Code Review / dmaap / datarouter.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Unit tests for ExpiryRecord"
[dmaap/datarouter.git] / datarouter-prov / src / test / java / org / onap / dmaap / datarouter / provisioning / FeedServletTest.java
1 /*******************************************************************************
2  * ============LICENSE_START==================================================
3  * * org.onap.dmaap
4  * * ===========================================================================
5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6  * * ===========================================================================
7  * * Licensed under the Apache License, Version 2.0 (the "License");
8  * * you may not use this file except in compliance with the License.
9  * * You may obtain a copy of the License at
10  * *
11  *  *      http://www.apache.org/licenses/LICENSE-2.0
12  * *
13  *  * Unless required by applicable law or agreed to in writing, software
14  * * distributed under the License is distributed on an "AS IS" BASIS,
15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * * See the License for the specific language governing permissions and
17  * * limitations under the License.
18  * * ============LICENSE_END====================================================
19  * *
20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
21  * *
22  ******************************************************************************/
23 package org.onap.dmaap.datarouter.provisioning;
24
25 import org.apache.commons.lang3.reflect.FieldUtils;
26 import org.jetbrains.annotations.NotNull;
27 import org.json.JSONArray;
28 import org.json.JSONObject;
29 import org.junit.Before;
30 import org.junit.Test;
31 import org.junit.runner.RunWith;
32 import org.mockito.Mock;
33 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
34 import org.onap.dmaap.datarouter.authz.Authorizer;
35 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
36 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
37 import org.powermock.api.mockito.PowerMockito;
38 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
39 import org.powermock.modules.junit4.PowerMockRunner;
40
41 import javax.servlet.ServletInputStream;
42 import javax.servlet.ServletOutputStream;
43 import javax.servlet.http.HttpServletRequest;
44 import javax.servlet.http.HttpServletResponse;
45 import java.util.HashSet;
46 import java.util.Set;
47
48 import static org.hamcrest.Matchers.notNullValue;
49 import static org.mockito.Mockito.*;
50 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
51
52
53 @RunWith(PowerMockRunner.class)
54 @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Feed")
55 public class FeedServletTest extends DrServletTestBase {
56
57     private static FeedServlet feedServlet;
58
59     @Mock
60     private HttpServletRequest request;
61     @Mock
62     private HttpServletResponse response;
63
64     @Before
65     public void setUp() throws Exception {
66         super.setUp();
67         feedServlet = new FeedServlet();
68         setAuthoriserToReturnRequestIsAuthorized();
69         setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
70         setUpValidAuthorisedRequest();
71         setUpValidSecurityOnHttpRequest();
72         setUpValidContentHeadersAndJSONOnHttpRequest();
73     }
74
75     @Test
76     public void Given_Request_Is_HTTP_DELETE_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
77         throws Exception {
78         when(request.isSecure()).thenReturn(false);
79         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
80         feedServlet.doDelete(request, response);
81         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
82     }
83
84
85     @Test
86     public void Given_Request_Is_HTTP_DELETE_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
87         throws Exception {
88         setBehalfHeader(null);
89         feedServlet.doDelete(request, response);
90         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
91     }
92
93
94     @Test
95     public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
96         throws Exception {
97         when(request.getPathInfo()).thenReturn(null);
98         feedServlet.doDelete(request, response);
99         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
100     }
101
102
103     @Test
104     public void Given_Request_Is_HTTP_DELETE_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
105         throws Exception {
106         setFeedToReturnInvalidFeedIdSupplied();
107         feedServlet.doDelete(request, response);
108         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
109     }
110
111
112     @Test
113     public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
114         throws Exception {
115         setAuthoriserToReturnRequestNotAuthorized();
116         feedServlet.doDelete(request, response);
117         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
118     }
119
120
121     @Test
122     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Fails_An_Internal_Server_Error_Is_Reported()
123         throws Exception {
124         FeedServlet feedServlet = new FeedServlet() {
125             protected boolean doUpdate(Updateable bean) {
126                 return false;
127             }
128         };
129         feedServlet.doDelete(request, response);
130         verify(response)
131             .sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
132     }
133
134
135     @Test
136     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated()
137         throws Exception {
138         FeedServlet feedServlet = new FeedServlet() {
139             protected boolean doUpdate(Updateable bean) {
140                 return true;
141             }
142         };
143         feedServlet.doDelete(request, response);
144         verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
145     }
146
147     @Test
148     public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
149         throws Exception {
150         when(request.isSecure()).thenReturn(false);
151         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
152         feedServlet.doGet(request, response);
153         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
154     }
155
156     @Test
157     public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
158         throws Exception {
159         setBehalfHeader(null);
160         feedServlet.doGet(request, response);
161         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
162     }
163
164
165     @Test
166     public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
