* ===================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
* ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
*
* Unless otherwise specified, all software contained herein is licensed
* under the Apache License, Version 2.0 (the "License");
*
* ============LICENSE_END============================================
*
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ *
*/
package org.onap.portalapp.portal.controller;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
-
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.Map;
import java.util.SortedSet;
import java.util.TreeSet;
-
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-
import org.json.simple.JSONObject;
import org.junit.Before;
import org.junit.Test;
import org.onap.portalapp.portal.domain.CentralizedApp;
import org.onap.portalapp.portal.domain.EPApp;
import org.onap.portalapp.portal.domain.EPUser;
+import org.onap.portalapp.portal.domain.EpAppType;
import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
+import org.onap.portalapp.portal.ecomp.model.UploadRoleFunctionExtSystem;
import org.onap.portalapp.portal.framework.MockitoTestSuite;
import org.onap.portalapp.portal.service.AdminRolesService;
import org.onap.portalapp.portal.service.EPAppService;
import org.springframework.http.ResponseEntity;
import org.springframework.mock.web.DelegatingServletInputStream;
import org.springframework.web.servlet.ModelAndView;
-
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
NullPointerException nullPointerException = new NullPointerException();
MockEPUser mockUser = new MockEPUser();
+ private DelegatingServletInputStream dsi;
+
@Test
public void removeRoleRoleFunctionTest() throws Exception {
@Test
public void getRoleIfRoleIdNullTest() throws Exception {
+ EPApp app = mockApp();
+ app.setRolesInAAF(true);
PowerMockito.mockStatic(EPUserUtils.class);
PowerMockito.mockStatic(EcompPortalUtils.class);
EPUser user = mockUser.mockEPUser();
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true);
- Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
- Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true);
+ Mockito.when(appService.getApp((long) 1)).thenReturn(app);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, app)).thenReturn(true);
List<EPApp> apps = new ArrayList<>();
- apps.add(CentralApp());
- Mockito.when(externalAccessRolesService.getApp(CentralApp().getUebKey())).thenReturn(apps);
+ apps.add(app);
+ Mockito.when(externalAccessRolesService.getApp(app.getUebKey())).thenReturn(apps);
ResponseEntity<String> result = new ResponseEntity<>(HttpStatus.OK);
Mockito.when(externalAccessRolesService.getNameSpaceIfExists(apps.get(0))).thenReturn(result);
- CentralV2Role answer = new CentralV2Role();
+ CentralV2Role answer = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role();
Mockito.when(externalAccessRolesService.getRoleInfo((long) 1, "test")).thenReturn(answer);
List<CentralV2RoleFunction> finalRoleFunctionList = new ArrayList<>();
Mockito.when(externalAccessRolesService.getRoleFuncList("test")).thenReturn(finalRoleFunctionList);
PrintWriter writer = new PrintWriter(sw);
Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
List<EPApp> appList = new ArrayList<>();
- appList.add(CentralApp());
+ appList.add(app);
ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response);
Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList);
@Test(expected = Exception.class)
public void getRoleExceptionTest() throws Exception {
Mockito.when(appService.getApp((long) 1)).thenReturn(mockApp());
- CentralV2Role answer = new CentralV2Role();
+ CentralV2Role answer = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role();
Mockito.when(externalAccessRolesService.getRoleInfo((long) 1, "test")).thenReturn(answer);
Mockito.when(externalAccessRolesService.getRoleFuncList("test")).thenThrow(nullPointerException);
roleManageController.getRole(mockedRequest, mockedResponse, (long) 1, null);
@Test
public void getRoleIfRoleIdNotNullTest() throws Exception {
Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
- CentralV2Role answer = new CentralV2Role();
+ CentralV2Role answer = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role();
