datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java

   1 /*******************************************************************************
   2  * ============LICENSE_START==================================================
   3  * * org.onap.dmaap
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  21  * *
  22  ******************************************************************************/
  23 package org.onap.dmaap.datarouter.provisioning;
  24
  25 import static org.mockito.ArgumentMatchers.anyString;
  26 import static org.mockito.Mockito.contains;
  27 import static org.mockito.Mockito.eq;
  28 import static org.mockito.Mockito.mock;
  29 import static org.mockito.Mockito.verify;
  30 import static org.mockito.Mockito.when;
  31 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
  32
  33 import ch.qos.logback.classic.spi.ILoggingEvent;
  34 import ch.qos.logback.core.read.ListAppender;
  35 import java.util.HashSet;
  36 import java.util.Set;
  37 import javax.persistence.EntityManager;
  38 import javax.persistence.EntityManagerFactory;
  39 import javax.persistence.Persistence;
  40 import javax.servlet.ServletOutputStream;
  41 import javax.servlet.http.HttpServletRequest;
  42 import javax.servlet.http.HttpServletResponse;
  43 import org.apache.commons.lang3.reflect.FieldUtils;
  44 import org.jetbrains.annotations.NotNull;
  45 import org.json.JSONObject;
  46 import org.junit.AfterClass;
  47 import org.junit.Before;
  48 import org.junit.BeforeClass;
  49 import org.junit.Test;
  50 import org.junit.runner.RunWith;
  51 import org.mockito.Mock;
  52 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
  53 import org.onap.dmaap.datarouter.authz.Authorizer;
  54 import org.onap.dmaap.datarouter.provisioning.beans.Insertable;
  55 import org.onap.dmaap.datarouter.provisioning.utils.Poker;
  56 import org.onap.dmaap.datarouter.provisioning.utils.ProvDbUtils;
  57 import org.powermock.core.classloader.annotations.PowerMockIgnore;
  58 import org.powermock.modules.junit4.PowerMockRunner;
  59
  60
  61 @RunWith(PowerMockRunner.class)
  62 @PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*"})
  63 public class SubscribeServletTest extends DrServletTestBase {
  64     private static SubscribeServlet subscribeServlet;
  65     private static EntityManagerFactory emf;
  66     private static EntityManager em;
  67
  68     @Mock
  69     private HttpServletRequest request;
  70     @Mock
  71     private HttpServletResponse response;
  72
  73     private ListAppender<ILoggingEvent> listAppender;
  74
  75     @BeforeClass
  76     public static void init() {
  77         emf = Persistence.createEntityManagerFactory("dr-unit-tests");
  78         em = emf.createEntityManager();
  79         System.setProperty(
  80                 "org.onap.dmaap.datarouter.provserver.properties",
  81                 "src/test/resources/h2Database.properties");
  82     }
  83
  84     @AfterClass
  85     public static void tearDownClass() {
  86         em.clear();
  87         em.close();
  88         emf.close();
  89     }
  90
  91     @Before
  92     public void setUp() throws Exception {
  93         ProvDbUtils.getInstance().initProvDB();
  94         listAppender = setTestLogger(SubscribeServlet.class);
  95         subscribeServlet = new SubscribeServlet();
  96         setAuthoriserToReturnRequestIsAuthorized();
  97         setPokerToNotCreateTimersWhenDeleteFeedIsCalled();
  98         setupValidAuthorisedRequest();
  99         setUpValidSecurityOnHttpRequest();
 100         setUpValidContentHeadersAndJSONOnHttpRequest();
 101     }
 102
 103     @Test
 104     public void Given_Request_Is_HTTP_DELETE_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
 105         subscribeServlet.doDelete(request, response);
 106         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), anyString());
 107         verifyEnteringExitCalled(listAppender);
 108     }
 109
 110     @Test
 111     public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
 112         when(request.isSecure()).thenReturn(false);
 113         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
 114         subscribeServlet.doGet(request, response);
 115         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), anyString());
 116         verifyEnteringExitCalled(listAppender);
 117     }
 118
 119     @Test
 120     public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 121         setBehalfHeader(null);
 122         subscribeServlet.doGet(request, response);
 123         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
 124     }
 125
 126
 127     @Test
