1 /*******************************************************************************
2 * ============LICENSE_START====================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
21 ******************************************************************************/
23 package org.onap.aaf.auth.service.mapper;
25 import static org.junit.Assert.assertEquals;
26 import static org.junit.Assert.assertFalse;
27 import static org.junit.Assert.assertNotNull;
28 import static org.junit.Assert.assertNull;
29 import static org.junit.Assert.assertTrue;
30 import static org.junit.Assert.fail;
31 import static org.mockito.BDDMockito.given;
32 import static org.mockito.Matchers.any;
33 import static org.mockito.Matchers.anyString;
34 import static org.mockito.Matchers.eq;
35 import static org.mockito.Matchers.isA;
36 import static org.mockito.Mockito.mock;
37 import static org.mockito.Mockito.never;
38 import static org.mockito.Mockito.verify;
39 import static org.mockito.Mockito.verifyZeroInteractions;
40 import static org.onap.aaf.auth.layer.Result.ERR_BadData;
41 import static org.onap.aaf.auth.layer.Result.ERR_General;
43 import aaf.v2_0.Certs;
44 import aaf.v2_0.Certs.Cert;
45 import aaf.v2_0.History;
46 import aaf.v2_0.History.Item;
47 import aaf.v2_0.Users;
48 import aaf.v2_0.Users.User;
49 import java.io.IOException;
50 import java.math.BigInteger;
51 import java.util.ArrayList;
52 import java.util.Calendar;
53 import java.util.Collection;
54 import java.util.Date;
55 import java.util.GregorianCalendar;
56 import java.util.HashMap;
57 import java.util.HashSet;
58 import java.util.List;
61 import java.util.UUID;
62 import java.util.stream.Collectors;
64 import org.junit.Assert;
65 import org.junit.Before;
66 import org.junit.Test;
67 import org.junit.runner.RunWith;
68 import org.mockito.Mock;
69 import org.mockito.runners.MockitoJUnitRunner;
70 import org.onap.aaf.auth.dao.cass.CertDAO;
71 import org.onap.aaf.auth.dao.cass.CredDAO;
72 import org.onap.aaf.auth.dao.cass.HistoryDAO;
73 import org.onap.aaf.auth.dao.cass.Namespace;
74 import org.onap.aaf.auth.dao.cass.NsDAO;
75 import org.onap.aaf.auth.dao.cass.NsSplit;
76 import org.onap.aaf.auth.dao.cass.NsType;
77 import org.onap.aaf.auth.dao.cass.PermDAO;
78 import org.onap.aaf.auth.dao.cass.PermDAO.Data;
79 import org.onap.aaf.auth.dao.cass.RoleDAO;
80 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
81 import org.onap.aaf.auth.dao.hl.Question;
82 import org.onap.aaf.auth.dao.hl.Question.Access;
83 import org.onap.aaf.auth.env.AuthzTrans;
84 import org.onap.aaf.auth.env.AuthzTrans.REQD_TYPE;
85 import org.onap.aaf.auth.layer.Result;
86 import org.onap.aaf.auth.org.Organization;
87 import org.onap.aaf.auth.org.Organization.Expiration;
88 import org.onap.aaf.auth.rserv.Pair;
89 import org.onap.aaf.auth.service.mapper.Mapper.API;
90 import org.onap.aaf.cadi.CadiException;
91 import org.onap.aaf.misc.env.APIException;
92 import org.onap.aaf.misc.env.Env;
93 import org.onap.aaf.misc.env.TimeTaken;
95 import aaf.v2_0.CredRequest;
96 import aaf.v2_0.NsRequest;
98 import aaf.v2_0.Nss.Ns;
100 import aaf.v2_0.PermRequest;
101 import aaf.v2_0.Perms;
102 import aaf.v2_0.Pkey;
103 import aaf.v2_0.Request;
104 import aaf.v2_0.Role;
105 import aaf.v2_0.RoleRequest;
106 import aaf.v2_0.Roles;
107 import aaf.v2_0.UserRole;
108 import aaf.v2_0.UserRoleRequest;
109 import aaf.v2_0.UserRoles;
111 @RunWith(MockitoJUnitRunner.class)
112 public class JU_Mapper_2_0 {
113 private static final String USER = "John";
115 private Mapper_2_0 mapper;
117 private Question question;
119 private AuthzTrans transaction;
121 private TimeTaken tt;
123 private Organization org;
127 public void setUp() throws APIException, IOException, CadiException {
128 given(transaction.start(anyString(), eq(Env.SUB))).willReturn(tt);
129 given(transaction.user()).willReturn(USER);
130 given(transaction.org()).willReturn(org);
131 this.mapper = new Mapper_2_0(question);
134 @Test(expected = ClassCastException.class)
135 public void ns_willThrowException_whenInvalidRequestType() {
137 Request rq = new Request();
140 mapper.ns(transaction, rq);
