datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java

   1 /*******************************************************************************
   2  * ============LICENSE_START==================================================
   3  * * org.onap.dmaap
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  21  * *
  22  ******************************************************************************/
  23 package org.onap.dmaap.datarouter.provisioning;
  24
  25 import static org.hamcrest.Matchers.notNullValue;
  26 import static org.mockito.Mockito.argThat;
  27 import static org.mockito.Mockito.contains;
  28 import static org.mockito.Mockito.eq;
  29 import static org.mockito.Mockito.mock;
  30 import static org.mockito.Mockito.verify;
  31 import static org.mockito.Mockito.when;
  32 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
  33
  34 import ch.qos.logback.classic.spi.ILoggingEvent;
  35 import ch.qos.logback.core.read.ListAppender;
  36 import java.sql.Connection;
  37 import java.sql.SQLException;
  38 import java.util.HashSet;
  39 import java.util.Set;
  40 import javax.persistence.EntityManager;
  41 import javax.persistence.EntityManagerFactory;
  42 import javax.persistence.Persistence;
  43 import javax.servlet.ServletInputStream;
  44 import javax.servlet.ServletOutputStream;
  45 import javax.servlet.http.HttpServletRequest;
  46 import javax.servlet.http.HttpServletResponse;
  47 import org.apache.commons.lang3.reflect.FieldUtils;
  48 import org.jetbrains.annotations.NotNull;
  49 import org.json.JSONArray;
  50 import org.json.JSONObject;
  51 import org.junit.AfterClass;
  52 import org.junit.Before;
  53 import org.junit.BeforeClass;
  54 import org.junit.Test;
  55 import org.junit.runner.RunWith;
  56 import org.mockito.Mock;
  57 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
  58 import org.onap.dmaap.datarouter.authz.Authorizer;
  59 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
  60 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
  61 import org.onap.dmaap.datarouter.provisioning.utils.ProvDbUtils;
  62 import org.powermock.modules.junit4.PowerMockRunner;
  63
  64
  65 @RunWith(PowerMockRunner.class)
  66 public class FeedServletTest extends DrServletTestBase {
  67
  68     private static FeedServlet feedServlet;
  69
  70     @Mock
  71     private HttpServletRequest request;
  72     @Mock
  73     private HttpServletResponse response;
  74
  75     private static EntityManagerFactory emf;
  76     private static EntityManager em;
  77
  78     private ListAppender<ILoggingEvent> listAppender;
  79
  80     @BeforeClass
  81     public static void init() {
  82         emf = Persistence.createEntityManagerFactory("dr-unit-tests");
  83         em = emf.createEntityManager();
  84         System.setProperty(
  85                 "org.onap.dmaap.datarouter.provserver.properties",
  86                 "src/test/resources/h2Database.properties");
  87     }
  88
  89     @AfterClass
  90     public static void tearDownClass() {
  91         em.clear();
  92         em.close();
  93         emf.close();
  94     }
  95
  96     @Before
  97     public void setUp() throws Exception {
  98         listAppender = setTestLogger(FeedServlet.class);
  99         feedServlet = new FeedServlet();
 100         setAuthoriserToReturnRequestIsAuthorized();
 101         setUpValidAuthorisedRequest();
 102         setUpValidSecurityOnHttpRequest();
 103         setUpValidContentHeadersAndJSONOnHttpRequest();
 104     }
 105
 106     @Test
 107     public void Given_Request_Is_HTTP_DELETE_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
 108         throws Exception {
 109         when(request.isSecure()).thenReturn(false);
 110         feedServlet.doDelete(request, response);
 111         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 112         verifyEnteringExitCalled(listAppender);
 113     }
 114
 115     @Test
 116     public void Given_Request_Is_HTTP_DELETE_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
 117         throws Exception {
 118         setBehalfHeader(null);
 119         feedServlet.doDelete(request, response);
 120         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 121     }
 122
 123     @Test
 124     public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 125         when(request.getPathInfo()).thenReturn(null);
 126         feedServlet.doDelete(request, response);
 127         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 128     }
 129
 130     @Test
 131     public void Given_Request_Is_HTTP_DELETE_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 132         when(request.getPathInfo()).thenReturn("/123");
