* If you want a simple field comparison, it is faster without REGEX
*/
public boolean match(Permission p) {
+ boolean rv;
+ String aafType;
+ String aafInstance;
+ String aafAction;
if(p instanceof AAFPermission) {
AAFPermission ap = (AAFPermission)p;
// Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
// Current solution is only allow direct match on Type.
// 8/28/2014 Jonathan - added REGEX ability
- if(type.equals(ap.getName()))
- if(PermEval.evalInstance(instance,ap.getInstance()))
- if(PermEval.evalAction(action,ap.getAction()))
- return true;
+ aafType = ap.getName();
+ aafInstance = ap.getInstance();
+ aafAction = ap.getAction();
} else {
// Permission is concatenated together: separated by |
String[] aaf = p.getKey().split("[\\s]*\\|[\\s]*",3);
- if(aaf.length>0 && type.equals(aaf[0]))
- if(PermEval.evalInstance(instance,aaf.length>1?aaf[1]:"*"))
- if(PermEval.evalAction(action,aaf.length>2?aaf[2]:"*"))
- return true;
- }
- return false;
+ aafType = aaf[0];
+ aafInstance = (aaf.length > 1) ? aaf[1] : "*";
+ aafAction = (aaf.length > 2) ? aaf[2] : "*";
+ }
+ return ((type.equals(aafType)) &&
+ (PermEval.evalInstance(instance, aafInstance)) &&
+ (PermEval.evalAction(action, aafAction)));
}
public String getName() {
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
public static final char START_REGEX_CHAR = '!';
public static final char START_INST_KEY_CHAR=':';
public static final char ALT_START_INST_KEY_CHAR='/';
-
+
public static final char LIST_SEP = ',';
public static final String INST_KEY_REGEX = new StringBuilder().append(START_INST_KEY_CHAR).toString();
public static final String ASTERIX = "*";
-
+
/**
* Evaluate Instance
- *
- * Instance can be more complex. It can be a string, a Regular Expression, or a ":" separated Key
+ *
+ * Instance can be more complex. It can be a string, a Regular Expression, or a ":" separated Key
* who's parts can also be a String, Regular Expression.
- *
+ *
* sInst = Server's Instance
* In order to prevent false matches, keys must be the same length to count as equal
* Changing this will break existing users, like Cassandra. Jonathan 9-4-2015
*/
- public static boolean evalInstance(String sInst, String pInst) {
- if(sInst==null || pInst == null) {
- return false;
- }
- if(ASTERIX.equals(sInst)) {
- return true; // If Server's String is "*", then it accepts every Instance
- }
- char firstChar = pInst.charAt(0);
- char startChar = firstChar==ALT_START_INST_KEY_CHAR?ALT_START_INST_KEY_CHAR:START_INST_KEY_CHAR;
- switch(pInst.charAt(0)) { // First char
- case START_REGEX_CHAR: // Evaluate as Regular Expression
- String pItem = pInst.substring(1);
- for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," definition in Action
- return sItem.matches(pItem);
- }
-
- case START_INST_KEY_CHAR: // Evaluate a special Key field, i.e.:xyz:*:!df.*
- case ALT_START_INST_KEY_CHAR: // Also allow '/' as special Key Field, i.e. /xyz/*/!.*
- if(sInst.charAt(0)==startChar) { // To compare key-to-key, both strings must be keys
- String[] skeys=Split.split(startChar,sInst);
- String[] pkeys=Split.split(startChar,pInst);
- if(skeys.length!=pkeys.length) return false;
-
- boolean pass = true;
- for(int i=1;pass && i<skeys.length;++i) { // We start at 1, because the first one, being ":" is always ""
- if(ASTERIX.equals(skeys[i]))continue; // Server data accepts all for this key spot
- pass = false;
- for(String sItem : Split.split(LIST_SEP,skeys[i])) { // allow for "," definition in Action
- if(pkeys[i].length()==0) {
- if(pass=sItem.length()==0) {
- break; // Both Empty, keep checking
- }
-// } else if(pkeys[i].charAt(0)==START_REGEX_CHAR) {
-// if(pass=sItem.matches(pkeys[i].substring(1))) {
-// break; // Matches, keep checking
-// }
- } else if(sItem.charAt(0)==START_REGEX_CHAR) { // Check Server side when wildcarding like *
- if(pass=pkeys[i].matches(sItem.substring(1))) {
- break; // Matches, keep checking
- }
- } else if(skeys[i].endsWith(ASTERIX)) {
- if(pass=endAsterixCompare(skeys[i],pkeys[i])) {
- break;
- }
- } else {
- if(pass=sItem.equals(pkeys[i]))
- break; // Equal, keep checking
- }
- }
- }
- return pass; // return whether passed all key checks
- }
- return false; // if first chars aren't the same, further String compare not necessary
- default: // Evaluate as String Compare
- for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," separator //TODO is this only for actions?
