datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/GroupServletTest.java

   1 /*******************************************************************************
   2  * ============LICENSE_START==================================================
   3  * * org.onap.dmaap
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  21  * *
  22  ******************************************************************************/
  23 package org.onap.dmaap.datarouter.provisioning;
  24
  25 import org.apache.commons.lang3.reflect.FieldUtils;
  26 import org.json.JSONObject;
  27 import org.junit.Before;
  28 import org.junit.Test;
  29 import org.junit.runner.RunWith;
  30 import org.mockito.Matchers;
  31 import org.mockito.Mock;
  32 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
  33 import org.onap.dmaap.datarouter.authz.Authorizer;
  34 import org.onap.dmaap.datarouter.provisioning.beans.Group;
  35 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
  36 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
  37 import org.powermock.api.mockito.PowerMockito;
  38 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
  39 import org.powermock.modules.junit4.PowerMockRunner;
  40
  41 import javax.servlet.ServletInputStream;
  42 import javax.servlet.ServletOutputStream;
  43 import javax.servlet.http.HttpServletRequest;
  44 import javax.servlet.http.HttpServletResponse;
  45
  46 import java.util.HashSet;
  47 import java.util.Set;
  48
  49 import static org.hamcrest.Matchers.notNullValue;
  50 import static org.mockito.Matchers.anyInt;
  51 import static org.mockito.Matchers.argThat;
  52 import static org.mockito.Matchers.eq;
  53 import static org.mockito.Mockito.mock;
  54 import static org.mockito.Mockito.verify;
  55 import static org.mockito.Mockito.when;
  56 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
  57
  58 @RunWith(PowerMockRunner.class)
  59 @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.provisioning.beans.Group")
  60 public class GroupServletTest {
  61     private GroupServlet groupServlet;
  62
  63     @Mock
  64     private HttpServletRequest request;
  65
  66     @Mock
  67     private HttpServletResponse response;
  68
  69     @Before
  70     public void setUp() throws Exception {
  71         initialiseBaseServletToBypassRetreiviingInitialisationParametersFromDatabase();
  72         groupServlet = new GroupServlet();
  73         setAuthoriserToReturnRequestIsAuthorized();
  74         setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
  75         setUpValidAuthorisedRequest();
  76     }
  77
  78     @Test
  79     public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
  80         when(request.isSecure()).thenReturn(false);
  81         groupServlet.doGet(request, response);
  82         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
  83     }
  84
  85     @Test
  86     public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
  87         setBehalfHeader(null);
  88         groupServlet.doGet(request, response);
  89         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
  90     }
  91
  92     @Test
  93     public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
  94         when(request.getPathInfo()).thenReturn(null);
  95         groupServlet.doGet(request, response);
  96         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
  97     }
  98
  99     @Test
 100     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
 101         ServletOutputStream outStream = mock(ServletOutputStream.class);
 102         when(response.getOutputStream()).thenReturn(outStream);
 103         groupServlet.doGet(request, response);
 104         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 105     }
 106
 107     @Test
 108     public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
 109         when(request.isSecure()).thenReturn(false);
 110         groupServlet.doPut(request, response);
 111         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 112     }
 113
 114     @Test
 115     public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 116         setBehalfHeader(null);
 117         groupServlet.doPut(request, response);
 118         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 119     }
 120
 121     @Test
 122     public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 123         when(request.getPathInfo()).thenReturn(null);
 124         groupServlet.doPut(request, response);
 125         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 126     }
 127
 128     @Test
 129     public void Given_Request_Is_HTTP_PUT_And_Group_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 130         setGroupToReturnInvalidGroupIdSupplied();
 131         groupServlet.doPut(request, response);
 132         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 133     }
 134
 135     @Test
 136     public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
 137         when(request.getContentType()).thenReturn("stub_contentType");
 138         groupServlet.doPut(request, response);
 139         verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
 140     }
 141
 142     @Test
 143     public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
 144         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.group; version=1.0");
 145         ServletInputStream inStream = mock(ServletInputStream.class);
 146         when(request.getInputStream()).thenReturn(inStream);
 147         groupServlet.doPut(request, response);
 148         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 149     }
 150
 151     @Test