 128     public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 129         when(request.getPathInfo()).thenReturn(null);
 130         subscribeServlet.doGet(request, response);
 131         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
 132     }
 133
 134     @Test
 135     public void Given_Request_Is_HTTP_GET_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 136         when(request.getPathInfo()).thenReturn("/123");
 137         subscribeServlet.doGet(request, response);
 138         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), anyString());
 139     }
 140
 141     @Test
 142     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
 143         ServletOutputStream outStream = mock(ServletOutputStream.class);
 144         when(response.getOutputStream()).thenReturn(outStream);
 145         when(request.getPathInfo()).thenReturn("/1");
 146         subscribeServlet.doGet(request, response);
 147         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 148         verifyEnteringExitCalled(listAppender);
 149     }
 150
 151
 152     @Test
 153     public void Given_Request_Is_HTTP_PUT_SC_METHOD_NOT_ALLOWED_Response_Is_Generated() throws Exception {
 154         subscribeServlet.doPut(request, response);
 155         verify(response).sendError(eq(HttpServletResponse.SC_METHOD_NOT_ALLOWED), anyString());
 156         verifyEnteringExitCalled(listAppender);
 157     }
 158     @Test
 159     public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
 160         when(request.isSecure()).thenReturn(false);
 161         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "isAddressAuthEnabled", "true", true);
 162         subscribeServlet.doPost(request, response);
 163         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), anyString());
 164         verifyEnteringExitCalled(listAppender);
 165     }
 166
 167     @Test
 168     public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 169         setBehalfHeader(null);
 170         subscribeServlet.doPost(request, response);
 171         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
 172     }
 173
 174
 175     @Test
 176     public void Given_Request_Is_HTTP_POST_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 177         when(request.getPathInfo()).thenReturn(null);
 178         subscribeServlet.doPost(request, response);
 179         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
 180     }
 181
 182
 183     @Test
 184     public void Given_Request_Is_HTTP_POST_And_Feed_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 185         when(request.getPathInfo()).thenReturn("/123");
 186         subscribeServlet.doPost(request, response);
 187         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), anyString());
 188     }
 189
 190     @Test
 191     public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 192         setAuthoriserToReturnRequestNotAuthorized();
 193         when(request.getPathInfo()).thenReturn("/1");
 194         JSONObject JSObject = buildRequestJsonObject();
 195         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 196              public JSONObject getJSONfromInput(HttpServletRequest req) {
 197                 JSONObject jo = new JSONObject();
 198                 jo.put("name", "stub_name");
 199                 jo.put("version", "2.0");
 200                 jo.put("metadataOnly", true);
 201                 jo.put("suspend", true);
 202                 jo.put("delivery", JSObject);
 203                 jo.put("sync", false);
 204                 return jo;
 205             }
 206             @Override
 207             protected boolean doInsert(Insertable bean) {
 208                 return false;
 209             }
 210         };
 211         subscribeServlet.doPost(request, response);
 212         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), anyString());
 213     }
 214
 215     @Test
 216     public void Given_Request_Is_HTTP_POST_And_AAF_Subscriber_Added_To_Legacy_Feed_Then_Forbidden_Response_Is_Generated() throws Exception {
 217         when(request.getPathInfo()).thenReturn("/1");
 218         JSONObject JSObject = buildRequestJsonObject();
 219         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 220             public JSONObject getJSONfromInput(HttpServletRequest req) {
 221                 JSONObject jo = new JSONObject();
 222                 jo.put("name", "stub_name");
 223                 jo.put("version", "2.0");
 224                 jo.put("metadataOnly", true);
 225                 jo.put("suspend", true);
 226                 jo.put("delivery", JSObject);
 227                 jo.put("aaf_instance", "*");
 228                 jo.put("follow_redirect", false);
