--- /dev/null
+/*******************************************************************************\r
+ * ============LICENSE_START====================================================\r
+ * * org.onap.aaf\r
+ * * ===========================================================================\r
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
+ * * ===========================================================================\r
+ * * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * * you may not use this file except in compliance with the License.\r
+ * * You may obtain a copy of the License at\r
+ * * \r
+ * * http://www.apache.org/licenses/LICENSE-2.0\r
+ * * \r
+ * * Unless required by applicable law or agreed to in writing, software\r
+ * * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * * See the License for the specific language governing permissions and\r
+ * * limitations under the License.\r
+ * * ============LICENSE_END====================================================\r
+ * *\r
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+ * *\r
+ ******************************************************************************/\r
+package org.onap.aaf.authz.service.validation;\r
+\r
+import static org.junit.Assert.assertEquals;\r
+import static org.junit.Assert.assertFalse;\r
+import static org.junit.Assert.assertTrue;\r
+\r
+import org.junit.Before;\r
+import org.junit.Test;\r
+import org.onap.aaf.authz.cadi.DirectAAFLur.PermPermission;\r
+import org.onap.aaf.authz.env.AuthzTrans;\r
+import org.onap.aaf.authz.layer.Result;\r
+import org.onap.aaf.authz.org.Organization;\r
+import org.onap.aaf.authz.service.validation.Validator;\r
+import org.onap.aaf.dao.aaf.cass.CredDAO;\r
+import org.onap.aaf.dao.aaf.cass.DelegateDAO;\r
+import org.onap.aaf.dao.aaf.cass.Namespace;\r
+import org.onap.aaf.dao.aaf.cass.PermDAO;\r
+import org.onap.aaf.dao.aaf.cass.RoleDAO;\r
+import org.onap.aaf.dao.aaf.cass.UserRoleDAO;\r
+\r
+public class JU_Validator {\r
+ \r
+ @Before\r
+ public void setUp(){\r
+ Validator validator = new Validator();\r
+ }\r
+\r
+\r
+ @Test\r
+ public void test() {\r
+ assertTrue(Validator.ACTION_CHARS.matcher("HowdyDoody").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("Howd?yDoody").matches());\r
+ assertTrue(Validator.ACTION_CHARS.matcher("_HowdyDoody").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("HowdyDoody").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher("Howd?yDoody").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("_HowdyDoody").matches());\r
+\r
+ // \r
+ assertTrue(Validator.ACTION_CHARS.matcher("*").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("*").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher(":*").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":*").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher(":*:*").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":*:*").matches());\r
+ \r
+ assertFalse(Validator.ACTION_CHARS.matcher(":hello").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":hello").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher("hello:").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher("hello:d").matches());\r
+\r
+ assertFalse(Validator.ACTION_CHARS.matcher(":hello:*").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":hello:*").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher(":hello:d*:*").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher(":hello:d*d:*").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":hello:d*:*").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("HowdyDoody*").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher("Howdy*Doody").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("HowdyDoody*").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("*HowdyDoody").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher("*HowdyDoody").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher(":h*").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher(":h*h*").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":h*").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher(":h:h*:*").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":h:h*:*").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher(":h:h*h:*").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher(":h:h*h*:*").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher(":h:*:*h").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher(":h:*:*h").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":com.test.*:ns:*").matches());\r
+\r
+ \r
+ assertFalse(Validator.ACTION_CHARS.matcher("1234+235gd").matches());\r
+ assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd").matches());\r
+ assertTrue(Validator.ACTION_CHARS.matcher("1234-23_5gd").matches());\r
+ assertTrue(Validator.ACTION_CHARS.matcher("1234-235g,d").matches());\r
+ assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd(Version12)").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("1234-23 5gd").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("1234-235gd ").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher(" 1234-235gd").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher(" ").matches());\r
+\r
+ // Allow % and = (Needed for Escaping & Base64 usages) jg \r
+ assertTrue(Validator.ACTION_CHARS.matcher("1234%235g=d").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher(":1234%235g=d").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("1234%235g=d").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:%20==").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:=%23").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:*:=%23").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:*").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(":*:==%20:*").matches());\r
+\r
+ // Allow / instead of : (more natural instance expression) jg \r
+ assertFalse(Validator.INST_CHARS.matcher("1234/a").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("/1234/a").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("/1234/*/a/").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("/1234//a").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("1234/a").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("/1234/*/a/").matches());\r
+ assertFalse(Validator.ACTION_CHARS.matcher("1234//a").matches());\r
+\r
+\r
+ assertFalse(Validator.INST_CHARS.matcher("1234+235gd").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("1234-235gd").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("1234-23_5gd").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("1234-235g,d").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("m1234@shb.dd.com").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher("1234-235gd(Version12)").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());\r
+ assertFalse(Validator.INST_CHARS.matcher("").matches());\r
+\r
+ \r
+ for( char c=0x20;c<0x7F;++c) {\r
+ boolean b;\r
+ switch(c) {\r
+ case '?':\r
+ case '|':\r
+ case '*':\r
+ continue; // test separately\r
+ case '~':\r
+ case ',':\r
+ b = false;\r
+ break;\r
+ default:\r
+ b=true;\r
+ }\r
+ }\r
+ \r
+ assertFalse(Validator.ID_CHARS.matcher("abc").matches());\r
+ assertFalse(Validator.ID_CHARS.matcher("").matches());\r
+ assertTrue(Validator.ID_CHARS.matcher("abc@att.com").matches());\r
+ assertTrue(Validator.ID_CHARS.matcher("ab-me@att.com").matches());\r
+ assertTrue(Validator.ID_CHARS.matcher("ab-me_.x@att._-com").matches());\r
+ \r
+ assertFalse(Validator.NAME_CHARS.matcher("ab-me_.x@att._-com").matches());\r
+ assertTrue(Validator.NAME_CHARS.matcher("ab-me").matches());\r
+ assertTrue(Validator.NAME_CHARS.matcher("ab-me_.xatt._-com").matches());\r
+\r
+ \r
+ // 7/22/2016\r
+ assertTrue(Validator.INST_CHARS.matcher(\r
+ "/!com.att.*/role/write").matches());\r
+ assertTrue(Validator.INST_CHARS.matcher(\r
+ ":!com.att.*:role:write").matches());\r
+\r
+ }\r
+\r
+}\r