datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServletTest.java

   1 /*******************************************************************************
   2  * ============LICENSE_START==================================================
   3  * * org.onap.dmaap
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  21  * *
  22  ******************************************************************************/
  23 package org.onap.dmaap.datarouter.provisioning;
  24
  25 import org.apache.commons.lang3.reflect.FieldUtils;
  26 import org.jetbrains.annotations.NotNull;
  27 import org.json.JSONArray;
  28 import org.json.JSONObject;
  29 import org.junit.Before;
  30 import org.junit.Test;
  31 import org.junit.runner.RunWith;
  32 import org.mockito.Mock;
  33 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
  34 import org.onap.dmaap.datarouter.authz.Authorizer;
  35 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
  36 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
  37 import org.powermock.api.mockito.PowerMockito;
  38 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
  39 import org.powermock.modules.junit4.PowerMockRunner;
  40
  41 import javax.servlet.ServletOutputStream;
  42 import javax.servlet.http.HttpServletRequest;
  43 import javax.servlet.http.HttpServletResponse;
  44 import java.util.HashSet;
  45 import java.util.Set;
  46
  47 import static org.hamcrest.Matchers.notNullValue;
  48 import static org.mockito.Mockito.*;
  49 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
  50
  51
  52 @RunWith(PowerMockRunner.class)
  53 @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Feed")
  54 public class DRFeedsServletTest extends DrServletTestBase {
  55     private static DRFeedsServlet drfeedsServlet;
  56
  57     @Mock
  58     private HttpServletRequest request;
  59     @Mock
  60     private HttpServletResponse response;
  61
  62     @Before
  63     public void setUp() throws Exception {
  64         super.setUp();
  65         drfeedsServlet = new DRFeedsServlet();
  66         setAuthoriserToReturnRequestIsAuthorized();
  67         setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
  68         setupValidAuthorisedRequest();
  69         setUpValidSecurityOnHttpRequest();
  70         setUpValidContentHeadersAndJSONOnHttpRequest();
  71     }
  72
  73     @Test
  74     public void Given_Request_Is_HTTP_DELETE_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
  75         drfeedsServlet.doDelete(request, response);
  76         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
  77     }
  78
  79     @Test
  80     public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
  81         when(request.isSecure()).thenReturn(false);
  82         drfeedsServlet.doGet(request, response);
  83         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
  84     }
  85
  86     @Test
  87     public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
  88         setBehalfHeader(null);
  89         drfeedsServlet.doGet(request, response);
  90         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
  91     }
  92
  93
  94     @Test
  95     public void Given_Request_Is_HTTP_GET_And_URL_Path_Not_Valid_Then_Bad_Request_Response_Is_Generated() throws Exception {
  96         when(request.getRequestURI()).thenReturn("/123");
  97         drfeedsServlet.doGet(request, response);
  98         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
  99     }
 100
 101
 102     @Test
 103     public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 104         setAuthoriserToReturnRequestNotAuthorized();
 105         drfeedsServlet.doGet(request, response);
 106         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 107     }
 108
 109     @Test
 110     public void Given_Request_Is_HTTP_GET_And_Request_Fails_With_Valid_Name_And_Version() throws Exception {
 111         when(request.getParameter("name")).thenReturn("stub_name");
 112         when(request.getParameter("version")).thenReturn("stub_version");
 113         drfeedsServlet.doGet(request, response);
 114         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 115     }
 116
 117     @Test
 118     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds_With_Valid_Name_And_Version() throws Exception {
 119         ServletOutputStream outStream = mock(ServletOutputStream.class);
 120         when(response.getOutputStream()).thenReturn(outStream);
 121         when(request.getParameter("name")).thenReturn("stub_name");
 122         when(request.getParameter("version")).thenReturn("stub_version");
 123         PowerMockito.mockStatic(Feed.class);
 124         Feed feed = mock(Feed.class);
 125         PowerMockito.when(Feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(feed);
 126         when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
 127         drfeedsServlet.doGet(request, response);
 128         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 129     }
 130
 131
 132     @Test
 133     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds_With_Invalid_Name_And_Version() throws Exception {
 134         ServletOutputStream outStream = mock(ServletOutputStream.class);
