*
* ============LICENSE_END============================================
*
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ *
*/
package org.onap.portalapp.portal.controller;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import java.io.IOException;
+import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;
-import org.mockito.runners.MockitoJUnitRunner;
-import org.onap.portalapp.portal.controller.FunctionalMenuController;
import org.onap.portalapp.portal.core.MockEPUser;
import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
import org.onap.portalapp.portal.transport.FavoritesFunctionalMenuItem;
import org.onap.portalapp.portal.transport.FavoritesFunctionalMenuItemJson;
import org.onap.portalapp.portal.transport.FieldsValidator;
+import org.onap.portalapp.portal.transport.FieldsValidator.FieldName;
import org.onap.portalapp.portal.transport.FunctionalMenuItem;
import org.onap.portalapp.portal.transport.FunctionalMenuItemWithRoles;
-import org.onap.portalapp.portal.transport.FieldsValidator.FieldName;
import org.onap.portalapp.util.EPUserUtils;
+import org.onap.portalsdk.core.domain.User;
import org.onap.portalsdk.core.service.DataAccessService;
import org.onap.portalsdk.core.util.SystemProperties;
+import org.onap.portalsdk.core.web.support.UserUtils;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;
appRolesActual = mockBusinessCardApplicationRolesList();
Mockito.when(functionalMenuService.getUserAppRolesList(userid)).thenReturn(userAppRoleList);
-
- appRoles = functionalMenuController.getAppList(mockedRequest, userid);
+ User user = new User();
+ user.setOrgUserId(userid);
+ Mockito.when(UserUtils.getUserSession(mockedRequest)).thenReturn(user);
+
+ appRoles = functionalMenuController.getAppList(mockedRequest, mockedResponse, userid);
assertEquals(appRolesActual.size(), appRoles.size());
assertEquals(appRolesActual.get(0).getAppName(), appRoles.get(0).getAppName());
assertEquals(appRolesActual.get(0).getRoleNames(), appRoles.get(0).getRoleNames());
}
+
+ @Test
+ public void getAppListTestForOtherUser() throws IOException {
+
+ userAppRoleList = mockBusinessCardApplicationRole();
+ appRolesActual = mockBusinessCardApplicationRolesList();
+
+ Mockito.when(functionalMenuService.getUserAppRolesList(userid)).thenReturn(userAppRoleList);
+ User user = new User();
+ user.setOrgUserId(userid + "other");
+ Mockito.when(UserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(mockedResponse.getWriter()).thenReturn(new PrintWriter(System.out));
+
+ appRoles = functionalMenuController.getAppList(mockedRequest, mockedResponse, userid);
+ assertNull(appRoles);
+ assertEquals(0, mockedResponse.getStatus());
+
+
+ }
+
+ @Test
+ public void editFunctionalMenuItemXSSTest(){
+ FunctionalMenuItemWithRoles menuItemJson = new FunctionalMenuItemWithRoles();
+ menuItemJson.url = "1<b>tes<img src=‘~‘ onerror=prompt(32)>t_menu";
+ FieldsValidator actualFieldsValidator = new FieldsValidator();
+ FieldsValidator expectedFieldsValidator = new FieldsValidator();
+ List<FieldName> fields = new ArrayList<>();
+ expectedFieldsValidator.setHttpStatusCode(406L);
+ expectedFieldsValidator.setFields(fields);
+ expectedFieldsValidator.setErrorCode(null);
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(true);
+ Mockito.when(functionalMenuService.editFunctionalMenuItem(menuItemJson)).thenReturn(actualFieldsValidator);
+ actualFieldsValidator = functionalMenuController.editFunctionalMenuItem(mockedRequest, menuItemJson, mockedResponse);
+ assertEquals(actualFieldsValidator, expectedFieldsValidator);
+ }
@Test
public void getAppListTestIfAppDoesnotExistsInBusinessCardApplicationRolesList() throws IOException {
businessCardApplicationRolesList.setRoleNames(roleNames1);
appRolesActual.add(businessCardApplicationRolesList);
Mockito.when(functionalMenuService.getUserAppRolesList(userid)).thenReturn(userAppRoleList);
- appRoles = functionalMenuController.getAppList(mockedRequest, userid);
+ User user = new User();
+ user.setOrgUserId(userid);
+ Mockito.when(UserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ appRoles = functionalMenuController.getAppList(mockedRequest, mockedResponse, userid);
assertEquals(appRolesActual.size(), appRoles.size());
assertEquals(appRolesActual.get(0).getAppName(), appRoles.get(0).getAppName());
assertEquals(appRolesActual.get(0).getRoleNames(), appRoles.get(0).getRoleNames());
Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(false);
Mockito.when(functionalMenuService.createFunctionalMenuItem(menuItemJson)).thenReturn(expectedFieldsValidator);
actualFieldsValidator = functionalMenuController.createFunctionalMenuItem(mockedRequest, menuItemJson, mockedResponse);
- assertEquals(actualFieldsValidator, expectedFieldsValidator);
+ assertEquals(expectedFieldsValidator, actualFieldsValidator);
}
@Test
Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(false);
Mockito.when(functionalMenuService.editFunctionalMenuItem(menuItemJson)).thenReturn(actualFieldsValidator);
actualFieldsValidator = functionalMenuController.editFunctionalMenuItem(mockedRequest, menuItemJson, mockedResponse);
- assertEquals(actualFieldsValidator, expectedFieldsValidator);
+ assertEquals(expectedFieldsValidator, actualFieldsValidator);
}
@Test