datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java

   1 /*******************************************************************************
   2  * ============LICENSE_START==================================================
   3  * * org.onap.dmaap
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  21  * *
  22  ******************************************************************************/
  23 package org.onap.dmaap.datarouter.provisioning;
  24
  25 import org.apache.commons.lang3.reflect.FieldUtils;
  26 import org.jetbrains.annotations.NotNull;
  27 import org.json.JSONObject;
  28 import org.junit.AfterClass;
  29 import org.junit.Before;
  30 import org.junit.BeforeClass;
  31 import org.junit.Test;
  32 import org.junit.runner.RunWith;
  33 import org.mockito.Mock;
  34 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
  35 import org.onap.dmaap.datarouter.authz.Authorizer;
  36 import org.onap.dmaap.datarouter.provisioning.beans.Deleteable;
  37 import org.onap.dmaap.datarouter.provisioning.beans.SubDelivery;
  38 import org.onap.dmaap.datarouter.provisioning.beans.Subscription;
  39 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
  40 import org.onap.dmaap.datarouter.provisioning.utils.DB;
  41 import org.powermock.modules.junit4.PowerMockRunner;
  42
  43 import javax.persistence.EntityManager;
  44 import javax.persistence.EntityManagerFactory;
  45 import javax.persistence.Persistence;
  46 import javax.servlet.ServletInputStream;
  47 import javax.servlet.ServletOutputStream;
  48 import javax.servlet.http.HttpServletRequest;
  49 import javax.servlet.http.HttpServletResponse;
  50 import java.sql.SQLException;
  51 import java.util.HashSet;
  52 import java.util.Set;
  53
  54 import static org.hamcrest.Matchers.notNullValue;
  55 import static org.mockito.Mockito.*;
  56 import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
  57
  58
  59 @RunWith(PowerMockRunner.class)
  60 public class SubscriptionServletTest {
  61     private static EntityManagerFactory emf;
  62     private static EntityManager em;
  63     private SubscriptionServlet subscriptionServlet;
  64     private DB db;
  65
  66     @Mock
  67     private HttpServletRequest request;
  68     @Mock
  69     private HttpServletResponse response;
  70
  71     @BeforeClass
  72     public static void init() {
  73         emf = Persistence.createEntityManagerFactory("dr-unit-tests");
  74         em = emf.createEntityManager();
  75         System.setProperty(
  76             "org.onap.dmaap.datarouter.provserver.properties",
  77             "src/test/resources/h2Database.properties");
  78     }
  79
  80     @AfterClass
  81     public static void tearDownClass() {
  82         em.clear();
  83         em.close();
  84         emf.close();
  85     }
  86
  87     @Before
  88     public void setUp() throws Exception {
  89         subscriptionServlet = new SubscriptionServlet();
  90         db = new DB();
  91         setAuthoriserToReturnRequestIsAuthorized();
  92         setPokerToNotCreateTimersWhenDeleteSubscriptionIsCalled();
  93         setupValidAuthorisedRequest();
  94         setUpValidSecurityOnHttpRequest();
  95     }
  96
  97     @Test
  98     public void Given_Request_Is_HTTP_DELETE_SC_Forbidden_Response_Is_Generated() throws Exception {
  99         when(request.isSecure()).thenReturn(false);
 100         subscriptionServlet.doDelete(request, response);
 101         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 102     }
 103
 104     @Test
 105     public void Given_Request_Is_HTTP_DELETE_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 106         setBehalfHeader(null);
 107         subscriptionServlet.doDelete(request, response);
 108         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 109     }
 110
 111     @Test
 112     public void Given_Request_Is_HTTP_DELETE_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 113         when(request.getPathInfo()).thenReturn(null);
 114         subscriptionServlet.doDelete(request, response);
 115         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 116     }
 117
 118     @Test
 119     public void Given_Request_Is_HTTP_DELETE_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 120         when(request.getPathInfo()).thenReturn("/3");
 121         subscriptionServlet.doDelete(request, response);
 122         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 123     }
 124
 125     @Test
 126     public void Given_Request_Is_HTTP_DELETE_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 127         setAuthoriserToReturnRequestNotAuthorized();
 128         subscriptionServlet.doDelete(request, response);
 129         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 130     }
 131
 132     @Test
 133     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Fails_An_Internal_Server_Error_Is_Reported() throws Exception {
 134         SubscriptionServlet subscriptionServlet = new SubscriptionServlet(){
 135             public boolean doDelete(Deleteable deletable){
 136                 return false;
 137             }
 138         };
 139         subscriptionServlet.doDelete(request, response);
 140         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 141     }
 142
 143     @Test
 144     public void Given_Request_Is_HTTP_DELETE_And_Delete_On_Database_Succeeds_A_NO_CONTENT_Response_Is_Generated() throws Exception {
 145         subscriptionServlet.doDelete(request, response);
 146         verify(response).setStatus(eq(HttpServletResponse.SC_NO_CONTENT));
 147         insertSubscriptionIntoDb();
 148     }
 149