 229                 jo.put("sync", false);
 230                 return jo;
 231             }
 232             @Override
 233             protected boolean doInsert(Insertable bean) {
 234                 return false;
 235             }
 236         };
 237         subscribeServlet.doPost(request, response);
 238         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF Subscriber can not be added to legacy Feed"));
 239     }
 240
 241     @Test
 242     public void Given_Request_Is_HTTP_POST_And_Legacy_Subscriber_Added_To_AAF_Feed_And_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 243         setAuthoriserToReturnRequestNotAuthorized();
 244         when(request.getPathInfo()).thenReturn("/2");
 245         JSONObject JSObject = buildRequestJsonObject();
 246         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 247             public JSONObject getJSONfromInput(HttpServletRequest req) {
 248                 JSONObject jo = new JSONObject();
 249                 jo.put("name", "stub_name");
 250                 jo.put("version", "2.0");
 251                 jo.put("metadataOnly", true);
 252                 jo.put("suspend", true);
 253                 jo.put("delivery", JSObject);
 254                 jo.put("aaf_instance", "legacy");
 255                 jo.put("follow_redirect", false);
 256                 jo.put("sync", false);
 257                 return jo;
 258             }
 259         };
 260         subscribeServlet.doPost(request, response);
 261         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("Policy Engine disallows access."));
 262     }
 263
 264     @Test
 265     public void Given_Request_Is_HTTP_POST_And_AAF_Subscriber_Added_To_AAF_Feed_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception {
 266         when(request.getPathInfo()).thenReturn("/2");
 267         JSONObject JSObject = buildRequestJsonObject();
 268         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 269             public JSONObject getJSONfromInput(HttpServletRequest req) {
 270                 JSONObject jo = new JSONObject();
 271                 jo.put("name", "stub_name");
 272                 jo.put("version", "2.0");
 273                 jo.put("metadataOnly", true);
 274                 jo.put("suspend", true);
 275                 jo.put("delivery", JSObject);
 276                 jo.put("aaf_instance", "*");
 277                 jo.put("follow_redirect", false);
 278                 jo.put("sync", false);
 279                 return jo;
 280             }
 281         };
 282         subscribeServlet.doPost(request, response);
 283         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access to permission"));
 284     }
 285
 286     @Test
 287     public void Given_Request_Is_HTTP_POST_And_AAF_Subscriber_Added_To_AAF_Feed_With_Permissions_Then_OK_Response_Is_Generated() throws Exception {
 288         ServletOutputStream outStream = mock(ServletOutputStream.class);
 289         when(response.getOutputStream()).thenReturn(outStream);
 290         when(request.getPathInfo()).thenReturn("/2");
 291         when(request.isUserInRole("org.onap.dmaap-dr.feed|*|approveSub")).thenReturn(true);
 292         JSONObject JSObject = buildRequestJsonObject();
 293         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 294             public JSONObject getJSONfromInput(HttpServletRequest req) {
 295                 JSONObject jo = new JSONObject();
 296                 jo.put("name", "stub_name");
 297                 jo.put("version", "2.0");
 298                 jo.put("metadataOnly", true);
 299                 jo.put("suspend", true);
 300                 jo.put("delivery", JSObject);
 301                 jo.put("aaf_instance", "*");
 302                 jo.put("follow_redirect", false);
 303                 jo.put("sync", false);
 304                 return jo;
 305             }
 306
 307             @Override
 308             protected boolean doInsert(Insertable bean) {
 309                 return true;
 310             }
 311         };
 312         subscribeServlet.doPost(request, response);
 313         verify(response).setStatus(eq(HttpServletResponse.SC_CREATED));
 314         verifyEnteringExitCalled(listAppender);
 315     }
 316
 317     @Test
 318     public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
 319         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.feed; version=1.1");
 320         when(request.getContentType()).thenReturn("stub_contentType");
 321         when(request.getPathInfo()).thenReturn("/1");
 322         subscribeServlet.doPost(request, response);
 323         verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), anyString());
