+++ /dev/null
-/*******************************************************************************\r
- * ============LICENSE_START====================================================\r
- * * org.onap.aaf\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- * * http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- * * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-package org.onap.aaf.authz.service.validation;\r
-\r
-import static org.junit.Assert.assertFalse;\r
-import static org.junit.Assert.assertTrue;\r
-\r
-import java.util.HashSet;\r
-import java.util.Set;\r
-\r
-import org.junit.Before;\r
-import org.junit.Test;\r
-import org.onap.aaf.authz.layer.Result;\r
-import org.onap.aaf.dao.aaf.cass.PermDAO;\r
-import org.onap.aaf.dao.aaf.cass.RoleDAO;\r
-\r
-public class JU_Validator {\r
-\r
- Validator validator;\r
-\r
- @Before\r
- public void setUp() {\r
- validator = new Validator();\r
- }\r
-\r
- @Test\r
- public void test() {\r
- assertTrue(Validator.ACTION_CHARS.matcher("HowdyDoody").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("Howd?yDoody").matches());\r
- assertTrue(Validator.ACTION_CHARS.matcher("_HowdyDoody").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("HowdyDoody").matches());\r
- assertFalse(Validator.INST_CHARS.matcher("Howd?yDoody").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("_HowdyDoody").matches());\r
-\r
- //\r
- assertTrue(Validator.ACTION_CHARS.matcher("*").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("*").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher(":*").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":*").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher(":*:*").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":*:*").matches());\r
-\r
- assertFalse(Validator.ACTION_CHARS.matcher(":hello").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":hello").matches());\r
- assertFalse(Validator.INST_CHARS.matcher("hello:").matches());\r
- assertFalse(Validator.INST_CHARS.matcher("hello:d").matches());\r
-\r
- assertFalse(Validator.ACTION_CHARS.matcher(":hello:*").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":hello:*").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher(":hello:d*:*").matches());\r
- assertFalse(Validator.INST_CHARS.matcher(":hello:d*d:*").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":hello:d*:*").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("HowdyDoody*").matches());\r
- assertFalse(Validator.INST_CHARS.matcher("Howdy*Doody").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("HowdyDoody*").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("*HowdyDoody").matches());\r
- assertFalse(Validator.INST_CHARS.matcher("*HowdyDoody").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher(":h*").matches());\r
- assertFalse(Validator.INST_CHARS.matcher(":h*h*").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":h*").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher(":h:h*:*").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":h:h*:*").matches());\r
- assertFalse(Validator.INST_CHARS.matcher(":h:h*h:*").matches());\r
- assertFalse(Validator.INST_CHARS.matcher(":h:h*h*:*").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher(":h:*:*h").matches());\r
- assertFalse(Validator.INST_CHARS.matcher(":h:*:*h").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":com.test.*:ns:*").matches());\r
-\r
- assertFalse(Validator.ACTION_CHARS.matcher("1234+235gd").matches());\r
- assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd").matches());\r
- assertTrue(Validator.ACTION_CHARS.matcher("1234-23_5gd").matches());\r
- assertTrue(Validator.ACTION_CHARS.matcher("1234-235g,d").matches());\r
- assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd(Version12)").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("1234-23 5gd").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("1234-235gd ").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher(" 1234-235gd").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher(" ").matches());\r
-\r
- // Allow % and = (Needed for Escaping & Base64 usages) jg\r
- assertTrue(Validator.ACTION_CHARS.matcher("1234%235g=d").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher(":1234%235g=d").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("1234%235g=d").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:%20==").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:=%23").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:*:=%23").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:*").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":*:==%20:*").matches());\r
-\r
- // Allow / instead of : (more natural instance expression) jg\r
- assertFalse(Validator.INST_CHARS.matcher("1234/a").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("/1234/a").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("/1234/*/a/").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("/1234//a").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("1234/a").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("/1234/*/a/").matches());\r
- assertFalse(Validator.ACTION_CHARS.matcher("1234//a").matches());\r
-\r
- assertFalse(Validator.INST_CHARS.matcher("1234+235gd").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("1234-235gd").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("1234-23_5gd").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("1234-235g,d").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("m1234@shb.dd.com").matches());\r
- assertTrue(Validator.INST_CHARS.matcher("1234-235gd(Version12)").matches());\r
- assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());\r
- assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());\r
- assertFalse(Validator.INST_CHARS.matcher("").matches());\r
-\r
- for (char c = 0x20; c < 0x7F; ++c) {\r
- boolean b;\r
- switch (c) {\r
- case '?':\r
- case '|':\r
- case '*':\r
- continue; // test separately\r
- case '~':\r
- case ',':\r
- b = false;\r
- break;\r
- default:\r
- b = true;\r
- }\r
- }\r
-\r
- assertFalse(Validator.ID_CHARS.matcher("abc").matches());\r
- assertFalse(Validator.ID_CHARS.matcher("").matches());\r
- assertTrue(Validator.ID_CHARS.matcher("abc@att.com").matches());\r
- assertTrue(Validator.ID_CHARS.matcher("ab-me@att.com").matches());\r
- assertTrue(Validator.ID_CHARS.matcher("ab-me_.x@att._-com").matches());\r
-\r
- assertFalse(Validator.NAME_CHARS.matcher("ab-me_.x@att._-com").matches());\r
- assertTrue(Validator.NAME_CHARS.matcher("ab-me").matches());\r
- assertTrue(Validator.NAME_CHARS.matcher("ab-me_.xatt._-com").matches());\r
-\r
- // 7/22/2016\r
- assertTrue(Validator.INST_CHARS.matcher("/!com.att.*/role/write").matches());\r
- assertTrue(Validator.INST_CHARS.matcher(":!com.att.*:role:write").matches());\r
-\r
- }\r
-\r
- @Test\r
- public void permNotOk() {\r
-\r
- Result<PermDAO.Data> rpd = Result.err(1, "ERR_Security");\r
-\r
- validator.perm(rpd);\r
- assertTrue(validator.errs().equals("ERR_Security\n"));\r
-\r
- }\r
-\r
- @Test\r
- public void permOkNull() {\r
-\r
- Result rpd = Result.ok();\r
-\r
- validator.perm(rpd);\r
- assertTrue(validator.errs().equals("Perm Data is null.\n"));\r
-\r
- }\r
-\r
- @Test\r
- public void roleOkNull() {\r
-\r
- Result rrd = Result.ok();\r
-\r
- validator.role(rrd);\r
- assertTrue(validator.errs().equals("Role Data is null.\n"));\r
- }\r
-\r
- @Test\r
- public void roleOk() {\r
- RoleDAO.Data to = new RoleDAO.Data();\r
- to.ns = "namespace";\r
- to.name = "name";\r
- to.description = "description";\r
- Set<String> permissions = new HashSet<String>();\r
- permissions.add("perm1");\r
- to.perms = permissions;\r
-\r
- Result<RoleDAO.Data> rrd = Result.ok(to);\r
-\r
- validator.role(rrd);\r
- assertTrue(\r
- validator.errs().equals("Perm [perm1] in Role [namespace.name] is not correctly separated with '|'\n"));\r
- }\r
-\r
- @Test\r
- public void roleNotOk() {\r
-\r
- Result rrd = Result.err(1, "ERR_Security");\r
-\r
- validator.role(rrd);\r
- assertTrue(validator.errs().equals("ERR_Security\n"));\r
- }\r
-\r
-}\r