- if(sItem.endsWith(ASTERIX)) {
- if(endAsterixCompare(sInst, pInst));
- } else if(sItem.equals(pInst)) {
- return true;
- }
- }
- return false;
- }
- }
-
+ public static boolean evalInstance(String sInst, String pInst) {
+ if(sInst == null || pInst == null) {
+ return false;
+ }
+ if (sInst == "" || pInst == "") {
+ return false;
+ }
+ if(ASTERIX.equals(sInst)) {
+ return true; // If Server's String is "*", then it accepts every Instance
+ }
+ char firstChar = pInst.charAt(0);
+ char startChar = firstChar==ALT_START_INST_KEY_CHAR?ALT_START_INST_KEY_CHAR:START_INST_KEY_CHAR;
+ switch(pInst.charAt(0)) { // First char
+ case START_REGEX_CHAR: // Evaluate as Regular Expression
+ String pItem = pInst.substring(1);
+ String first = Split.split(LIST_SEP,sInst)[0]; // allow for "," definition in Action
+ return first.matches(pItem);
+
+ case START_INST_KEY_CHAR: // Evaluate a special Key field, i.e.:xyz:*:!df.*
+ case ALT_START_INST_KEY_CHAR: // Also allow '/' as special Key Field, i.e. /xyz/*/!.*
+ if(sInst.charAt(0)==startChar) { // To compare key-to-key, both strings must be keys
+ String[] skeys=Split.split(startChar,sInst);
+ String[] pkeys=Split.split(startChar,pInst);
+ if(skeys.length!=pkeys.length) return false;
+
+ boolean pass = true;
+ for(int i=1;pass && i<skeys.length;++i) { // We start at 1, because the first one, being ":" is always ""
+ if(ASTERIX.equals(skeys[i]))continue; // Server data accepts all for this key spot
+ pass = false;
+ for(String sItem : Split.split(LIST_SEP,skeys[i])) { // allow for "," definition in Action
+ if(pkeys[i].length()==0) {
+ if(pass=sItem.length()==0) {
+ break; // Both Empty, keep checking
+ }
+ } else if(sItem.charAt(0)==START_REGEX_CHAR) { // Check Server side when wildcarding like *
+ if(pass=pkeys[i].matches(sItem.substring(1))) {
+ break; // Matches, keep checking
+ }
+ } else if(skeys[i].endsWith(ASTERIX)) {
+ if(pass=endAsterixCompare(skeys[i],pkeys[i])) {
+ break;
+ }
+ } else if(pass=sItem.equals(pkeys[i])) {
+ break; // Equal, keep checking
+ }
+ }
+ }
+ return pass; // return whether passed all key checks
+ }
+ return false; // if first chars aren't the same, further String compare not necessary
+ default: // Evaluate as String Compare
+ for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," separator //TODO is this only for actions?
+ if((sItem.endsWith(ASTERIX)) && (endAsterixCompare(sInst, pInst))) {
+ return true;
+ } else if(sItem.equals(pInst)) {
+ return true;
+ }
+ }
+ return false;
+ }
+ }
+
private static boolean endAsterixCompare(String sInst, String pInst) {
- final int len = sInst.length()-1;
- if(pInst.length()<len) {
+ final int len = sInst.length()-1;
+ if(pInst.length()<len) {
+ return false;
+ }
+ for(int j=0;j<len;++j) {
+ if(pInst.charAt(j)!=sInst.charAt(j)) {
return false;
}
- for(int j=0;j<len;++j) {
- if(pInst.charAt(j)!=sInst.charAt(j)) {
- return false;
- }
- }
- return true;
+ }
+ return true;
}
/**
- * Evaluate Action
- *
- * sAction = Stored Action...
- * pAction = Present Action... the Permission to validate against.