143 fail("Expected ClassCastException");
147 public void ns_shouldConvertNamespaceRequest_whenValidTypeIsExplicitlyProvided() {
149 String namespaceName = "org.companyA.app1";
150 String namespaceType = "APP";
151 NsType expectedNsType = NsType.APP;
152 NsRequest nsRequest = createNsRequestForType(namespaceName, namespaceType);
155 Result<Namespace> result = mapper.ns(transaction,nsRequest);
158 assertTrue(result.isOK());
159 assertNamespaceValues(result.value, expectedNsType, namespaceName);
160 verify(transaction).checkpoint(namespaceName,Env.ALWAYS);
164 public void ns_shouldConvertNamespaceRequest_whenInValidTypeIsExplicitlyProvided() {
166 String namespaceName = "org.companyA.app1.service0";
167 String invalidNsType = "BLUE";
168 NsType expectedNsType = NsType.APP;
169 NsRequest nsRequest = createNsRequestForType(namespaceName, invalidNsType);
172 Result<Namespace> result = mapper.ns(transaction,nsRequest);
175 assertTrue(result.isOK());
176 assertNamespaceValues(result.value, expectedNsType, namespaceName);
177 verify(transaction).checkpoint(namespaceName,Env.ALWAYS);
181 public void ns_shouldConvertRootNamespaceRequest_whenTypeNotProvided() {
183 String rootNsName = "org";
184 NsType expectedNsType = NsType.ROOT;
185 NsRequest nsRequest = createNsRequestForType(rootNsName, null);
188 Result<Namespace> result = mapper.ns(transaction,nsRequest);
191 assertTrue(result.isOK());
192 assertNamespaceValues(result.value, expectedNsType, rootNsName);
193 verify(transaction).checkpoint(rootNsName,Env.ALWAYS);
197 public void ns_shouldConvertCompanyNamespaceRequest_whenTypeNotProvided() {
199 String companyNsName = "org.companyA";
200 NsType expectedNsType = NsType.COMPANY;
201 NsRequest nsRequest = createNsRequestForType(companyNsName, null);
204 Result<Namespace> result = mapper.ns(transaction,nsRequest);
207 assertTrue(result.isOK());
208 assertNamespaceValues(result.value, expectedNsType, companyNsName);
209 verify(transaction).checkpoint(companyNsName,Env.ALWAYS);
212 private void assertNamespaceValues(Namespace value, NsType nsType, String namespaceName) {
213 List<String> people = Lists.newArrayList("tk007@people.osaaf.org");
214 assertEquals(Integer.valueOf(nsType.type), value.type);
215 assertEquals(namespaceName, value.name);
216 assertEquals("some namespace description", value.description);
217 assertEquals(people, value.admin);
218 assertEquals(people, value.owner);
221 private NsRequest createNsRequestForType(String nsName, String nsType) {
222 NsRequest req = mapper.newInstance(API.NS_REQ);
225 req.setDescription("some namespace description");
226 req.getAdmin().add("tk007@people.osaaf.org");
227 req.getResponsible().add("tk007@people.osaaf.org");
232 public void nss_shouldConvertNamespaceToNss_withoutAttributes() {
234 Nss nss = mapper.newInstance(API.NSS);
235 Namespace ns = mapper.ns(transaction, createNsRequestForType("org.onap", null)).value;
238 Result<Nss> result = mapper.nss(transaction, ns, nss);
241 assertTrue(result.isOK());
242 assertEquals("Only one Ns should be added",1, result.value.getNs().size());
243 Ns addedNs = Iterables.getOnlyElement(result.value.getNs());
244 assertEquals(ns.admin, addedNs.getAdmin());
245 assertEquals(ns.name, addedNs.getName());
246 assertEquals(ns.owner, addedNs.getResponsible());
247 assertEquals(ns.description, addedNs.getDescription());
248 assertTrue(addedNs.getAttrib().isEmpty());
252 public void nss_shouldConvertNamespaceToNss_withAttributes() {
254 Nss nss = mapper.newInstance(API.NSS);
255 Namespace ns = mapper.ns(transaction, createNsRequestForType("org.onap", null)).value;
256 ns.attrib = Lists.newArrayList();
258 Map<String, String> attribs = ImmutableMap.of("key1", "value1", "key2", "value2", "key3", "value3", "key4", "value4", "key5", "value5");
259 attribs.forEach((key,val) -> ns.attrib.add(new Pair<>(key,val)));
262 Result<Nss> result = mapper.nss(transaction, ns, nss);
265 assertTrue(result.isOK());
266 assertEquals("Only one Ns should be added",1, result.value.getNs().size());
267 Ns addedNs = Iterables.getOnlyElement(result.value.getNs());
268 assertEquals(attribNum, addedNs.getAttrib().size());
