPost(request, response);
341 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
345 public void Given_Request_Is_HTTP_POST_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
346 setSubscriptionToReturnInvalidSubscriptionIdSupplied();
347 subscriptionServlet.doPost(request, response);
348 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
352 public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
353 when(request.getContentType()).thenReturn("stub_ContentType");
354 subscriptionServlet.doPost(request, response);
355 verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
359 public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
360 when(request.getHeader(anyString())).thenReturn("application/vnd.att-dr.subscription-control");
361 setAuthoriserToReturnRequestNotAuthorized();
362 subscriptionServlet.doPost(request, response);
363 verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
367 public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
368 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription-control; version=1.0");
369 ServletInputStream inStream = mock(ServletInputStream.class);
370 when(request.getInputStream()).thenReturn(inStream);
371 subscriptionServlet.doPost(request, response);
372 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
376 public void Given_Request_Is_HTTP_POST_And_Post_Fails() throws Exception {
377 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
378 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription-control; version=1.0");
379 JSONObject JSObject = buildRequestJsonObject();
380 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
381 protected JSONObject getJSONfromInput(HttpServletRequest req) {
382 JSONObject jo = new JSONObject();
383 jo.put("name", "stub_name");
384 jo.put("version", "2.0");
385 jo.put("metadataOnly", true);
386 jo.put("suspend", true);
387 jo.put("delivery", JSObject);
391 subscriptionServlet.doPost(request, response);
392 verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
396 public void Given_Request_Is_HTTP_POST_And_Post_Succeeds() throws Exception {
397 ServletOutputStream outStream = mock(ServletOutputStream.class);
398 when(response.getOutputStream()).thenReturn(outStream);
399 when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
400 when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription-control; version=1.0");
401 JSONObject JSObject = buildRequestJsonObject();
402 SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
403 protected JSONObject getJSONfromInput(HttpServletRequest req) {
404 JSONObject jo = new JSONObject();
405 jo.put("name", "stub_name");
406 jo.put("version", "2.0");
407 jo.put("metadataOnly", true);
408 jo.put("suspend", true);
409 jo.put("delivery", JSObject);
410 jo.put("failed", false);
414 subscriptionServlet.doPost(request, response);
415 verify(response).setStatus(eq(HttpServletResponse.SC_ACCEPTED));
419 private JSONObject buildRequestJsonObject() {
420 JSONObject JSObject = new JSONObject();
421 JSObject.put("url", "https://stub_address");
422 JSObject.put("use100", "true");
423 JSObject.put("password", "stub_password");
424 JSObject.put("user", "stub_user");
428 private void setUpValidSecurityOnHttpRequest() throws Exception {
429 when(request.isSecure()).thenReturn(true);
430 Set<String> authAddressesAndNetworks = new HashSet<String>();
431 authAddressesAndNetworks.add(("127.0.0.1"));
432 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
433 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
436 private void setBehalfHeader(String headerValue) {
437 when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
440 private void setValidPathInfoInHttpHeader() {
441 when(request.getPathInfo()).thenReturn("/123");
444 private void setSubscriptionToReturnInvalidSubscriptionIdSupplied() {
445 PowerMockito.mockStatic(Subscription.class);
446 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(null);
449 private void setSubscriptionToReturnValidSubscriptionForSuppliedId() {
450 PowerMockito.mockStatic(Subscription.class);
451 Subscription subscription = mock(Subscription.class);
452 PowerMockito.when(Subscription.getSubscriptionById(anyInt())).thenReturn(subscription);
453 when(subscription.getSubscriber()).thenReturn("Stub_Value");
454 when(subscription.asJSONObject()).thenReturn(mock(JSONObject.class));
457 private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
458 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
459 Authorizer authorizer = mock(Authorizer.class);
460 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
461 when(authorizer.decide(request)).thenReturn(authResponse);
462 when(authResponse.isAuthorized()).thenReturn(false);
465 private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
466 AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
467 Authorizer authorizer = mock(Authorizer.class);
468 FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
469 when(authorizer.decide(request)).thenReturn(authResponse);
470 when(authResponse.isAuthorized()).thenReturn(true);
473 private void setPokerToNotCreateTimersWhenDeleteSubscriptionIsCalled() throws Exception {
474 Poker poker = mock(Poker.class);
475 FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
478 private void setupValidAuthorisedRequest() throws Exception {
479 setUpValidSecurityOnHttpRequest();
480 setBehalfHeader("Stub_Value");
481 setValidPathInfoInHttpHeader();
482 setSubscriptionToReturnValidSubscriptionForSuppliedId();