- * Action is not quite as complex. But we write it in this function so it can be consistent
- */
- public static boolean evalAction(String sAction,String pAction) {
- if(ASTERIX.equals(sAction))return true; // If Server's String is "*", then it accepts every Action
- for(String sItem : Split.split(LIST_SEP,sAction)) { // allow for "," definition in Action
- if (pAction.charAt(0)==START_REGEX_CHAR? // First char
- sItem.matches(pAction.substring(1)): // Evaluate as Regular Expression
- sItem.equals(pAction)) // Evaluate as String Compare
- return true;
- }
- return false;
- }
-
- /**
- * Split.split by Char
- *
- * Note: I read the String Split.split and Pattern Split.split code, and we can do this more efficiently for a single Character
- */
+ * Evaluate Action
+ *
+ * sAction = Stored Action...
+ * pAction = Present Action... the Permission to validate against.
+ * Action is not quite as complex. But we write it in this function so it can be consistent
+ */
+ public static boolean evalAction(String sAction,String pAction) {
+ if(ASTERIX.equals(sAction))return true; // If Server's String is "*", then it accepts every Action
+ if(pAction == "") return false;
+ for(String sItem : Split.split(LIST_SEP,sAction)) { // allow for "," definition in Action
+ if (pAction.charAt(0)==START_REGEX_CHAR? // First char
+ sItem.matches(pAction.substring(1)): // Evaluate as Regular Expression
+ sItem.equals(pAction)) // Evaluate as String Compare
+ return true;
+ }
+ return false;
+ }
}
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.when;
+import java.io.ByteArrayOutputStream;
+import java.io.PrintStream;
+
import org.junit.Before;
import org.junit.Test;
import org.mockito.Answers;
private Error error;
private Future<?> future;
+
+ private ByteArrayOutputStream errStream;
@Before
public void setUp() throws Exception {
error.setText("Error Text");
errMessage = new ErrMessage(env);
-
+ errStream = new ByteArrayOutputStream();
}
@Test
public void testPrintErrMessage() throws APIException {
when(errDF.newData().in(TYPE.JSON).load(attErrJson).asObject()).thenReturn(error);
- errMessage.printErr(System.out, attErrJson);
+ errMessage.printErr(new PrintStream(errStream), attErrJson);
+ assertEquals("Error Message Id Error Text\n", errStream.toString());
}
@Test
--- /dev/null
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * *
+ ******************************************************************************/
+
+package org.onap.aaf.cadi.aaf.test;
+
+import static org.junit.Assert.*;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.hamcrest.CoreMatchers.*;
+import org.junit.*;
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+
+public class JU_AAFPermission {
+
+ private final static String type = "type";
+ private final static String instance = "instance";
+ private final static String action = "action";
+ private final static String key = type + '|' + instance + '|' + action;
+ private final static String role = "role";
+
+ private static List<String> roles;
+
+ @Before
+ public void setup() {
+ roles = new ArrayList<String>();
+ roles.add(role);
+ }
+
+ @Test
+ public void constructor1Test() {
+ AAFPermission perm = new AAFPermission(type, instance, action);
+ assertThat(perm.getName(), is(type));
+ assertThat(perm.getInstance(), is(instance));
+ assertThat(perm.getAction(), is(action));
+ assertThat(perm.getKey(), is(key));
+ assertThat(perm.permType(), is("AAF"));
+ assertThat(perm.roles().size(), is(0));
+ assertThat(perm.toString(), is("AAFPermission:\n\tType: " + type +
+ "\n\tInstance: " + instance +
+ "\n\tAction: " + action +
+ "\n\tKey: " + key));
+ }
+
+ @Test
+ public void constructor2Test() {
+ AAFPermission perm;
+
+ perm = new AAFPermission(type, instance, action, null);
+ assertThat(perm.getName(), is(type));
+ assertThat(perm.getInstance(), is(instance));
+ assertThat(perm.getAction(), is(action));
