Merge "Improve unit tests and sonar fixes"

author Sébastien Determe <sebastien.determe@intl.att.com>

Tue, 4 Jun 2019 11:14:30 +0000 (11:14 +0000)

committer Gerrit Code Review <gerrit@onap.org>

Tue, 4 Jun 2019 11:14:30 +0000 (11:14 +0000)
author Sébastien Determe <sebastien.determe@intl.att.com>
Tue, 4 Jun 2019 11:14:30 +0000 (11:14 +0000)
committer Gerrit Code Review <gerrit@onap.org>
Tue, 4 Jun 2019 11:14:30 +0000 (11:14 +0000)
diff --git a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java

index f08bf7b..85aae0a 100644 (file)
--- a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java
+++ b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java
@@ -162,7 +162,7 @@ public final class CryptoUtils {
      private static SecretKeySpec readSecretKeySpec(String propertiesFileName) {
          Properties props = new Properties();
          try {
-            //Workaround fix to make encryption key configurable
+            // Workaround fix to make encryption key configurable
              // System environment variable takes precedence for over clds/key.properties
              String encryptionKey = System.getenv(AES_ENCRYPTION_KEY);
              if(encryptionKey != null && encryptionKey.trim().length() > 0) {
diff --git a/src/main/java/org/onap/clamp/clds/util/XmlTools.java b/src/main/java/org/onap/clamp/clds/util/XmlTools.java

index a812fa1..a7d4ed9 100644 (file)
--- a/src/main/java/org/onap/clamp/clds/util/XmlTools.java
+++ b/src/main/java/org/onap/clamp/clds/util/XmlTools.java
@@ -24,6 +24,7 @@
  package org.onap.clamp.clds.util;
  
  import java.io.StringWriter;
+import javax.xml.XMLConstants;
  import javax.xml.transform.OutputKeys;
  import javax.xml.transform.Transformer;
  import javax.xml.transform.TransformerException;
@@ -38,6 +39,12 @@ import org.w3c.dom.Document;
  
  public class XmlTools {
  
+    /**
+     * Private constructor to avoid creating instances of util class.
+     */
+    private XmlTools(){
+    }
+
      /**
       * Transforms document to XML string.
       *
@@ -47,6 +54,7 @@ public class XmlTools {
      public static String exportXmlDocumentAsString(Document doc) {
          try {
              TransformerFactory tf = TransformerFactory.newInstance();
+            tf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
              Transformer transformer = tf.newTransformer();
              transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
              StringWriter writer = new StringWriter();
diff --git a/src/main/java/org/onap/clamp/util/PrincipalUtils.java b/src/main/java/org/onap/clamp/util/PrincipalUtils.java

index d6b20f3..d6dfacb 100644 (file)
--- a/src/main/java/org/onap/clamp/util/PrincipalUtils.java
+++ b/src/main/java/org/onap/clamp/util/PrincipalUtils.java
@@ -37,6 +37,12 @@ public class PrincipalUtils {
      private static UserNameHandler userNameHandler = new DefaultUserNameHandler();
      private static SecurityContext securityContext = SecurityContextHolder.getContext();
  
+    /**
+     * Private constructor to avoid creating instances of util class.
+     */
+    private PrincipalUtils(){
+    }
+
      /**
       * Get the Full name.
       *
diff --git a/src/test/java/org/onap/clamp/clds/it/CldsHealthcheckServiceItCase.java b/src/test/java/org/onap/clamp/clds/it/CldsHealthcheckServiceItCase.java

index 5d89103..1dbea37 100644 (file)
--- a/src/test/java/org/onap/clamp/clds/it/CldsHealthcheckServiceItCase.java
+++ b/src/test/java/org/onap/clamp/clds/it/CldsHealthcheckServiceItCase.java
@@ -25,8 +25,6 @@ package org.onap.clamp.clds.it;
  import static org.junit.Assert.assertEquals;
  import static org.junit.Assert.assertNotNull;
  