269 addedNs.getAttrib().forEach( attr -> {
270 assertEquals(attr.getValue(), attribs.get(attr.getKey()));
275 public void nss_shouldAddSeveralNamespacesToNss() {
277 Nss nss = mapper.newInstance(API.NSS);
278 Namespace ns1 = mapper.ns(transaction, createNsRequestForType("org.onap", "COMPANY")).value;
279 Namespace ns2 = mapper.ns(transaction, createNsRequestForType("org.onap.prh", "APP")).value;
282 Result<Nss> result = mapper.nss(transaction, Lists.newArrayList(ns1,ns2), nss);
285 assertTrue(result.isOK());
286 assertEquals("Two namespaces should be added",2, result.value.getNs().size());
290 public void perm_shouldNotAddPerms_whenFilterIsSet_andUserIsNotAuthorized() {
292 given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
293 .willReturn(Result.err(9, "error"));
294 Perms permsContainer = mapper.newInstance(API.PERMS);
295 List<PermDAO.Data> permsData = Lists.newArrayList(new PermDAO.Data());
296 boolean filter = true;
299 Result<Perms> result = mapper.perms(transaction, permsData, permsContainer, filter);
302 assertTrue(result.isOK());
303 assertEquals("No perms added",0,result.value.getPerm().size());
307 public void perm_shouldAddPerm_withNamespaceSet_whenUserIsAuthorized_AndNamespaceIsRequestedType() {
309 given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
310 .willReturn(Result.ok(new NsDAO.Data()));
311 given(transaction.requested(REQD_TYPE.ns)).willReturn(true);
312 Perms permsContainer = mapper.newInstance(API.PERMS);
313 Set<String> roles = Sets.newHashSet("org.onap.portal.owner","org.onap.portal.designer"
314 ,"org.onap.portal.tester");
315 String namespace = "org.onap.portal";
316 String type = "access";
317 String fullType = namespace + "." +type;
318 String action = "read";
319 String description = "Portal Read Access";
320 List<PermDAO.Data> permsData = Lists.newArrayList(createPermDAOobj(namespace, type, "*",action, roles, description));
321 boolean filter = true;
324 Result<Perms> result = mapper.perms(transaction, permsData, permsContainer, filter);
327 assertTrue(result.isOK());
328 assertEquals("Perm is added",1,result.value.getPerm().size());
329 Perm perm = Iterables.getOnlyElement(result.value.getPerm());
330 assertEquals(namespace, perm.getNs());
331 assertEquals(fullType, perm.getType());
332 assertEquals(action, perm.getAction());
333 assertEquals("*", perm.getInstance());
334 assertEquals(description, perm.getDescription());
335 assertEquals(Lists.newArrayList(roles), perm.getRoles());
339 public void perm_shouldAddPerm_withoutNamespaceSet_whenUserIsAuthorized_AndNamespaceIsNotRequestedType() {
341 given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
342 .willReturn(Result.ok(new NsDAO.Data()));
343 given(transaction.requested(REQD_TYPE.ns)).willReturn(false);
344 Perms permsContainer = mapper.newInstance(API.PERMS);
345 String namespace = "org.onap.portal";
346 String type = "access";
347 String fullType = namespace + "." + type;
348 String action = "read";
349 List<PermDAO.Data> permsData = Lists.newArrayList(createPermDAOobj(namespace, type, "*",action, null, null));
350 boolean filter = true;
353 Result<Perms> result = mapper.perms(transaction, permsData, permsContainer, filter);
356 assertTrue(result.isOK());
357 assertEquals("Perm is added",1,result.value.getPerm().size());
358 Perm perm = Iterables.getOnlyElement(result.value.getPerm());
359 assertNull(perm.getNs());
360 assertEquals(fullType, perm.getType());
361 assertEquals(action, perm.getAction());
365 public void perm_shouldAddPermsWithCorrectSortedOrder() {
367 given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
368 .willReturn(Result.ok(new NsDAO.Data()));
369 Perms permsContainer = mapper.newInstance(API.PERMS);
370 PermDAO.Data perm1 = createPermDAOobj("org.onap.portal", "access", "*", "read", null, null);
371 PermDAO.Data perm2 = createPermDAOobj("org.onap.portal", "access", "*", "write", null, null);
372 PermDAO.Data perm3 = createPermDAOobj("org.onap.portal", "design", "*", "new", null, null);
373 PermDAO.Data perm4 = createPermDAOobj("org.onap.portal", "workflow", "1", "edit", null, null);