+ assertThat(perm.getKey(), is(key));
+ assertThat(perm.permType(), is("AAF"));
+ assertThat(perm.roles().size(), is(0));
+ assertThat(perm.toString(), is("AAFPermission:\n\tType: " + type +
+ "\n\tInstance: " + instance +
+ "\n\tAction: " + action +
+ "\n\tKey: " + key));
+
+ perm = new AAFPermission(type, instance, action, roles);
+ assertThat(perm.getName(), is(type));
+ assertThat(perm.getInstance(), is(instance));
+ assertThat(perm.getAction(), is(action));
+ assertThat(perm.getKey(), is(key));
+ assertThat(perm.permType(), is("AAF"));
+ assertThat(perm.roles().size(), is(1));
+ assertThat(perm.roles().get(0), is(role));
+ assertThat(perm.toString(), is("AAFPermission:\n\tType: " + type +
+ "\n\tInstance: " + instance +
+ "\n\tAction: " + action +
+ "\n\tKey: " + key));
+ }
+
+ @Test
+ public void matchTest() {
+ final AAFPermission controlPermission = new AAFPermission(type, instance, action);
+ PermissionStub perm;
+ AAFPermission aafperm;
+
+ aafperm = new AAFPermission(type, instance, action);
+ assertThat(controlPermission.match(aafperm), is(true));
+
+ perm = new PermissionStub(key);
+ assertThat(controlPermission.match(perm), is(true));
+
+ // Coverage tests
+ perm = new PermissionStub("not a valid key");
+ assertThat(controlPermission.match(perm), is(false));
+ perm = new PermissionStub("type");
+ assertThat(controlPermission.match(perm), is(false));
+ perm = new PermissionStub("type|instance|badAction");
+ assertThat(controlPermission.match(perm), is(false));
+ }
+
+ @Test
+ public void coverageTest() {
+ AAFPermissionStub aafps = new AAFPermissionStub();
+ assertThat(aafps.getName(), is(nullValue()));
+ assertThat(aafps.getInstance(), is(nullValue()));
+ assertThat(aafps.getAction(), is(nullValue()));
+ assertThat(aafps.getKey(), is(nullValue()));
+ assertThat(aafps.permType(), is("AAF"));
+ assertThat(aafps.roles().size(), is(0));
+ }
+
+ private class PermissionStub implements Permission {
+ private String key;
+
+ public PermissionStub(String key) { this.key = key; }
+ @Override public String permType() { return null; }
+ @Override public String getKey() { return key; }
+ @Override public boolean match(Permission p) { return false; }
+ }
+
+ private class AAFPermissionStub extends AAFPermission {
+
+ }
+}
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
package org.onap.aaf.cadi.aaf.test;
import static org.junit.Assert.*;
+import static org.hamcrest.CoreMatchers.*;
+import org.junit.*;
-import org.junit.AfterClass;
-import org.junit.Test;
import org.onap.aaf.cadi.aaf.PermEval;
public class JU_PermEval {
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
+ @Test
+ public void instanceNullTest() {
+ assertThat(PermEval.evalInstance(null, null), is(false));
+ assertThat(PermEval.evalInstance(null, "test"), is(false));
+ assertThat(PermEval.evalInstance("test", null), is(false));
}
@Test
- public void test() {
- // TRUE
- assertTrue(PermEval.evalAction("fred","fred"));
- assertTrue(PermEval.evalAction("fred,wilma","fred"));
- assertTrue(PermEval.evalAction("barney,betty,fred,wilma","fred"));
- assertTrue(PermEval.evalAction("*","fred"));
-
- assertTrue(PermEval.evalInstance("fred","fred"));
- assertTrue(PermEval.evalInstance("fred,wilma","fred"));
- assertTrue(PermEval.evalInstance("barney,betty,fred,wilma","fred"));
+ public void instanceEmptyTest() {
+ assertThat(PermEval.evalInstance("", ""), is(false));
+ assertThat(PermEval.evalInstance("", "test"), is(false));
+ assertThat(PermEval.evalInstance("test", ""), is(false));
+ }
+
+ @Test
+ public void instanceAsterixTest() {
+ assertThat(PermEval.evalInstance("*", "*"), is(true));
assertTrue(PermEval.evalInstance("*","fred"));
-
+ }
+
+ @Test
+ public void instanceRegexTest() {
+ assertThat(PermEval.evalInstance("test", "!test"), is(true));
+ assertThat(PermEval.evalInstance(",", "!"), is(true));
+ assertThat(PermEval.evalInstance("test,test", "!test"), is(true));
