Code Review / dmaap / buscontroller.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[DMAAP-BC] Consolidate bus controller repos
[dmaap/buscontroller.git] / dmaap-bc / src / test / java / org / onap / dmaap / dbcapi / resources / AAFAuthorizationFilterTest.java
1 /*-
2  * ============LICENSE_START=======================================================
3  * org.onap.dmaap
4  * ================================================================================
5  * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
6  * ================================================================================
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  *      http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  * ============LICENSE_END=========================================================
19  */
20 package org.onap.dmaap.dbcapi.resources;
21
22 import static org.junit.Assert.assertEquals;
23 import static org.junit.Assert.assertNotNull;
24 import static org.junit.Assert.assertNull;
25 import static org.mockito.Matchers.anyString;
26 import static org.mockito.Matchers.eq;
27 import static org.mockito.Mockito.doReturn;
28 import static org.mockito.Mockito.mock;
29 import static org.mockito.Mockito.verify;
30 import static org.mockito.Mockito.verifyNoMoreInteractions;
31 import static org.mockito.Mockito.verifyZeroInteractions;
32 import static org.mockito.Mockito.when;
33
34 import java.io.PrintWriter;
35 import java.io.StringWriter;
36 import com.sun.security.auth.UserPrincipal;
37 import javax.servlet.FilterChain;
38 import javax.servlet.FilterConfig;
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.http.HttpServletResponse;
41 import org.junit.Before;
42 import org.junit.Test;
43 import org.junit.runner.RunWith;
44 import org.mockito.Mock;
45 import org.mockito.Spy;
46 import org.mockito.runners.MockitoJUnitRunner;
47 import org.onap.dmaap.dbcapi.model.Dmaap;
48 import org.onap.dmaap.dbcapi.service.DmaapService;
49 import org.onap.dmaap.dbcapi.util.DmaapConfig;
50 import org.onap.dmaap.dbcapi.util.PermissionBuilder;
51
52 @RunWith(MockitoJUnitRunner.class)
53 public class AAFAuthorizationFilterTest {
54
55     @Spy
56     private AAFAuthorizationFilter filter;
57     @Mock
58     private FilterConfig filterConfig;
59     @Mock
60     private HttpServletRequest servletRequest;
61     @Mock
62     private HttpServletResponse servletResponse;
63     @Mock
64     private FilterChain filterChain;
65     @Mock
66     private DmaapConfig dmaapConfig;
67     @Mock
68     private PermissionBuilder permissionBuilder;
69     @Mock
70     private DmaapService dmaapService;
71
72     @Before
73     public void setUp() throws Exception {
74         filter.setPermissionBuilder(permissionBuilder);
75         doReturn(dmaapConfig).when(filter).getConfig();
76         doReturn(dmaapService).when(filter).getDmaapService();
77     }
78
79     @Test
80     public void init_shouldNotInitializePermissionBuilder_whenAAFnotUsed() throws Exception {
81         //given
82         filter.setPermissionBuilder(null);
83         configureAAFUsage(false);
84
85         //when
86         filter.init(filterConfig);
87
88         //then
89         assertNull(filter.getPermissionBuilder());
90     }
91
92     @Test
93     public void init_shouldInitializePermissionBuilder_whenAAFisUsed() throws Exception {
94         //given
95         filter.setPermissionBuilder(null);
96         configureAAFUsage(true);
97         //doReturn(provideEmptyInstance()).when(dmaapService).getDmaap();
98         when(dmaapService.getDmaap()).thenReturn(mock(Dmaap.class));
99
100         //when
101         filter.init(filterConfig);
102
103         //then
104         assertNotNull(permissionBuilder);
105     }
106
107     @Test
108     public void doFilter_shouldSkipAuthorization_whenAAFnotUsed() throws Exception {
109         //given
110         filter.setCadiEnabled(false);
111
112         //when
113         filter.doFilter(servletRequest,servletResponse,filterChain);
114
115         //then
116         verify(filterChain).doFilter(servletRequest,servletResponse);
117         verifyNoMoreInteractions(filterChain);
118         verifyZeroInteractions(permissionBuilder, servletRequest, servletResponse);
119     }
120
121     @Test
122     public void doFilter_shouldPass_whenUserHasPermissionToResourceEndpoint() throws Exception {
123         //given
124         String user = "johnny";
125         String permission = "org.onap.dmaap-bc.api.topics|mr|GET";
126         when(permissionBuilder.buildPermission(servletRequest)).thenReturn(permission);
127         configureServletRequest(permission, user, true);
128         filter.setCadiEnabled(true);
129
130         //when
131         filter.doFilter(servletRequest,servletResponse,filterChain);
132
133         //then
134         verify(filterChain).doFilter(servletRequest,servletResponse);
135         verify(permissionBuilder).updateDmaapInstance();
136         verifyZeroInteractions(servletResponse);
137     }
138
139     @Test
140     public void doFilter_shouldReturnError_whenUserDontHavePermissionToResourceEndpoint() throws Exception {
141         //given
142         String user = "jack";
143         String permission = "org.onap.dmaap-bc.api.topics|mr|GET";
144         when(permissionBuilder.buildPermission(servletRequest)).thenReturn(permission);
145         configureServletRequest(permission, user, false);
146         filter.setCadiEnabled(true);
147
148         String errorMsgJson = "{\"code\":403,\"message\":\"User "+user+" does not have permission "
149             + permission +"\",\"fields\":\"Authorization\",\"2xx\":false}";
150         StringWriter sw = new StringWriter();
151         PrintWriter pw = new PrintWriter(sw);
152         when(servletResponse.getWriter()).thenReturn(pw);
153
154         //when
155         filter.doFilter(servletRequest,servletResponse,filterChain);
156
157         //then
158         verifyZeroInteractions(filterChain);
159         verify(permissionBuilder).updateDmaapInstance();
160         verify(servletResponse).setStatus(403);
161         assertEquals(errorMsgJson, sw.toString());
162     }
163
164     private void configureServletRequest(String permission, String user, boolean isUserInRole) {
165         when(servletRequest.getUserPrincipal()).thenReturn(new UserPrincipal(user));
166         when(servletRequest.isUserInRole(permission)).thenReturn(isUserInRole);
167     }
168
169     private void configureAAFUsage(Boolean isUsed) {
170         doReturn(isUsed.toString()).when(dmaapConfig).getProperty(eq(AAFAuthorizationFilter.CADI_AUTHZ_FLAG), anyString());
171     }
172 }
Provides a northbound REST API to ONAP clients to manage DMaaP resources. This includes DMaaP components such as MR and DR, as well as provisioning of topics and feeds. Southbound, it communicates with the respective component APIs.