X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Ftest%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FRoleManageControllerTest.java;h=9673cb2c077c6bb63e1a95bac964a183f19af99d;hb=37f9e0c51405b634fea0d9fadafdb7d55190233d;hp=d7f64c1d5d35c33ac3aa71411c087b4048cebab4;hpb=2445bfc7b28e0156014f03e75c7d3f55628cc0e7;p=portal.git
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RoleManageControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RoleManageControllerTest.java
index d7f64c1d..9673cb2c 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RoleManageControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RoleManageControllerTest.java
@@ -4,6 +4,8 @@
* ===================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
* ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
*
* Unless otherwise specified, all software contained herein is licensed
* under the Apache License, Version 2.0 (the "License");
@@ -33,7 +35,7 @@
*
* ============LICENSE_END============================================
*
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ *
*/
package org.onap.portalapp.portal.controller;
@@ -76,6 +78,7 @@ import org.onap.portalapp.portal.domain.EPApp;
import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
+import org.onap.portalapp.portal.ecomp.model.UploadRoleFunctionExtSystem;
import org.onap.portalapp.portal.framework.MockitoTestSuite;
import org.onap.portalapp.portal.service.AdminRolesService;
import org.onap.portalapp.portal.service.EPAppService;
@@ -142,6 +145,8 @@ public class RoleManageControllerTest {
NullPointerException nullPointerException = new NullPointerException();
MockEPUser mockUser = new MockEPUser();
+ private DelegatingServletInputStream dsi;
+
@Test
public void removeRoleRoleFunctionTest() throws Exception {
@@ -365,6 +370,48 @@ public class RoleManageControllerTest {
assertEquals(expected, actual);
}
+ @Test
+ public void saveRoleFunctionXSSTest() throws Exception {
+ PowerMockito.mockStatic(EPUserUtils.class);
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true);
+ Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
+ Mockito.doNothing().when(roleFunctionListController).saveRoleFunction(mockedRequest, mockedResponse, "test");
+ CentralV2RoleFunction addNewFunc = new CentralV2RoleFunction();
+ addNewFunc.setCode("â>");
+ addNewFunc.setType("Test");
+ addNewFunc.setAction("Test");
+ addNewFunc.setName("Test");
+ CentralV2RoleFunction roleFunction = mockCentralRoleFunction();
+ roleFunction.setCode("Test|Test|Test");
+ Mockito.when(externalAccessRolesService.getRoleFunction("Test|Test|Test", "test")).thenReturn(roleFunction);
+ Mockito.when(externalAccessRolesService.saveCentralRoleFunction(Matchers.anyObject(), Matchers.anyObject()))
+ .thenReturn(true);
+ Mockito.when(EcompPortalUtils.getFunctionCode(roleFunction.getCode())).thenReturn("Test");
+ Mockito.when(EcompPortalUtils.getFunctionType(roleFunction.getCode())).thenReturn("Test");
+ Mockito.when(EcompPortalUtils.getFunctionAction(roleFunction.getCode())).thenReturn("Test");
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ List userList = new ArrayList<>();
+ userList.add(user);
+ List appList = new ArrayList<>();
+ appList.add(CentralApp());
+ Mockito.when(externalAccessRolesService.getUser("guestT")).thenReturn(userList);
+ StringWriter sw = new StringWriter();
+ PrintWriter writer = new PrintWriter(sw);
+ Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
+ ResponseEntity response = new ResponseEntity<>(HttpStatus.OK);
+ Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response);
+ Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList);
+ PortalRestResponse actual = roleManageController.saveRoleFunction(mockedRequest, mockedResponse,
+ addNewFunc, (long) 1);
+ PortalRestResponse expected = new PortalRestResponse(PortalRestStatusEnum.ERROR,
+ "Data is not valid", "ERROR");
+ assertEquals(expected, actual);
+ }
+
@Test
