X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Ftest%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FRoleManageControllerTest.java;h=bbc842a64ebd1f8a4d9b730af0f054a0463ae6be;hb=HEAD;hp=d7f64c1d5d35c33ac3aa71411c087b4048cebab4;hpb=2445bfc7b28e0156014f03e75c7d3f55628cc0e7;p=portal.git diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RoleManageControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RoleManageControllerTest.java index d7f64c1d..bbc842a6 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RoleManageControllerTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/RoleManageControllerTest.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -33,13 +35,12 @@ * * ============LICENSE_END============================================ * - * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * */ package org.onap.portalapp.portal.controller; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNull; - import java.io.BufferedReader; import java.io.ByteArrayInputStream; import java.io.IOException; @@ -53,10 +54,8 @@ import java.util.List; import java.util.Map; import java.util.SortedSet; import java.util.TreeSet; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - import org.json.simple.JSONObject; import org.junit.Before; import org.junit.Test; @@ -74,8 +73,10 @@ import org.onap.portalapp.portal.domain.CentralV2RoleFunction; import org.onap.portalapp.portal.domain.CentralizedApp; import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalapp.portal.domain.EPUser; +import org.onap.portalapp.portal.domain.EpAppType; import org.onap.portalapp.portal.ecomp.model.PortalRestResponse; import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum; +import org.onap.portalapp.portal.ecomp.model.UploadRoleFunctionExtSystem; import org.onap.portalapp.portal.framework.MockitoTestSuite; import org.onap.portalapp.portal.service.AdminRolesService; import org.onap.portalapp.portal.service.EPAppService; @@ -93,7 +94,6 @@ import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.mock.web.DelegatingServletInputStream; import org.springframework.web.servlet.ModelAndView; - import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; @@ -142,6 +142,8 @@ public class RoleManageControllerTest { NullPointerException nullPointerException = new NullPointerException(); MockEPUser mockUser = new MockEPUser(); + private DelegatingServletInputStream dsi; + @Test public void removeRoleRoleFunctionTest() throws Exception { @@ -169,19 +171,21 @@ public class RoleManageControllerTest { @Test public void getRoleIfRoleIdNullTest() throws Exception { + EPApp app = mockApp(); + app.setRolesInAAF(true); PowerMockito.mockStatic(EPUserUtils.class); PowerMockito.mockStatic(EcompPortalUtils.class); EPUser user = mockUser.mockEPUser(); Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true); - Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp()); - Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true); + Mockito.when(appService.getApp((long) 1)).thenReturn(app); + Mockito.when(adminRolesService.isAccountAdminOfApplication(user, app)).thenReturn(true); List apps = new ArrayList<>(); - apps.add(CentralApp()); - Mockito.when(externalAccessRolesService.getApp(CentralApp().getUebKey())).thenReturn(apps); + apps.add(app); + Mockito.when(externalAccessRolesService.getApp(app.getUebKey())).thenReturn(apps); ResponseEntity result = new ResponseEntity<>(HttpStatus.OK); Mockito.when(externalAccessRolesService.getNameSpaceIfExists(apps.get(0))).thenReturn(result); - CentralV2Role answer = new CentralV2Role(); + CentralV2Role answer = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role(); Mockito.when(externalAccessRolesService.getRoleInfo((long) 1, "test")).thenReturn(answer); List finalRoleFunctionList = new ArrayList<>(); Mockito.when(externalAccessRolesService.getRoleFuncList("test")).thenReturn(finalRoleFunctionList); @@ -190,7 +194,7 @@ public class RoleManageControllerTest { PrintWriter writer = new PrintWriter(sw); Mockito.when(mockedResponse.getWriter()).thenReturn(writer); List appList = new