 152     public void Given_Request_Is_HTTP_PUT_And_Group_Name_Is_Too_Long_Then_Bad_Request_Response_Is_Generated() throws Exception {
 153         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.group; version=1.0");
 154         GroupServlet groupServlet = overideGetJSONFromInputToReturnAnInvalidGroup(true);
 155         groupServlet.doPut(request, response);
 156         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 157     }
 158
 159     @Test
 160     public void Given_Request_Is_HTTP_PUT_And_Group_Name_Matches_Group_In_Db_Then_Bad_Request_Response_Is_Generated() throws Exception {
 161         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.group; version=1.0");
 162         GroupServlet groupServlet = overideGetJSONFromInputToReturnAValidGroup();
 163         setGroupToReturnNonNullValueForGetGroupMatching();
 164         groupServlet.doPut(request, response);
 165         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 166     }
 167
 168     @Test
 169     public void Given_Request_Is_HTTP_PUT_And_PUT_Fails_Then_Internal_Server_Error_Response_Is_Generated() throws Exception {
 170         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.group; version=1.0");
 171         GroupServlet groupServlet = overideGetJSONFromInputToReturnAValidGroupWithFail();
 172         groupServlet.doPut(request, response);
 173         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 174     }
 175
 176     @Test
 177     public void Given_Request_Is_HTTP_PUT_And_Request_Succeeds() throws Exception {
 178         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.group; version=1.0");
 179         GroupServlet groupServlet = overideGetJSONFromInputToReturnAValidGroup();
 180         ServletOutputStream outStream = mock(ServletOutputStream.class);
 181         when(response.getOutputStream()).thenReturn(outStream);
 182         groupServlet.doPut(request, response);
 183         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 184     }
 185
 186     @Test
 187     public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
 188         when(request.isSecure()).thenReturn(false);
 189         groupServlet.doPost(request, response);
 190         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 191     }
 192
 193     @Test
 194     public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 195         setBehalfHeader(null);
 196         groupServlet.doPost(request, response);
 197         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 198     }
 199
 200     @Test
 201     public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
 202         when(request.getContentType()).thenReturn("stub_contentType");
 203         groupServlet.doPost(request, response);
 204         verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
 205     }
 206
 207     @Test
 208     public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
 209         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.group; version=1.0");
 210         ServletInputStream inStream = mock(ServletInputStream.class);
 211         when(request.getInputStream()).thenReturn(inStream);
 212         groupServlet.doPost(request, response);
 213         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 214     }
 215
 216     @Test
 217     public void Given_Request_Is_HTTP_POST_And_Group_Description_Is_Too_Long_Then_Bad_Request_Response_Is_Generated() throws Exception {
 218         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.group; version=1.0");
 219         GroupServlet groupServlet = overideGetJSONFromInputToReturnAnInvalidGroup(false);
 220         groupServlet.doPost(request, response);
 221         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 222     }
 223
 224     @Test
 225     public void Given_Request_Is_HTTP_POST_And_POST_Fails_Then_Internal_Server_Error_Response_Is_Generated() throws Exception {
 226         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.group; version=1.0");
 227         GroupServlet groupServlet = overideGetJSONFromInputToReturnAValidGroupWithFail();
 228         groupServlet.doPost(request, response);
 229         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 230     }
 231
 232     @Test
 233     public void Given_Request_Is_HTTP_POST_And_Request_Succeeds() throws Exception {
 234         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.group; version=1.0");
 235         GroupServlet groupServlet = overideGetJSONFromInputToReturnAValidGroup();
 236         ServletOutputStream outStream = mock(ServletOutputStream.class);
 237         when(response.getOutputStream()).thenReturn(outStream);
 238         groupServlet.doPost(request, response);
 239         verify(response).setStatus(eq(HttpServletResponse.SC_CREATED));
 240     }
 241
 242     @Test
 243     public void Given_Request_Is_HTTP_DELETE_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
 244         groupServlet.doDelete(request, response);
 245         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
 246     }
 247
 248     private void initialiseBaseServletToBypassRetreiviingInitialisationParametersFromDatabase() throws IllegalAccessException {
 249         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "startmsg_flag", false, true);
 250         SynchronizerTask synchronizerTask = mock(SynchronizerTask.class);
 251         when(synchronizerTask.getState()).thenReturn(SynchronizerTask.UNKNOWN);
 252         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "synctask", synchronizerTask, true);
 253     }
 254
 255     private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
 256         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 257         Authorizer authorizer = mock(Authorizer.class);