374 PermDAO.Data perm5 = createPermDAOobj("org.onap.portal", "workflow", "2", "edit", null, null);
375 List<PermDAO.Data> permsData = Lists.newArrayList(perm4, perm1, perm5, perm3, perm2);
376 List<PermDAO.Data> correctOrderPerms = Lists.newArrayList(perm1, perm2, perm3, perm4, perm5);
379 Result<Perms> result = mapper.perms(transaction, permsData, permsContainer, true);
382 assertTrue(result.isOK());
383 assertEquals("Alls Perms added",5,result.value.getPerm().size());
384 List<Perm> mappedPerms = result.value.getPerm();
385 for (int i=0; i<5; i++) {
386 comparePerm(correctOrderPerms.get(i), mappedPerms.get(i));
390 private void comparePerm(Data data, Perm perm) {
391 assertEquals(data.ns + "." + data.type, perm.getType());
392 assertEquals(data.instance, perm.getInstance());
393 assertEquals(data.action, perm.getAction());
396 private PermDAO.Data createPermDAOobj(String ns, String name, String instance, String action, Set<String> roles, String description) {
397 NsSplit nss = new NsSplit(ns, name);
398 PermDAO.Data perm = new PermDAO.Data(nss, instance, action);
400 perm.description = description;
405 public void role_shouldReturnErrorResult_whenNssIsNok() throws Exception {
407 String roleName = "admin";
408 RoleRequest request = createRoleRequest(roleName, "role description");
409 given(question.deriveNsSplit(transaction, roleName)).willReturn(Result.err(new IllegalArgumentException()));
412 Result<RoleDAO.Data> result = mapper.role(transaction, request);
415 assertFalse(result.isOK());
416 assertNull(result.value);
417 assertEquals(ERR_General, result.status);
421 public void role_shouldReturnMappedRoleObject_whenNssIsOk() throws Exception {
423 String roleName = "admin";
424 String roleNs = "org.onap.roles";
425 String roleFullName = roleNs + "." + roleName;
426 String description =" role description";
427 RoleRequest request = createRoleRequest(roleFullName, description);
428 given(question.deriveNsSplit(transaction, roleFullName)).willReturn(Result.ok(new NsSplit(roleNs, roleName)));
431 Result<RoleDAO.Data> result = mapper.role(transaction, request);
434 assertTrue(result.isOK());
435 assertEquals(roleName, result.value.name);
436 assertEquals(roleNs, result.value.ns);
437 assertEquals(description, result.value.description);
438 verify(transaction).checkpoint(roleFullName, Env.ALWAYS);
441 private RoleRequest createRoleRequest(String name, String description) {
442 RoleRequest req = mapper.newInstance(API.ROLE_REQ);
444 req.setDescription(description);
449 public void roles_shouldNotAddAnyRoles_whenFilterFlagIsNotSet() {
451 Roles initialRoles = new Roles();
452 RoleDAO.Data role = createRoleDAOobj("org.onap.app1", "org.onap.app1.admin", "description");
455 Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), initialRoles, false);
458 assertTrue(result.isOK());
459 assertEquals(initialRoles.getRole(), result.value.getRole());
463 public void roles_shouldNotAddAnyRoles_whenFilterFlagIsSet_andUserIsNotAuthorizedToReadRole() {
465 Roles initialRoles = new Roles();
466 RoleDAO.Data role = createRoleDAOobj("org.onap.app1", "org.onap.app1.admin", "description");
467 given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
468 .willReturn(Result.err(9, "error"));
471 Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), initialRoles, true);
474 assertTrue(result.isOK());
475 assertEquals(initialRoles.getRole(), result.value.getRole());
479 public void roles_shouldAddRolesWithoutNamespace_whenNsNotRequested_andFilterFlagSet_andUserIsAuthorized() {
480 test_roles_shouldAddRoles(false);
484 public void roles_shouldAddRolesWithNamespace_whenNsRequested_andFilterFlagSet_andUserIsAuthorized() {
485 test_roles_shouldAddRoles(true);
488 private void test_roles_shouldAddRoles(boolean namespaceRequested) {
490 String namespace = "org.onap.app1";
491 String description = "role description";
492 Set<String> roleNames = Sets.newHashSet(namespace+".admin", namespace+".deployer");
493 List<RoleDAO.Data> daoRoles = roleNames.stream().map( name -> createRoleDAOobj(namespace, name, description))
494 .collect(Collectors.toList());