ArrayList<>(); - appList.add(CentralApp()); + appList.add(app); ResponseEntity response = new ResponseEntity<>(HttpStatus.OK); Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response); Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList); @@ -200,7 +204,7 @@ public class RoleManageControllerTest { @Test(expected = Exception.class) public void getRoleExceptionTest() throws Exception { Mockito.when(appService.getApp((long) 1)).thenReturn(mockApp()); - CentralV2Role answer = new CentralV2Role(); + CentralV2Role answer = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role(); Mockito.when(externalAccessRolesService.getRoleInfo((long) 1, "test")).thenReturn(answer); Mockito.when(externalAccessRolesService.getRoleFuncList("test")).thenThrow(nullPointerException); roleManageController.getRole(mockedRequest, mockedResponse, (long) 1, null); @@ -210,16 +214,16 @@ public class RoleManageControllerTest { @Test public void getRoleIfRoleIdNotNullTest() throws Exception { Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp()); - CentralV2Role answer = new CentralV2Role(); + CentralV2Role answer = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role(); Mockito.when(externalAccessRolesService.getRoleInfo((long) 1, "test")).thenReturn(answer); List finalRoleFunctionList = new ArrayList<>(); Mockito.when(externalAccessRolesService.getRoleFuncList("test")).thenReturn(finalRoleFunctionList); StringWriter sw = new StringWriter(); PrintWriter writer = new PrintWriter(sw); Mockito.when(mockedResponse.getWriter()).thenReturn(writer); - CentralV2Role currentRole = new CentralV2Role(); + CentralV2Role currentRole = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role(); SortedSet parentRoles = new TreeSet<>(); - CentralV2Role centralV2Role = new CentralV2Role(); + CentralV2Role centralV2Role = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role(); centralV2Role.setName("test"); parentRoles.add(centralV2Role); currentRole.setParentRoles(parentRoles); @@ -240,23 +244,26 @@ public class RoleManageControllerTest { app.setName("Test"); app.setImageUrl("test"); - app.setDescription("test"); - app.setNotes("test"); - app.setUrl("test"); + app.setAppDescription("test"); + app.setAppNotes("test"); + app.setLandingPage("test"); app.setId((long) 1); app.setAppRestEndpoint("test"); - app.setAlternateUrl("test"); + app.setAlternateLandingPage("test"); app.setName("test"); app.setMlAppName("test"); app.setMlAppAdminId("test"); - app.setUsername("test"); - app.setAppPassword("test"); + app.setAppBasicAuthUsername("test"); + app.setAppBasicAuthPassword("test"); app.setOpen(false); app.setEnabled(false); app.setUebKey("test"); app.setUebSecret("test"); app.setUebTopicName("test"); - app.setAppType(1); + app.setAppType(EpAppType.GUI); + app.setModeOfIntegration("test"); + app.setAppAck(false); + app.setUsesCadi(false); return app; } @@ -264,7 +271,7 @@ public class RoleManageControllerTest { @Test public void getRolesTest() throws Exception { EPApp app = mockApp(); - app.setCentralAuth(true); + app.setRolesInAAF(true); PowerMockito.mockStatic(EPUserUtils.class); PowerMockito.mockStatic(EcompPortalUtils.class); EPUser user = mockUser.mockEPUser(); @@ -297,13 +304,16 @@ public class RoleManageControllerTest { @Test public void getRoleFunctionListTest() throws Exception { + EPApp app = mockApp(); + app.setRolesInAAF(true); PowerMockito.mockStatic(EPUserUtils.class); PowerMockito.mockStatic(EcompPortalUtils.class); EPUser user = mockUser.mockEPUser(); Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true); - Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true); - Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp()); + Mockito.when(adminRolesService.isAccountAdminOfApplication(user, app)).thenReturn(true); + + Mockito.when(appService.getApp((long) 1)).thenReturn(app); List answer = new ArrayList<>(); Mockito.when(externalAccessRolesService.getRoleFuncList("test")).thenReturn(answer); StringWriter sw = new StringWriter(); @@ -325,13 +335,15 @@ public class RoleManageControllerTest { @Test public void saveRoleFunctionTest() throws