167         throws Exception {
168         when(request.getPathInfo()).thenReturn(null);
169         feedServlet.doGet(request, response);
170         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
171     }
172
173
174     @Test
175     public void Given_Request_Is_HTTP_GET_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
176         throws Exception {
177         setFeedToReturnInvalidFeedIdSupplied();
178         feedServlet.doGet(request, response);
179         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
180     }
181
182
183     @Test
184     public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
185         throws Exception {
186         setAuthoriserToReturnRequestNotAuthorized();
187         feedServlet.doGet(request, response);
188         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
189     }
190
191
192     @Test
193     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
194         ServletOutputStream outStream = mock(ServletOutputStream.class);
195         when(response.getOutputStream()).thenReturn(outStream);
196         feedServlet.doGet(request, response);
197         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
198     }
199
200
201     @Test
202     public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
203         throws Exception {
204         when(request.isSecure()).thenReturn(false);
205         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
206         feedServlet.doPut(request, response);
207         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
208     }
209
210     @Test
211     public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
212         throws Exception {
213         setBehalfHeader(null);
214         feedServlet.doPut(request, response);
215         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
216     }
217
218
219     @Test
220     public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
221         throws Exception {
222         when(request.getPathInfo()).thenReturn(null);
223         feedServlet.doPut(request, response);
224         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
225     }
226
227
228     @Test
229     public void Given_Request_Is_HTTP_PUT_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
230         throws Exception {
231         setFeedToReturnInvalidFeedIdSupplied();
232         feedServlet.doPut(request, response);
233         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
234     }
235
236     @Test
237     public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated()
238         throws Exception {
239         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.feed-fail; version=2.0");
240         when(request.getContentType()).thenReturn("stub_contentType");
241         feedServlet.doPut(request, response);
242         verify(response)
243             .sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
244     }
245
246     @Test
247     public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated()
248         throws Exception {
249         ServletInputStream inStream = mock(ServletInputStream.class);
250         when(request.getInputStream()).thenReturn(inStream);
251         feedServlet.doPut(request, response);
252         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
253     }
254
255     @Test
256     public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Invalid_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
257         FeedServlet feedServlet = new FeedServlet() {
258             protected JSONObject getJSONfromInput(HttpServletRequest req) {
259                 return new JSONObject();
260             }
261         };
262         feedServlet.doPut(request, response);
263         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
264     }
265
266     @Test
267     public void Given_Request_Is_HTTP_PUT_And_Feed_Change_Is_Not_Publisher_Who_Requested_Feed_Bad_Request_Response_Is_Generated() throws Exception {
268         when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
269         JSONObject JSObject = buildRequestJsonObject();
270         FeedServlet feedServlet = new FeedServlet() {
271             protected JSONObject getJSONfromInput(HttpServletRequest req) {
272                 JSONObject jo = new JSONObject();
273                 jo.put("name", "stub_name");
274                 jo.put("version", "1.0");
275                 jo.put("authorization", JSObject);
276                 return jo;
277             }
278         };
279
280         feedServlet.doPut(request, response);
281         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
282     }
283
284     @Test
285     public void Given_Request_Is_HTTP_PUT_And_Feed_Name_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception {
286         JSONObject JSObject = buildRequestJsonObject();
287         FeedServlet feedServlet = new FeedServlet() {
288             protected JSONObject getJSONfromInput(HttpServletRequest req) {
289                 JSONObject jo = new JSONObject();
290                 jo.put("name", "not_stub_name");
291                 jo.put("version", "1.0");
292                 jo.put("authorization", JSObject);
293                 return jo;
294             }
295         };
296         feedServlet.doPut(request, response);
297         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
298     }
299
300     @Test
301     public void Given_Request_Is_HTTP_PUT_And_Feed_Version_Change_is_Requested_Bad_Request_Response_Is_Generated() throws Exception {
302         JSONObject JSObject = buildRequestJsonObject();
303         FeedServlet feedServlet = new FeedServlet() {
304             protected JSONObject getJSONfromInput(HttpServletRequest req) {
305                 JSONObject jo = new JSONObject();
306                 jo.put("name", "stub_name");
307                 jo.put("version", "2.0");
308                 jo.put("authorization", JSObject);
309                 return jo;
310             }
311         };
312         feedServlet.doPut(request, response);
313         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
314     }
315
316     @Test
317     public void Given_Request_Is_HTTP_PUT_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
318         JSONObject JSObject = buildRequestJsonObject();
319         FeedServlet feedServlet = new FeedServlet() {
320             protected JSONObject getJSONfromInput(HttpServletRequest req) {
321                 JSONObject jo = new JSONObject();
322                 jo.put("name", "stub_name");
323                 jo.put("version", "1.0");
324                 jo.put("authorization", JSObject);
325                 return jo;
