import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;
-import org.onap.portalapp.portal.controller.AppsController;
import org.onap.portalapp.portal.core.MockEPUser;
import org.onap.portalapp.portal.domain.AdminUserApplications;
import org.onap.portalapp.portal.domain.AppIdAndNameTransportModel;
import org.onap.portalapp.portal.domain.EPApp;
import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.domain.EcompApp;
+import org.onap.portalapp.portal.domain.EpAppType;
import org.onap.portalapp.portal.domain.UserRole;
import org.onap.portalapp.portal.domain.UserRoles;
import org.onap.portalapp.portal.framework.MockitoTestSuite;
import org.onap.portalapp.portal.transport.FieldsValidator;
import org.onap.portalapp.portal.transport.LocalRole;
import org.onap.portalapp.portal.transport.OnboardingApp;
-import org.onap.portalapp.portal.utils.EcompPortalUtils;
import org.onap.portalapp.util.EPUserUtils;
import org.onap.portalsdk.core.util.SystemProperties;
import org.onap.portalsdk.core.web.support.AppUtils;
public class AppsControllerTest extends MockitoTestSuite{
@InjectMocks
- AppsController appsController = new AppsController();
+ AppsController appsController;
@Mock
AdminRolesService adminRolesService = new AdminRolesServiceImpl();
MockEPUser mockUser = new MockEPUser();
+ @Test
+ public void putOnboardingAppXSSTest() {
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ OnboardingApp onboardingApp = new OnboardingApp();
+ onboardingApp.setUebTopicName("test<img src=‘~‘ onerror=prompt(123)>");
+ Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(true);
+ Mockito.when(appService.modifyOnboardingApp(onboardingApp, user)).thenReturn(null);
+ Mockito.when(mockedResponse.getStatus()).thenReturn(200);
+ FieldsValidator actualFieldValidator = appsController.putOnboardingApp(mockedRequest, onboardingApp,
+ mockedResponse);
+ assertNull(actualFieldValidator);
+ }
+
+ @Test
+ public void postOnboardingAppXSSTest() {
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ OnboardingApp onboardingApp = new OnboardingApp();
+ onboardingApp.setUebKey("test<img src=‘~‘ onerror=prompt(123)>");
+ Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(true);
+ Mockito.when(appService.addOnboardingApp(onboardingApp, user)).thenReturn(null);
+ FieldsValidator actualFieldValidator = appsController.postOnboardingApp(mockedRequest, onboardingApp,
+ mockedResponse);
+ assertNull(actualFieldValidator);
+ }
+
@Test
public void getUserAppsTest() {
EPUser user = mockUser.mockEPUser();
app.setName("Test");
app.setImageUrl("test");
- app.setDescription("test");
- app.setNotes("test");
- app.setUrl("test");
+ app.setAppDescription("test");
+ app.setAppNotes("test");
+ app.setLandingPage("test");
app.setId((long) 1);
app.setAppRestEndpoint("test");
- app.setAlternateUrl("test");
+ app.setAlternateLandingPage("test");
app.setName("test");
app.setMlAppName("test");
app.setMlAppAdminId("test");
- app.setUsername("test");
- app.setAppPassword("test");
+ app.setAppBasicAuthUsername("test");
+ app.setAppBasicAuthPassword("test");
app.setOpen(false);
app.setEnabled(false);
app.setUebKey("test");
app.setUebSecret("test");
app.setUebTopicName("test");
- app.setAppType(1);
+ app.setAppType(EpAppType.GUI);
expectedApps.add(app);
app.setName("Test");
app.setImageUrl("test");
- app.setDescription("test");
- app.setNotes("test");
- app.setUrl("test");
+ app.setAppDescription("test");
+ app.setAppNotes("test");
+ app.setLandingPage("test");
app.setId((long) 1);
app.setAppRestEndpoint("test");
- app.setAlternateUrl("test");
+ app.setAlternateLandingPage("test");
app.setName("test");
app.setMlAppName("test");
app.setMlAppAdminId("test");
- app.setUsername("test");
- app.setAppPassword("test");
+ app.setAppBasicAuthUsername("test");
+ app.setAppBasicAuthPassword("test");