495 given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
496 .willReturn(Result.ok(new NsDAO.Data()));
497 given(transaction.requested(REQD_TYPE.ns)).willReturn(namespaceRequested);
500 Result<Roles> result = mapper.roles(transaction, daoRoles, new Roles(), true);
503 assertTrue(result.isOK());
504 assertEquals(2, result.value.getRole().size());
505 result.value.getRole().stream().forEach( role -> {
506 assertTrue(role.getPerms().isEmpty());
507 if (namespaceRequested) {
508 assertEquals(namespace, role.getNs());
510 assertNull(role.getNs());
512 assertTrue(roleNames.contains(role.getName()));
513 assertEquals(description, role.getDescription());
518 public void roles_shouldReturnErrorResult_whenAnyPermHasInvalidFormat() {
520 given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
521 .willReturn(Result.ok(new NsDAO.Data()));
522 RoleDAO.Data role = createRoleDAOobj("org.onap.app", "org.onap.app.admin", "description");
523 role.perms = Sets.newHashSet("invalidPermFormat");
526 Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), new Roles(), true);
529 assertFalse(result.isOK());
530 assertEquals(ERR_BadData, result.status);
534 public void roles_shouldAddPerms_whenAllPermsProperlyDefined_andUserCanViewIt() {
536 given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
537 .willReturn(Result.ok(new NsDAO.Data()));
538 given(question.deriveNsSplit(transaction, "org.onap.app")).willReturn(Result.ok(mock(NsSplit.class)));
539 RoleDAO.Data role = createRoleDAOobj("org.onap.app", "org.onap.app.admin", "description");
540 role.perms = Sets.newHashSet("org.onap.app|access|*|read,approve");
543 Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), new Roles(), true);
546 assertTrue(result.isOK());
547 Role mappedRole = Iterables.getOnlyElement(result.value.getRole());
548 Pkey pKey = Iterables.getOnlyElement(mappedRole.getPerms());
549 assertEquals("org.onap.app.access", pKey.getType());
550 assertEquals("*", pKey.getInstance());
551 assertEquals("read,approve", pKey.getAction());
554 private RoleDAO.Data createRoleDAOobj(String namespace, String rolename, String desc) {
555 NsDAO.Data ns = new NsDAO.Data();
557 RoleDAO.Data role = RoleDAO.Data.create(ns, rolename);
558 role.description = desc;
563 public void userRoles_shouldMapUserRolesFromDAO() {
565 String user = "john@people.osaaf.org";
566 String role = "admin";
567 String namespace = "org.osaaf.aaf";
571 Date expiration = new Calendar.Builder().setDate(year,month-1, day).build().getTime(); //month is 0-based
572 UserRoles targetRoles = new UserRoles();
575 Result<UserRoles> result = mapper.userRoles(transaction, Lists.newArrayList(
576 createUserRoleDAOobj(user, expiration, namespace, role)), targetRoles);
579 assertTrue(result.isOK());
580 UserRole targetRole = Iterables.getOnlyElement(result.value.getUserRole());
581 assertEquals(user, targetRole.getUser());
582 assertEquals(role, targetRole.getRole());
583 assertEquals(year, targetRole.getExpires().getYear());
584 assertEquals(month, targetRole.getExpires().getMonth());
585 assertEquals(day, targetRole.getExpires().getDay());
589 public void userRole_shouldReturnErrorResult_whenAnyExceptionOccurs() {
591 PermRequest wrongRequestType = new PermRequest();
594 Result<UserRoleDAO.Data> result = mapper.userRole(transaction, wrongRequestType);
597 assertFalse(result.isOK());
598 assertEquals(ERR_BadData, result.status);
599 verifyZeroInteractions(transaction);
603 public void userRole_shouldReturnEmptyRoleDAOobj_whenRequestIsEmpty() {
605 UserRoleRequest request = new UserRoleRequest();
606 given(question.deriveNsSplit(any(), any())).willReturn(Result.err(new IllegalArgumentException()));
607 Organization org = mock(Organization.class);
608 given(org.expiration(any(), eq(Expiration.UserInRole), any())).willReturn(new GregorianCalendar());
609 given(transaction.org()).willReturn(org);
612 Result<UserRoleDAO.Data> result = mapper.userRole(transaction, request);
615 assertTrue(result.isOK());
616 assertNull(result.value.ns);
617 assertNull(result.value.rname);
618 assertNull(result.value.role);
619 assertNull(result.value.user);