 135         when(response.getOutputStream()).thenReturn(outStream);
 136         drfeedsServlet.doGet(request, response);
 137         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 138     }
 139
 140
 141     @Test
 142     public void Given_Request_Is_HTTP_PUT_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
 143         drfeedsServlet.doPut(request, response);
 144         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
 145     }
 146
 147
 148     @Test
 149     public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
 150         when(request.isSecure()).thenReturn(false);
 151         drfeedsServlet.doPost(request, response);
 152         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 153     }
 154
 155     @Test
 156     public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 157         setBehalfHeader(null);
 158         drfeedsServlet.doPost(request, response);
 159         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 160     }
 161
 162
 163     @Test
 164     public void Given_Request_Is_HTTP_POST_And_URL_Path_Not_Valid_Then_Bad_Request_Response_Is_Generated() throws Exception {
 165         when(request.getRequestURI()).thenReturn("/123");
 166         drfeedsServlet.doPost(request, response);
 167         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 168     }
 169
 170
 171     @Test
 172     public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
 173         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.feed; version=1.1");
 174         when(request.getContentType()).thenReturn("stub_contentType");
 175         drfeedsServlet.doPost(request, response);
 176         verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
 177     }
 178
 179     @Test
 180     public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 181         setAuthoriserToReturnRequestNotAuthorized();
 182         drfeedsServlet.doPost(request, response);
 183         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 184     }
 185
 186     @Test
 187     public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
 188         drfeedsServlet.doPost(request, response);
 189         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 190     }
 191
 192     @Test
 193     public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated() throws Exception {
 194         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxFeeds", 0, true);
 195         DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
 196             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 197                 return new JSONObject();
 198             }
 199         };
 200         drfeedsServlet.doPost(request, response);
 201         verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), argThat(notNullValue(String.class)));
 202     }
 203
 204     @Test
 205     public void Given_Request_Is_HTTP_POST_And_Feed_Is_Not_Valid_Object_Bad_Request_Response_Is_Generated() throws Exception {
 206         when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
 207         JSONObject JSObject = buildRequestJsonObject();
 208
 209         DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
 210             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 211                 JSONObject jo = new JSONObject();
 212                 return jo;
 213             }
 214         };
 215
 216         drfeedsServlet.doPost(request, response);
 217         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 218     }
 219
 220     @Test
 221     public void Given_Request_Is_HTTP_POST_And_Feed_Already_Exists_Bad_Request_Response_Is_Generated() throws Exception {
 222         setFeedToReturnInvalidFeedIdSupplied();
 223         JSONObject JSObject = buildRequestJsonObject();
 224         DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
 225             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 226                 JSONObject jo = new JSONObject();
 227                 jo.put("name", "not_stub_name");
 228                 jo.put("version", "1.0");
 229                 jo.put("authorization", JSObject);
 230                 return jo;
 231             }
 232         };
 233         drfeedsServlet.doPost(request, response);
 234         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 235     }
 236
 237     @Test
 238     public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception {
 239         JSONObject JSObject = buildRequestJsonObject();
 240         DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
 241             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 242                 JSONObject jo = new JSONObject();
 243                 jo.put("name", "stub_name");
 244                 jo.put("version", "2.0");
 245                 jo.put("authorization", JSObject);
 246                 return jo;
 247             }
 248
 249             @Override
 250             protected boolean doInsert(Insertable bean) {
 251                 return false;
 252             }
 253         };
 254         drfeedsServlet.doPost(request, response);
 255         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 256     }