Exception { + EPApp app = mockApp(); + app.setRolesInAAF(true); PowerMockito.mockStatic(EPUserUtils.class); PowerMockito.mockStatic(EcompPortalUtils.class); EPUser user = mockUser.mockEPUser(); Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true); - Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true); - Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp()); + Mockito.when(adminRolesService.isAccountAdminOfApplication(user, app)).thenReturn(true); + Mockito.when(appService.getApp((long) 1)).thenReturn(app); Mockito.doNothing().when(roleFunctionListController).saveRoleFunction(mockedRequest, mockedResponse, "test"); CentralV2RoleFunction addNewFunc = new CentralV2RoleFunction(); addNewFunc.setCode("Test"); @@ -350,7 +362,7 @@ public class RoleManageControllerTest { List userList = new ArrayList<>(); userList.add(user); List appList = new ArrayList<>(); - appList.add(CentralApp()); + appList.add(app); Mockito.when(externalAccessRolesService.getUser("guestT")).thenReturn(userList); StringWriter sw = new StringWriter(); PrintWriter writer = new PrintWriter(sw); @@ -365,6 +377,48 @@ public class RoleManageControllerTest { assertEquals(expected, actual); } + @Test + public void saveRoleFunctionXSSTest() throws Exception { + PowerMockito.mockStatic(EPUserUtils.class); + PowerMockito.mockStatic(EcompPortalUtils.class); + EPUser user = mockUser.mockEPUser(); + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); + Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true); + Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true); + Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp()); + Mockito.doNothing().when(roleFunctionListController).saveRoleFunction(mockedRequest, mockedResponse, "test"); + CentralV2RoleFunction addNewFunc = new CentralV2RoleFunction(); + addNewFunc.setCode("“>"); + addNewFunc.setType("Test"); + addNewFunc.setAction("Test"); + addNewFunc.setName("Test"); + CentralV2RoleFunction roleFunction = mockCentralRoleFunction(); + roleFunction.setCode("Test|Test|Test"); + Mockito.when(externalAccessRolesService.getRoleFunction("Test|Test|Test", "test")).thenReturn(roleFunction); + Mockito.when(externalAccessRolesService.saveCentralRoleFunction(Matchers.anyObject(), Matchers.anyObject())) + .thenReturn(true); + Mockito.when(EcompPortalUtils.getFunctionCode(roleFunction.getCode())).thenReturn("Test"); + Mockito.when(EcompPortalUtils.getFunctionType(roleFunction.getCode())).thenReturn("Test"); + Mockito.when(EcompPortalUtils.getFunctionAction(roleFunction.getCode())).thenReturn("Test"); + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); + List userList = new ArrayList<>(); + userList.add(user); + List appList = new ArrayList<>(); + appList.add(CentralApp()); + Mockito.when(externalAccessRolesService.getUser("guestT")).thenReturn(userList); + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + Mockito.when(mockedResponse.getWriter()).thenReturn(writer); + ResponseEntity response = new ResponseEntity<>(HttpStatus.OK); + Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response); + Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList); + PortalRestResponse actual = roleManageController.saveRoleFunction(mockedRequest, mockedResponse, + addNewFunc, (long) 1); + PortalRestResponse expected = new PortalRestResponse(PortalRestStatusEnum.ERROR, + "Data is not valid", "ERROR"); + assertEquals(expected, actual); + } + @Test public void saveRoleFunctionExceptionTest() throws Exception { Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp()); @@ -387,14 +441,16 @@ public class RoleManageControllerTest { @Test public void removeRoleFunctionTest() throws Exception { + EPApp app = mockApp(); + app.setRolesInAAF(true); PowerMockito.mockStatic(EPUserUtils.class); PowerMockito.mockStatic(EcompPortalUtils.class); EPUser user = mockUser.mockEPUser(); Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true); - Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true); + Mockito.when(adminRolesService.isAccountAdminOfApplication(user, app)).thenReturn(true); Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); - Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp()); + Mockito.when(appService.getApp((long) 