datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java

   1 /*******************************************************************************
   2  * ============LICENSE_START==================================================
   3  * * org.onap.dmaap
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  21  * *
  22  ******************************************************************************/
  23 package org.onap.dmaap.datarouter.provisioning;
  24
  25 import ch.qos.logback.classic.spi.ILoggingEvent;
  26 import ch.qos.logback.core.read.ListAppender;
  27 import org.apache.commons.lang3.reflect.FieldUtils;
  28 import org.jetbrains.annotations.NotNull;
  29 import org.json.JSONArray;
  30 import org.json.JSONObject;
  31 import org.junit.AfterClass;
  32 import org.junit.Before;
  33 import org.junit.BeforeClass;
  34 import org.junit.Test;
  35 import org.junit.runner.RunWith;
  36 import org.mockito.Mock;
  37 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
  38 import org.onap.dmaap.datarouter.authz.Authorizer;
  39 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
  40 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
  41 import org.onap.dmaap.datarouter.provisioning.utils.DB;
  42 import org.powermock.modules.junit4.PowerMockRunner;
  43
  44 import javax.persistence.EntityManager;
  45 import javax.persistence.EntityManagerFactory;
  46 import javax.persistence.Persistence;
  47 import javax.servlet.ServletInputStream;
  48 import javax.servlet.ServletOutputStream;
  49 import javax.servlet.http.HttpServletRequest;
  50 import javax.servlet.http.HttpServletResponse;
  51 import java.sql.SQLException;
  52 import java.util.HashSet;
  53 import java.util.Set;
  54
  55 import static org.hamcrest.Matchers.notNullValue;
  56 import static org.mockito.Mockito.*;
  57 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
  58
  59
  60 @RunWith(PowerMockRunner.class)
  61 public class FeedServletTest extends DrServletTestBase {
  62
  63     private static FeedServlet feedServlet;
  64
  65     @Mock
  66     private HttpServletRequest request;
  67     @Mock
  68     private HttpServletResponse response;
  69
  70     private static EntityManagerFactory emf;
  71     private static EntityManager em;
  72     private DB db;
  73
  74     private ListAppender<ILoggingEvent> listAppender;
  75
  76     @BeforeClass
  77     public static void init() {
  78         emf = Persistence.createEntityManagerFactory("dr-unit-tests");
  79         em = emf.createEntityManager();
  80         System.setProperty(
  81                 "org.onap.dmaap.datarouter.provserver.properties",
  82                 "src/test/resources/h2Database.properties");
  83     }
  84
  85     @AfterClass
  86     public static void tearDownClass() {
  87         em.clear();
  88         em.close();
  89         emf.close();
  90     }
  91
  92     @Before
  93     public void setUp() throws Exception {
  94         listAppender = setTestLogger(FeedServlet.class);
  95         feedServlet = new FeedServlet();
  96         db = new DB();
  97         setAuthoriserToReturnRequestIsAuthorized();
  98         setUpValidAuthorisedRequest();
  99         setUpValidSecurityOnHttpRequest();
 100         setUpValidContentHeadersAndJSONOnHttpRequest();
 101     }
 102
 103     @Test
 104     public void Given_Request_Is_HTTP_DELETE_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
 105         throws Exception {
 106         when(request.isSecure()).thenReturn(false);
 107         feedServlet.doDelete(request, response);
 108         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 109         verifyEnteringExitCalled(listAppender);
 110     }
 111
 112
 113     @Test
 114     public void Given_Request_Is_HTTP_DELETE_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
 115         throws Exception {
 116         setBehalfHeader(null);
 117         feedServlet.doDelete(request, response);
 118         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 119     }
 120
 121
 122     @Test
 123     public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 124         when(request.getPathInfo()).thenReturn(null);
 125         feedServlet.doDelete(request, response);
 126         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 127     }
 128
 129
 130     @Test
 131     public void Given_Request_Is_HTTP_DELETE_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 132         when(request.getPathInfo()).thenReturn("/123");
 133         feedServlet.doDelete(request, response);
 134         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 135     }
 136
 137
 138     @Test
 139     public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 140         setAuthoriserToReturnRequestNotAuthorized();
 141         feedServlet.doDelete(request, response);
 142         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 143     }
 144
 145     @Test
 146     public void Given_Request_Is_HTTP_DELETE_And_AAF_Feed_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception {
 147         when(request.getPathInfo()).thenReturn("/2");
 148         feedServlet.doDelete(request, response);
 149         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access to permission"));
 150     }
 151
 152     @Test
 153     public void Given_Request_Is_HTTP_DELETE_And_AAF_Feed_With_Permissions_Then_A_NO_CONTENT_Response_Is_Generated() {
 154         when(request.getPathInfo()).thenReturn("/3");
 155         when(request.isUserInRole("org.onap.dmaap-dr.feed|*|delete")).thenReturn(true);
 156         feedServlet.doDelete(request, response);
 157         verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
 158         verifyEnteringExitCalled(listAppender);
 159     }
 160
 161
 162     @Test
