2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END============================================
20 * ===================================================================
24 package org.onap.clamp.clds.it;
26 import static org.assertj.core.api.Assertions.assertThat;
27 import static org.junit.Assert.assertEquals;
28 import static org.junit.Assert.assertFalse;
29 import static org.junit.Assert.assertNotNull;
30 import static org.junit.Assert.assertTrue;
31 import static org.mockito.Mockito.mock;
32 import static org.mockito.Mockito.when;
34 import java.io.IOException;
35 import java.io.InputStream;
36 import java.util.LinkedList;
37 import java.util.List;
38 import java.util.Properties;
40 import javax.servlet.http.HttpServletRequest;
41 import javax.ws.rs.NotAuthorizedException;
43 import org.junit.Before;
44 import org.junit.Test;
45 import org.junit.runner.RunWith;
46 import org.mockito.Matchers;
47 import org.mockito.Mockito;
48 import org.onap.clamp.clds.model.CldsInfo;
49 import org.onap.clamp.clds.service.CldsService;
50 import org.onap.clamp.clds.util.LoggingUtils;
51 import org.springframework.beans.factory.annotation.Autowired;
52 import org.springframework.boot.test.context.SpringBootTest;
53 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
54 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
55 import org.springframework.security.core.Authentication;
56 import org.springframework.security.core.GrantedAuthority;
57 import org.springframework.security.core.authority.SimpleGrantedAuthority;
58 import org.springframework.security.core.context.SecurityContext;
59 import org.springframework.security.core.userdetails.User;
60 import org.springframework.security.core.userdetails.UserDetails;
61 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
64 * Test HTTP and HTTPS settings + redirection of HTTP to HTTPS.
66 @RunWith(SpringJUnit4ClassRunner.class)
67 @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
68 public class CldsServiceItCase {
71 private CldsService cldsService;
73 private LoggingUtils util;
74 private SecurityContext securityContext = mock(SecurityContext.class);
75 private Authentication auth = Mockito.mock(Authentication.class);
76 private UserDetails userDetails = Mockito.mock(UserDetails.class);
77 private List<GrantedAuthority> authorityList = new LinkedList<GrantedAuthority>();
79 * Setup the variable before the tests execution.
81 * @throws IOException In case of issues when opening the files
84 public void setupBefore() throws IOException {
85 util = Mockito.mock(LoggingUtils.class);
86 Mockito.doNothing().when(util).entering(Matchers.any(HttpServletRequest.class), Matchers.any(String.class));
87 cldsService.setLoggingUtil(util);
92 public void testCldsInfoNotAuthorized() {
93 Mockito.when(userDetails.getUsername()).thenReturn("admin");
94 Mockito.when(securityContext.getAuthentication()).thenReturn(auth);
95 Mockito.when(auth.getPrincipal()).thenReturn(userDetails);
97 cldsService.setSecurityContext(securityContext);
98 CldsInfo cldsInfo = cldsService.getCldsInfo();
99 assertFalse(cldsInfo.isPermissionReadCl());
100 assertFalse(cldsInfo.isPermissionReadTemplate());
101 assertFalse(cldsInfo.isPermissionUpdateCl());
102 assertFalse(cldsInfo.isPermissionUpdateTemplate());
106 public void testCldsInfoAuthorized() throws Exception {
107 List<GrantedAuthority> authList = new LinkedList<GrantedAuthority>();
108 authList.add(new SimpleGrantedAuthority("permission-type-cl-manage|dev|*"));
109 authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|read"));
110 authList.add(new SimpleGrantedAuthority("permission-type-cl|dev|update"));
111 authList.add(new SimpleGrantedAuthority("permission-type-template|dev|read"));
112 authList.add(new SimpleGrantedAuthority("permission-type-template|dev|update"));
113 authList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|*"));
114 authList.add(new SimpleGrantedAuthority("permission-type-cl-event|dev|*"));
115 Authentication authentication;
116 authentication = new UsernamePasswordAuthenticationToken(new User("admin", "", authList), "", authList);
118 Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
120 cldsService.setSecurityContext(securityContext);
121 CldsInfo cldsInfo = cldsService.getCldsInfo();
122 assertTrue(cldsInfo.isPermissionReadCl());
123 assertTrue(cldsInfo.isPermissionReadTemplate());
124 assertTrue(cldsInfo.isPermissionUpdateCl());
125 assertTrue(cldsInfo.isPermissionUpdateTemplate());
126 Properties prop = new Properties();
127 InputStream in = Thread.currentThread().getContextClassLoader().getResourceAsStream("clds-version.properties");
