src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * ONAP CLAMP
   4  * ================================================================================
   5  * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights
   6  *                             reserved.
   7  * ================================================================================
   8  * Licensed under the Apache License, Version 2.0 (the "License");
   9  * you may not use this file except in compliance with the License.
  10  * You may obtain a copy of the License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing, software
  15  * distributed under the License is distributed on an "AS IS" BASIS,
  16  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  17  * See the License for the specific language governing permissions and
  18  * limitations under the License.
  19  * ============LICENSE_END============================================
  20  * ===================================================================
  21  *
  22  */
  23
  24 package org.onap.clamp.clds.it;
  25
  26 import static org.assertj.core.api.Assertions.assertThat;
  27 import static org.junit.Assert.assertEquals;
  28 import static org.junit.Assert.assertFalse;
  29 import static org.junit.Assert.assertNotNull;
  30 import static org.junit.Assert.assertTrue;
  31 import static org.mockito.Mockito.mock;
  32 import static org.mockito.Mockito.when;
  33
  34 import java.io.IOException;
  35 import java.io.InputStream;
  36 import java.util.LinkedList;
  37 import java.util.List;
  38 import java.util.Properties;
  39
  40 import javax.servlet.http.HttpServletRequest;
  41 import javax.ws.rs.NotAuthorizedException;
  42
  43 import org.junit.Before;
  44 import org.junit.Test;
  45 import org.junit.runner.RunWith;
  46 import org.mockito.Matchers;
  47 import org.mockito.Mockito;
  48 import org.onap.clamp.clds.model.CldsInfo;
  49 import org.onap.clamp.clds.service.CldsService;
  50 import org.onap.clamp.clds.util.LoggingUtils;
  51 import org.springframework.beans.factory.annotation.Autowired;
  52 import org.springframework.boot.test.context.SpringBootTest;
  53 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
  54 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
  55 import org.springframework.security.core.Authentication;
  56 import org.springframework.security.core.GrantedAuthority;
  57 import org.springframework.security.core.authority.SimpleGrantedAuthority;
  58 import org.springframework.security.core.context.SecurityContext;
  59 import org.springframework.security.core.userdetails.User;
  60 import org.springframework.security.core.userdetails.UserDetails;
  61 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
  62
  63 /**
  64  * Test HTTP and HTTPS settings + redirection of HTTP to HTTPS.
  65  */
  66 @RunWith(SpringJUnit4ClassRunner.class)
  67 @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
  68 public class CldsServiceItCase {
  69
  70     @Autowired
  71     private CldsService cldsService;
  72
  73     private LoggingUtils util;
  74     private SecurityContext securityContext = mock(SecurityContext.class);
  75     private Authentication auth = Mockito.mock(Authentication.class);
  76     private UserDetails userDetails = Mockito.mock(UserDetails.class);
  77     private List<GrantedAuthority> authorityList = new LinkedList<GrantedAuthority>();
  78     /**
  79      * Setup the variable before the tests execution.
  80      *
  81      * @throws IOException In case of issues when opening the files
  82      */
  83     @Before
  84     public void setupBefore() throws IOException {
  85         util = Mockito.mock(LoggingUtils.class);
  86         Mockito.doNothing().when(util).entering(Matchers.any(HttpServletRequest.class), Matchers.any(String.class));
  87         cldsService.setLoggingUtil(util);
  88
  89     }
  90
  91     @Test
  92     public void testCldsInfoNotAuthorized() {
  93         Mockito.when(userDetails.getUsername()).thenReturn("admin");
  94         Mockito.when(securityContext.getAuthentication()).thenReturn(auth);
  95         Mockito.when(auth.getPrincipal()).thenReturn(userDetails);
  96
  97         cldsService.setSecurityContext(securityContext);
  98         CldsInfo cldsInfo = cldsService.getCldsInfo();
  99         assertFalse(cldsInfo.isPermissionReadCl());
 100         assertFalse(cldsInfo.isPermissionReadTemplate());
 101         assertFalse(cldsInfo.isPermissionUpdateCl());
 102         assertFalse(cldsInfo.isPermissionUpdateTemplate());
 103     }
 104
 105     @Test
 106     public void testCldsInfoAuthorized() throws Exception {
 107         List<GrantedAuthority> authList = new LinkedList<GrantedAuthority>();
 108         authList.add(new SimpleGrantedAuthority("permission-type-cl-manage|dev|*"));
 109         authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|read"));
 110         authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|update"));
 111         authList.add(new SimpleGrantedAuthority("permission-type-template|dev|read"));
 112         authList.add(new SimpleGrantedAuthority("permission-type-template|dev|update"));
 113         authList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|*"));
 114         authList.add(new SimpleGrantedAuthority("permission-type-cl-event|dev|*"));
 115         Authentication authentication;
 116         authentication = new UsernamePasswordAuthenticationToken(new User("admin", "", authList), "", authList);
 117
 118         Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
 119
 120         cldsService.setSecurityContext(securityContext);
 121         CldsInfo cldsInfo = cldsService.getCldsInfo();
 122         assertTrue(cldsInfo.isPermissionReadCl());
 123         assertTrue(cldsInfo.isPermissionReadTemplate());
 124         assertTrue(cldsInfo.isPermissionUpdateCl());