+
+ assertThat(PermEval.evalInstance("test", "!"), is(false));
+ assertThat(PermEval.evalInstance("test", "!mismatch"), is(false));
+ assertThat(PermEval.evalInstance("test,mismatch", "!mismatch"), is(false));
+ }
+
+ @Test
+ public void instanceKeyTest() {
+ // Reject non-keys
+ assertThat(PermEval.evalInstance("fred", ":fred"), is(false));
+
+ // Reject differing number of keys
+ assertThat(PermEval.evalInstance(":fred:barney", ":fred"), is(false));
+ assertThat(PermEval.evalInstance(":fred", ":fred:barney"), is(false));
+
+ // Accept all wildcard keys
+ assertThat(PermEval.evalInstance(":*", ":fred"), is(true));
+
+ // Accept matching empty keys
+ assertThat(PermEval.evalInstance(":", ":"), is(true));
+
+ // Reject non-matching empty keys
+ assertThat(PermEval.evalInstance(":fred", ":"), is(false));
+
+ // Accept matches starting with a wildcard
+ assertThat(PermEval.evalInstance(":!.*ed", ":fred"), is(true));
+
+ // Reject non-matches starting with a wildcard
+ assertThat(PermEval.evalInstance(":!.*arney", ":fred"), is(false));
+
+ // Accept matches ending with a wildcard
+ assertThat(PermEval.evalInstance(":fr*", ":fred"), is(true));
+
+ // Reject non-matches ending with a wildcard
+ assertThat(PermEval.evalInstance(":bar*", ":fred"), is(false));
+
+ // Accept exact keys
+ assertThat(PermEval.evalInstance(":fred", ":fred"), is(true));
+
+ // Reject mismatched keys
+ assertThat(PermEval.evalInstance(":fred", ":barney"), is(false));
+
+ // Check using alt-start character
+ assertThat(PermEval.evalInstance("/fred", "/fred"), is(true));
+ assertThat(PermEval.evalInstance("/barney", "/fred"), is(false));
+ }
+
+ @Test
+ public void instanceDirectTest() {
+ assertThat(PermEval.evalInstance("fred","fred"), is(true));
+ assertThat(PermEval.evalInstance("fred,wilma","fred"), is(true));
+ assertThat(PermEval.evalInstance("barney,betty,fred,wilma","fred"), is(true));
+ assertThat(PermEval.evalInstance("barney,betty,wilma","fred"), is(false));
+
+ assertThat(PermEval.evalInstance("fr*","fred"), is(true));
+ assertThat(PermEval.evalInstance("freddy*","fred"), is(false));
+ assertThat(PermEval.evalInstance("ba*","fred"), is(false));
+ }
+
+ @Test
+ public void actionTest() {
+ // Accept server *
+ assertThat(PermEval.evalAction("*", ""), is(true));
+ assertThat(PermEval.evalAction("*", "literally anything"), is(true));
+
+ // Reject empty actions
+ assertThat(PermEval.evalAction("literally anything", ""), is(false));
+
+ // Accept match as regex
+ assertThat(PermEval.evalAction("action", "!action"), is(true));
+
+ // Reject non-match as regex
+ assertThat(PermEval.evalAction("action", "!nonaction"), is(false));
+
+ // Accept exact match
+ assertThat(PermEval.evalAction("action", "action"), is(true));
+
+ // Reject non-match
+ assertThat(PermEval.evalAction("action", "nonaction"), is(false));
+ }
+
+ @Test
+ public void redundancyTest() {
+ // TRUE
assertTrue(PermEval.evalInstance(":fred:fred",":fred:fred"));
assertTrue(PermEval.evalInstance(":fred:fred,wilma",":fred:fred"));
assertTrue(PermEval.evalInstance(":fred:barney,betty,fred,wilma",":fred:fred"));
- assertTrue(PermEval.evalInstance("*","fred"));
assertTrue(PermEval.evalInstance(":*:fred",":fred:fred"));
assertTrue(PermEval.evalInstance(":fred:*",":fred:fred"));
assertTrue(PermEval.evalInstance(":!f.*:fred",":fred:fred"));
assertTrue(PermEval.evalInstance(":fred:!f.*",":fred:fred"));
-
- /// FALSE
+
+ // FALSE
assertFalse(PermEval.evalInstance("fred","wilma"));
assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
assertFalse(PermEval.evalInstance(":fred:fred",":fred:wilma"));
assertTrue(PermEval.evalInstance("/v1/services/features/*","/v1/services/features/api1"));
assertTrue(PermEval.evalInstance(":v1:services:features:*",":v1:services:features:api2"));
// MSO - Xue Gao
- assertTrue(PermEval.evalInstance(":v1:requests:*",":v1:requests:test0-service"));