620 assertNotNull(result.value.expires);
624 public void userRole_shouldReturnMappedRoleDAOobj_whenRequestIsFilled() {
626 String user = "johny@people.osaaf.org";
627 String role = "org.onap.app1.deployer";
628 String rName = "deployer";
629 String namespace = "org.onap.app1";
631 given(question.deriveNsSplit(transaction, role)).willReturn(Result.ok(new NsSplit(namespace, rName)));
632 Organization org = mock(Organization.class);
633 given(org.expiration(any(), eq(Expiration.UserInRole), any())).willReturn(new GregorianCalendar());
634 given(transaction.org()).willReturn(org);
637 Result<UserRoleDAO.Data> result = mapper.userRole(transaction, createUserRoleRequest(role, user));
640 assertTrue(result.isOK());
641 assertEquals(user, result.value.user);
642 assertEquals(role, result.value.role);
643 assertEquals(rName, result.value.rname);
644 assertEquals(namespace, result.value.ns);
645 assertNotNull(result.value.expires);
648 private UserRoleRequest createUserRoleRequest(String role, String user) {
649 UserRoleRequest request = new UserRoleRequest();
650 request.setRole(role);
651 request.setUser(user);
655 private UserRoleDAO.Data createUserRoleDAOobj(String userName, Date expires, String namespace, String roleName) {
656 UserRoleDAO.Data userRole = new UserRoleDAO.Data();
657 userRole.user = userName;
658 userRole.expires = expires;
659 userRole.ns = namespace;
660 userRole.role = roleName;
665 public void cred_shouldReturnError_whenGivenPasswordDoesNotFulfillPolicy() {
667 String id = "aaf@aaf.osaaf.org";
668 String password = "invalid";
669 given(org.isValidPassword(transaction, id, password)).willReturn("Password does not match org.osaaf Password Standards");
672 Result<CredDAO.Data> result = mapper.cred(transaction, createCredRequest(id, password), true);
675 assertFalse(result.isOK());
676 assertEquals(ERR_BadData, result.status);
680 public void cred_shouldNotCheckPassword_andSetProperType_whenPasswordNotRequired() {
682 String id = "aaf@aaf.osaaf.org";
683 GregorianCalendar expiration = new GregorianCalendar();
684 given(org.expiration(isA(GregorianCalendar.class), eq(Expiration.Password), eq(id))).willReturn(expiration);
687 Result<CredDAO.Data> result = mapper.cred(transaction, createCredRequest(id, null), false);
690 assertTrue(result.isOK());
691 verify(org, never()).isValidPassword(eq(transaction), eq(id), any());
692 assertEquals(Integer.valueOf(0), result.value.type);
693 assertNotNull(result.value.expires);
697 public void cred_shouldSetProperValues_whenPasswordRequired() {
699 String ns = "org.osaaf.aaf";
700 String id = "aaf@aaf.osaaf.org";
701 String password = "SomeValidPassword123!";
702 GregorianCalendar expiration = new GregorianCalendar();
703 given(org.expiration(isA(GregorianCalendar.class), eq(Expiration.Password), eq(id))).willReturn(expiration);
704 given(org.isValidPassword(transaction, id, password)).willReturn("");
707 Result<CredDAO.Data> result = mapper.cred(transaction, createCredRequest(id, password), true);
710 assertTrue(result.isOK());
711 assertNotNull(result.value.cred);
712 assertEquals(id, result.value.id);
713 assertEquals(ns, result.value.ns);
714 assertEquals(Integer.valueOf(CredDAO.RAW), result.value.type);
715 assertNotNull(result.value.expires);
718 private CredRequest createCredRequest(String id, String password) {
719 CredRequest credRequest = new CredRequest();
720 credRequest.setId(id);
721 credRequest.setPassword(password);
726 public void cred_shouldConvertCredDAOtoUser_andAddItToInitialObject() {
728 String id = "aaf@aaf.osaaf.org";
730 Date expiration = Calendar.getInstance().getTime();
731 Users to = new Users();
734 Result<Users> result = mapper.cred(Lists.newArrayList(createCredData(id, type, expiration)), to);
737 assertTrue(result.isOK());
738 User user = Iterables.getOnlyElement(result.value.getUser());
739 assertEquals(id, user.getId());
740 assertNotNull(user.getExpires());
741 assertEquals(type, user.getType());
745 public void cred_shouldLeaveInitialUsers_whenAddingConvertedObject() {
747 String id = "aaf@aaf.osaaf.org";
749 Date expiration = Calendar.getInstance().getTime();
750 Users to = new Users();