Mockito.when(externalAccessRolesService.getRoleInfo((long) 1, "test")).thenReturn(answer);
List<CentralV2RoleFunction> finalRoleFunctionList = new ArrayList<>();
Mockito.when(externalAccessRolesService.getRoleFuncList("test")).thenReturn(finalRoleFunctionList);
StringWriter sw = new StringWriter();
PrintWriter writer = new PrintWriter(sw);
Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
- CentralV2Role currentRole = new CentralV2Role();
+ CentralV2Role currentRole = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role();
SortedSet<CentralV2Role> parentRoles = new TreeSet<>();
- CentralV2Role centralV2Role = new CentralV2Role();
+ CentralV2Role centralV2Role = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role();
centralV2Role.setName("test");
parentRoles.add(centralV2Role);
currentRole.setParentRoles(parentRoles);
app.setName("Test");
app.setImageUrl("test");
- app.setDescription("test");
- app.setNotes("test");
- app.setUrl("test");
+ app.setAppDescription("test");
+ app.setAppNotes("test");
+ app.setLandingPage("test");
app.setId((long) 1);
app.setAppRestEndpoint("test");
- app.setAlternateUrl("test");
+ app.setAlternateLandingPage("test");
app.setName("test");
app.setMlAppName("test");
app.setMlAppAdminId("test");
- app.setUsername("test");
- app.setAppPassword("test");
+ app.setAppBasicAuthUsername("test");
+ app.setAppBasicAuthPassword("test");
app.setOpen(false);
app.setEnabled(false);
app.setUebKey("test");
app.setUebSecret("test");
app.setUebTopicName("test");
- app.setAppType(1);
+ app.setAppType(EpAppType.GUI);
+ app.setModeOfIntegration("test");
+ app.setAppAck(false);
+ app.setUsesCadi(false);
return app;
}
@Test
public void getRolesTest() throws Exception {
EPApp app = mockApp();
- app.setCentralAuth(true);
+ app.setRolesInAAF(true);
PowerMockito.mockStatic(EPUserUtils.class);
PowerMockito.mockStatic(EcompPortalUtils.class);
EPUser user = mockUser.mockEPUser();
@Test
public void getRoleFunctionListTest() throws Exception {
+ EPApp app = mockApp();
+ app.setRolesInAAF(true);
PowerMockito.mockStatic(EPUserUtils.class);
PowerMockito.mockStatic(EcompPortalUtils.class);
EPUser user = mockUser.mockEPUser();
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true);
- Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true);
- Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, app)).thenReturn(true);
+
+ Mockito.when(appService.getApp((long) 1)).thenReturn(app);
List<CentralV2RoleFunction> answer = new ArrayList<>();
Mockito.when(externalAccessRolesService.getRoleFuncList("test")).thenReturn(answer);
StringWriter sw = new StringWriter();
@Test
public void saveRoleFunctionTest() throws Exception {
+ EPApp app = mockApp();
+ app.setRolesInAAF(true);
PowerMockito.mockStatic(EPUserUtils.class);
PowerMockito.mockStatic(EcompPortalUtils.class);
EPUser user = mockUser.mockEPUser();
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true);
- Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true);
- Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, app)).thenReturn(true);
+ Mockito.when(appService.getApp((long) 1)).thenReturn(app);
Mockito.doNothing().when(roleFunctionListController).saveRoleFunction(mockedRequest, mockedResponse, "test");
CentralV2RoleFunction addNewFunc = new CentralV2RoleFunction();
addNewFunc.setCode("Test");
List<EPUser> userList = new ArrayList<>();
userList.add(user);
List<EPApp> appList = new ArrayList<>();
- appList.add(CentralApp());
+ appList.add(app);
Mockito.when(externalAccessRolesService.getUser("guestT")).thenReturn(userList);
StringWriter sw = new StringWriter();
PrintWriter writer = new PrintWriter(sw);
assertEquals(expected, actual);
}
+ @Test
+ public void saveRoleFunctionXSSTest() throws Exception {
+ PowerMockito.mockStatic(EPUserUtils.class);
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true);
+ Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
+ Mockito.doNothing().when(roleFunctionListController).saveRoleFunction(mockedRequest, mockedResponse, "test");
+ CentralV2RoleFunction addNewFunc = new CentralV2RoleFunction();
+ addNewFunc.setCode("“><script>alert(“XSS”)</script>");
+ addNewFunc.setType("Test");
+ addNewFunc.setAction("Test");
+ addNewFunc.setName("Test");