+ assertTrue(PermEval.evalInstance(":v1:requests:*",":v1:requests:test0-service"));
+
-
// Same tests, with Slashes
assertTrue(PermEval.evalInstance("/fred/fred","/fred/fred"));
assertTrue(PermEval.evalInstance("/fred/fred,wilma","/fred/fred"));
assertTrue(PermEval.evalInstance("/fred/*","/fred/fred"));
assertTrue(PermEval.evalInstance("/!f.*/fred","/fred/fred"));
assertTrue(PermEval.evalInstance("/fred/!f.*","/fred/fred"));
-
- /// FALSE
+
+ // FALSE
assertFalse(PermEval.evalInstance("fred","wilma"));
assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
assertFalse(PermEval.evalInstance("/fred/fred","/fred/wilma"));
assertFalse(PermEval.evalInstance("/!f.*/!w.*","/fred/fred"));
assertFalse(PermEval.evalInstance("/fred/!x.*","/fred/fred"));
-
+
assertTrue(PermEval.evalInstance(":!com.att.*:role:write",":com.att.temp:role:write"));
// CPFSF-431 Group needed help with Wild Card
":!topic.com.att.ecomp_test.crm.pre.*",
":topic.com.att.ecomp_test.crm.predemo100"
));
-
+
+ // coverage
+ @SuppressWarnings("unused")
+ PermEval pe = new PermEval();
}
}
--- /dev/null
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cadi.cm.test;
+
+import static org.junit.Assert.*;
+import static org.hamcrest.CoreMatchers.*;
+import org.junit.*;
+
+import org.onap.aaf.cadi.cm.CertException;
+
+public class JU_CertException {
+
+ private static final String message = "The message associated with the exception";
+
+ @Test(expected = CertException.class)
+ public void test() throws CertException {
+ CertException except;
+
+ except = new CertException(message);
+ assertThat(except.getMessage(), is(message));
+
+ except = new CertException(new Exception(message));
+ assertThat(except.getMessage(), is("java.lang.Exception: " + message));
+
+ except = new CertException(message, new Exception(message));
+ assertThat(except.getMessage(), is(message));
+
+ throw new CertException();
+ }
+
+}
--- /dev/null
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cadi.cm.test;
+
+import static org.junit.Assert.*;
+import static org.hamcrest.CoreMatchers.*;
+import static org.mockito.Mockito.*;
+import org.junit.*;
+import org.mockito.*;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.security.KeyPair;
+import java.security.PublicKey;
+
+import javax.crypto.Cipher;
+
+import org.onap.aaf.cadi.cm.Factory;
+import org.onap.aaf.cadi.cm.Factory.StripperInputStream;
+import org.onap.aaf.misc.env.Env;
+import org.onap.aaf.misc.env.LogTarget;
+import org.onap.aaf.misc.env.TimeTaken;
+import org.onap.aaf.misc.env.Trans;
+
+public class JU_Factory {
+
+ @Mock
+ Trans transMock;
+
+ @Mock
+ TimeTaken timeTakenMock;
+
+ @Mock
+ LogTarget logTargetMock;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+
+ when(transMock.start(anyString(), anyInt())).thenReturn(timeTakenMock);
+ when(transMock.debug()).thenReturn(logTargetMock);
+ }
+
+ @Test
+ public void generateKeyPairTest() throws Exception {
+ String message = "The quick brown fox jumps over the lazy dog.";
+
+ Cipher encryptor = Cipher.getInstance(Factory.KEY_ALGO);
+ Cipher decryptor = Cipher.getInstance(Factory.KEY_ALGO);
+
+ KeyPair kp1 = Factory.generateKeyPair(transMock);
+ encryptor.init(Cipher.ENCRYPT_MODE, kp1.getPublic());
+ decryptor.init(Cipher.DECRYPT_MODE, kp1.getPrivate());
+ byte[] encrypedMessage1 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
+ String output1 = new String(decryptor.doFinal(encrypedMessage1));
+ assertThat(output1, is(message));
+
+ // coverage
+ when(transMock.start("Generate KeyPair", Env.SUB)).thenReturn(null);
+ KeyPair kp2 = Factory.generateKeyPair(transMock);
+ encryptor.init(Cipher.ENCRYPT_MODE, kp2.getPublic());
+ decryptor.init(Cipher.DECRYPT_MODE, kp2.getPrivate());
+ byte[] encrypedMessage2 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
+ String output2 = new String(decryptor.doFinal(encrypedMessage2));
+ assertThat(output2, is(message));
+