public void saveRoleFunctionExceptionTest() throws Exception {
Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
@@ -415,6 +462,36 @@ public class RoleManageControllerTest {
assertEquals(expected, actual);
}
+ @Test
+ public void removeRoleFunctionXSSTest() throws Exception {
+ PowerMockito.mockStatic(EPUserUtils.class);
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true);
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp());
+ String roleFun = "";
+ CentralV2RoleFunction roleFunction = mockCentralRoleFunction();
+ Mockito.when(externalAccessRolesService.getRoleFunction("Test|Test|Test", "test")).thenReturn(roleFunction);
+ StringWriter sw = new StringWriter();
+ PrintWriter writer = new PrintWriter(sw);
+ Mockito.when(mockedResponse.getWriter()).thenReturn(writer);
+ Mockito.when(externalAccessRolesService.deleteCentralRoleFunction(Matchers.anyString(), Matchers.anyObject()))
+ .thenReturn(true);
+ List appList = new ArrayList<>();
+ appList.add(CentralApp());
+ ResponseEntity response = new ResponseEntity<>(HttpStatus.OK);
+ Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response);
+ Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList);
+ PortalRestResponse actual = roleManageController.removeRoleFunction(mockedRequest, mockedResponse,
+ roleFun, (long) 1);
+ PortalRestResponse expected = new PortalRestResponse(PortalRestStatusEnum.ERROR,
+ "Data is not valid", "ERROR");
+ assertEquals(expected, actual);
+ }
+
@Test
public void removeRoleFunctionExceptionTest() throws Exception {
EPUser user = mockUser.mockEPUser();
@@ -472,6 +549,9 @@ public class RoleManageControllerTest {
@Test
public void syncRolesException() throws Exception {
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, null)).thenReturn(true);
Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
PortalRestResponse actual = roleManageController.syncRoles(mockedRequest, mockedResponse, 1l);
PortalRestResponse portalRestResponse = new PortalRestResponse<>();
@@ -481,6 +561,18 @@ public class RoleManageControllerTest {
assertEquals(portalRestResponse, actual);
}
+ @Test
+ public void syncRolesUserNullException() throws Exception {
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(null);
+ Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
+ PortalRestResponse actual = roleManageController.syncRoles(mockedRequest, mockedResponse, 1l);
+ PortalRestResponse portalRestResponse = new PortalRestResponse<>();
+ portalRestResponse.setMessage("Unauthorized User");
+ portalRestResponse.setResponse("Failure");
+ portalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+ assertEquals(portalRestResponse, actual);
+ }
+
@Test
public void syncRolesFunctionsTest() throws Exception {
PowerMockito.mockStatic(EPUserUtils.class);
@@ -508,7 +600,10 @@ public class RoleManageControllerTest {
@Test
public void syncRolesFunctionsException() throws Exception {
- Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
+ EPUser user = mockUser.mockEPUser();
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+ Mockito.when(adminRolesService.isAccountAdminOfApplication(user, null)).thenReturn(true);
+ Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
PortalRestResponse actual = roleManageController.syncFunctions(mockedRequest, mockedResponse, 1l);
PortalRestResponse portalRestResponse = new PortalRestResponse<>();
portalRestResponse.setMessage(null);
@@ -517,6 +612,18 @@ public class RoleManageControllerTest {
assertEquals(portalRestResponse, actual);
}
+ @Test
+ public void syncRolesFunctionsUserNullException() throws Exception {
+ Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(null);
+ Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException);
+ PortalRestResponse actual = roleManageController.syncFunctions(mockedRequest, mockedResponse, 1l);
+ PortalRestResponse portalRestResponse = new PortalRestResponse<>();
+ portalRestResponse.setMessage("Unauthorized User");
+ portalRestResponse.setResponse("Failure");
+ portalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+ assertEquals(portalRestResponse, actual);
+ }
+
@Test
public void addChildRoleTest() throws Exception {
ModelAndView modelandView = new ModelAndView("login.htm");
@@ -595,8 +702,9 @@ public class RoleManageControllerTest {
roleJson2.put("roleFunctions", roleFunctions);
ObjectMapper mapper = new ObjectMapper();
JsonNode actualObj = mapper.readTree(roleJson2.toString());
- Mockito.when(mockedRequest.getInputStream()).thenReturn(new DelegatingServletInputStream(
- new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8))));
+ dsi = new DelegatingServletInputStream(
+ new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8)));
+ Mockito.when(mockedRequest.getInputStream()).thenReturn(dsi);
Mockito.when(mockedRequest.getReader()).thenReturn(new BufferedReader(new StringReader(actualObj.toString())));
Mockito.when(mockedRequest.getContentType()).thenReturn("application/json");
Mockito.when(mockedRequest.getCharacterEncoding()).thenReturn("UTF-8");
@@ -647,8 +755,9 @@ public class RoleManageControllerTest {
roleJson2.put("roleFunctions", roleFunctions);
ObjectMapper mapper = new ObjectMapper();
JsonNode actualObj = mapper.readTree(roleJson2.toString());
- Mockito.when(mockedRequest.getInputStream()).thenReturn(new DelegatingServletInputStream(
- new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8))));
+ dsi = new DelegatingServletInputStream(
+ new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8)));
+ Mockito.when(mockedRequest.getInputStream()).thenReturn(dsi);
Mockito.when(mockedRequest.getReader()).thenReturn(new BufferedReader(new StringReader(actualObj.toString())));
Mockito.when(mockedRequest.getContentType()).thenReturn("application/json");
Mockito.when(mockedRequest.getCharacterEncoding()).thenReturn("UTF-8");
@@ -701,8 +810,9 @@ public class RoleManageControllerTest {
roleJson2.put("roleFunctions", roleFunctions);
ObjectMapper mapper = new ObjectMapper();
JsonNode actualObj = mapper.readTree(roleJson2.toString());
- Mockito.when(mockedRequest.getInputStream()).thenReturn(new DelegatingServletInputStream(
- new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8))));
+ dsi = new DelegatingServletInputStream(
+ new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8)));
+ Mockito.when(mockedRequest.getInputStream()).thenReturn(dsi);
Mockito.when(mockedRequest.getReader()).thenReturn(new BufferedReader(new StringReader(actualObj.toString())));
Mockito.when(mockedRequest.getContentType()).thenReturn("application/json");
Mockito.when(mockedRequest.getCharacterEncoding()).thenReturn("UTF-8");
@@ -870,6 +980,13 @@ public class RoleManageControllerTest {
List actual = roleManageController.getCentralizedAppRoles(mockedRequest, mockedResponse, user.getOrgUserId());
assertEquals(cenApps.size(), actual.size());
}
+
+ @Test
+ public void getCentralizedAppRolesXSSTest() throws IOException {
+ String id = ("");
+ List actual = roleManageController.getCentralizedAppRoles(mockedRequest, mockedResponse, id);
+ assertNull(actual);
+ }
@Test
public void getCentralizedAppRolesExceptionTest() throws IOException {
@@ -885,6 +1002,16 @@ public class RoleManageControllerTest {
List actual = roleManageController.getCentralizedAppRoles(mockedRequest, mockedResponse, user.getOrgUserId());
assertNull(actual);
}
+
+ @Test
+ public void bulkUploadRoleFuncUserNullTest() {
+ UploadRoleFunctionExtSystem data = Mockito.mock(UploadRoleFunctionExtSystem.class);
+ Mockito.when(appService.getApp(127L)).thenReturn(null);
+ PortalRestResponse response = roleManageController.bulkUploadRoleFunc(mockedRequest, mockedResponse, data, 127L);
+ assertEquals(PortalRestStatusEnum.ERROR, response.getStatus());
+ assertEquals("Unauthorized User", response.getMessage());
+ assertEquals("Failure", response.getResponse());
+ }
public CentralV2RoleFunction mockCentralRoleFunction() {
CentralV2RoleFunction roleFunction = new CentralV2RoleFunction();