app.setOpen(false);
app.setEnabled(false);
app.setUebKey("test");
app.setUebSecret("test");
app.setUebTopicName("test");
- app.setAppType(1);
+ app.setAppType(EpAppType.GUI);
expectedApps.add(app);
assertEquals(actualFieldValidator, expectedFieldValidator);
}
+ @Test
+ public void putUserAppsSortingManualXSSTest() {
+ EPUser user = mockUser.mockEPUser();
+ EPAppsManualPreference preference = new EPAppsManualPreference();
+ preference.setHeaderText("<script>alert(\"hellox worldss\");</script>");
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ List<EPAppsManualPreference> ePAppsManualPreference = new ArrayList<>();
+ FieldsValidator expectedFieldValidator = new FieldsValidator();
+ expectedFieldValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE);
+ ePAppsManualPreference.add(preference);
+ Mockito.when(appService.saveAppsSortManual(ePAppsManualPreference, user)).thenReturn(expectedFieldValidator);
+ FieldsValidator actualFieldValidator = appsController.putUserAppsSortingManual(mockedRequest, ePAppsManualPreference,
+ mockedResponse);
+ assertEquals(actualFieldValidator, expectedFieldValidator);
+ }
+
+ @Test
+ public void putUserWidgetsSortManualXSSTest() {
+ EPUser user = mockUser.mockEPUser();
+ EPWidgetsSortPreference preference = new EPWidgetsSortPreference();
+ preference.setHeaderText("<script>alert(\"hellox worldss\");</script>");
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ List<EPWidgetsSortPreference> ePAppsManualPreference = new ArrayList<>();
+ FieldsValidator expectedFieldValidator = new FieldsValidator();
+ expectedFieldValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE);
+ ePAppsManualPreference.add(preference);
+ Mockito.when(appService.saveWidgetsSortManual(ePAppsManualPreference, user)).thenReturn(expectedFieldValidator);
+ FieldsValidator actualFieldValidator = appsController.putUserWidgetsSortManual(mockedRequest, ePAppsManualPreference,
+ mockedResponse);
+ assertEquals(expectedFieldValidator, actualFieldValidator);
+ }
+
@Test
public void putUserAppsSortingManualExceptionTest() throws IOException {
EPUser user = mockUser.mockEPUser();
}
@Test
- public void putUserWidgetsSortPrefTest() throws IOException {
+ public void putUserWidgetsSortPrefTest() {
EPUser user = mockUser.mockEPUser();
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
List<EPWidgetsSortPreference> ePWidgetsSortPreference = new ArrayList<EPWidgetsSortPreference>();
assertEquals(actualFieldValidator, expectedFieldValidator);
}
+ @Test
+ public void putUserWidgetsSortPrefXSSTest() {
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ List<EPWidgetsSortPreference> ePWidgetsSortPreference = new ArrayList<>();
+ EPWidgetsSortPreference preference = new EPWidgetsSortPreference();
+ preference.setHeaderText("<script>alert(\"hellox worldss\");</script>");
+ ePWidgetsSortPreference.add(preference);
+ FieldsValidator expectedFieldValidator = new FieldsValidator();
+ expectedFieldValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
+ FieldsValidator actualFieldValidator;
+ Mockito.when(appService.deleteUserWidgetSortPref(ePWidgetsSortPreference, user))
+ .thenReturn(expectedFieldValidator);
+ actualFieldValidator = appsController.putUserWidgetsSortPref(mockedRequest, ePWidgetsSortPreference,
+ mockedResponse);
+ assertEquals(actualFieldValidator, expectedFieldValidator);
+ }
+
@Test
public void putUserWidgetsSortPrefExceptionTest() throws IOException {
EPUser user = mockUser.mockEPUser();
assertEquals(actualFieldValidator, expectedFieldValidator);
}
+ @Test
+ public void putUserAppsSortingPreferenceXSSTest() {
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ EPAppsSortPreference userAppsValue = new EPAppsSortPreference();
+ userAppsValue.setTitle("</script><script>alert(1)</script>");