751 to.getUser().add(new User());
752 assertEquals(1, to.getUser().size());
755 Result<Users> result = mapper.cred(Lists.newArrayList(createCredData(id, type, expiration)), to);
758 assertTrue(result.isOK());
759 assertEquals(2,result.value.getUser().size());
762 private CredDAO.Data createCredData(String id, int type, Date expires) {
763 CredDAO.Data credDao = new CredDAO.Data();
766 credDao.expires = expires;
771 public void cert_shouldConvertCertDAOtoUser_andAddItToInitialObject() {
773 String x500 = provideTestCertificate();
774 String id = "aaf@aaf.osaaf.org";
775 BigInteger serial = new BigInteger("123456789987654321123456789987654321");
776 Certs to = new Certs();
779 Result<Certs> result = mapper.cert(Lists.newArrayList(createCertData(id, x500, serial)), to);
782 assertTrue(result.isOK());
783 Cert cert = Iterables.getOnlyElement(result.value.getCert());
784 assertEquals(id, cert.getId());
785 assertEquals(x500, cert.getX500());
786 assertNotNull(cert.getFingerprint());
790 public void cert_shouldLeaveInitialCerts_whenAddingConvertedObject() {
792 Certs to = new Certs();
793 Cert initial = new Cert();
794 to.getCert().add(initial);
795 CertDAO.Data certDao = new CertDAO.Data();
796 certDao.serial = new BigInteger("123456789");
797 assertEquals(1, to.getCert().size());
800 Result<Certs> result = mapper.cert(Lists.newArrayList(certDao), to);
803 assertTrue(result.isOK());
804 assertEquals(2,result.value.getCert().size());
805 assertTrue(result.value.getCert().contains(initial));
808 private CertDAO.Data createCertData(String id, String x500, BigInteger serial) {
809 CertDAO.Data certDao = new CertDAO.Data();
812 certDao.serial= serial;
816 private String provideTestCertificate() {
817 StringBuilder sb = new StringBuilder("-----BEGIN CERTIFICATE-----\n");
818 return sb.append("MIIEdTCCAl2gAwIBAgIBBTANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB\n")
819 .append("RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwNzAyMTEyNjMwWhcN\n")
820 .append("MjMwNzAyMTEyNjMwWjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG\n")
821 .append("A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzcwggEiMA0GCSqG\n")
822 .append("SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQAcZtvJ5j4wqaZHqU/NkG0CjflDRD3x9Y\n")
823 .append("4a+C63dxuTyWZ6EtQanoM9l6vwb6Gj4SOHeBfOaQbxwiJfX3WP9+SWV/Rciei0EY\n")
824 .append("w9C0ZOsDA8VVA5S4TK4OLXCLDSeTeMN8wrlydnwG5u/14m22yNTNxPX90bijc6WH\n")
825 .append("zo7+z+3WarveN0CBYcDQkKkyR8rKafkCWlq+GzqLYQh0K4atnuyIZQ7kr9Od48vT\n")
826 .append("KyVJzkyMS6HeH++3Ty0JmPREgzOUjUAoYvR2kI02LedFndr5ZdiBQGAXnLQsVuG6\n")
827 .append("mJHfsRjQ+zTZ2Q5Xs++Bc/clSNlWz7Kqqcxto2bp8YOWC3RaXzfNAgMBAAGjgYYw\n")
828 .append("gYMwHQYDVR0OBBYEFA8QFOfTZ/fEqwtuM4hlNYpwk0OTMB8GA1UdIwQYMBaAFFNV\n")
829 .append("M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/\n")
830 .append("BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B\n")
831 .append("AQsFAAOCAgEAsUvLinLLby1D+F+UKv/7jCqqrUYxlpNsdBm1dD8M3mIIpsjoTrlU\n")
832 .append("2yywL9EPp4BhCN7rI0YbPX+DWu2RnxtbsEKdhutEvbTE2Sfg6a1+9dH7txdaGp3F\n")
833 .append("qapojPqdZ7pjgtIhHVgepGJc08efsxSW6+Gv5easQXhn7XyaZf1MfZUobAPnEcaY\n")
834 .append("p5cOee2gjMy6usB8AiKzVXrmGn6MAQQ9w6u8XKnvIoivQW3PLlKTMbLFVB7B4YH8\n")
835 .append("90HQJnhnLJ9T5U+Gy1Mb5GpVKnI0ZIKURA9b/x8bVFixT83xugstbeVdxgS97Fcz\n")
836 .append("9wOjG6d6YhrwnE/kz8aiXWs8KsTsrgk//kv3AqL4ykpvn545WJUj7EhuAK+Kmh1B\n")
837 .append("LCC0wyny2RBZYVP92AMdLqgU7HEng2ZWsCGdf/QLKpXsawsR/0oM2uAT2KeDiSy4\n")
838 .append("0WTfe3qirhJ9AKtfkj1NukymIcpx9Ld1kb3rapfT63LJ5kGkQpztuYoEa1FCsQwU\n")
839 .append("z/UeknC00mqnH5X4ooGRMMkRyPp68+iWmTNlUaVfU2NUNwZiIsD9CbytR5y9rt2r\n")
840 .append("XJM2BkKy5QEEvmr4GGfbGAYYOfdVpUXB/VBUYNf5uwENqhQB6q7OmiU39Vb/37Zf\n")
841 .append("EWK8mju11Om2l1a4xYw6HH/SPIqqIDtS28XccDTMMiOVoR2HUAZMNdw=\n")
842 .append("-----END CERTIFICATE-----").toString();
846 public void history_shouldConvertHistoryDAOdataToHistory() {
848 UUID uuid = UUID.fromString("c81d4e2e-bcf2-11e6-869b-7df92533d2db");
850 String subject = "cred";
851 String action = "remove";
852 String target = "john";