 133         feedServlet.doDelete(request, response);
 134         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 135     }
 136
 137     @Test
 138     public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 139         setAuthoriserToReturnRequestNotAuthorized();
 140         feedServlet.doDelete(request, response);
 141         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 142     }
 143
 144     @Test
 145     public void Given_Request_Is_HTTP_DELETE_And_AAF_Feed_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception {
 146         when(request.getPathInfo()).thenReturn("/2");
 147         feedServlet.doDelete(request, response);
 148         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access to permission"));
 149     }
 150
 151     @Test
 152     public void Given_Request_Is_HTTP_DELETE_And_AAF_Feed_With_Permissions_Then_A_NO_CONTENT_Response_Is_Generated() {
 153         when(request.getPathInfo()).thenReturn("/3");
 154         when(request.isUserInRole("org.onap.dmaap-dr.feed|*|delete")).thenReturn(true);
 155         feedServlet.doDelete(request, response);
 156         verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
 157         verifyEnteringExitCalled(listAppender);
 158     }
 159
 160     @Test
 161     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Fails_An_Internal_Server_Error_Is_Reported()
 162         throws Exception {
 163         FeedServlet feedServlet = new FeedServlet() {
 164             protected boolean doUpdate(Updateable bean) {
 165                 return false;
 166             }
 167         };
 168         feedServlet.doDelete(request, response);
 169         verify(response)
 170             .sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 171     }
 172
 173     @Test
 174     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated() throws Exception {
 175         feedServlet.doDelete(request, response);
 176         verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
 177         reinsertFeedIntoDb();
 178         verifyEnteringExitCalled(listAppender);
 179     }
 180
 181     @Test
 182     public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
 183         throws Exception {
 184         when(request.isSecure()).thenReturn(false);
 185         feedServlet.doGet(request, response);
 186         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 187         verifyEnteringExitCalled(listAppender);
 188     }
 189
 190     @Test
 191     public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
 192         throws Exception {
 193         setBehalfHeader(null);
 194         feedServlet.doGet(request, response);
 195         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 196     }
 197
 198     @Test
 199     public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
 200         throws Exception {
 201         when(request.getPathInfo()).thenReturn(null);
 202         feedServlet.doGet(request, response);
 203         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 204     }
 205
 206     @Test
 207     public void Given_Request_Is_HTTP_GET_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
 208         throws Exception {
 209         when(request.getPathInfo()).thenReturn("/123");
 210         feedServlet.doGet(request, response);
 211         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 212     }
 213
 214     @Test
 215     public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
 216         throws Exception {
 217         setAuthoriserToReturnRequestNotAuthorized();
 218         when(request.getPathInfo()).thenReturn("/2");
 219         feedServlet.doGet(request, response);
 220         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 221     }
 222
 223     @Test
 224     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
 225         ServletOutputStream outStream = mock(ServletOutputStream.class);
 226         when(response.getOutputStream()).thenReturn(outStream);
 227         when(request.getPathInfo()).thenReturn("/2");
 228         feedServlet.doGet(request, response);
 229         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 230         verifyEnteringExitCalled(listAppender);
 231     }
 232
 233     @Test
 234     public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
 235         throws Exception {
 236         when(request.isSecure()).thenReturn(false);
 237         feedServlet.doPut(request, response);
 238         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 239         verifyEnteringExitCalled(listAppender);
 240     }
 241
 242     @Test
 243     public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