 163     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Fails_An_Internal_Server_Error_Is_Reported()
 164         throws Exception {
 165         FeedServlet feedServlet = new FeedServlet() {
 166             protected boolean doUpdate(Updateable bean) {
 167                 return false;
 168             }
 169         };
 170         feedServlet.doDelete(request, response);
 171         verify(response)
 172             .sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 173     }
 174
 175
 176     @Test
 177     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated() throws Exception {
 178         feedServlet.doDelete(request, response);
 179         verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
 180         reinsertFeedIntoDb();
 181         verifyEnteringExitCalled(listAppender);
 182     }
 183
 184     @Test
 185     public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
 186         throws Exception {
 187         when(request.isSecure()).thenReturn(false);
 188         feedServlet.doGet(request, response);
 189         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 190         verifyEnteringExitCalled(listAppender);
 191     }
 192
 193     @Test
 194     public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
 195         throws Exception {
 196         setBehalfHeader(null);
 197         feedServlet.doGet(request, response);
 198         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 199     }
 200
 201
 202     @Test
 203     public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
 204         throws Exception {
 205         when(request.getPathInfo()).thenReturn(null);
 206         feedServlet.doGet(request, response);
 207         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 208     }
 209
 210
 211     @Test
 212     public void Given_Request_Is_HTTP_GET_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
 213         throws Exception {
 214         when(request.getPathInfo()).thenReturn("/123");
 215         feedServlet.doGet(request, response);
 216         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 217     }
 218
 219
 220     @Test
 221     public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
 222         throws Exception {
 223         setAuthoriserToReturnRequestNotAuthorized();
 224         when(request.getPathInfo()).thenReturn("/2");
 225         feedServlet.doGet(request, response);
 226         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 227     }
 228
 229
 230     @Test
 231     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
 232         ServletOutputStream outStream = mock(ServletOutputStream.class);
 233         when(response.getOutputStream()).thenReturn(outStream);
 234         when(request.getPathInfo()).thenReturn("/2");
 235         feedServlet.doGet(request, response);
 236         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 237         verifyEnteringExitCalled(listAppender);
 238     }
 239
 240
 241     @Test
 242     public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
 243         throws Exception {
 244         when(request.isSecure()).thenReturn(false);
 245         feedServlet.doPut(request, response);
 246         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 247         verifyEnteringExitCalled(listAppender);
 248     }
 249
 250     @Test
 251     public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
 252         throws Exception {
 253         setBehalfHeader(null);
 254         feedServlet.doPut(request, response);
 255         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 256     }
 257
 258
 259     @Test
 260     public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
 261         throws Exception {
 262         when(request.getPathInfo()).thenReturn(null);
 263         feedServlet.doPut(request, response);
 264         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 265     }
 266
 267
 268     @Test
 269     public void Given_Request_Is_HTTP_PUT_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
 270         throws Exception {
 271         when(request.getPathInfo()).thenReturn("/123");
 272         feedServlet.doPut(request, response);
 273         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 274     }
 275
 276     @Test
 277     public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated()
 278         throws Exception {
 279         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed-fail; version=2.0");
 280         when(request.getContentType()).thenReturn("stub_contentType");
 281         when(request.getPathInfo()).thenReturn("/2");
 282         feedServlet.doPut(request, response);
 283         verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
 284     }
 285
 286     @Test
 287     public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated()
 288         throws Exception {
 289         ServletInputStream inStream = mock(ServletInputStream.class);
 290         when(request.getInputStream()).thenReturn(inStream);
 291         when(request.getPathInfo()).thenReturn("/2");
 292         FeedServlet feedServlet = new FeedServlet() {
 293             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 294                 return null;
 295             }
 296         };
 297         feedServlet.doPut(request, response);
 298         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("Badly formed JSON"));
 299     }
 300
 301     @Test
 302     public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Invalid_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
 303         when(request.getPathInfo()).thenReturn("/2");
 304         FeedServlet feedServlet = new FeedServlet() {
 305             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 306                 return new JSONObject();
