datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java

   1 /*******************************************************************************
   2  * ============LICENSE_START==================================================
   3  * * org.onap.dmaap
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  21  * *
  22  ******************************************************************************/
  23 package org.onap.dmaap.datarouter.provisioning;
  24
  25 import org.apache.commons.lang3.reflect.FieldUtils;
  26 import org.json.JSONObject;
  27 import org.junit.Before;
  28 import org.junit.Test;
  29 import org.junit.runner.RunWith;
  30 import org.mockito.Mock;
  31 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
  32 import org.onap.dmaap.datarouter.authz.Authorizer;
  33 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
  34 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
  35 import org.onap.dmaap.datarouter.provisioning.utils.DB;
  36 import org.powermock.api.mockito.PowerMockito;
  37 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
  38 import org.powermock.modules.junit4.PowerMockRunner;
  39
  40 import javax.servlet.ServletInputStream;
  41 import javax.servlet.ServletOutputStream;
  42 import javax.servlet.http.HttpServletRequest;
  43 import javax.servlet.http.HttpServletResponse;
  44 import java.util.HashSet;
  45 import java.util.Properties;
  46 import java.util.Set;
  47
  48 import static org.hamcrest.Matchers.notNullValue;
  49 import static org.mockito.Mockito.*;
  50 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
  51
  52
  53 @RunWith(PowerMockRunner.class)
  54 @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Feed")
  55 public class FeedServletTest {
  56
  57     private static FeedServlet feedServlet;
  58
  59     @Mock
  60     private HttpServletRequest request;
  61     @Mock
  62     private HttpServletResponse response;
  63
  64     @Before
  65     public void setUp() throws Exception {
  66         initialiseBaseServletToBypassRetreiviingInitialisationParametersFromDatabase();
  67         feedServlet = new FeedServlet();
  68         setAuthoriserToReturnRequestIsAuthorized();
  69         setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
  70         setUpValidAuthorisedRequest();
  71         setUpValidSecurityOnHttpRequest();
  72     }
  73
  74     @Test
  75     public void Given_Request_Is_HTTP_DELETE_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
  76         throws Exception {
  77         when(request.isSecure()).thenReturn(false);
  78         feedServlet.doDelete(request, response);
  79         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
  80     }
  81
  82
  83     @Test
  84     public void Given_Request_Is_HTTP_DELETE_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
  85         throws Exception {
  86         setBehalfHeader(null);
  87         feedServlet.doDelete(request, response);
  88         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
  89     }
  90
  91
  92     @Test
  93     public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
  94         throws Exception {
  95         when(request.getPathInfo()).thenReturn(null);
  96         feedServlet.doDelete(request, response);
  97         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
  98     }
  99
 100
 101     @Test
 102     public void Given_Request_Is_HTTP_DELETE_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
 103         throws Exception {
 104         setFeedToReturnInvalidFeedIdSupplied();
 105         feedServlet.doDelete(request, response);
 106         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 107     }
 108
 109
 110     @Test
 111     public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
 112         throws Exception {
 113         setAuthoriserToReturnRequestNotAuthorized();
 114         feedServlet.doDelete(request, response);
 115         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 116     }
 117
 118
 119     @Test
 120     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Fails_An_Internal_Server_Error_Is_Reported()
 121         throws Exception {
 122         FeedServlet feedServlet = new FeedServlet() {
 123             protected boolean doUpdate(Updateable bean) {
 124                 return false;
 125             }
 126         };
 127         feedServlet.doDelete(request, response);
 128         verify(response)
 129             .sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 130     }
 131
 132
 133     @Test
 134     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated()
 135         throws Exception {
 136         FeedServlet feedServlet = new FeedServlet() {
 137             protected boolean doUpdate(Updateable bean) {
 138                 return true;
 139             }
 140         };
 141         feedServlet.doDelete(request, response);
 142         verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
 143     }
 144
 145     @Test
 146     public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
 147         throws Exception {
 148         when(request.isSecure()).thenReturn(false);
 149         feedServlet.doGet(request, response);
 150         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 151     }
 152
 153     @Test
 154     public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
 155         throws Exception {
 156         setBehalfHeader(null);
 157         feedServlet.doGet(request, response);
 158         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 159     }
 160
 161
 162     @Test
 163     public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
 164         throws Exception {
 165         when(request.getPathInfo()).thenReturn(null);
 166         feedServlet.doGet(request, response);
 167         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 168     }
 169
 170
 171     @Test
 172     public void Given_Request_Is_HTTP_GET_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
 173         throws Exception {
 174         setFeedToReturnInvalidFeedIdSupplied();
 175         feedServlet.doGet(request, response);
 176         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 177     }