131 assertEquals(cldsInfo.getCldsVersion(), prop.getProperty("clds.version"));
132 assertEquals(cldsInfo.getUserName(), "admin");
135 @Test(expected = NotAuthorizedException.class)
136 public void isAuthorizedForVfTestNotAuthorized1() throws Exception {
137 when(userDetails.getUsername()).thenReturn("testName");
138 when(auth.getPrincipal()).thenReturn(userDetails);
139 when(securityContext.getAuthentication()).thenReturn(auth);
140 cldsService.setSecurityContext(securityContext);
141 boolean res = cldsService.isAuthorizedForVf("testId");
142 assertThat(res).isTrue();
145 @Test(expected = NotAuthorizedException.class)
146 public void isAuthorizedForVfTestNotAuthorized2() throws Exception {
147 when(userDetails.getUsername()).thenReturn("testName");
148 when(auth.getPrincipal()).thenReturn(userDetails);
149 authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|prod|*"));
150 when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
151 when(securityContext.getAuthentication()).thenReturn(auth);
152 cldsService.setSecurityContext(securityContext);
153 boolean res = cldsService.isAuthorizedForVf("testId");
154 assertThat(res).isTrue();
157 @Test(expected = NotAuthorizedException.class)
158 public void isAuthorizedForVfTestNotAuthorized3() throws Exception {
159 when(userDetails.getUsername()).thenReturn("testName");
160 when(auth.getPrincipal()).thenReturn(userDetails);
161 authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|testId2"));
162 when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
163 when(securityContext.getAuthentication()).thenReturn(auth);
164 cldsService.setSecurityContext(securityContext);
165 boolean res = cldsService.isAuthorizedForVf("testId");
166 assertThat(res).isTrue();
169 @Test(expected = NullPointerException.class)
170 public void isAuthorizedForVfTestNotAuthorized4() throws Exception {
171 when(userDetails.getUsername()).thenReturn("testName");
172 when(auth.getPrincipal()).thenReturn(userDetails);
173 when(securityContext.getAuthentication()).thenReturn(null);
174 cldsService.setSecurityContext(securityContext);
175 boolean res = cldsService.isAuthorizedForVf("testId");
176 assertThat(res).isTrue();
180 public void isAuthorizedForVfTest1() throws Exception {
181 when(userDetails.getUsername()).thenReturn("testName");
182 when(auth.getPrincipal()).thenReturn(userDetails);
183 authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|*|*"));
184 when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
185 when(securityContext.getAuthentication()).thenReturn(auth);
187 cldsService.setSecurityContext(securityContext);
188 boolean res = cldsService.isAuthorizedForVf("testId");
189 assertThat(res).isTrue();
193 public void isAuthorizedForVfTest2() throws Exception {
194 when(userDetails.getUsername()).thenReturn("testName");
195 when(auth.getPrincipal()).thenReturn(userDetails);
196 authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|*"));
197 when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
198 when(securityContext.getAuthentication()).thenReturn(auth);
200 cldsService.setSecurityContext(securityContext);
201 boolean res = cldsService.isAuthorizedForVf("testId");
202 assertThat(res).isTrue();
206 public void isAuthorizedForVfTest3() throws Exception {
207 when(userDetails.getUsername()).thenReturn("testName");
208 when(auth.getPrincipal()).thenReturn(userDetails);
209 authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|dev|testId"));
210 when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
211 when(securityContext.getAuthentication()).thenReturn(auth);
213 cldsService.setSecurityContext(securityContext);
214 boolean res = cldsService.isAuthorizedForVf("testId");
215 assertThat(res).isTrue();
219 public void isAuthorizedForVfTest4() throws Exception {
220 when(userDetails.getUsername()).thenReturn("testName");
221 when(auth.getPrincipal()).thenReturn(userDetails);
222 authorityList.add(new SimpleGrantedAuthority("permission-type-filter-vf|*|testId"));
223 when((List<GrantedAuthority>)auth.getAuthorities()).thenReturn(authorityList);
224 when(securityContext.getAuthentication()).thenReturn(auth);
226 cldsService.setSecurityContext(securityContext);
227 boolean res = cldsService.isAuthorizedForVf("testId");
228 assertThat(res).isTrue();
232 public void getUserIdTest() throws Exception {
233 when(userDetails.getUsername()).thenReturn("testName");
234 when(auth.getPrincipal()).thenReturn(userDetails);
235 when(securityContext.getAuthentication()).thenReturn(auth);
237 cldsService.setSecurityContext(securityContext);
238 assertThat(cldsService.getUserId()).isEqualTo("testName");