 307             }
 308         };
 309         feedServlet.doPut(request, response);
 310         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 311     }
 312
 313     @Test
 314     public void Given_Request_Is_HTTP_PUT_And_Feed_Change_Is_Not_Publisher_Who_Requested_Feed_Bad_Request_Response_Is_Generated() throws Exception {
 315         when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
 316         when(request.getPathInfo()).thenReturn("/2");
 317         JSONObject JSObject = buildRequestJsonObject();
 318         FeedServlet feedServlet = new FeedServlet() {
 319             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 320                 JSONObject jo = new JSONObject();
 321                 jo.put("name", "stub_name");
 322                 jo.put("version", "1.0");
 323                 jo.put("authorization", JSObject);
 324                 return jo;
 325             }
 326         };
 327         feedServlet.doPut(request, response);
 328         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("must be modified by the same publisher"));
 329     }
 330
 331     @Test
 332     public void Given_Request_Is_HTTP_PUT_And_Feed_Name_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception {
 333         when(request.getPathInfo()).thenReturn("/2");
 334         JSONObject JSObject = buildRequestJsonObject();
 335         FeedServlet feedServlet = new FeedServlet() {
 336             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 337                 JSONObject jo = new JSONObject();
 338                 jo.put("name", "not_stub_name");
 339                 jo.put("version", "1.0");
 340                 jo.put("authorization", JSObject);
 341                 return jo;
 342             }
 343         };
 344         feedServlet.doPut(request, response);
 345         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("name of the feed may not be updated"));
 346     }
 347
 348     @Test
 349     public void Given_Request_Is_HTTP_PUT_And_Feed_Version_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception {
 350         when(request.getPathInfo()).thenReturn("/2");
 351         JSONObject JSObject = buildRequestJsonObject();
 352         FeedServlet feedServlet = new FeedServlet() {
 353             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 354                 JSONObject jo = new JSONObject();
 355                 jo.put("name", "AafFeed");
 356                 jo.put("version", "v0.2");
 357                 jo.put("authorization", JSObject);
 358                 return jo;
 359             }
 360         };
 361         feedServlet.doPut(request, response);
 362         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), contains("version of the feed may not be updated"));
 363     }
 364
 365     @Test
 366     public void Given_Request_Is_HTTP_PUT_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 367         setAuthoriserToReturnRequestNotAuthorized();
 368         when(request.getPathInfo()).thenReturn("/2");
 369         JSONObject JSObject = buildRequestJsonObject();
 370         FeedServlet feedServlet = new FeedServlet() {
 371             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 372                 JSONObject jo = new JSONObject();
 373                 jo.put("name", "AafFeed");
 374                 jo.put("version", "v0.1");
 375                 jo.put("authorization", JSObject);
 376                 return jo;
 377             }
 378         };
 379         feedServlet.doPut(request, response);
 380         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("Policy Engine disallows access"));
 381     }
 382
 383     @Test
 384     public void Given_Request_Is_HTTP_PUT_And_AAF_Feed_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception {
 385         when(request.getPathInfo()).thenReturn("/2");
 386         JSONObject JSObject = buildRequestJsonObject();
 387         FeedServlet feedServlet = new FeedServlet() {
 388             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 389                 JSONObject jo = new JSONObject();
 390                 jo.put("name", "AafFeed");
 391                 jo.put("version", "v0.1");
 392                 jo.put("authorization", JSObject);
 393                 jo.put("aaf_instance", "https://aaf-onap-test.osaaf.org:8095");
 394                 return jo;
 395             }
 396         };
 397         feedServlet.doPut(request, response);
 398         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access to permission"));
 399     }
 400
 401     @Test
 402     public void Given_Request_Is_HTTP_PUT_And_AAF_Feed_With_Permissions_Then_STATUS_OK__Response_Is_Generated() throws Exception {
 403         ServletOutputStream outStream = mock(ServletOutputStream.class);
 404         when(response.getOutputStream()).thenReturn(outStream);
 405         when(request.getPathInfo()).thenReturn("/2");
 406         when(request.isUserInRole("org.onap.dmaap-dr.feed|*|edit")).thenReturn(true);
 407         JSONObject JSObject = buildRequestJsonObject();
 408         FeedServlet feedServlet = new FeedServlet() {
 409             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 410                 JSONObject jo = new JSONObject();
 411                 jo.put("name", "AafFeed");
 412                 jo.put("version", "v0.1");
 413                 jo.put("authorization", JSObject);
 414                 jo.put("aaf_instance", "*");
 415                 return jo;
 416             }
 417             @Override
 418             protected boolean doUpdate(Updateable bean) {
 419                 return true;
 420             }
 421
 422         };
 423         feedServlet.doPut(request, response);