 125         assertTrue(cldsInfo.isPermissionUpdateTemplate());
 126         Properties prop = new Properties();
 127         InputStream in = Thread.currentThread().getContextClassLoader().getResourceAsStream("clds-version.properties");
 128         prop.load(in);
 129         assertNotNull(in);
 130         in.close();
 131         assertEquals(cldsInfo.getCldsVersion(), prop.getProperty("clds.version"));
 132         assertEquals(cldsInfo.getUserName(), "admin");
 133     }
 134
 135     @Test(expected = NotAuthorizedException.class)
 136     public void isAuthorizedForVfTestNotAuthorized1() throws Exception {
 137         when(userDetails.getUsername()).thenReturn("testName");
 138         when(auth.getPrincipal()).thenReturn(userDetails);
 139         when(securityContext.getAuthentication()).thenReturn(auth);
 140         cldsService.setSecurityContext(securityContext);
 141         boolean res = cldsService.isAuthorizedForVf("testId");
 142         assertThat(res).isTrue();
 143     }
 144
 145     @Test(expected = NotAuthorizedException.class)
 146     public void isAuthorizedForVfTestNotAuthorized2() throws Exception {
 147         when(userDetails.getUsername()).thenReturn("testName");
 148         when(auth.getPrincipal()).thenReturn(userDetails);
 149         authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|prod|*"));
 150         when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
 151         when(securityContext.getAuthentication()).thenReturn(auth);
 152         cldsService.setSecurityContext(securityContext);
 153         boolean res = cldsService.isAuthorizedForVf("testId");
 154         assertThat(res).isTrue();
 155     }
 156
 157     @Test(expected = NotAuthorizedException.class)
 158     public void isAuthorizedForVfTestNotAuthorized3() throws Exception {
 159         when(userDetails.getUsername()).thenReturn("testName");
 160         when(auth.getPrincipal()).thenReturn(userDetails);
 161         authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|testId2"));
 162         when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
 163         when(securityContext.getAuthentication()).thenReturn(auth);
 164         cldsService.setSecurityContext(securityContext);
 165         boolean res = cldsService.isAuthorizedForVf("testId");
 166         assertThat(res).isTrue();
 167     }
 168
 169     @Test(expected = NullPointerException.class)
 170     public void isAuthorizedForVfTestNotAuthorized4() throws Exception {
 171         when(userDetails.getUsername()).thenReturn("testName");
 172         when(auth.getPrincipal()).thenReturn(userDetails);
 173         when(securityContext.getAuthentication()).thenReturn(null);
 174         cldsService.setSecurityContext(securityContext);
 175         boolean res = cldsService.isAuthorizedForVf("testId");
 176         assertThat(res).isTrue();
 177     }
 178
 179     @Test
 180     public void isAuthorizedForVfTest1() throws Exception {
 181         when(userDetails.getUsername()).thenReturn("testName");
 182         when(auth.getPrincipal()).thenReturn(userDetails);
 183         authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|*|*"));
 184         when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
 185         when(securityContext.getAuthentication()).thenReturn(auth);
 186
 187         cldsService.setSecurityContext(securityContext);
 188         boolean res = cldsService.isAuthorizedForVf("testId");
 189         assertThat(res).isTrue();
 190     }
 191
 192     @Test
 193     public void isAuthorizedForVfTest2() throws Exception {
 194         when(userDetails.getUsername()).thenReturn("testName");
 195         when(auth.getPrincipal()).thenReturn(userDetails);
 196         authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|*"));
 197         when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
 198         when(securityContext.getAuthentication()).thenReturn(auth);
 199
 200         cldsService.setSecurityContext(securityContext);
 201         boolean res = cldsService.isAuthorizedForVf("testId");
 202         assertThat(res).isTrue();
 203     }
 204
 205     @Test
 206     public void isAuthorizedForVfTest3() throws Exception {
 207         when(userDetails.getUsername()).thenReturn("testName");
 208         when(auth.getPrincipal()).thenReturn(userDetails);
 209         authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|testId"));
 210         when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
 211         when(securityContext.getAuthentication()).thenReturn(auth);
 212
 213         cldsService.setSecurityContext(securityContext);
 214         boolean res = cldsService.isAuthorizedForVf("testId");
 215         assertThat(res).isTrue();
 216     }
 217
 218     @Test
 219     public void isAuthorizedForVfTest4() throws Exception {
 220         when(userDetails.getUsername()).thenReturn("testName");
 221         when(auth.getPrincipal()).thenReturn(userDetails);
 222         authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|*|testId"));
 223         when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
 224         when(securityContext.getAuthentication()).thenReturn(auth);
 225
 226         cldsService.setSecurityContext(securityContext);
 227         boolean res = cldsService.isAuthorizedForVf("testId");
 228         assertThat(res).isTrue();
 229     }
 230
 231     @Test
 232     public void getUserIdTest() throws Exception {
 233         when(userDetails.getUsername()).thenReturn("testName");
 234         when(auth.getPrincipal()).thenReturn(userDetails);
 235         when(securityContext.getAuthentication()).thenReturn(auth);
 236
 237         cldsService.setSecurityContext(securityContext);
 238         assertThat(cldsService.getUserId()).isEqualTo("testName");
 239     }
 240 }