855 HistoryDAO.Data input = createHistoryData(uuid, user, subject, action, target, memo, yr_mon);
858 Result<History> result = mapper.history(transaction, Lists.newArrayList(input), 0);
861 assertTrue(result.isOK());
862 Item historyItem = Iterables.getOnlyElement(result.value.getItem());
863 assertEquals(user, historyItem.getUser());
864 assertEquals(subject, historyItem.getSubject());
865 assertEquals(action, historyItem.getAction());
866 assertEquals(target, historyItem.getTarget());
867 assertEquals(memo, historyItem.getMemo());
868 assertEquals(Integer.toString(yr_mon), historyItem.getYYYYMM());
869 assertNotNull(historyItem.getTimestamp());
873 public void history_shouldReturnUnsortedData_whenNoSortingRequired() {
876 UUID firstUuid = UUID.fromString("c81d4e2e-bcf2-11e6-869b-7df92533d2db");
877 UUID secondUuid = UUID.fromString("c81eadbf-bcf2-11e6-869b-7df92533d2db");
878 String firstUser = "first";
879 String secondUser = "second";
880 HistoryDAO.Data firstItem = createMinimalHistoryData(firstUuid, firstUser);
881 HistoryDAO.Data secondItem = createMinimalHistoryData(secondUuid, secondUser);
884 Result<History> result = mapper.history(transaction, Lists.newArrayList(secondItem, firstItem), noSorting);
887 assertTrue(result.isOK());
888 List<Item> historyItems = result.value.getItem();
889 assertEquals(2, historyItems.size());
890 assertEquals(secondUser, historyItems.get(0).getUser());
891 assertEquals(firstUser, historyItems.get(1).getUser());
895 public void history_shouldReturnSortedData_whenSortingIsRequired() {
898 UUID firstUuid = UUID.fromString("c81d4e2e-bcf2-11e6-869b-7df92533d2db");
899 UUID secondUuid = UUID.fromString("c81eadbf-bcf2-11e6-869b-7df92533d2db");
900 String firstUser = "first";
901 String secondUser = "second";
902 HistoryDAO.Data firstItem = createMinimalHistoryData(firstUuid, firstUser);
903 HistoryDAO.Data secondItem = createMinimalHistoryData(secondUuid, secondUser);
906 Result<History> result = mapper.history(transaction, Lists.newArrayList(secondItem, firstItem), withSorting);
909 assertTrue(result.isOK());
910 List<Item> historyItems = result.value.getItem();
911 assertEquals(2, historyItems.size());
912 assertEquals(firstUser, historyItems.get(0).getUser());
913 assertEquals(secondUser, historyItems.get(1).getUser());
916 private HistoryDAO.Data createHistoryData(UUID id, String user, String subject, String action, String target,
917 String memo, int yr_mon) {
918 HistoryDAO.Data historyDao = createMinimalHistoryData(id, user);
919 historyDao.subject = subject;
920 historyDao.action = action;
921 historyDao.target = target;
922 historyDao.memo = memo;
923 historyDao.yr_mon = yr_mon;
927 private HistoryDAO.Data createMinimalHistoryData(UUID uuid, String user) {
928 HistoryDAO.Data historyDao = new HistoryDAO.Data();
929 historyDao.id = uuid;
930 historyDao.user = user;
935 //Why so? Is there any particular reason for removing guava dependency from the code, and even from the tests?
937 * Need to do without Google stuff
938 * @author Instrumental
941 public static class ImmutableMap {
942 public static <T,U> Map<T,U> of(Object ... tag_value) {
943 Map<T,U> rv = new HashMap<>();
944 for(int i=0;i<tag_value.length-1;i+=2) {
945 rv.put((T)tag_value[i],(U)tag_value[i+1]);
953 * Need to do without Google stuff
954 * @author Instrumental
957 public static class Iterables {
958 public static <T> T getOnlyElement(List<T> lt) {
968 * Need to do without Google stuff
969 * @author Instrumental
972 public static class Lists {
973 @SuppressWarnings("unchecked")
974 public static <T> List<T> newArrayList(Collection<T> ... init ) {
975 List<T> rv = new ArrayList<>();
976 for(Collection<T> o : init) {
984 @SuppressWarnings("unchecked")
985 public static <T> List<T> newArrayList(Object ... init ) {
986 List<T> rv = new ArrayList<>();
987 for(Object o : init) {
996 * Need to do without Google stuff
997 * @author Instrumental
1000 public static class Sets {
1001 @SuppressWarnings("unchecked")
1002 public static <T> Set<T> newHashSet(Object ... init ) {
1003 Set<T> rv = new HashSet<>();
1004 for(Object o : init) {
Code Review / aaf / authz.git / blob