 244         throws Exception {
 245         setBehalfHeader(null);
 246         feedServlet.doPut(request, response);
 247         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 248     }
 249
 250     @Test
 251     public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
 252         throws Exception {
 253         when(request.getPathInfo()).thenReturn(null);
 254         feedServlet.doPut(request, response);
 255         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 256     }
 257
 258     @Test
 259     public void Given_Request_Is_HTTP_PUT_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
 260         throws Exception {
 261         when(request.getPathInfo()).thenReturn("/123");
 262         feedServlet.doPut(request, response);
 263         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 264     }
 265
 266     @Test
 267     public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated()
 268         throws Exception {
 269         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed-fail; version=2.0");
 270         when(request.getContentType()).thenReturn("stub_contentType");
 271         when(request.getPathInfo()).thenReturn("/2");
 272         feedServlet.doPut(request, response);
 273         verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
 274     }
 275
 276     @Test
 277     public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated()
 278         throws Exception {
 279         ServletInputStream inStream = mock(ServletInputStream.class);
 280         when(request.getInputStream()).thenReturn(inStream);
 281         when(request.getPathInfo()).thenReturn("/2");
 282         FeedServlet feedServlet = new FeedServlet() {
 283             public JSONObject getJSONfromInput(HttpServletRequest req) {
 284                 return null;
 285             }
 286         };
 287         feedServlet.doPut(request, response);
 288         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("Badly formed JSON"));
 289     }
 290
 291     @Test
 292     public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Invalid_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
 293         when(request.getPathInfo()).thenReturn("/2");
 294         FeedServlet feedServlet = new FeedServlet() {
 295             public JSONObject getJSONfromInput(HttpServletRequest req) {
 296                 return new JSONObject();
 297             }
 298         };
 299         feedServlet.doPut(request, response);
 300         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 301     }
 302
 303     @Test
 304     public void Given_Request_Is_HTTP_PUT_And_Feed_Change_Is_Not_Publisher_Who_Requested_Feed_Bad_Request_Response_Is_Generated() throws Exception {
 305         when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
 306         when(request.getPathInfo()).thenReturn("/2");
 307         JSONObject JSObject = buildRequestJsonObject();
 308         FeedServlet feedServlet = new FeedServlet() {
 309             public JSONObject getJSONfromInput(HttpServletRequest req) {
 310                 JSONObject jo = new JSONObject();
 311                 jo.put("name", "stub_name");
 312                 jo.put("version", "1.0");
 313                 jo.put("authorization", JSObject);
 314                 return jo;
 315             }
 316         };
 317         feedServlet.doPut(request, response);
 318         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("must be modified by the same publisher"));
 319     }
 320
 321     @Test
 322     public void Given_Request_Is_HTTP_PUT_And_Feed_Name_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception {
 323         when(request.getPathInfo()).thenReturn("/2");
 324         JSONObject JSObject = buildRequestJsonObject();
 325         FeedServlet feedServlet = new FeedServlet() {
 326             public JSONObject getJSONfromInput(HttpServletRequest req) {
 327                 JSONObject jo = new JSONObject();
 328                 jo.put("name", "not_stub_name");
 329                 jo.put("version", "1.0");
 330                 jo.put("authorization", JSObject);
 331                 return jo;
 332             }
 333         };
 334         feedServlet.doPut(request, response);
 335         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("name of the feed may not be updated"));
 336     }
 337
 338     @Test
 339     public void Given_Request_Is_HTTP_PUT_And_Feed_Version_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception {
 340         when(request.getPathInfo()).thenReturn("/2");
 341         JSONObject JSObject = buildRequestJsonObject();
 342         FeedServlet feedServlet = new FeedServlet() {