-import javax.ws.rs.core.Response;
-
  import org.junit.Test;
  import org.junit.runner.RunWith;
  import org.onap.clamp.clds.model.CldsHealthCheck;
diff --git a/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java b/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java

index 347de4a..faeb041 100644 (file)
--- a/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java
+++ b/src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java
@@ -149,6 +149,7 @@ public class CldsServiceItCase {
          Properties prop = new Properties();
          InputStream in = Thread.currentThread().getContextClassLoader().getResourceAsStream("clds-version.properties");
          prop.load(in);
+        assertNotNull(in);
          in.close();
          assertEquals(cldsInfo.getCldsVersion(), prop.getProperty("clds.version"));
          assertEquals(cldsInfo.getUserName(), "admin");
diff --git a/src/test/java/org/onap/clamp/clds/it/CldsToscaServiceItCase.java b/src/test/java/org/onap/clamp/clds/it/CldsToscaServiceItCase.java

index 7d48086..992c06e 100644 (file)
--- a/src/test/java/org/onap/clamp/clds/it/CldsToscaServiceItCase.java
+++ b/src/test/java/org/onap/clamp/clds/it/CldsToscaServiceItCase.java
@@ -69,7 +69,7 @@ public class CldsToscaServiceItCase {
      private String toscaModelYaml;
      private Authentication authentication;
      private CldsToscaModel cldsToscaModel;
-    private List<GrantedAuthority> authList = new LinkedList<GrantedAuthority>();
+    private List<GrantedAuthority> authList = new LinkedList<>();
      private LoggingUtils util;
  
      /**
diff --git a/src/test/java/org/onap/clamp/clds/util/CryptoUtilsTest.java b/src/test/java/org/onap/clamp/clds/util/CryptoUtilsTest.java

index 603d2d2..1e6742c 100644 (file)
--- a/src/test/java/org/onap/clamp/clds/util/CryptoUtilsTest.java
+++ b/src/test/java/org/onap/clamp/clds/util/CryptoUtilsTest.java
@@ -5,7 +5,9 @@
   * Copyright (C) 2017 AT&T Intellectual Property. All rights
   *                             reserved.
   * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License"); 
+ * Modifications Copyright (c) 2019 Samsung
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License. 
   * You may obtain a copy of the License at
   * 
@@ -26,17 +28,30 @@ package org.onap.clamp.clds.util;
  import static org.junit.Assert.assertEquals;
  import static org.junit.Assert.assertNotEquals;
  import static org.junit.Assert.assertNotNull;
+import static org.mockito.Matchers.eq;
+
+import java.security.InvalidKeyException;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
  
  import org.apache.commons.codec.binary.Hex;
  import org.apache.commons.lang3.ArrayUtils;
  import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.junit4.PowerMockRunner;
  
-
+@RunWith(PowerMockRunner.class)
+@PowerMockIgnore({"javax.crypto.*"})
  public class CryptoUtilsTest {
  
      private final String data = "This is a test string";
  
      @Test
+    @PrepareForTest({CryptoUtils.class})
      public final void testEncryption() throws Exception {
          String encodedString = CryptoUtils.encrypt(data);
          assertNotNull(encodedString);
@@ -44,6 +59,7 @@ public class CryptoUtilsTest {
      }
  