 257
 258
 259     @Test
 260     public void Given_Request_Is_HTTP_POST_And_Change_On_Feeds_Succeeds_A_STATUS_OK_Response_Is_Generated() throws Exception {
 261         ServletOutputStream outStream = mock(ServletOutputStream.class);
 262         when(response.getOutputStream()).thenReturn(outStream);
 263         JSONObject JSObject = buildRequestJsonObject();
 264         DRFeedsServlet drfeedsServlet = new DRFeedsServlet() {
 265             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 266                 JSONObject jo = new JSONObject();
 267                 jo.put("name", "stub_name");
 268                 jo.put("version", "1.0");
 269                 jo.put("authorization", JSObject);
 270                 return jo;
 271             }
 272
 273             @Override
 274             protected boolean doInsert(Insertable bean) {
 275                 return true;
 276             }
 277         };
 278         drfeedsServlet.doPost(request, response);
 279         verify(response).setStatus(eq(HttpServletResponse.SC_CREATED));
 280     }
 281
 282     @NotNull
 283     private JSONObject buildRequestJsonObject() {
 284         JSONObject JSObject = new JSONObject();
 285         JSONArray endpointIDs = new JSONArray();
 286         JSONObject JOEndpointIDs = new JSONObject();
 287         JOEndpointIDs.put("id", "stub_endpoint_id");
 288         JOEndpointIDs.put("password", "stub_endpoint_password");
 289         endpointIDs.put(JOEndpointIDs);
 290
 291         JSONArray endpointAddresses = new JSONArray();
 292         endpointAddresses.put("127.0.0.1");
 293
 294         JSObject.put("classification", "stub_classification");
 295         JSObject.put("endpoint_ids", endpointIDs);
 296         JSObject.put("endpoint_addrs", endpointAddresses);
 297         return JSObject;
 298     }
 299
 300     private void setUpValidSecurityOnHttpRequest() throws Exception {
 301         when(request.isSecure()).thenReturn(true);
 302         Set<String> authAddressesAndNetworks = new HashSet<String>();
 303         authAddressesAndNetworks.add(("127.0.0.1"));
 304         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
 305         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
 306         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxFeeds", 100, true);
 307     }
 308
 309     private void setBehalfHeader(String headerValue) {
 310         when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
 311     }
 312
 313     private void setValidPathInfoInHttpHeader() {
 314         when(request.getPathInfo()).thenReturn("/123");
 315     }
 316
 317     private void setFeedToReturnInvalidFeedIdSupplied() {
 318         PowerMockito.mockStatic(Feed.class);
 319         PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
 320         when(Feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(mock(Feed.class));
 321     }
 322
 323     private void setFeedToReturnValidFeedForSuppliedId() {
 324         PowerMockito.mockStatic(Feed.class);
 325         Feed feed = mock(Feed.class);
 326         PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
 327         when(feed.isDeleted()).thenReturn(false);
 328         when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
 329         when(feed.getPublisher()).thenReturn("Stub_Value");
 330         when(feed.getName()).thenReturn("stub_name");
 331         when(feed.getVersion()).thenReturn("1.0");
 332         when(feed.asLimitedJSONObject()).thenReturn(mock(JSONObject.class));
 333         PowerMockito.when(feed.getFeedByNameVersion(anyString(), anyString())).thenReturn(null);
 334     }
 335
 336     private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
 337         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 338         Authorizer authorizer = mock(Authorizer.class);
 339         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 340         when(authorizer.decide(request)).thenReturn(authResponse);
 341         when(authResponse.isAuthorized()).thenReturn(false);
 342     }
 343
 344     private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
 345         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 346         Authorizer authorizer = mock(Authorizer.class);
 347         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 348         when(authorizer.decide(request)).thenReturn(authResponse);
 349         when(authResponse.isAuthorized()).thenReturn(true);
 350     }
 351
 352     private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
 353         Poker poker = mock(Poker.class);
 354         FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
 355     }
 356
 357     private void setupValidAuthorisedRequest() throws Exception {
 358         setUpValidSecurityOnHttpRequest();
 359         setBehalfHeader("Stub_Value");
 360         setValidPathInfoInHttpHeader();
 361         setFeedToReturnValidFeedForSuppliedId();
 362     }
 363
 364     private void setUpValidContentHeadersAndJSONOnHttpRequest() {
 365         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.feed; version=1.0");
 366         when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
 367
 368     }
 369 }