 178
 179
 180     @Test
 181     public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated()
 182         throws Exception {
 183         setAuthoriserToReturnRequestNotAuthorized();
 184         feedServlet.doGet(request, response);
 185         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 186     }
 187
 188
 189     @Test
 190     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
 191         ServletOutputStream outStream = mock(ServletOutputStream.class);
 192         when(response.getOutputStream()).thenReturn(outStream);
 193         feedServlet.doGet(request, response);
 194         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 195     }
 196
 197
 198     @Test
 199     public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated()
 200         throws Exception {
 201         when(request.isSecure()).thenReturn(false);
 202         feedServlet.doPut(request, response);
 203         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 204     }
 205
 206     @Test
 207     public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated()
 208         throws Exception {
 209         setBehalfHeader(null);
 210         feedServlet.doPut(request, response);
 211         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 212     }
 213
 214
 215     @Test
 216     public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated()
 217         throws Exception {
 218         when(request.getPathInfo()).thenReturn(null);
 219         feedServlet.doPut(request, response);
 220         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 221     }
 222
 223
 224     @Test
 225     public void Given_Request_Is_HTTP_PUT_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated()
 226         throws Exception {
 227         setFeedToReturnInvalidFeedIdSupplied();
 228         feedServlet.doPut(request, response);
 229         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 230     }
 231
 232     @Test
 233     public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated()
 234         throws Exception {
 235         when(request.getContentType()).thenReturn("stub_contentType");
 236         feedServlet.doPut(request, response);
 237         verify(response)
 238             .sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
 239     }
 240
 241     @Test
 242     public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated()
 243         throws Exception {
 244         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.feed; version=1.0");
 245         ServletInputStream inStream = mock(ServletInputStream.class);
 246         when(request.getInputStream()).thenReturn(inStream);
 247         feedServlet.doPut(request, response);
 248         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 249     }
 250
 251
 252     private void initialiseBaseServletToBypassRetreiviingInitialisationParametersFromDatabase()
 253         throws IllegalAccessException {
 254         Properties props = new Properties();
 255         props.setProperty("org.onap.dmaap.datarouter.provserver.isaddressauthenabled", "false");
 256         FieldUtils.writeDeclaredStaticField(DB.class, "props", props, true);
 257         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "startmsgFlag", false, true);
 258         SynchronizerTask synchronizerTask = mock(SynchronizerTask.class);
 259         when(synchronizerTask.getState()).thenReturn(SynchronizerTask.UNKNOWN);
 260         FieldUtils.writeDeclaredStaticField(SynchronizerTask.class, "synctask", synchronizerTask, true);
 261     }
 262
 263     private void setUpValidSecurityOnHttpRequest() throws Exception {
 264         when(request.isSecure()).thenReturn(true);
 265         Set<String> authAddressesAndNetworks = new HashSet<String>();
 266         authAddressesAndNetworks.add(("127.0.0.1"));
 267         FieldUtils
 268             .writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks,
 269                 true);
 270         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
 271     }
 272
 273     private void setBehalfHeader(String headerValue) {
 274         when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
 275     }
 276
 277     private void setValidPathInfoInHttpHeader() {
 278         when(request.getPathInfo()).thenReturn("/123");
 279     }
 280
 281     private void setFeedToReturnInvalidFeedIdSupplied() {
 282         PowerMockito.mockStatic(Feed.class);
 283         PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
 284     }
 285
 286     private void setFeedToReturnValidFeedForSuppliedId() {
 287         PowerMockito.mockStatic(Feed.class);
 288         Feed feed = mock(Feed.class);
 289         PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
 290         when(feed.isDeleted()).thenReturn(false);
 291         when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
 292     }
 293
 294     private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
 295         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 296         Authorizer authorizer = mock(Authorizer.class);
 297         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 298         when(authorizer.decide(request)).thenReturn(authResponse);
 299         when(authResponse.isAuthorized()).thenReturn(false);
 300     }
 301
 302     private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
 303         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 304         Authorizer authorizer = mock(Authorizer.class);
 305         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 306         when(authorizer.decide(request)).thenReturn(authResponse);
 307         when(authResponse.isAuthorized()).thenReturn(true);
 308     }
 309
 310     private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
 311         Poker poker = mock(Poker.class);
 312         FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
 313     }
 314
 315     private void setUpValidAuthorisedRequest() throws Exception {
 316         setUpValidSecurityOnHttpRequest();
 317         setBehalfHeader("Stub_Value");
 318         setValidPathInfoInHttpHeader();
 319         setFeedToReturnValidFeedForSuppliedId();
 320     }
 321 }