 343             public JSONObject getJSONfromInput(HttpServletRequest req) {
 344                 JSONObject jo = new JSONObject();
 345                 jo.put("name", "AafFeed");
 346                 jo.put("version", "v0.2");
 347                 jo.put("authorization", JSObject);
 348                 return jo;
 349             }
 350         };
 351         feedServlet.doPut(request, response);
 352         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("version of the feed may not be updated"));
 353     }
 354
 355     @Test
 356     public void Given_Request_Is_HTTP_PUT_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 357         setAuthoriserToReturnRequestNotAuthorized();
 358         when(request.getPathInfo()).thenReturn("/2");
 359         JSONObject JSObject = buildRequestJsonObject();
 360         FeedServlet feedServlet = new FeedServlet() {
 361             public JSONObject getJSONfromInput(HttpServletRequest req) {
 362                 JSONObject jo = new JSONObject();
 363                 jo.put("name", "AafFeed");
 364                 jo.put("version", "v0.1");
 365                 jo.put("authorization", JSObject);
 366                 return jo;
 367             }
 368         };
 369         feedServlet.doPut(request, response);
 370         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("Policy Engine disallows access"));
 371     }
 372
 373     @Test
 374     public void Given_Request_Is_HTTP_PUT_And_AAF_Feed_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception {
 375         when(request.getPathInfo()).thenReturn("/2");
 376         JSONObject JSObject = buildRequestJsonObject();
 377         FeedServlet feedServlet = new FeedServlet() {
 378             public JSONObject getJSONfromInput(HttpServletRequest req) {
 379                 JSONObject jo = new JSONObject();
 380                 jo.put("name", "AafFeed");
 381                 jo.put("version", "v0.1");
 382                 jo.put("authorization", JSObject);
 383                 jo.put("aaf_instance", "https://aaf-onap-test.osaaf.org:8095");
 384                 return jo;
 385             }
 386         };
 387         feedServlet.doPut(request, response);
 388         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access to permission"));
 389     }
 390
 391     @Test
 392     public void Given_Request_Is_HTTP_PUT_And_AAF_Feed_With_Permissions_Then_STATUS_OK__Response_Is_Generated() throws Exception {
 393         ServletOutputStream outStream = mock(ServletOutputStream.class);
 394         when(response.getOutputStream()).thenReturn(outStream);
 395         when(request.getPathInfo()).thenReturn("/2");
 396         when(request.isUserInRole("org.onap.dmaap-dr.feed|*|edit")).thenReturn(true);
 397         JSONObject JSObject = buildRequestJsonObject();
 398         FeedServlet feedServlet = new FeedServlet() {
 399             public JSONObject getJSONfromInput(HttpServletRequest req) {
 400                 JSONObject jo = new JSONObject();
 401                 jo.put("name", "AafFeed");
 402                 jo.put("version", "v0.1");
 403                 jo.put("authorization", JSObject);
 404                 jo.put("aaf_instance", "*");
 405                 return jo;
 406             }
 407             @Override
 408             protected boolean doUpdate(Updateable bean) {
 409                 return true;
 410             }
 411
 412         };
 413         feedServlet.doPut(request, response);
 414         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 415         verifyEnteringExitCalled(listAppender);
 416     }
 417
 418     @Test
 419     public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Fails_An_Internal_Server_Error_Response_Is_Generated() throws Exception {
 420         ServletOutputStream outStream = mock(ServletOutputStream.class);
 421         when(response.getOutputStream()).thenReturn(outStream);
 422         when(request.getPathInfo()).thenReturn("/2");
 423         JSONObject JSObject = buildRequestJsonObject();
 424         FeedServlet feedServlet = new FeedServlet() {
 425             public JSONObject getJSONfromInput(HttpServletRequest req) {
 426                 JSONObject jo = new JSONObject();
 427                 jo.put("name", "AafFeed");
 428                 jo.put("version", "v0.1");
 429                 jo.put("authorization", JSObject);
 430                 return jo;
 431             }
 432
 433             @Override
 434             protected boolean doUpdate(Updateable bean) {
 435                 return false;
 436             }
 437         };
 438         feedServlet.doPut(request, response);