1)).thenReturn(app); String roleFun = "{\"name\":\"Test\",\"type\":\"Test\",\"action\":\"Test\", \"code\":\"Test\"}"; CentralV2RoleFunction roleFunction = mockCentralRoleFunction(); Mockito.when(externalAccessRolesService.getRoleFunction("Test|Test|Test", "test")).thenReturn(roleFunction); @@ -404,7 +460,7 @@ public class RoleManageControllerTest { Mockito.when(externalAccessRolesService.deleteCentralRoleFunction(Matchers.anyString(), Matchers.anyObject())) .thenReturn(true); List appList = new ArrayList<>(); - appList.add(CentralApp()); + appList.add(app); ResponseEntity response = new ResponseEntity<>(HttpStatus.OK); Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response); Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList); @@ -415,6 +471,36 @@ public class RoleManageControllerTest { assertEquals(expected, actual); } + @Test + public void removeRoleFunctionXSSTest() throws Exception { + PowerMockito.mockStatic(EPUserUtils.class); + PowerMockito.mockStatic(EcompPortalUtils.class); + EPUser user = mockUser.mockEPUser(); + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); + Mockito.when(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()).thenReturn(true); + Mockito.when(adminRolesService.isAccountAdminOfApplication(user, CentralApp())).thenReturn(true); + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); + Mockito.when(appService.getApp((long) 1)).thenReturn(CentralApp()); + String roleFun = ""; + CentralV2RoleFunction roleFunction = mockCentralRoleFunction(); + Mockito.when(externalAccessRolesService.getRoleFunction("Test|Test|Test", "test")).thenReturn(roleFunction); + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + Mockito.when(mockedResponse.getWriter()).thenReturn(writer); + Mockito.when(externalAccessRolesService.deleteCentralRoleFunction(Matchers.anyString(), Matchers.anyObject())) + .thenReturn(true); + List appList = new ArrayList<>(); + appList.add(CentralApp()); + ResponseEntity response = new ResponseEntity<>(HttpStatus.OK); + Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response); + Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList); + PortalRestResponse actual = roleManageController.removeRoleFunction(mockedRequest, mockedResponse, + roleFun, (long) 1); + PortalRestResponse expected = new PortalRestResponse(PortalRestStatusEnum.ERROR, + "Data is not valid", "ERROR"); + assertEquals(expected, actual); + } + @Test public void removeRoleFunctionExceptionTest() throws Exception { EPUser user = mockUser.mockEPUser(); @@ -439,7 +525,7 @@ public class RoleManageControllerTest { @Test public void removeRoleFunctionIfAppNotCentralizedTest() throws Exception { EPApp app = mockApp(); - app.setCentralAuth(false); + app.setRolesInAAF(false); Mockito.when(appService.getApp((long) 1)).thenReturn(app); String roleFun = "{\"name\":\"Test\",\"code\":\"Test\"}"; roleManageController.removeRoleFunction(mockedRequest, mockedResponse, roleFun, (long) 1); @@ -472,6 +558,9 @@ public class RoleManageControllerTest { @Test public void syncRolesException() throws Exception { + EPUser user = mockUser.mockEPUser(); + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); + Mockito.when(adminRolesService.isAccountAdminOfApplication(user, null)).thenReturn(true); Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException); PortalRestResponse actual = roleManageController.syncRoles(mockedRequest, mockedResponse, 1l); PortalRestResponse portalRestResponse = new PortalRestResponse<>(); @@ -481,6 +570,18 @@ public class RoleManageControllerTest { assertEquals(portalRestResponse, actual); } + @Test + public void syncRolesUserNullException() throws Exception { + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(null); + Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException); + PortalRestResponse actual = roleManageController.syncRoles(mockedRequest, mockedResponse, 1l); + PortalRestResponse portalRestResponse = new