 324     }
 325
 326     @Test
 327     public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
 328         when(request.getPathInfo()).thenReturn("/1");
 329         subscribeServlet.doPost(request, response);
 330         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
 331     }
 332
 333     @Test
 334     public void Given_Request_Is_HTTP_POST_And_Active_Feeds_Equals_Max_Feeds_Then_Bad_Request_Response_Is_Generated() throws Exception {
 335         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxSubs", 0, true);
 336         when(request.getPathInfo()).thenReturn("/1");
 337         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 338             public JSONObject getJSONfromInput(HttpServletRequest req) {
 339                 return new JSONObject();
 340             }
 341         };
 342         subscribeServlet.doPost(request, response);
 343         verify(response).sendError(eq(HttpServletResponse.SC_CONFLICT), anyString());
 344     }
 345
 346     @Test
 347     public void Given_Request_Is_HTTP_POST_And_POST_Fails_Bad_Request_Response_Is_Generated() throws Exception {
 348         when(request.getPathInfo()).thenReturn("/2");
 349         JSONObject JSObject = buildRequestJsonObject();
 350         SubscribeServlet subscribeServlet = new SubscribeServlet() {
 351             public JSONObject getJSONfromInput(HttpServletRequest req) {
 352                 JSONObject jo = new JSONObject();
 353                 jo.put("name", "stub_name");
 354                 jo.put("version", "2.0");
 355                 jo.put("metadataOnly", true);
 356                 jo.put("suspend", true);
 357                 jo.put("delivery", JSObject);
 358                 jo.put("aaf_instance", "legacy");
 359                 jo.put("follow_redirect", false);
 360                 jo.put("sync", false);
 361                 return jo;
 362             }
 363
 364             @Override
 365             protected boolean doInsert(Insertable bean) {
 366                 return false;
 367             }
 368         };
 369         subscribeServlet.doPost(request, response);
 370         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), anyString());
 371     }
 372
 373     @NotNull
 374     private JSONObject buildRequestJsonObject() {
 375         JSONObject JSObject = new JSONObject();
 376         JSObject.put("url", "https://stub_address");
 377         JSObject.put("use100", "true");
 378         JSObject.put("password", "stub_password");
 379         JSObject.put("user", "stub_user");
 380         return JSObject;
 381     }
 382
 383     private void setUpValidSecurityOnHttpRequest() throws Exception {
 384         when(request.isSecure()).thenReturn(true);
 385         Set<String> authAddressesAndNetworks = new HashSet<>();
 386         authAddressesAndNetworks.add(("127.0.0.1"));
 387         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
 388         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
 389         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "maxSubs", 100, true);
 390     }
 391
 392     private void setBehalfHeader(String headerValue) {
 393         when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
 394     }
 395
 396     private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
 397         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 398         Authorizer authorizer = mock(Authorizer.class);
 399         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 400         when(authorizer.decide(request)).thenReturn(authResponse);
 401         when(authResponse.isAuthorized()).thenReturn(false);
 402     }
 403
 404     private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
 405         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 406         Authorizer authorizer = mock(Authorizer.class);
 407         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 408         when(authorizer.decide(request)).thenReturn(authResponse);
 409         when(authResponse.isAuthorized()).thenReturn(true);
 410     }
 411
 412     private void setPokerToNotCreateTimersWhenDeleteFeedIsCalled() throws Exception {
 413         Poker poker = mock(Poker.class);
 414         FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
 415     }
 416
 417     private void setupValidAuthorisedRequest() throws Exception {
 418         setUpValidSecurityOnHttpRequest();
 419         setBehalfHeader("Stub_Value");
 420     }
 421
 422     private void setUpValidContentHeadersAndJSONOnHttpRequest() {
 423         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0");
 424         when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
 425
 426     }
 427 }