 150     @Test
 151     public void Given_Request_Is_HTTP_GET_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
 152         when(request.isSecure()).thenReturn(false);
 153         subscriptionServlet.doGet(request, response);
 154         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 155     }
 156
 157     @Test
 158     public void Given_Request_Is_HTTP_GET_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 159         setBehalfHeader(null);
 160         subscriptionServlet.doGet(request, response);
 161         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 162     }
 163
 164     @Test
 165     public void Given_Request_Is_HTTP_GET_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 166         when(request.getPathInfo()).thenReturn(null);
 167         subscriptionServlet.doGet(request, response);
 168         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 169     }
 170
 171     @Test
 172     public void Given_Request_Is_HTTP_GET_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 173         when(request.getPathInfo()).thenReturn("/3");
 174         subscriptionServlet.doGet(request, response);
 175         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 176     }
 177
 178     @Test
 179     public void Given_Request_Is_HTTP_GET_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 180         setAuthoriserToReturnRequestNotAuthorized();
 181         subscriptionServlet.doGet(request, response);
 182         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 183     }
 184
 185     @Test
 186     public void Given_Request_Is_HTTP_GET_And_Request_Succeeds() throws Exception {
 187         ServletOutputStream outStream = mock(ServletOutputStream.class);
 188         when(response.getOutputStream()).thenReturn(outStream);
 189         subscriptionServlet.doGet(request, response);
 190         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 191     }
 192
 193     @Test
 194     public void Given_Request_Is_HTTP_PUT_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
 195         when(request.isSecure()).thenReturn(false);
 196         subscriptionServlet.doPut(request, response);
 197         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 198     }
 199
 200     @Test
 201     public void Given_Request_Is_HTTP_PUT_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 202         setBehalfHeader(null);
 203         subscriptionServlet.doPut(request, response);
 204         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 205     }
 206
 207     @Test
 208     public void Given_Request_Is_HTTP_PUT_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 209         when(request.getPathInfo()).thenReturn(null);
 210         subscriptionServlet.doPut(request, response);
 211         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 212     }
 213
 214     @Test
 215     public void Given_Request_Is_HTTP_PUT_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 216         when(request.getPathInfo()).thenReturn("/3");
 217         subscriptionServlet.doPut(request, response);
 218         verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), argThat(notNullValue(String.class)));
 219     }
 220
 221     @Test
 222     public void Given_Request_Is_HTTP_PUT_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 223         setAuthoriserToReturnRequestNotAuthorized();
 224         subscriptionServlet.doPut(request, response);
 225         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 226     }
 227
 228     @Test
 229     public void Given_Request_Is_HTTP_PUT_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
 230         when(request.getContentType()).thenReturn("stub_ContentType");
 231         subscriptionServlet.doPut(request, response);
 232         verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
 233     }
 234
 235     @Test
 236     public void Given_Request_Is_HTTP_PUT_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
 237         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
 238         ServletInputStream inStream = mock(ServletInputStream.class);
 239         when(request.getInputStream()).thenReturn(inStream);
 240         subscriptionServlet.doPut(request, response);
 241         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 242     }
 243
 244     @Test
 245     public void Given_Request_Is_HTTP_PUT_And_Subscription_Object_Is_Invalid_Bad_Request_Response_Is_Generated() throws Exception {
 246         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
 247         SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
 248             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 249                 JSONObject jo = new JSONObject();
 250                 return jo;
 251             }
 252         };
 253         subscriptionServlet.doPut(request, response);
 254         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 255     }
 256
 257     @Test
 258     public void Given_Request_Is_HTTP_PUT_And_Subscriber_Modified_By_Different_Creator_Then_Bad_Request_Is_Generated() throws Exception {
 259         when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn(null);
 260         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
 261         JSONObject JSObject = buildRequestJsonObject();
 262         SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
 263             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 264                 JSONObject jo = new JSONObject();
 265                 jo.put("name", "stub_name");
 266                 jo.put("version", "2.0");
 267                 jo.put("metadataOnly", true);
