2 * ============LICENSE_START=======================================================
3 * Copyright (C) 2019 Nordix Foundation.
4 * ================================================================================
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 * SPDX-License-Identifier: Apache-2.0
18 * ============LICENSE_END=========================================================
21 package org.onap.dmaap.datarouter.authz.impl;
23 import static org.mockito.Mockito.when;
25 import javax.persistence.EntityManager;
26 import javax.persistence.EntityManagerFactory;
27 import javax.persistence.Persistence;
28 import jakarta.servlet.http.HttpServletRequest;
29 import org.junit.AfterClass;
30 import org.junit.Assert;
31 import org.junit.Before;
32 import org.junit.BeforeClass;
33 import org.junit.Test;
34 import org.junit.runner.RunWith;
35 import org.mockito.Mock;
36 import org.mockito.Mockito;
37 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
38 import org.onap.dmaap.datarouter.provisioning.StatisticsServlet;
39 import org.powermock.core.classloader.annotations.PowerMockIgnore;
40 import org.powermock.modules.junit4.PowerMockRunner;
42 @RunWith(PowerMockRunner.class)
43 @PowerMockIgnore({ "javax.management.*", "com.sun.org.apache.xerces.*", "javax.xml.*",
44 "org.xml.*", "org.w3c.dom.*", "com.sun.org.apache.xalan.*", "javax.activation.*" })
45 public class ProvAuthTest {
48 private HttpServletRequest request;
51 private StatisticsServlet statisticsServlet;
53 private ProvAuthorizer provAuthorizer;
55 private static EntityManagerFactory emf;
56 private static EntityManager em;
59 public static void init() {
60 emf = Persistence.createEntityManagerFactory("dr-unit-tests");
61 em = emf.createEntityManager();
63 "org.onap.dmaap.datarouter.provserver.properties",
64 "src/test/resources/h2Database.properties");
68 public static void tearDownClass() {
75 public void setUp() throws Exception {
76 provAuthorizer = new ProvAuthorizer(statisticsServlet);
80 public void Validate_Prov_Auth_Check_Feed_Access() {
81 when(statisticsServlet.getFeedOwner(Mockito.anyString())).thenReturn("dr-admin");
82 when(statisticsServlet.getGroupByFeedGroupId(Mockito.anyString(), Mockito.anyString())).thenReturn("stub_auth_id");
83 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF")).thenReturn("dr-admin");
84 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_auth_id");
85 when(request.getMethod()).thenReturn("PUT");
86 when(request.getRequestURI()).thenReturn("http://the-request-uri:443/feed/1?1");
87 AuthorizationResponse authResp;
88 authResp = provAuthorizer.decide(request);
89 Assert.assertTrue(authResp.isAuthorized());
93 public void Validate_Prov_Auth_Check_Sub_Access() {
94 when(statisticsServlet.getSubscriptionOwner(Mockito.anyString())).thenReturn("dr-admin");
95 when(statisticsServlet.getGroupBySubGroupId(Mockito.anyString(), Mockito.anyString())).thenReturn("stub_auth_id");
96 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF")).thenReturn("dr-admin");
97 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_auth_id");
98 when(request.getMethod()).thenReturn("PUT");
99 when(request.getRequestURI()).thenReturn("http://the-request-uri:443/subs/1?1");
100 AuthorizationResponse authResp;
101 authResp = provAuthorizer.decide(request);
102 Assert.assertTrue(authResp.isAuthorized());
106 public void Validate_Prov_Auth_Check_Subs_Collection_Access() {
107 when(statisticsServlet.getSubscriptionOwner(Mockito.anyString())).thenReturn("dr-admin");
108 when(statisticsServlet.getGroupBySubGroupId(Mockito.anyString(), Mockito.anyString())).thenReturn("stub_auth_id");
109 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF")).thenReturn("dr-admin");
110 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_auth_id");
111 when(request.getMethod()).thenReturn("POST");
112 when(request.getRequestURI()).thenReturn("http://the-request-uri:443/subscribe/1?1");
113 AuthorizationResponse authResp;
114 authResp = provAuthorizer.decide(request);
115 Assert.assertTrue(authResp.isAuthorized());
119 public void Validate_Prov_Auth_Check_Feeds_Collection_Access() {
120 when(statisticsServlet.getFeedOwner(Mockito.anyString())).thenReturn("dr-admin");
121 when(statisticsServlet.getGroupByFeedGroupId(Mockito.anyString(), Mockito.anyString())).thenReturn("stub_auth_id");
122 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF")).thenReturn("dr-admin");
123 when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_auth_id");
124 when(request.getMethod()).thenReturn("POST");
125 when(request.getRequestURI()).thenReturn("http://the-request-uri:443/");
126 AuthorizationResponse authResp;
127 authResp = provAuthorizer.decide(request);
128 Assert.assertTrue(authResp.isAuthorized());
129 Assert.assertNull(authResp.getAdvice());
130 Assert.assertNull(authResp.getObligations());