2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights
7 * ================================================================================
8 * Modifications Copyright (c) 2019 Samsung
9 * ================================================================================
10 * Licensed under the Apache License, Version 2.0 (the "License");
11 * you may not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
14 * http://www.apache.org/licenses/LICENSE-2.0
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS,
18 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 * See the License for the specific language governing permissions and
20 * limitations under the License.
21 * ============LICENSE_END============================================
22 * ===================================================================
26 package org.onap.clamp.clds.it;
28 import static org.junit.Assert.assertFalse;
29 import static org.junit.Assert.assertTrue;
30 import static org.junit.Assert.fail;
32 import java.util.List;
34 import org.apache.camel.Exchange;
35 import org.junit.Before;
36 import org.junit.Test;
37 import org.junit.runner.RunWith;
38 import org.mockito.InjectMocks;
39 import org.mockito.Mockito;
40 import org.mockito.Spy;
41 import org.onap.clamp.authorization.AuthorizationController;
42 import org.onap.clamp.clds.config.ClampProperties;
43 import org.onap.clamp.clds.exception.NotAuthorizedException;
44 import org.onap.clamp.clds.service.SecureServicePermission;
45 import org.onap.clamp.util.PrincipalUtils;
46 import org.springframework.boot.test.context.SpringBootTest;
47 import org.springframework.mock.env.MockEnvironment;
48 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
49 import org.springframework.security.core.GrantedAuthority;
50 import org.springframework.security.core.context.SecurityContext;
51 import org.springframework.security.core.userdetails.User;
52 import org.springframework.test.context.junit4.SpringRunner;
55 * Test CldsDAO calls through CldsModel and CldsEvent. This really test the DB
56 * and stored procedures.
58 @RunWith(SpringRunner.class)
60 public class AuthorizationControllerItCase {
62 private PermissionTestDefaultHelper permissionTestHelper = new PermissionTestDefaultHelper();
69 private ClampProperties clampProp = new ClampProperties();
72 private AuthorizationController auth;
75 * Setup the variable before the tests execution.
78 public void setupBefore() {
79 permissionTestHelper.setupMockEnv(env);
80 List<GrantedAuthority> authList = permissionTestHelper.getAuthList();
82 SecurityContext securityContext = Mockito.mock(SecurityContext.class);
83 Mockito.when(securityContext.getAuthentication()).thenReturn(
84 new UsernamePasswordAuthenticationToken(new User("admin", "", authList),
87 PrincipalUtils.setSecurityContext(securityContext);
91 public void testIsUserPermitted() {
92 assertTrue(auth.isUserPermitted(new SecureServicePermission("permission-type-cl","dev","read")));
93 assertTrue(auth.isUserPermitted(new SecureServicePermission("permission-type-cl-manage","dev","DEPLOY")));
94 assertTrue(auth.isUserPermitted(new SecureServicePermission("permission-type-filter-vf","dev",
95 "12345-55555-55555-5555")));
96 assertFalse(auth.isUserPermitted(new SecureServicePermission("permission-type-cl","test","read")));
100 public void testIfUserAuthorize() {
101 Exchange ex = Mockito.mock(Exchange.class);
103 permissionTestHelper.doActionOnAllPermissions(((type, instance, action) ->
104 auth.authorize(ex, type, instance, action)
107 } catch (NotAuthorizedException e) {
108 fail(e.getMessage());
112 @Test(expected = NotAuthorizedException.class)
113 public void testIfAuthorizeThrowException() {
114 Exchange ex = Mockito.mock(Exchange.class);
115 auth.authorize(ex,"permission-type-cl","test","read");