datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java

   1 /*******************************************************************************
   2  * ============LICENSE_START==================================================
   3  * * org.onap.dmaap
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  21  * *
  22  ******************************************************************************/
  23 package org.onap.dmaap.datarouter.provisioning;
  24
  25 import ch.qos.logback.classic.spi.ILoggingEvent;
  26 import ch.qos.logback.core.read.ListAppender;
  27 import org.apache.commons.lang3.reflect.FieldUtils;
  28 import org.jetbrains.annotations.NotNull;
  29 import org.json.JSONObject;
  30 import org.junit.Before;
  31 import org.junit.Test;
  32 import org.junit.runner.RunWith;
  33 import org.mockito.Mock;
  34 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
  35 import org.onap.dmaap.datarouter.authz.Authorizer;
  36 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
  37 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
  38 import org.onap.dmaap.datarouter.provisioning.beans.Subscription;
  39 import org.powermock.api.mockito.PowerMockito;
  40 import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
  41 import org.powermock.modules.junit4.PowerMockRunner;
  42
  43 import javax.servlet.ServletOutputStream;
  44 import javax.servlet.http.HttpServletRequest;
  45 import javax.servlet.http.HttpServletResponse;
  46 import java.util.ArrayList;
  47 import java.util.HashSet;
  48 import java.util.List;
  49 import java.util.Set;
  50
  51 import static org.hamcrest.Matchers.notNullValue;
  52 import static org.mockito.Mockito.*;
  53 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
  54
  55
  56 @RunWith(PowerMockRunner.class)
  57 @SuppressStaticInitializationFor({"org.onap.dmaap.datarouter.provisioning.beans.Feed", "org.onap.dmaap.datarouter.provisioning.beans.Subscription"})
  58 public class SubscribeServletTest extends DrServletTestBase {
  59     private static SubscribeServlet subscribeServlet;
  60
  61     @Mock
  62     private HttpServletRequest request;
  63     @Mock
  64     private HttpServletResponse response;
  65
  66     ListAppender<ILoggingEvent> listAppender;
  67
  68     @Before
  69     public void setUp() throws Exception {
  70         super.setUp();
  71         listAppender = setTestLogger(SubscribeServlet.class);
  72         subscribeServlet = new SubscribeServlet();
  73         setAuthoriserToReturnRequestIsAuthorized();
  74         setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
  75         setupValidAuthorisedRequest();
  76         setUpValidSecurityOnHttpRequest();
  77         setUpValidContentHeadersAndJSONOnHttpRequest();
  78     }
  79
  80     @Test
  81     public void Given_Request_Is_HTTP_DELETE_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
  82         subscribeServlet.doDelete(request, response);
  83         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
  84         verifyEnteringExitCalled(listAppender);
  85     }
  86
  87     @Test
  88     public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
  89         when(request.isSecure()).thenReturn(false);
  90         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
  91         subscribeServlet.doGet(request, response);
  92         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
  93         verifyEnteringExitCalled(listAppender);
  94     }
  95
  96     @Test
  97     public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
  98         setBehalfHeader(null);
  99         subscribeServlet.doGet(request, response);
 100         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 101     }
 102
 103
 104     @Test
 105     public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 106         when(request.getPathInfo()).thenReturn(null);
 107         subscribeServlet.doGet(request, response);
 108         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 109     }
 110
 111     @Test
 112     public void Given_Request_Is_HTTP_GET_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 113         setFeedToReturnInvalidFeedIdSupplied();
 114         subscribeServlet.doGet(request, response);
 115         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 116     }
 117
 118
 119     @Test
 120     public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 121         setAuthoriserToReturnRequestNotAuthorized();
 122         subscribeServlet.doGet(request, response);
 123         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 124     }
 125
 126
 127     @Test
 128     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
 129         ServletOutputStream outStream = mock(ServletOutputStream.class);
 130         when(response.getOutputStream()).thenReturn(outStream);
 131         PowerMockito.mockStatic(Subscription.class);
 132         List<String> list = new ArrayList<String>();
 133         list.add("{}");
 134         PowerMockito.when(Subscription.getSubscriptionUrlList(anyInt())).thenReturn(list);
 135         subscribeServlet.doGet(request, response);
 136         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 137         verifyEnteringExitCalled(listAppender);
 138     }
 139
 140
 141     @Test
 142     public void Given_Request_Is_HTTP_PUT_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
 143         subscribeServlet.doPut(request, response);
 144         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), argThat(notNullValue(String.class)));
 145         verifyEnteringExitCalled(listAppender);
 146     }
 147     @Test
 148     public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
 149         when(request.isSecure()).thenReturn(false);
 150         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
 151         subscribeServlet.doPost(request, response);
 152         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 153         verifyEnteringExitCalled(listAppender);
 154     }
 155
 156     @Test
 157     public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 158         setBehalfHeader(null);
 159         subscribeServlet.doPost(request, response);
 160         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 161     }
 162
 163
 164     @Test
 165     public void Given_Request_Is_HTTP_POST_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 166         when(request.getPathInfo()).thenReturn(null);
 167         subscribeServlet.doPost(request, response);
 168         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 169     }
 170
 171
 172     @Test
 173     public void Given_Request_Is_HTTP_POST_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 174         setFeedToReturnInvalidFeedIdSupplied();
 175         subscribeServlet.doPost(request, response);
 176         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 177     }
 178
 179     @Test
 180     public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 181         setAuthoriserToReturnRequestNotAuthorized();
 182         subscribeServlet.doPost(request, response);
 183         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 184     }
 185
 186     @Test
 187     public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