+ CentralV2RoleFunction roleFunction = mockCentralRoleFunction();
+ roleFunction.setCode("Test|Test|Test");
+ Mockito.when(externalAccessRolesService.getRoleFunction("Test|Test|Test", "test")).thenReturn(roleFunction);
+ Mockito.when(externalAccessRolesService.saveCentralRoleFunction(Matchers.anyObject(), Matchers.anyObject()))
+ .thenReturn(true);
+ Mockito.when(EcompPortalUtils.getFunctionCode(roleFunction.getCode())).thenReturn("Test");
+ Mockito.when(EcompPortalUtils.getFunctionType(roleFunction.getCode())).thenReturn("Test");
+ Mockito.when(EcompPortalUtils.getFunctionAction(roleFunction.getCode())).thenReturn("Test");
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ List<EPUser> userList = new ArrayList<>();
+ userList.add(user);
+ List<EPApp> appList = new ArrayList<>();
+ appList.add(CentralApp());
+ Mockito.when(externalAccessRolesService.getUser("guestT")).thenReturn(userList);
+ StringWriter sw = new StringWriter();
+ PrintWriter writer = new PrintWriter(sw);
+ Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
+ ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
+ Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response);
+ Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList);
+ PortalRestResponse<String> actual = roleManageController.saveRoleFunction(mockedRequest, mockedResponse,
+ addNewFunc, (long) 1);
+ PortalRestResponse<String> expected = new PortalRestResponse<String>(PortalRestStatusEnum.ERROR,
+ "Data is not valid", "ERROR");
+ assertEquals(expected, actual);
+ }
+
@Test
public void saveRoleFunctionExceptionTest() throws Exception {
Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
@Test
public void removeRoleFunctionTest() throws Exception {
+ EPApp app = mockApp();
+ app.setRolesInAAF(true);
PowerMockito.mockStatic(EPUserUtils.class);
PowerMockito.mockStatic(EcompPortalUtils.class);
EPUser user = mockUser.mockEPUser();
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true);
- Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, app)).thenReturn(true);
Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
- Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
+ Mockito.when(appService.getApp((long) 1)).thenReturn(app);
String roleFun = "{\"name\":\"Test\",\"type\":\"Test\",\"action\":\"Test\", \"code\":\"Test\"}";
CentralV2RoleFunction roleFunction = mockCentralRoleFunction();
Mockito.when(externalAccessRolesService.getRoleFunction("Test|Test|Test", "test")).thenReturn(roleFunction);
Mockito.when(externalAccessRolesService.deleteCentralRoleFunction(Matchers.anyString(), Matchers.anyObject()))
.thenReturn(true);
List<EPApp> appList = new ArrayList<>();
- appList.add(CentralApp());
+ appList.add(app);
ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response);
Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList);
assertEquals(expected, actual);
}
+ @Test
+ public void removeRoleFunctionXSSTest() throws Exception {
+ PowerMockito.mockStatic(EPUserUtils.class);
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true);
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
+ String roleFun = "<script>alert(/XSS”)</script>";
+ CentralV2RoleFunction roleFunction = mockCentralRoleFunction();
+ Mockito.when(externalAccessRolesService.getRoleFunction("Test|Test|Test", "test")).thenReturn(roleFunction);
+ StringWriter sw = new StringWriter();
+ PrintWriter writer = new PrintWriter(sw);
+ Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
+ Mockito.when(externalAccessRolesService.deleteCentralRoleFunction(Matchers.anyString(), Matchers.anyObject()))
+ .thenReturn(true);
+ List<EPApp> appList = new ArrayList<>();
+ appList.add(CentralApp());
+ ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
+ Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response);
+ Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList);
+ PortalRestResponse<String> actual = roleManageController.removeRoleFunction(mockedRequest, mockedResponse,
+ roleFun, (long) 1);
+ PortalRestResponse<String> expected = new PortalRestResponse<String>(PortalRestStatusEnum.ERROR,
+ "Data is not valid", "ERROR");
+ assertEquals(expected, actual);
+ }
+
@Test
public void removeRoleFunctionExceptionTest() throws Exception {