 268                 jo.put("suspend", true);
 269                 jo.put("delivery", JSObject);
 270                 jo.put("subscriber", "differentSubscriber");
 271                 jo.put("sync", true);
 272                 return jo;
 273             }
 274         };
 275         subscriptionServlet.doPut(request, response);
 276         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 277     }
 278
 279     @Test
 280     public void Given_Request_Is_HTTP_PUT_And_Update_Fails() throws Exception {
 281         when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
 282         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
 283         JSONObject JSObject = buildRequestJsonObject();
 284         SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
 285             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 286                 JSONObject jo = new JSONObject();
 287                 jo.put("name", "stub_name");
 288                 jo.put("version", "2.0");
 289                 jo.put("metadataOnly", true);
 290                 jo.put("suspend", true);
 291                 jo.put("delivery", JSObject);
 292                 jo.put("sync", true);
 293                 return jo;
 294             }
 295
 296             @Override
 297             protected boolean doUpdate(Updateable bean) {
 298                 return false;
 299             }
 300         };
 301         subscriptionServlet.doPut(request, response);
 302         verify(response).sendError(eq(HttpServletResponse.SC_INTERNAL_SERVER_ERROR), argThat(notNullValue(String.class)));
 303     }
 304
 305     @Test
 306     public void Given_Request_Is_HTTP_PUT_And_Update_Succeeds() throws Exception {
 307         ServletOutputStream outStream = mock(ServletOutputStream.class);
 308         when(response.getOutputStream()).thenReturn(outStream);
 309         when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
 310         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription; version=1.0");
 311         JSONObject JSObject = buildRequestJsonObject();
 312         SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
 313             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 314                 JSONObject jo = new JSONObject();
 315                 jo.put("name", "stub_name");
 316                 jo.put("version", "2.0");
 317                 jo.put("metadataOnly", true);
 318                 jo.put("suspend", true);
 319                 jo.put("delivery", JSObject);
 320                 jo.put("sync", true);
 321                 jo.put("changeowner", true);
 322                 return jo;
 323             }
 324         };
 325         subscriptionServlet.doPut(request, response);
 326         verify(response).setStatus(eq(HttpServletResponse.SC_OK));
 327     }
 328
 329     @Test
 330     public void Given_Request_Is_HTTP_POST_And_Is_Not_Secure_When_HTTPS_Is_Required_Then_Forbidden_Response_Is_Generated() throws Exception {
 331         when(request.isSecure()).thenReturn(false);
 332         subscriptionServlet.doPost(request, response);
 333         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 334     }
 335
 336     @Test
 337     public void Given_Request_Is_HTTP_POST_And_BEHALF_HEADER_Is_Not_Set_In_Request_Then_Bad_Request_Response_Is_Generated() throws Exception {
 338         setBehalfHeader(null);
 339         subscriptionServlet.doPost(request, response);
 340         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 341     }
 342
 343     @Test
 344     public void Given_Request_Is_HTTP_POST_And_Path_Header_Is_Not_Set_In_Request_With_Valid_Path_Then_Bad_Request_Response_Is_Generated() throws Exception {
 345         when(request.getPathInfo()).thenReturn(null);
 346         subscriptionServlet.doPost(request, response);
 347         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 348     }
 349
 350     @Test
 351     public void Given_Request_Is_HTTP_POST_And_Subscription_Id_Is_Invalid_Then_Not_Found_Response_Is_Generated() throws Exception {
 352         when(request.getPathInfo()).thenReturn("/3");
 353         subscriptionServlet.doPost(request, response);
 354         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 355     }
 356
 357     @Test
 358     public void Given_Request_Is_HTTP_POST_And_Content_Header_Is_Not_Supported_Type_Then_Unsupported_Media_Type_Response_Is_Generated() throws Exception {
 359         when(request.getContentType()).thenReturn("stub_ContentType");
 360         subscriptionServlet.doPost(request, response);
 361         verify(response).sendError(eq(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE), argThat(notNullValue(String.class)));
 362     }
 363
 364     @Test
 365     public void Given_Request_Is_HTTP_POST_And_Request_Is_Not_Authorized_Then_Forbidden_Response_Is_Generated() throws Exception {
 366         when(request.getHeader(anyString())).thenReturn("application/vnd.att-dr.subscription-control");
 367         setAuthoriserToReturnRequestNotAuthorized();
 368         subscriptionServlet.doPost(request, response);
 369         verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), argThat(notNullValue(String.class)));
 370     }
 371
 372     @Test
 373     public void Given_Request_Is_HTTP_POST_And_Request_Contains_Badly_Formed_JSON_Then_Bad_Request_Response_Is_Generated() throws Exception {
 374         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription-control; version=1.0");
 375         ServletInputStream inStream = mock(ServletInputStream.class);
 376         when(request.getInputStream()).thenReturn(inStream);