      @Test
+    @PrepareForTest({CryptoUtils.class})
      public final void testEncryptedStringIsDifferent() throws Exception {
          String encodedString1 = CryptoUtils.encrypt(data);
          String encodedString2 = CryptoUtils.encrypt(data);
@@ -56,4 +72,30 @@ public class CryptoUtilsTest {
          byte[] subData2 = ArrayUtils.subarray(encryptedMessage2, 16, encryptedMessage2.length);
          assertNotEquals(subData1, subData2);
      }
-}
-\ No newline at end of file
+
+    @Test
+    @PrepareForTest({CryptoUtils.class})
+    public final void testEncryptionBaseOnRandomKey() throws Exception {
+        SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();
+        final String encryptionKey = String.valueOf(Hex.encodeHex(secretKey.getEncoded()));
+        setAesEncryptionKeyEnv(encryptionKey);
+
+        String encodedString = CryptoUtils.encrypt(data);
+        String decodedString = CryptoUtils.decrypt(encodedString);
+        assertEquals(data, decodedString);
+    }
+
+    @Test(expected = InvalidKeyException.class)
+    @PrepareForTest({CryptoUtils.class})
+    public final void testEncryptionBadKey() throws Exception {
+        final String badEncryptionKey = "93210sd";
+        setAesEncryptionKeyEnv(badEncryptionKey);
+
+        CryptoUtils.encrypt(data);
+    }
+
+    private static void setAesEncryptionKeyEnv(String value) {
+        PowerMockito.mockStatic(System.class);
+        PowerMockito.when(System.getenv(eq("AES_ENCRYPTION_KEY"))).thenReturn(value);
+    }
+}
diff --git a/src/test/java/org/onap/clamp/clds/util/JsonUtilsTest.java b/src/test/java/org/onap/clamp/clds/util/JsonUtilsTest.java

index 82c2162..d1adc16 100644 (file)
--- a/src/test/java/org/onap/clamp/clds/util/JsonUtilsTest.java
+++ b/src/test/java/org/onap/clamp/clds/util/JsonUtilsTest.java
@@ -5,6 +5,8 @@
   * Copyright (C) 2018 AT&T Intellectual Property. All rights
   *                             reserved.
   * ================================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ================================================================================
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
@@ -155,4 +157,9 @@ public class JsonUtilsTest {
          // then
          assertThat(timeoutValue).isEqualTo(500);
      }
+
+    @Test(expected = IllegalArgumentException.class)
+    public void shouldThrowExceptionFileNotExists() throws IOException {
+        ResourceFileUtil.getResourceAsString("example/notExist.json");
+    }
  }
diff --git a/src/test/java/org/onap/clamp/clds/util/drawing/DocumentBuilderTest.java b/src/test/java/org/onap/clamp/clds/util/drawing/DocumentBuilderTest.java

index 6546553..63a1fa3 100644 (file)
--- a/src/test/java/org/onap/clamp/clds/util/drawing/DocumentBuilderTest.java
+++ b/src/test/java/org/onap/clamp/clds/util/drawing/DocumentBuilderTest.java
@@ -47,9 +47,6 @@ public class DocumentBuilderTest {
      @Mock
      private SVGGraphics2D mockG2d;
  
-    @Mock
-    private Document mockDomImpl;
-
      @Test
      public void pushChangestoDocumentTest() throws IOException, ParserConfigurationException, SAXException {
          String dataElementId = "someId";
author	Sébastien Determe <sebastien.determe@intl.att.com>
	Tue, 4 Jun 2019 11:14:30 +0000 (11:14 +0000)
committer	Gerrit Code Review <gerrit@onap.org>
	Tue, 4 Jun 2019 11:14:30 +0000 (11:14 +0000)
src/main/java/org/onap/clamp/clds/util/CryptoUtils.java		patch \| blob \| history
src/main/java/org/onap/clamp/clds/util/XmlTools.java		patch \| blob \| history
src/main/java/org/onap/clamp/util/PrincipalUtils.java		patch \| blob \| history
src/test/java/org/onap/clamp/clds/it/CldsHealthcheckServiceItCase.java		patch \| blob \| history
src/test/java/org/onap/clamp/clds/it/CldsServiceItCase.java		patch \| blob \| history
src/test/java/org/onap/clamp/clds/it/CldsToscaServiceItCase.java		patch \| blob \| history
src/test/java/org/onap/clamp/clds/util/CryptoUtilsTest.java		patch \| blob \| history
src/test/java/org/onap/clamp/clds/util/JsonUtilsTest.java		patch \| blob \| history
src/test/java/org/onap/clamp/clds/util/drawing/DocumentBuilderTest.java		patch \| blob \| history