EPUser user = mockUser.mockEPUser();
@Test
public void removeRoleFunctionIfAppNotCentralizedTest() throws Exception {
EPApp app = mockApp();
- app.setCentralAuth(false);
+ app.setRolesInAAF(false);
Mockito.when(appService.getApp((long) 1)).thenReturn(app);
String roleFun = "{\"name\":\"Test\",\"code\":\"Test\"}";
roleManageController.removeRoleFunction(mockedRequest, mockedResponse, roleFun, (long) 1);
@Test
public void syncRolesException() throws Exception {
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, null)).thenReturn(true);
Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
PortalRestResponse<String> actual = roleManageController.syncRoles(mockedRequest, mockedResponse, 1l);
PortalRestResponse<String> portalRestResponse = new PortalRestResponse<>();
assertEquals(portalRestResponse, actual);
}
+ @Test
+ public void syncRolesUserNullException() throws Exception {
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(null);
+ Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
+ PortalRestResponse<String> actual = roleManageController.syncRoles(mockedRequest, mockedResponse, 1l);
+ PortalRestResponse<String> portalRestResponse = new PortalRestResponse<>();
+ portalRestResponse.setMessage("Unauthorized User");
+ portalRestResponse.setResponse("Failure");
+ portalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+ assertEquals(portalRestResponse, actual);
+ }
+
@Test
public void syncRolesFunctionsTest() throws Exception {
PowerMockito.mockStatic(EPUserUtils.class);
@Test
public void syncRolesFunctionsException() throws Exception {
- Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, null)).thenReturn(true);
+ Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
PortalRestResponse<String> actual = roleManageController.syncFunctions(mockedRequest, mockedResponse, 1l);
PortalRestResponse<String> portalRestResponse = new PortalRestResponse<>();
portalRestResponse.setMessage(null);
assertEquals(portalRestResponse, actual);
}
+ @Test
+ public void syncRolesFunctionsUserNullException() throws Exception {
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(null);
+ Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
+ PortalRestResponse<String> actual = roleManageController.syncFunctions(mockedRequest, mockedResponse, 1l);
+ PortalRestResponse<String> portalRestResponse = new PortalRestResponse<>();
+ portalRestResponse.setMessage("Unauthorized User");
+ portalRestResponse.setResponse("Failure");
+ portalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+ assertEquals(portalRestResponse, actual);
+ }
+
@Test
public void addChildRoleTest() throws Exception {
ModelAndView modelandView = new ModelAndView("login.htm");
roleJson2.put("roleFunctions", roleFunctions);
ObjectMapper mapper = new ObjectMapper();
JsonNode actualObj = mapper.readTree(roleJson2.toString());
- Mockito.when(mockedRequest.getInputStream()).thenReturn(new DelegatingServletInputStream(
- new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8))));
+ dsi = new DelegatingServletInputStream(
+ new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8)));
+ Mockito.when(mockedRequest.getInputStream()).thenReturn(dsi);
Mockito.when(mockedRequest.getReader()).thenReturn(new BufferedReader(new StringReader(actualObj.toString())));
Mockito.when(mockedRequest.getContentType()).thenReturn("application/json");
Mockito.when(mockedRequest.getCharacterEncoding()).thenReturn("UTF-8");
.thenReturn(externalRequestFieldsValidator);
Map<String, Object> actual = roleManageController.saveRole(mockedRequest, mockedResponse, CentralApp().getId());
final Map<String, Object> expected = new HashMap<>();
- expected.put("role", new CentralV2Role(null, "test"));
+ expected.put("role",
+ new CentralV2Role.CentralV2RoleBuilder().setId(null).setName("test").createCentralV2Role());
expected.put("status", "Success");
assertEquals(expected, actual);
}
roleJson2.put("roleFunctions", roleFunctions);
ObjectMapper mapper = new ObjectMapper();
JsonNode actualObj = mapper.readTree(roleJson2.toString());
- Mockito.when(mockedRequest.getInputStream()).thenReturn(new DelegatingServletInputStream(
- new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8))));