+ KeyPair kp3 = Factory.generateKeyPair(null);
+ encryptor.init(Cipher.ENCRYPT_MODE, kp3.getPublic());
+ decryptor.init(Cipher.DECRYPT_MODE, kp3.getPrivate());
+ byte[] encrypedMessage3 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
+ String output3 = new String(decryptor.doFinal(encrypedMessage3));
+ assertThat(output3, is(message));
+ }
+
+ @Test
+ public void keyToStringTest() throws IOException {
+ KeyPair kp = Factory.generateKeyPair(transMock);
+
+ String publicKeyString = Factory.toString(transMock, kp.getPublic());
+ String privateKeyString = Factory.toString(transMock, kp.getPrivate());
+
+ String[] publicKeyLines = publicKeyString.split("\n", 0);
+ assertThat(publicKeyLines.length, is(9));
+ assertThat(publicKeyLines[0], is("-----BEGIN PUBLIC KEY-----"));
+ assertThat(publicKeyLines[8], is("-----END PUBLIC KEY-----"));
+
+ String[] privateKeyLines = privateKeyString.split("\n", 0);
+ assertThat(privateKeyLines.length, is(28));
+ assertThat(privateKeyLines[0], is("-----BEGIN PRIVATE KEY-----"));
+ assertThat(privateKeyLines[27], is("-----END PRIVATE KEY-----"));
+ }
+}
package org.onap.aaf.cadi.oauth.test;
+import static org.hamcrest.CoreMatchers.*;
+import static org.junit.Assert.*;
+import org.junit.*;
+
import java.io.StringReader;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
import org.onap.aaf.cadi.Permission;
import org.onap.aaf.cadi.oauth.TokenPerm.LoadPermissions;
import org.onap.aaf.misc.rosetta.ParseException;
-public class JU_FastPerms {
+public class JU_TokenPerm {
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
- }
+ @Test
+ public void test() throws ParseException {
+ String json;
+ LoadPermissions lp;
+ Permission p;
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- }
+ json = "{\"perm\":[" +
+ " {\"type\":\"com.access\",\"instance\":\"*\",\"action\":\"read,approve\"}," +
+ "]}";
- @Before
- public void setUp() throws Exception {
- }
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(1));
+
+ p = lp.perms.get(0);
+ assertThat(p.getKey(), is("com.access|*|read,approve"));
+ assertThat(p.permType(), is("AAF"));
+
+ // Extra closing braces for coverage
+ json = "{\"perm\":[" +
+ " {\"type\":\"com.access\",\"instance\":\"*\",\"action\":\"read,approve\"}}," +
+ "]]}";
+
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(1));
- @After
- public void tearDown() throws Exception {
+ p = lp.perms.get(0);
+ assertThat(p.getKey(), is("com.access|*|read,approve"));
+ assertThat(p.permType(), is("AAF"));
+
+ // Test without a type
+ json = "{\"perm\":[" +
+ " {\"instance\":\"*\",\"action\":\"read,approve\"}," +
+ "]}";
+
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(0));
+
+ // Test without an instance
+ json = "{\"perm\":[" +
+ " {\"type\":\"com.access\",\"action\":\"read,approve\"}," +
+ "]}";
+
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(0));
+
+ // Test without an action
+ json = "{\"perm\":[" +
+ " {\"type\":\"com.access\",\"instance\":\"*\"}," +
+ "]}";
+
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(0));
}
@Test
- public void test() {
+ public void redundancyTest() {
String json = "{\"perm\":[" +
" {\"type\":\"com.access\",\"instance\":\"*\",\"action\":\"read,approve\"}," +
" {\"type\":\"org.osaaf.aaf.access\",\"instance\":\"*\",\"action\":\"*\"}," +
" {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}," +
" {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}" +
"]}";
-
try {
LoadPermissions lp = new LoadPermissions(new StringReader(json));
- for(Permission p : lp.perms) {
- System.out.println(p.toString());
- }
- System.out.println("done");
+ assertThat(lp.perms.size(), is(34));
} catch (ParseException e) {
- System.err.println(e);
+ fail(e.getMessage());
}
-
-
}
-
}
*
*/
-package org.onap.aaf.cadi.client.test;
+package org.onap.aaf.cadi.locator.test;
import java.net.URI;
import java.net.URL;
Code Review / aaf / authz.git / commitdiff