 188         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.1");
 189         when(request.getContentType()).thenReturn("stub_contentType");
 190         subscribeServlet.doPost(request, response);
 191         verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
 192     }
 193
 194     @Test
 195     public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
 196         subscribeServlet.doPost(request, response);
 197         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 198     }
 199
 200     @Test
 201     public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated() throws Exception {
 202         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxSubs", 0, true);
 203         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 204             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 205                 return new JSONObject();
 206             }
 207         };
 208         subscribeServlet.doPost(request, response);
 209         verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), argThat(notNullValue(String.class)));
 210     }
 211
 212     @Test
 213     public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception {
 214         PowerMockito.mockStatic(Subscription.class);
 215         PowerMockito.when(Subscription.getSubscriptionMatching(mock(Subscription.class))).thenReturn(null);
 216         PowerMockito.when(Subscription.countActiveSubscriptions()).thenReturn(0);
 217         JSONObject JSObject = buildRequestJsonObject();
 218         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 219             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 220                 JSONObject jo = new JSONObject();
 221                 jo.put("name", "stub_name");
 222                 jo.put("version", "2.0");
 223                 jo.put("metadataOnly", true);
 224                 jo.put("suspend", true);
 225                 jo.put("delivery", JSObject);
 226                 jo.put("sync", false);
 227                 return jo;
 228             }
 229
 230             @Override
 231             protected boolean doInsert(Insertable bean) {
 232                 return false;
 233             }
 234         };
 235         subscribeServlet.doPost(request, response);
 236         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 237     }
 238
 239
 240     @Test
 241     public void Given_Request_Is_HTTP_POST_And_Change_On_Feeds_Succeeds_A_STATUS_OK_Response_Is_Generated() throws Exception {
 242         ServletOutputStream outStream = mock(ServletOutputStream.class);
 243         when(response.getOutputStream()).thenReturn(outStream);
 244         PowerMockito.mockStatic(Subscription.class);
 245         PowerMockito.when(Subscription.getSubscriptionMatching(mock(Subscription.class))).thenReturn(null);
 246         JSONObject JSObject = buildRequestJsonObject();
 247         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 248             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 249                 JSONObject jo = new JSONObject();
 250                 jo.put("name", "stub_name");
 251                 jo.put("version", "2.0");
 252                 jo.put("metadataOnly", true);
 253                 jo.put("suspend", true);
 254                 jo.put("delivery", JSObject);
 255                 jo.put("sync", true);
 256                 return jo;
 257             }
 258
 259             @Override
 260             protected boolean doInsert(Insertable bean) {
 261                 return true;
 262             }
 263         };
 264         subscribeServlet.doPost(request, response);
 265         verify(response).setStatus(eq(HttpServletResponse.SC_CREATED));
 266         verifyEnteringExitCalled(listAppender);
 267     }
 268
 269
 270     @NotNull
 271     private JSONObject buildRequestJsonObject() {
 272         JSONObject JSObject = new JSONObject();
 273         JSObject.put("url", "https://stub_address");
 274         JSObject.put("use100", "true");
 275         JSObject.put("password", "stub_password");
 276         JSObject.put("user", "stub_user");
 277         return JSObject;
 278     }
 279
 280     private void setUpValidSecurityOnHttpRequest() throws Exception {
 281         when(request.isSecure()).thenReturn(true);
 282         Set<String> authAddressesAndNetworks = new HashSet<String>();
 283         authAddressesAndNetworks.add(("127.0.0.1"));
 284         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
 285         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
 286         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxSubs", 100, true);
 287     }
 288
 289     private void setBehalfHeader(String headerValue) {
 290         when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
 291     }
 292
 293     private void setValidPathInfoInHttpHeader() {
 294         when(request.getPathInfo()).thenReturn("/123");
 295     }
 296
 297     private void setFeedToReturnInvalidFeedIdSupplied() {
 298         PowerMockito.mockStatic(Feed.class);
 299         PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(null);
 300     }
 301
 302     private void setFeedToReturnValidFeedForSuppliedId() {
 303         PowerMockito.mockStatic(Feed.class);
 304         Feed feed = mock(Feed.class);
 305         PowerMockito.when(Feed.getFeedById(anyInt())).thenReturn(feed);
 306         when(feed.isDeleted()).thenReturn(false);
 307         when(feed.asJSONObject(true)).thenReturn(mock(JSONObject.class));
 308         when(feed.getPublisher()).thenReturn("Stub_Value");
 309         when(feed.getName()).thenReturn("stub_name");
 310         when(feed.getVersion()).thenReturn("1.0");
 311         when(feed.asLimitedJSONObject()).thenReturn(mock(JSONObject.class));
 312     }
 313
 314     private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
 315         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 316         Authorizer authorizer = mock(Authorizer.class);
 317         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 318         when(authorizer.decide(request)).thenReturn(authResponse);
 319         when(authResponse.isAuthorized()).thenReturn(false);
 320     }
 321
 322     private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
 323         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 324         Authorizer authorizer = mock(Authorizer.class);
 325         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 326         when(authorizer.decide(request)).thenReturn(authResponse);
 327         when(authResponse.isAuthorized()).thenReturn(true);
 328     }
 329
 330     private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
 331         Poker poker = mock(Poker.class);
 332         FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
 333     }
 334
 335     private void setupValidAuthorisedRequest() throws Exception {
 336         setUpValidSecurityOnHttpRequest();
 337         setBehalfHeader("Stub_Value");
 338         setValidPathInfoInHttpHeader();
 339         setFeedToReturnValidFeedForSuppliedId();
 340     }
 341
 342     private void setUpValidContentHeadersAndJSONOnHttpRequest() {
 343         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0");
 344         when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
 345
 346     }
 347 }