From babc5a81adcab1090b7041499321a3920e297736 Mon Sep 17 00:00:00 2001
From: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Date: Thu, 16 Apr 2020 03:55:21 -0700
Subject: [PATCH] Add test to verify unauthorized requests

Functional test for verifying that the service forbids
API access with proper http code and message should
the client provide wrong auth credentials.

Change-Id: I78d5f050e99c23fd7116468ff007078b3cd56987
Issue-ID: INT-1529
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
---
 test/mocks/prov-mns-provider/src/tests/common.py   |  2 ++
 .../src/tests/test_invalid_requests.py             | 24 ++++++++++++++++++++++
 .../src/tests/test_rest_api_endpoints.py           |  2 +-
 3 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 test/mocks/prov-mns-provider/src/tests/test_invalid_requests.py

diff --git a/test/mocks/prov-mns-provider/src/tests/common.py b/test/mocks/prov-mns-provider/src/tests/common.py
index 08075e999..2ffe8acba 100644
--- a/test/mocks/prov-mns-provider/src/tests/common.py
+++ b/test/mocks/prov-mns-provider/src/tests/common.py
@@ -13,6 +13,7 @@ MOI_DATA_TMPL = { 'data': ProvMnSProvider.Cretaed_MOIs_list[0] }
 MOI_DATA_PATCH = { "data": { "pLMNId": "xxx", "gNBId": "1234", "gNBIdLength": "4" }}
 URI_SCHEMA = 'http'
 AUTH_STRING = (ProvMnSProvider.username, ProvMnSProvider.password)
+INVALID_AUTH_STRING = (str(uuid4()).split('-')[0], str(uuid4()).split('-')[0])
 URI_BASE_STRING = URI_SCHEMA + '://' + ProvMnSProvider.ipAddress + ':' + \
              str(ProvMnSProvider.portNumber) + ProvMnSProvider.prefix + \
              '/' + MOI_CLASS + '/' + MOI_ID
@@ -21,3 +22,4 @@ URI_GET_STRING = URI_BASE_STRING + '?scope=BASE_ONLY&filter=' + MOI_CLASS + \
                  '&fields=gNBId&fields=gNBIdLength'
 URI_PATCH_STRING = URI_BASE_STRING + '?scope=BASE_ONLY&filter=' + MOI_CLASS
 URI_DELETE_STRING = URI_PATCH_STRING
+UNAUTHORIZED_MSG="not Authorized"
diff --git a/test/mocks/prov-mns-provider/src/tests/test_invalid_requests.py b/test/mocks/prov-mns-provider/src/tests/test_invalid_requests.py
new file mode 100644
index 000000000..660f26c64
--- /dev/null
+++ b/test/mocks/prov-mns-provider/src/tests/test_invalid_requests.py
@@ -0,0 +1,24 @@
+from common import * # pylint: disable=W0614
+
+def test_unauthorized():
+    '''Check service denies access if
+    invalid credentials provided'''
+
+    req = requests.get('{0}'.format(URI_GET_STRING), auth=INVALID_AUTH_STRING)
+    assert req.status_code == requests.codes.unauthorized
+    assert UNAUTHORIZED_MSG in req.text
+
+    req = requests.put('{0}'.format(URI_PUT_STRING), auth=INVALID_AUTH_STRING,
+                       json=MOI_DATA_TMPL)
+    assert req.status_code == requests.codes.unauthorized
+    assert UNAUTHORIZED_MSG in req.text
+
+    req = requests.patch('{0}'.format(URI_PATCH_STRING),
+                         auth=INVALID_AUTH_STRING, json=MOI_DATA_PATCH)
+    assert req.status_code == requests.codes.unauthorized
+    assert UNAUTHORIZED_MSG in req.text
+
+    req = requests.delete('{0}'.format(URI_DELETE_STRING),
+                          auth=INVALID_AUTH_STRING)
+    assert req.status_code == requests.codes.unauthorized
+    assert UNAUTHORIZED_MSG in req.text
diff --git a/test/mocks/prov-mns-provider/src/tests/test_rest_api_endpoints.py b/test/mocks/prov-mns-provider/src/tests/test_rest_api_endpoints.py
index 0cc459195..69e66e302 100644
--- a/test/mocks/prov-mns-provider/src/tests/test_rest_api_endpoints.py
+++ b/test/mocks/prov-mns-provider/src/tests/test_rest_api_endpoints.py
@@ -1,4 +1,4 @@
-from common import *
+from common import * # pylint: disable=W0614
 
 def test_put():
     '''Validate PUT request'''
-- 
2.16.6