 377         subscriptionServlet.doPost(request, response);
 378         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 379     }
 380
 381     @Test
 382     public void Given_Request_Is_HTTP_POST_And_Post_Fails() throws Exception {
 383         when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
 384         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription-control; version=1.0");
 385         JSONObject JSObject = buildRequestJsonObject();
 386         SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
 387             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 388                 JSONObject jo = new JSONObject();
 389                 jo.put("name", "stub_name");
 390                 jo.put("version", "2.0");
 391                 jo.put("metadataOnly", true);
 392                 jo.put("suspend", true);
 393                 jo.put("delivery", JSObject);
 394                 return jo;
 395             }
 396         };
 397         subscriptionServlet.doPost(request, response);
 398         verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), argThat(notNullValue(String.class)));
 399     }
 400
 401     @Test
 402     public void Given_Request_Is_HTTP_POST_And_Post_Succeeds() throws Exception {
 403         ServletOutputStream outStream = mock(ServletOutputStream.class);
 404         when(response.getOutputStream()).thenReturn(outStream);
 405         when(request.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
 406         when(request.getHeader("Content-Type")).thenReturn("application/vnd.att-dr.subscription-control; version=1.0");
 407         JSONObject JSObject = buildRequestJsonObject();
 408         SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
 409             protected JSONObject getJSONfromInput(HttpServletRequest req) {
 410                 JSONObject jo = new JSONObject();
 411                 jo.put("name", "stub_name");
 412                 jo.put("version", "2.0");
 413                 jo.put("metadataOnly", true);
 414                 jo.put("suspend", true);
 415                 jo.put("delivery", JSObject);
 416                 jo.put("failed", false);
 417                 return jo;
 418             }
 419         };
 420         subscriptionServlet.doPost(request, response);
 421         verify(response).setStatus(eq(HttpServletResponse.SC_ACCEPTED));
 422     }
 423
 424     @NotNull
 425     private JSONObject buildRequestJsonObject() {
 426         JSONObject JSObject = new JSONObject();
 427         JSObject.put("url", "https://stub_address");
 428         JSObject.put("use100", "true");
 429         JSObject.put("password", "stub_password");
 430         JSObject.put("user", "stub_user");
 431         return JSObject;
 432     }
 433
 434     private void setUpValidSecurityOnHttpRequest() throws Exception {
 435         when(request.isSecure()).thenReturn(true);
 436         Set<String> authAddressesAndNetworks = new HashSet<String>();
 437         authAddressesAndNetworks.add(("127.0.0.1"));
 438         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authorizedAddressesAndNetworks", authAddressesAndNetworks, true);
 439         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "requireCert", false, true);
 440     }
 441
 442     private void setBehalfHeader(String headerValue) {
 443         when(request.getHeader(BEHALF_HEADER)).thenReturn(headerValue);
 444     }
 445
 446     private void setValidPathInfoInHttpHeader() {
 447         when(request.getPathInfo()).thenReturn("/1");
 448     }
 449
 450     private void setAuthoriserToReturnRequestNotAuthorized() throws IllegalAccessException {
 451         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 452         Authorizer authorizer = mock(Authorizer.class);
 453         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 454         when(authorizer.decide(request)).thenReturn(authResponse);
 455         when(authResponse.isAuthorized()).thenReturn(false);
 456     }
 457
 458     private void setAuthoriserToReturnRequestIsAuthorized() throws IllegalAccessException {
 459         AuthorizationResponse authResponse = mock(AuthorizationResponse.class);
 460         Authorizer authorizer = mock(Authorizer.class);
 461         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "authz", authorizer, true);
 462         when(authorizer.decide(request)).thenReturn(authResponse);
 463         when(authResponse.isAuthorized()).thenReturn(true);
 464     }
 465
 466     private void setPokerToNotCreateTimersWhenDeleteSubscriptionIsCalled() throws Exception {
 467         Poker poker = mock(Poker.class);
 468         FieldUtils.writeDeclaredStaticField(Poker.class, "poker", poker, true);
 469     }
 470
 471     private void setupValidAuthorisedRequest() throws Exception {
 472         setUpValidSecurityOnHttpRequest();
 473         setBehalfHeader("Stub_Value");
 474         setValidPathInfoInHttpHeader();
 475     }
 476
 477     private void insertSubscriptionIntoDb() throws SQLException {
 478         Subscription subscription = new Subscription("https://172.100.0.5", "user1", "password1");
 479         subscription.setSubid(1);
 480         subscription.setSubscriber("user1");
 481         subscription.setFeedid(1);
 482         SubDelivery subDelivery = new SubDelivery("https://172.100.0.5:8080", "user1", "password1", true);
 483         subscription.setDelivery(subDelivery);
 484         subscription.setGroupid(1);
 485         subscription.setMetadataOnly(false);
 486         subscription.setSuspended(false);
 487         subscription.doInsert(db.getConnection());
 488     }
 489 }