+ dsi = new DelegatingServletInputStream(
+ new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8)));
+ Mockito.when(mockedRequest.getInputStream()).thenReturn(dsi);
Mockito.when(mockedRequest.getReader()).thenReturn(new BufferedReader(new StringReader(actualObj.toString())));
Mockito.when(mockedRequest.getContentType()).thenReturn("application/json");
Mockito.when(mockedRequest.getCharacterEncoding()).thenReturn("UTF-8");
ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(true, "");
Mockito.when(externalAccessRolesService.saveRoleForApplication(Matchers.any(), Matchers.any()))
.thenReturn(externalRequestFieldsValidator);
- CentralV2Role cenV2Role = new CentralV2Role(1l, "test1");
+ CentralV2Role cenV2Role =
+ new CentralV2Role.CentralV2RoleBuilder().setId(1l).setName("test1").createCentralV2Role();
cenV2Role.setActive(true);
Mockito.when(externalAccessRolesService.getRoleInfo(Matchers.anyLong(), Matchers.any())).thenReturn(cenV2Role);
Map<String, Object> actual = roleManageController.saveRole(mockedRequest, mockedResponse, CentralApp().getId());
roleJson2.put("roleFunctions", roleFunctions);
ObjectMapper mapper = new ObjectMapper();
JsonNode actualObj = mapper.readTree(roleJson2.toString());
- Mockito.when(mockedRequest.getInputStream()).thenReturn(new DelegatingServletInputStream(
- new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8))));
+ dsi = new DelegatingServletInputStream(
+ new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8)));
+ Mockito.when(mockedRequest.getInputStream()).thenReturn(dsi);
Mockito.when(mockedRequest.getReader()).thenReturn(new BufferedReader(new StringReader(actualObj.toString())));
Mockito.when(mockedRequest.getContentType()).thenReturn("application/json");
Mockito.when(mockedRequest.getCharacterEncoding()).thenReturn("UTF-8");
Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList);
ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response);
- CentralV2Role role = new CentralV2Role(1l, "test");
+ CentralV2Role role = new CentralV2Role.CentralV2RoleBuilder().setId(1l).setName("test").createCentralV2Role();
role.setActive(true);
Role currentRole = new Role();
currentRole.setName("test");
Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList);
ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK);
Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response);
- CentralV2Role role = new CentralV2Role(1l, "test");
+ CentralV2Role role = new CentralV2Role.CentralV2RoleBuilder().setId(1l).setName("test").createCentralV2Role();
role.setActive(true);
Role currentRole = new Role();
currentRole.setName("test");
List<CentralizedApp> actual = roleManageController.getCentralizedAppRoles(mockedRequest, mockedResponse, user.getOrgUserId());
assertEquals(cenApps.size(), actual.size());
}
+
+ @Test
+ public void getCentralizedAppRolesXSSTest() throws IOException {
+ String id = ("<ScRipT>alert(\"XSS\");</ScRipT>");
+ List<CentralizedApp> actual = roleManageController.getCentralizedAppRoles(mockedRequest, mockedResponse, id);
+ assertNull(actual);
+ }
@Test
public void getCentralizedAppRolesExceptionTest() throws IOException {
List<CentralizedApp> actual = roleManageController.getCentralizedAppRoles(mockedRequest, mockedResponse, user.getOrgUserId());
assertNull(actual);
}
+
+ @Test
+ public void bulkUploadRoleFuncUserNullTest() {
+ UploadRoleFunctionExtSystem data = Mockito.mock(UploadRoleFunctionExtSystem.class);
+ Mockito.when(appService.getApp(127L)).thenReturn(null);
+ PortalRestResponse<String> response = roleManageController.bulkUploadRoleFunc(mockedRequest, mockedResponse, data, 127L);
+ assertEquals(PortalRestStatusEnum.ERROR, response.getStatus());
+ assertEquals("Unauthorized User", response.getMessage());
+ assertEquals("Failure", response.getResponse());
+ }
public CentralV2RoleFunction mockCentralRoleFunction() {
CentralV2RoleFunction roleFunction = new CentralV2RoleFunction();
public EPApp CentralApp() {
EPApp app = mockApp();
- app.setCentralAuth(true);
+ app.setRolesInAAF(true);
app.setNameSpace("com.test");
return app;
}
public EPApp NonCentralApp() {
EPApp app = mockApp();
- app.setCentralAuth(false);
+ app.setRolesInAAF(false);
return app;
}
Code Review / portal.git / blobdiff