 424         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 425         verifyEnteringExitCalled(listAppender);
 426     }
 427
 428     @Test
 429     public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Fails_An_Internal_Server_Error_Response_Is_Generated() throws Exception {
 430         ServletOutputStream outStream = mock(ServletOutputStream.class);
 431         when(response.getOutputStream()).thenReturn(outStream);
 432         when(request.getPathInfo()).thenReturn("/2");
 433         JSONObject JSObject = buildRequestJsonObject();
 434         FeedServlet feedServlet = new FeedServlet() {
 435             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 436                 JSONObject jo = new JSONObject();
 437                 jo.put("name", "AafFeed");
 438                 jo.put("version", "v0.1");
 439                 jo.put("authorization", JSObject);
 440                 return jo;
 441             }
 442
 443             @Override
 444             protected boolean doUpdate(Updateable bean) {
 445                 return false;
 446             }
 447         };
 448         feedServlet.doPut(request, response);
 449         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 450     }
 451
 452     @Test
 453     public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Suceeds_A_STATUS_OK_Response_Is_Generated() throws Exception {
 454         ServletOutputStream outStream = mock(ServletOutputStream.class);
 455         when(response.getOutputStream()).thenReturn(outStream);
 456         when(request.getPathInfo()).thenReturn("/2");
 457         JSONObject JSObject = buildRequestJsonObject();
 458         FeedServlet feedServlet = new FeedServlet() {
 459             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 460                 JSONObject jo = new JSONObject();
 461                 jo.put("name", "AafFeed");
 462                 jo.put("version", "v0.1");
 463                 jo.put("authorization", JSObject);
 464                 return jo;
 465             }
 466             @Override
 467             protected boolean doUpdate(Updateable bean) {
 468                 return true;
 469             }
 470
 471         };
 472         feedServlet.doPut(request, response);
 473         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 474         verifyEnteringExitCalled(listAppender);
 475     }
 476
 477     @Test
 478     public void Given_Request_Is_HTTP_POST_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
 479         feedServlet.doPost(request, response);
 480         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
 481         verifyEnteringExitCalled(listAppender);
 482     }
 483
 484     @NotNull
 485     private JSONObject buildRequestJsonObject() {
 486         JSONObject JSObject = new JSONObject();
 487         JSONArray endpointIDs = new JSONArray();
 488         JSONObject JOEndpointIDs = new JSONObject();
 489         JOEndpointIDs.put("id", "stub_endpoint_id");
 490         JOEndpointIDs.put("password", "stub_endpoint_password");
 491         endpointIDs.put(JOEndpointIDs);
 492
 493         JSONArray endpointAddresses = new JSONArray();
 494         endpointAddresses.put("127.0.0.1");
 495
 496         JSObject.put("classification", "stub_classification");
 497         JSObject.put("endpoint_ids", endpointIDs);
 498         JSObject.put("endpoint_addrs", endpointAddresses);
 499         return JSObject;
 500     }
 501
 502     private void setUpValidSecurityOnHttpRequest() throws Exception {
 503         when(request.isSecure()).thenReturn(true);
 504         Set<String> authAddressesAndNetworks = new HashSet<>();
 505         authAddressesAndNetworks.add(("127.0.0.1"));
 506         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks,true);
 507         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
 508     }
 509
 510     private void setBehalfHeader(String headerValue) {
 511         when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
 512     }
 513
 514     private void setValidPathInfoInHttpHeader() {
 515         when(request.getPathInfo()).thenReturn("/1");
 516     }
 517
 518     private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
 519         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 520         Authorizer authorizer = mock(Authorizer.class);
 521         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 522         when(authorizer.decide(request)).thenReturn(authResponse);
 523         when(authResponse.isAuthorized()).thenReturn(false);
 524     }
 525
 526     private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
 527         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 528         Authorizer authorizer = mock(Authorizer.class);
 529         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 530         when(authorizer.decide(request)).thenReturn(authResponse);
 531         when(authResponse.isAuthorized()).thenReturn(true);
 532     }
 533
 534     private void setUpValidAuthorisedRequest() throws Exception {
 535         setUpValidSecurityOnHttpRequest();
 536         setBehalfHeader("Stub_Value");
 537         setValidPathInfoInHttpHeader();
 538     }
 539
 540     private void setUpValidContentHeadersAndJSONOnHttpRequest() {
 541         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.0");
 542         when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
 543     }
 544
 545     private void reinsertFeedIntoDb() throws SQLException {
 546         Feed feed = new Feed("Feed1","v0.1", "First Feed for testing", "First Feed for testing");
 547         feed.setFeedid(1);
 548         feed.setGroupid(1);
 549         feed.setDeleted(false);
 550         feed.doUpdate(db.getConnection());
 551     }
 552 }