+ FieldsValidator expectedFieldValidator = new FieldsValidator();
+ expectedFieldValidator.setHttpStatusCode((long) HttpServletResponse.SC_NOT_ACCEPTABLE);
+ expectedFieldValidator.setFields(null);
+ expectedFieldValidator.setErrorCode(null);
+ FieldsValidator actualFieldValidator;
+ Mockito.when(appService.saveAppsSortPreference(userAppsValue, user)).thenReturn(expectedFieldValidator);
+ actualFieldValidator = appsController.putUserAppsSortingPreference(mockedRequest, userAppsValue,
+ mockedResponse);
+ assertEquals(actualFieldValidator, expectedFieldValidator);
+ }
+
@Test
public void putUserAppsSortingPreferenceExceptionTest() throws IOException {
EPUser user = mockUser.mockEPUser();
EPUser user = mockUser.mockEPUser();
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
OnboardingApp OnboardingApp = new OnboardingApp();
- OnboardingApp.isCentralAuth = true;
- OnboardingApp.nameSpace = "test1";
+ OnboardingApp.setRolesInAAF(true);
+ OnboardingApp.setNameSpace("test1");
FieldsValidator expectedFieldValidator = new FieldsValidator();
expectedFieldValidator.setHttpStatusCode((long) 200);
expectedFieldValidator.setFields(null);
expectedFieldValidator.setErrorCode(null);
EPApp OnboardingApp1 = new EPApp();
- OnboardingApp1.setCentralAuth(false);
+ OnboardingApp1.setRolesInAAF(false);
OnboardingApp1.setNameSpace("test");
Mockito.when(appService.getApp(Matchers.anyLong())).thenReturn(OnboardingApp1);
Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(true);
EPUser user = mockUser.mockEPUser();
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
OnboardingApp onboardingApp = new OnboardingApp();
- onboardingApp.isCentralAuth = true;
- onboardingApp.nameSpace = "com.test1";
+ onboardingApp.setRolesInAAF(true);
+ onboardingApp.setNameSpace("com.test1");
EPApp app = new EPApp();
app.setNameSpace("com.test ");
FieldsValidator expectedFieldValidator = new FieldsValidator();
EPUser user = mockUser.mockEPUser();
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
OnboardingApp onboardingApp = new OnboardingApp();
- onboardingApp.isCentralAuth = false;
- onboardingApp.nameSpace = "com.test1";
+ onboardingApp.setRolesInAAF(false);
+ onboardingApp.setNameSpace("com.test1");
EPApp app = new EPApp();
- app.setCentralAuth(false);
+ app.setRolesInAAF(false);
app.setNameSpace("com.test ");
FieldsValidator expectedFieldValidator = new FieldsValidator();
expectedFieldValidator.setHttpStatusCode((long) 404);
EPUser user = mockUser.mockEPUser();
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
OnboardingApp onboardingApp = new OnboardingApp();
- onboardingApp.isCentralAuth = true;
- onboardingApp.nameSpace = "com.test1";
+ onboardingApp.setRolesInAAF(true);
+ onboardingApp.setNameSpace("com.test1");
EPApp app = new EPApp();
app.setNameSpace("com.test ");
FieldsValidator expectedFieldValidator = new FieldsValidator();
EPApp app = new EPApp();
app.setName("Test");
app.setImageUrl("test");
- app.setDescription("test");
- app.setNotes("test");
- app.setUrl("test");
+ app.setAppDescription("test");
+ app.setAppNotes("test");
+ app.setLandingPage("test");
app.setId((long) 1);
- app.setAppType(1);
+ app.setAppType(EpAppType.GUI);
app.setImageUrl("www.ecomp.com");
app.setThumbnail(new byte[] {1, 6, 3});
Mockito.when(appService.getApp((long) 1)).thenReturn(app);
EPApp app = new EPApp();
app.setName("Test");
app.setImageUrl("test");
- app.setDescription("test");
- app.setNotes("test");
- app.setUrl("test");
+ app.setAppDescription("test");
+ app.setAppNotes("test");
+ app.setLandingPage("test");
app.setId((long) 1);
- app.setAppType(1);
+ app.setAppType(EpAppType.GUI);
app.setImageUrl("www.ecomp.png");
app.setThumbnail(new byte[] {1, 6, 3});
Mockito.when(appService.getApp((long) 1)).thenReturn(app);
Code Review / portal.git / blobdiff