 439         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 440     }
 441
 442     @Test
 443     public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Suceeds_A_STATUS_OK_Response_Is_Generated() throws Exception {
 444         ServletOutputStream outStream = mock(ServletOutputStream.class);
 445         when(response.getOutputStream()).thenReturn(outStream);
 446         when(request.getPathInfo()).thenReturn("/2");
 447         JSONObject JSObject = buildRequestJsonObject();
 448         FeedServlet feedServlet = new FeedServlet() {
 449             public JSONObject getJSONfromInput(HttpServletRequest req) {
 450                 JSONObject jo = new JSONObject();
 451                 jo.put("name", "AafFeed");
 452                 jo.put("version", "v0.1");
 453                 jo.put("authorization", JSObject);
 454                 return jo;
 455             }
 456             @Override
 457             protected boolean doUpdate(Updateable bean) {
 458                 return true;
 459             }
 460
 461         };
 462         feedServlet.doPut(request, response);
 463         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 464         verifyEnteringExitCalled(listAppender);
 465     }
 466
 467     @Test
 468     public void Given_Request_Is_HTTP_POST_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
 469         feedServlet.doPost(request, response);
 470         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
 471         verifyEnteringExitCalled(listAppender);
 472     }
 473
 474     @NotNull
 475     private JSONObject buildRequestJsonObject() {
 476         JSONObject JSObject = new JSONObject();
 477         JSONArray endpointIDs = new JSONArray();
 478         JSONObject JOEndpointIDs = new JSONObject();
 479         JOEndpointIDs.put("id", "stub_endpoint_id");
 480         JOEndpointIDs.put("password", "stub_endpoint_password");
 481         endpointIDs.put(JOEndpointIDs);
 482
 483         JSONArray endpointAddresses = new JSONArray();
 484         endpointAddresses.put("127.0.0.1");
 485
 486         JSObject.put("classification", "stub_classification");
 487         JSObject.put("endpoint_ids", endpointIDs);
 488         JSObject.put("endpoint_addrs", endpointAddresses);
 489         return JSObject;
 490     }
 491
 492     private void setUpValidSecurityOnHttpRequest() throws Exception {
 493         when(request.isSecure()).thenReturn(true);
 494         Set<String> authAddressesAndNetworks = new HashSet<>();
 495         authAddressesAndNetworks.add(("127.0.0.1"));
 496         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks,true);
 497         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
 498     }
 499
 500     private void setBehalfHeader(String headerValue) {
 501         when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
 502     }
 503
 504     private void setValidPathInfoInHttpHeader() {
 505         when(request.getPathInfo()).thenReturn("/1");
 506     }
 507
 508     private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
 509         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 510         Authorizer authorizer = mock(Authorizer.class);
 511         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 512         when(authorizer.decide(request)).thenReturn(authResponse);
 513         when(authResponse.isAuthorized()).thenReturn(false);
 514     }
 515
 516     private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
 517         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 518         Authorizer authorizer = mock(Authorizer.class);
 519         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 520         when(authorizer.decide(request)).thenReturn(authResponse);
 521         when(authResponse.isAuthorized()).thenReturn(true);
 522     }
 523
 524     private void setUpValidAuthorisedRequest() throws Exception {
 525         setUpValidSecurityOnHttpRequest();
 526         setBehalfHeader("Stub_Value");
 527         setValidPathInfoInHttpHeader();
 528     }
 529
 530     private void setUpValidContentHeadersAndJSONOnHttpRequest() {
 531         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.0");
 532         when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
 533     }
 534
 535     private void reinsertFeedIntoDb() throws SQLException {
 536         Feed feed = new Feed("Feed1","v0.1", "First Feed for testing", "First Feed for testing");
 537         feed.setFeedid(1);
 538         feed.setGroupid(1);
 539         feed.setDeleted(false);
 540         try (Connection conn = ProvDbUtils.getInstance().getConnection()) {
 541             feed.doUpdate(conn);
 542         }
 543     }
 544 }