PortalRestResponse<>(); + portalRestResponse.setMessage("Unauthorized User"); + portalRestResponse.setResponse("Failure"); + portalRestResponse.setStatus(PortalRestStatusEnum.ERROR); + assertEquals(portalRestResponse, actual); + } + @Test public void syncRolesFunctionsTest() throws Exception { PowerMockito.mockStatic(EPUserUtils.class); @@ -508,7 +609,10 @@ public class RoleManageControllerTest { @Test public void syncRolesFunctionsException() throws Exception { - Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException); + EPUser user = mockUser.mockEPUser(); + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); + Mockito.when(adminRolesService.isAccountAdminOfApplication(user, null)).thenReturn(true); + Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException); PortalRestResponse actual = roleManageController.syncFunctions(mockedRequest, mockedResponse, 1l); PortalRestResponse portalRestResponse = new PortalRestResponse<>(); portalRestResponse.setMessage(null); @@ -517,6 +621,18 @@ public class RoleManageControllerTest { assertEquals(portalRestResponse, actual); } + @Test + public void syncRolesFunctionsUserNullException() throws Exception { + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(null); + Mockito.when(appService.getAppDetailByAppName("test")).thenThrow(nullPointerException); + PortalRestResponse actual = roleManageController.syncFunctions(mockedRequest, mockedResponse, 1l); + PortalRestResponse portalRestResponse = new PortalRestResponse<>(); + portalRestResponse.setMessage("Unauthorized User"); + portalRestResponse.setResponse("Failure"); + portalRestResponse.setStatus(PortalRestStatusEnum.ERROR); + assertEquals(portalRestResponse, actual); + } + @Test public void addChildRoleTest() throws Exception { ModelAndView modelandView = new ModelAndView("login.htm"); @@ -595,8 +711,9 @@ public class RoleManageControllerTest { roleJson2.put("roleFunctions", roleFunctions); ObjectMapper mapper = new ObjectMapper(); JsonNode actualObj = mapper.readTree(roleJson2.toString()); - Mockito.when(mockedRequest.getInputStream()).thenReturn(new DelegatingServletInputStream( - new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8)))); + dsi = new DelegatingServletInputStream( + new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8))); + Mockito.when(mockedRequest.getInputStream()).thenReturn(dsi); Mockito.when(mockedRequest.getReader()).thenReturn(new BufferedReader(new StringReader(actualObj.toString()))); Mockito.when(mockedRequest.getContentType()).thenReturn("application/json"); Mockito.when(mockedRequest.getCharacterEncoding()).thenReturn("UTF-8"); @@ -606,7 +723,8 @@ public class RoleManageControllerTest { .thenReturn(externalRequestFieldsValidator); Map actual = roleManageController.saveRole(mockedRequest, mockedResponse, CentralApp().getId()); final Map expected = new HashMap<>(); - expected.put("role", new CentralV2Role(null, "test")); + expected.put("role", + new CentralV2Role.CentralV2RoleBuilder().setId(null).setName("test").createCentralV2Role()); expected.put("status", "Success"); assertEquals(expected, actual); } @@ -647,8 +765,9 @@ public class RoleManageControllerTest { roleJson2.put("roleFunctions", roleFunctions); ObjectMapper mapper = new ObjectMapper(); JsonNode actualObj = mapper.readTree(roleJson2.toString()); - Mockito.when(mockedRequest.getInputStream()).thenReturn(new DelegatingServletInputStream( - new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8)))); + dsi = new DelegatingServletInputStream( + new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8))); + Mockito.when(mockedRequest.getInputStream()).thenReturn(dsi); Mockito.when(mockedRequest.getReader()).thenReturn(new BufferedReader(new StringReader(actualObj.toString()))); Mockito.when(mockedRequest.getContentType()).thenReturn("application/json"); Mockito.when(mockedRequest.getCharacterEncoding()).thenReturn("UTF-8"); @@ -656,7 +775,8 @@ public class RoleManageControllerTest { ExternalRequestFieldsValidator externalRequestFieldsValidator = new