 258         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 259         when(authorizer.decide(request)).thenReturn(authResponse);
 260         when(authResponse.isAuthorized()).thenReturn(true);
 261     }
 262
 263     private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
 264         Poker poker = mock(Poker.class);
 265         FieldUtils.writeDeclaredStaticField(Poker.class, "p", poker, true);
 266     }
 267
 268     private void setUpValidAuthorisedRequest() throws Exception {
 269         setUpValidSecurityOnHttpRequest();
 270         setBehalfHeader("Stub_Value");
 271         setValidPathInfoInHttpHeader();
 272         setGroupToReturnValidGroupIdSupplied();
 273     }
 274
 275     private void setUpValidSecurityOnHttpRequest() throws Exception {
 276         when(request.isSecure()).thenReturn(true);
 277         Set<String> authAddressesAndNetworks = new HashSet<String>();
 278         authAddressesAndNetworks.add(("127.0.0.1"));
 279         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
 280         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "require_cert", false, true);
 281     }
 282
 283     private void setBehalfHeader(String headerValue) {
 284         when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
 285     }
 286
 287     private void setValidPathInfoInHttpHeader() {
 288         when(request.getPathInfo()).thenReturn("/123");
 289     }
 290
 291     private void setGroupToReturnValidGroupIdSupplied() {
 292         PowerMockito.mockStatic(Group.class);
 293         Group group = mock(Group.class);
 294         PowerMockito.when(Group.getGroupById(anyInt())).thenReturn(group);
 295         when(group.asJSONObject()).thenReturn(mock(JSONObject.class));
 296     }
 297
 298     private void setGroupToReturnInvalidGroupIdSupplied() {
 299         PowerMockito.mockStatic(Group.class);
 300         PowerMockito.when(Group.getGroupById(anyInt())).thenReturn(null);
 301     }
 302
 303     private GroupServlet overideGetJSONFromInputToReturnAnInvalidGroup(Boolean invalidName) {
 304         GroupServlet groupServlet = new GroupServlet() {
 305             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 306                 JSONObject invalidGroup = new JSONObject();
 307                 String invalidEntry = "groupNameThatIsTooLongTooBeValidgroupNameThatIsTooLongTooBeValid";
 308                 invalidEntry = invalidEntry + invalidEntry + invalidEntry + invalidEntry + invalidEntry;
 309                 if (invalidName) {
 310                     invalidGroup.put("name", invalidEntry);
 311                     invalidGroup.put("description", "description");
 312                 } else {
 313                     invalidGroup.put("name", "groupName");
 314                     invalidGroup.put("description", invalidEntry);
 315                 }
 316                 invalidGroup.put("groupid", 2);
 317                 invalidGroup.put("authid", "User1");
 318                 invalidGroup.put("classification", "class");
 319                 invalidGroup.put("members", "stub_members");
 320                 return invalidGroup;
 321             }
 322         };
 323         return groupServlet;
 324     }
 325
 326     private GroupServlet overideGetJSONFromInputToReturnAValidGroupWithFail() {
 327         GroupServlet groupServlet = new GroupServlet() {
 328             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 329                 JSONObject validGroup = new JSONObject();
 330                 validGroup.put("name", "groupName");
 331                 validGroup.put("groupid", 2);
 332                 validGroup.put("description", "Group Description");
 333                 validGroup.put("authid", "User1");
 334                 validGroup.put("classification", "class");
 335                 validGroup.put("members", "stub_members");
 336                 return validGroup;
 337             }
 338
 339             protected boolean doUpdate(Updateable bean) {
 340                 return false;
 341             }
 342
 343             protected boolean doInsert(Insertable bean) {
 344                 return false;
 345             }
 346         };
 347         return groupServlet;
 348     }
 349
 350     private GroupServlet overideGetJSONFromInputToReturnAValidGroup() {
 351         GroupServlet groupServlet = new GroupServlet() {
 352             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 353                 JSONObject validGroup = new JSONObject();
 354                 validGroup.put("name", "groupName");
 355                 validGroup.put("groupid", 2);
 356                 validGroup.put("description", "Group Description");
 357                 validGroup.put("authid", "User1");
 358                 validGroup.put("classification", "class");
 359                 validGroup.put("members", "stub_members");
 360                 return validGroup;
 361             }
 362
 363             protected boolean doUpdate(Updateable bean) {
 364                 return true;
 365             }
 366
 367             protected boolean doInsert(Insertable bean) {
 368                 return true;
 369             }
 370         };
 371         return groupServlet;
 372     }
 373
 374     private void setGroupToReturnNonNullValueForGetGroupMatching() {
 375         PowerMockito.mockStatic(Group.class);
 376         Group group = mock(Group.class);
 377         PowerMockito.when(Group.getGroupById(anyInt())).thenReturn(group);
 378         PowerMockito.when(Group.getGroupMatching(Matchers.any(Group.class), anyInt())).thenReturn(group);
 379     }
 380 }