gerrit.onap Code Review - portal/sdk.git/blob

   1 /*
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal SDK
   4  * ===================================================================
   5  * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  *
   8  * Unless otherwise specified, all software contained herein is licensed
   9  * under the Apache License, Version 2.0 (the "License");
  10  * you may not use this software except in compliance with the License.
  11  * You may obtain a copy of the License at
  12  *
  13  *             http://www.apache.org/licenses/LICENSE-2.0
  14  *
  15  * Unless required by applicable law or agreed to in writing, software
  16  * distributed under the License is distributed on an "AS IS" BASIS,
  17  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18  * See the License for the specific language governing permissions and
  19  * limitations under the License.
  20  *
  21  * Unless otherwise specified, all documentation contained herein is licensed
  22  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  23  * you may not use this documentation except in compliance with the License.
  24  * You may obtain a copy of the License at
  25  *
  26  *             https://creativecommons.org/licenses/by/4.0/
  27  *
  28  * Unless required by applicable law or agreed to in writing, documentation
  29  * distributed under the License is distributed on an "AS IS" BASIS,
  30  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  31  * See the License for the specific language governing permissions and
  32  * limitations under the License.
  33  *
  34  * ============LICENSE_END============================================
  35  *
  36  * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  37  */
  38 package org.onap.portalsdk.core.interceptor;
  39
  40 import javax.servlet.http.HttpServletResponse;
  41 import javax.servlet.http.HttpSession;
  42
  43 import org.junit.Assert;
  44 import org.junit.Test;
  45 import org.junit.runner.RunWith;
  46 import org.mockito.InjectMocks;
  47 import org.mockito.Mockito;
  48 import org.onap.portalsdk.core.controller.FusionBaseController;
  49 import org.onap.portalsdk.core.domain.User;
  50 import org.onap.portalsdk.core.util.SystemProperties;
  51 import org.onap.portalsdk.core.web.support.AppUtils;
  52 import org.onap.portalsdk.core.web.support.UserUtils;
  53 import org.powermock.api.mockito.PowerMockito;
  54 import org.powermock.core.classloader.annotations.PrepareForTest;
  55 import org.powermock.modules.junit4.PowerMockRunner;
  56 import org.springframework.mock.web.MockHttpServletRequest;
  57 import org.springframework.mock.web.MockHttpServletResponse;
  58 import org.springframework.web.method.HandlerMethod;
  59
  60
  61 @RunWith(PowerMockRunner.class)
  62 @PrepareForTest({ AppUtils.class, UserUtils.class, SystemProperties.class })
  63 public class SessionTimeoutInterceptorTest {
  64
  65         @InjectMocks
  66         private SessionTimeoutInterceptor sessionTimeoutInterceptor;
  67
  68         @Test
  69         public void preHandleTest() throws Exception {
  70                 MockHttpServletRequest request = new MockHttpServletRequest();
  71                 HttpServletResponse response = new MockHttpServletResponse();
  72
  73                 request.setRequestURI("xyz/resource");
  74                 HandlerMethod handler = PowerMockito.mock(HandlerMethod.class);
  75                 FusionBaseController controller = PowerMockito.mock(FusionBaseController.class);
  76
  77                 Mockito.when(handler.getBean()).thenReturn(controller);
  78                 Mockito.when(controller.isAccessible()).thenReturn(false);
  79                 Mockito.when(controller.isRESTfulCall()).thenReturn(false);
  80
  81                 PowerMockito.mockStatic(AppUtils.class);
  82                 PowerMockito.mockStatic(UserUtils.class);
  83                 HttpSession session = PowerMockito.mock(HttpSession.class);
  84                 Mockito.when(AppUtils.getSession(request)).thenReturn(session);
  85                 Mockito.when(UserUtils.getUserSession(request)).thenReturn(new User());
  86
  87                 boolean status = sessionTimeoutInterceptor.preHandle(request, response, handler);
  88                 Assert.assertTrue(status);
  89         }
  90
  91         @Test
  92         public void preHandleSecurityExceptionTest() throws Exception {
  93                 MockHttpServletRequest request = new MockHttpServletRequest();
  94                 HttpServletResponse response = new MockHttpServletResponse();
  95
  96                 request.setRequestURI("xyz/resource/logout.htm");
  97                 HandlerMethod handler = PowerMockito.mock(HandlerMethod.class);
  98                 FusionBaseController controller = PowerMockito.mock(FusionBaseController.class);
  99
 100                 Mockito.when(handler.getBean()).thenReturn(controller);
 101                 Mockito.when(controller.isAccessible()).thenReturn(false);
 102                 Mockito.when(controller.isRESTfulCall()).thenReturn(false);
 103
 104                 PowerMockito.mockStatic(AppUtils.class);
 105                 PowerMockito.mockStatic(UserUtils.class);
 106                 HttpSession session = PowerMockito.mock(HttpSession.class);
 107                 Mockito.when(AppUtils.getSession(request)).thenReturn(session);
 108                 Mockito.when(UserUtils.getUserSession(request)).thenReturn(new User());
 109
 110                 boolean status = sessionTimeoutInterceptor.preHandle(request, response, handler);
 111                 Assert.assertFalse(status);
 112         }
 113
 114         @Test
 115         public void preHandleExceptionTest() throws Exception {
 116                 MockHttpServletRequest request = new MockHttpServletRequest();
 117                 HttpServletResponse response = new MockHttpServletResponse();
 118
 119                 request.setRequestURI("xyz/resource");
 120                 HandlerMethod handler = PowerMockito.mock(HandlerMethod.class);
 121                 FusionBaseController controller = PowerMockito.mock(FusionBaseController.class);
 122
 123                 Mockito.when(handler.getBean()).thenReturn(controller);
 124                 Mockito.when(controller.isAccessible()).thenReturn(false);
 125                 Mockito.when(controller.isRESTfulCall()).thenReturn(false);
 126
 127                 PowerMockito.mockStatic(AppUtils.class);
 128                 PowerMockito.mockStatic(UserUtils.class);
 129                 HttpSession session = PowerMockito.mock(HttpSession.class);
 130                 Mockito.when(AppUtils.getSession(request)).thenReturn(session);
 131                 Mockito.when(UserUtils.getUserSession(request)).thenReturn(null);
 132
 133                 boolean status = sessionTimeoutInterceptor.preHandle(request, response, handler);
 134                 Assert.assertFalse(status);
 135         }
 136
 137         @Test(expected = SecurityException.class)
 138         public void validateDomainTest() throws Exception {
 139                 String relativePath = "testUrl";
 140                 String redirectUrl = "http://www.xyz.com/" + relativePath;
 141
 142                 PowerMockito.mockStatic(SystemProperties.class);
 143                 Mockito.when(SystemProperties.getProperty(SystemProperties.COOKIE_DOMAIN)).thenReturn(relativePath);
 144
 145                 sessionTimeoutInterceptor.validateDomain(redirectUrl);
 146         }
 147 }