326             }
327         };
328         setAuthoriserToReturnRequestNotAuthorized();
329         feedServlet.doPut(request, response);
330         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
331     }
332
333     @Test
334     public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Fails_A_STATUS_OK_Response_Is_Generated() throws Exception {
335         ServletOutputStream outStream = mock(ServletOutputStream.class);
336         when(response.getOutputStream()).thenReturn(outStream);
337
338         JSONObject JSObject = buildRequestJsonObject();
339         FeedServlet feedServlet = new FeedServlet() {
340             protected JSONObject getJSONfromInput(HttpServletRequest req) {
341                 JSONObject jo = new JSONObject();
342                 jo.put("name", "stub_name");
343                 jo.put("version", "1.0");
344                 jo.put("authorization", JSObject);
345                 return jo;
346             }
347
348             @Override
349             protected boolean doUpdate(Updateable bean) {
350                 return false;
351             }
352         };
353         feedServlet.doPut(request, response);
354         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
355     }
356
357     @Test
358     public void Given_Request_Is_HTTP_PUT_And_Change_On_Feeds_Suceeds_A_STATUS_OK_Response_Is_Generated() throws Exception {
359         ServletOutputStream outStream = mock(ServletOutputStream.class);
360         when(response.getOutputStream()).thenReturn(outStream);
361         JSONObject JSObject = buildRequestJsonObject();
362         FeedServlet feedServlet = new FeedServlet() {
363             protected JSONObject getJSONfromInput(HttpServletRequest req) {
364                 JSONObject jo = new JSONObject();
365                 jo.put("name", "stub_name");
366                 jo.put("version", "1.0");
367                 jo.put("authorization", JSObject);
368                 return jo;
369             }
370
371             @Override
372             protected boolean doUpdate(Updateable bean) {
373                 return true;
374             }
375         };
376         feedServlet.doPut(request, response);
377         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
378     }
379
380     @Test
381     public void Given_Request_Is_HTTP_POST_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
382         feedServlet.doPost(request, response);
383         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
384     }
385
386     @NotNull
387     private JSONObject buildRequestJsonObject() {
388         JSONObject JSObject = new JSONObject();
389         JSONArray endpointIDs = new JSONArray();
390         JSONObject JOEndpointIDs = new JSONObject();
391         JOEndpointIDs.put("id", "stub_endpoint_id");
392         JOEndpointIDs.put("password", "stub_endpoint_password");
393         endpointIDs.put(JOEndpointIDs);
394
395         JSONArray endpointAddresses = new JSONArray();
396         endpointAddresses.put("127.0.0.1");
397
398         JSObject.put("classification", "stub_classification");
399         JSObject.put("endpoint_ids", endpointIDs);
400         JSObject.put("endpoint_addrs", endpointAddresses);
401         return JSObject;
402     }
403
404     private void setUpValidSecurityOnHttpRequest() throws Exception {
405         when(request.isSecure()).thenReturn(true);
406         Set<String> authAddressesAndNetworks = new HashSet<String>();
407         authAddressesAndNetworks.add(("127.0.0.1"));
408         FieldUtils
409             .writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks,
410                 true);
411         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
412     }
413
414     private void setBehalfHeader(String headerValue) {
415         when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
416     }
417
418     private void setValidPathInfoInHttpHeader() {
419         when(request.getPathInfo()).thenReturn("/123");
420     }
421
422     private void setFeedToReturnInvalidFeedIdSupplied() {
423         PowerMockito.mockStatic(Feed.class);
424         PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
425     }
426
427     private void setFeedToReturnValidFeedForSuppliedId() {
428         PowerMockito.mockStatic(Feed.class);
429         Feed feed = mock(Feed.class);
430         PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
431         when(feed.isDeleted()).thenReturn(false);
432         when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
433         when(feed.getPublisher()).thenReturn("Stub_Value");
434         when(feed.getName()).thenReturn("stub_name");
435         when(feed.getVersion()).thenReturn("1.0");
436         when(feed.asLimitedJSONObject()).thenReturn(mock(JSONObject.class));
437     }
438
439     private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
440         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
441         Authorizer authorizer = mock(Authorizer.class);
442         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
443         when(authorizer.decide(request)).thenReturn(authResponse);
444         when(authResponse.isAuthorized()).thenReturn(false);
445     }
446
447     private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
448         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
449         Authorizer authorizer = mock(Authorizer.class);
450         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
451         when(authorizer.decide(request)).thenReturn(authResponse);
452         when(authResponse.isAuthorized()).thenReturn(true);
453     }
454
455     private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
456         Poker poker = mock(Poker.class);
457         FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
458     }
459
460     private void setUpValidAuthorisedRequest() throws Exception {
461         setUpValidSecurityOnHttpRequest();
462         setBehalfHeader("Stub_Value");
463         setValidPathInfoInHttpHeader();
464         setFeedToReturnValidFeedForSuppliedId();
465     }
466
467     private void setUpValidContentHeadersAndJSONOnHttpRequest() {
468         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.feed; version=1.0");
469         when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
470     }
471 }
The Data Routing System project is intended to provide a common framework by which data producers can make data available to data consumers and a way for potential consumers to find feeds with the data they require. The interface to DR is exposed as a RESTful web service known as the DR Publishing and Delivery API