AppsControllerExternalRequest class fix

[portal.git] / ecomp-portal-BE-common / src / test / java / org / onap / portalapp / portal / controller / AppsControllerExternalRequestTest.java

diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequestTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequestTest.java
index 847d474..4535cf1 100644 (file)
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequestTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequestTest.java
@@ -51,7 +51,6 @@ import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.Mockito;
 import org.mockito.MockitoAnnotations;
-import org.onap.portalapp.portal.controller.AppsControllerExternalRequest;
 import org.onap.portalapp.portal.core.MockEPUser;
 import org.onap.portalapp.portal.domain.EPApp;
 import org.onap.portalapp.portal.domain.EPUser;
@@ -82,7 +81,7 @@ public class AppsControllerExternalRequestTest extends MockitoTestSuite {
        UserService userService = new UserServiceImpl();
 
        @InjectMocks
-       AppsControllerExternalRequest appsControllerExternalRequest = new AppsControllerExternalRequest();
+       AppsControllerExternalRequest appsControllerExternalRequest;
 
        @Before
        public void setup() {
@@ -132,6 +131,24 @@ public class AppsControllerExternalRequestTest extends MockitoTestSuite {
                assertEquals(actualPortalRestResponse, expectedportalRestResponse);
        }
 
+       @Test
+       public void postPortalAdminXSSTest() {
+               PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+               expectedportalRestResponse.setMessage("Data is not valid");
+               expectedportalRestResponse.setResponse(null);
+               PortalRestStatusEnum portalRestStatusEnum = null;
+               expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+               EPUser user = mockUser.mockEPUser();
+               user.setEmail("“><script>alert(“XSS”)</script>");
+               user.setLoginPwd("pwd");
+               user.setLoginId("Test");
+               Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+               Mockito.when(userService.getUserByUserId(user.getOrgUserId())).thenThrow(nullPointerException);
+               PortalRestResponse<String> actualPortalRestResponse = appsControllerExternalRequest
+                       .postPortalAdmin(mockedRequest, mockedResponse, user);
+               assertEquals(expectedportalRestResponse, actualPortalRestResponse);
+       }
+
        @Test
        public void postPortalAdminCreateUserIfNotFoundTest() throws Exception {
                PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
@@ -276,6 +293,36 @@ public class AppsControllerExternalRequestTest extends MockitoTestSuite {
 
        }
 
+       @Test
+       public void postOnboardAppExternalXSSTest() {
+               PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+               expectedportalRestResponse.setMessage(
+                       "Data is not valid");
+               expectedportalRestResponse.setResponse(null);
+               PortalRestStatusEnum portalRestStatusEnum = null;
+               expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+
+               OnboardingApp expectedOnboardingApp = new OnboardingApp();;
+               expectedOnboardingApp.name = "test";
+               expectedOnboardingApp.url="test.com";
+               expectedOnboardingApp.restUrl="<script>alert(/XSS”)</script>";
+               expectedOnboardingApp.myLoginsAppOwner="testUser";
+               expectedOnboardingApp.restrictedApp=false;
+               expectedOnboardingApp.isOpen=true;
+               expectedOnboardingApp.isEnabled=true;
+               EPUser user = mockUser.mockEPUser();
+               user.setEmail("guestT@test.portal.onap.org");
+               user.setLoginPwd("pwd");
+               user.setLoginId("Test");
+               List<EPUser> expectedList = new ArrayList<EPUser>();
+               expectedList.add(user);
+
+               PortalRestResponse<String> actualPortalRestResponse = appsControllerExternalRequest
+                       .postOnboardAppExternal(mockedRequest, mockedResponse, expectedOnboardingApp);
+               assertEquals(expectedportalRestResponse, actualPortalRestResponse);
+
+       }
+
        @Test
        public void putOnboardAppExternalifAppNullTest() {
                PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
@@ -292,6 +339,38 @@ public class AppsControllerExternalRequestTest extends MockitoTestSuite {
                assertEquals(actualPortalRestResponse, expectedportalRestResponse);
        }
 
+       @Test
+       public void putOnboardAppExternalXSSTest() {
+               PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+               expectedportalRestResponse.setMessage(
+                       "Data is not valid");
+               expectedportalRestResponse.setResponse(null);
+               PortalRestStatusEnum portalRestStatusEnum = null;
+               expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+
+               OnboardingApp expectedOnboardingApp = new OnboardingApp();;
+               expectedOnboardingApp.name = "test";
+               expectedOnboardingApp.url="test.com";
+               expectedOnboardingApp.restUrl="<script>alert(/XSS”)</script>";
+               expectedOnboardingApp.myLoginsAppOwner="testUser";
+               expectedOnboardingApp.restrictedApp=false;
+               expectedOnboardingApp.isOpen=true;
+               expectedOnboardingApp.isEnabled=true;
+               EPUser user = mockUser.mockEPUser();
+               user.setEmail("guestT@test.portal.onap.org");
+               user.setLoginPwd("pwd");
+               user.setLoginId("Test");
+               List<EPUser> expectedList = new ArrayList<EPUser>();
+               expectedList.add(user);
+
+               Long appId = (long) 1;
+
+               PortalRestResponse<String> actualPortalRestResponse = appsControllerExternalRequest
+                       .putOnboardAppExternal(mockedRequest, mockedResponse, appId, expectedOnboardingApp);
+               assertEquals(expectedportalRestResponse, actualPortalRestResponse);
+
+       }
+
        @Test
        public void putOnboardAppExternalIfOnboardingAppDetailsNullTest() {
                PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();