ExternalRequestFieldsValidator(true, ""); Mockito.when(externalAccessRolesService.saveRoleForApplication(Matchers.any(), Matchers.any())) .thenReturn(externalRequestFieldsValidator); - CentralV2Role cenV2Role = new CentralV2Role(1l, "test1"); + CentralV2Role cenV2Role = + new CentralV2Role.CentralV2RoleBuilder().setId(1l).setName("test1").createCentralV2Role(); cenV2Role.setActive(true); Mockito.when(externalAccessRolesService.getRoleInfo(Matchers.anyLong(), Matchers.any())).thenReturn(cenV2Role); Map actual = roleManageController.saveRole(mockedRequest, mockedResponse, CentralApp().getId()); @@ -701,8 +821,9 @@ public class RoleManageControllerTest { roleJson2.put("roleFunctions", roleFunctions); ObjectMapper mapper = new ObjectMapper(); JsonNode actualObj = mapper.readTree(roleJson2.toString()); - Mockito.when(mockedRequest.getInputStream()).thenReturn(new DelegatingServletInputStream( - new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8)))); + dsi = new DelegatingServletInputStream( + new ByteArrayInputStream(actualObj.toString().getBytes(StandardCharsets.UTF_8))); + Mockito.when(mockedRequest.getInputStream()).thenReturn(dsi); Mockito.when(mockedRequest.getReader()).thenReturn(new BufferedReader(new StringReader(actualObj.toString()))); Mockito.when(mockedRequest.getContentType()).thenReturn("application/json"); Mockito.when(mockedRequest.getCharacterEncoding()).thenReturn("UTF-8"); @@ -750,7 +871,7 @@ public class RoleManageControllerTest { Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList); ResponseEntity response = new ResponseEntity<>(HttpStatus.OK); Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response); - CentralV2Role role = new CentralV2Role(1l, "test"); + CentralV2Role role = new CentralV2Role.CentralV2RoleBuilder().setId(1l).setName("test").createCentralV2Role(); role.setActive(true); Role currentRole = new Role(); currentRole.setName("test"); @@ -817,7 +938,7 @@ public class RoleManageControllerTest { Mockito.when(externalAccessRolesService.getApp(Matchers.anyString())).thenReturn(appList); ResponseEntity response = new ResponseEntity<>(HttpStatus.OK); Mockito.when(externalAccessRolesService.getNameSpaceIfExists(Matchers.anyObject())).thenReturn(response); - CentralV2Role role = new CentralV2Role(1l, "test"); + CentralV2Role role = new CentralV2Role.CentralV2RoleBuilder().setId(1l).setName("test").createCentralV2Role(); role.setActive(true); Role currentRole = new Role(); currentRole.setName("test"); @@ -870,6 +991,13 @@ public class RoleManageControllerTest { List actual = roleManageController.getCentralizedAppRoles(mockedRequest, mockedResponse, user.getOrgUserId()); assertEquals(cenApps.size(), actual.size()); } + + @Test + public void getCentralizedAppRolesXSSTest() throws IOException { + String id = (""); + List actual = roleManageController.getCentralizedAppRoles(mockedRequest, mockedResponse, id); + assertNull(actual); + } @Test public void getCentralizedAppRolesExceptionTest() throws IOException { @@ -885,6 +1013,16 @@ public class RoleManageControllerTest { List actual = roleManageController.getCentralizedAppRoles(mockedRequest, mockedResponse, user.getOrgUserId()); assertNull(actual); } + + @Test + public void bulkUploadRoleFuncUserNullTest() { + UploadRoleFunctionExtSystem data = Mockito.mock(UploadRoleFunctionExtSystem.class); + Mockito.when(appService.getApp(127L)).thenReturn(null); + PortalRestResponse response = roleManageController.bulkUploadRoleFunc(mockedRequest, mockedResponse, data, 127L); + assertEquals(PortalRestStatusEnum.ERROR, response.getStatus()); + assertEquals("Unauthorized User", response.getMessage()); + assertEquals("Failure", response.getResponse()); + } public CentralV2RoleFunction mockCentralRoleFunction() { CentralV2RoleFunction roleFunction = new CentralV2RoleFunction(); @@ -896,14 +1034,14 @@ public class RoleManageControllerTest { public EPApp CentralApp() { EPApp app = mockApp(); - app.setCentralAuth(true); + app.setRolesInAAF(true); app.setNameSpace("com.test"); return app; } public EPApp NonCentralApp() { EPApp app = mockApp(); - app.setCentralAuth(false); + app.setRolesInAAF(false); return app; }