2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.dmaap.dbcapi.service;
23 import junitparams.JUnitParamsRunner;
24 import junitparams.Parameters;
25 import org.junit.Before;
26 import org.junit.Test;
27 import org.junit.runner.RunWith;
28 import org.mockito.Mock;
29 import org.mockito.MockitoAnnotations;
30 import org.onap.dmaap.dbcapi.aaf.AafService;
31 import org.onap.dmaap.dbcapi.aaf.AafUserRole;
32 import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
33 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
34 import org.onap.dmaap.dbcapi.model.ApiError;
35 import org.onap.dmaap.dbcapi.model.MR_Client;
37 import static org.junit.Assert.assertEquals;
38 import static org.junit.Assert.assertTrue;
39 import static org.mockito.BDDMockito.given;
40 import static org.mockito.BDDMockito.then;
41 import static org.mockito.Mockito.verifyZeroInteractions;
43 @RunWith(JUnitParamsRunner.class)
44 public class AafPermissionServiceTest {
46 private static final String ROLE = "dmaap.mr.demoTopic.publisher";
47 private static final String IDENTITY = "dmaap-bc@dmaap-bc.onap.org";
48 private static final String TOPIC_PERM = "org.onap.dmaap.mr.topic";
49 private static final String FQTN = "org.onap.dmaap.mr.demoTopic";
50 private static final String PUB_ACTION = "pub";
51 private static final int INTERNAL_SERVER_ERROR = 500;
53 private AafService aafService;
55 private DmaapService dmaapService;
57 private MR_Client mrClient;
58 private AafPermissionService aafPermissionService;
61 public void setUp() throws Exception {
62 MockitoAnnotations.initMocks(this);
63 aafPermissionService = new AafPermissionService(aafService, dmaapService);
64 given(mrClient.getClientIdentity()).willReturn(IDENTITY);
65 given(mrClient.getFqtn()).willReturn(FQTN);
66 given(mrClient.getAction()).willReturn(new String[]{PUB_ACTION});
67 given(dmaapService.getTopicPerm()).willReturn(TOPIC_PERM);
71 @Parameters({"201", "409"})
72 public void shouldAssignClientToRole(int aafServiceReturnedCode) {
73 ApiError apiError = new ApiError();
74 AafUserRole userRole = new AafUserRole(IDENTITY, ROLE);
75 given(aafService.addUserRole(userRole)).willReturn(aafServiceReturnedCode);
77 aafPermissionService.assignIdentityToRole(mrClient, ROLE, apiError);
79 then(aafService).should().addUserRole(userRole);
80 assertOkStatus(apiError);
84 public void shouldReturnErrorStatusWhenClientWasNotAssignedToRole() {
85 ApiError apiError = new ApiError();
86 AafUserRole userRole = new AafUserRole(IDENTITY, ROLE);
87 given(aafService.addUserRole(userRole)).willReturn(INTERNAL_SERVER_ERROR);
89 aafPermissionService.assignIdentityToRole(mrClient, ROLE, apiError);
91 assertErrorStatus(apiError, INTERNAL_SERVER_ERROR);
95 @Parameters({"201", "409"})
96 public void shouldGrantActionPermissionForClientRole(int aafServiceReturnedCode) {
97 ApiError apiError = new ApiError();
98 DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
99 given(mrClient.getClientRole()).willReturn(ROLE);
100 given(aafService.addGrant(grant)).willReturn(aafServiceReturnedCode);
102 aafPermissionService.grantClientRolePerms(mrClient, apiError);
104 then(aafService).should().addGrant(grant);
105 assertOkStatus(apiError);
109 public void shouldReturnErrorStatusWhenPermissionWasNotGrantToRole() {
110 ApiError apiError = new ApiError();
111 DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
112 given(mrClient.getClientRole()).willReturn(ROLE);
113 given(aafService.addGrant(grant)).willReturn(INTERNAL_SERVER_ERROR);
115 aafPermissionService.grantClientRolePerms(mrClient, apiError);
117 assertErrorStatus(apiError, INTERNAL_SERVER_ERROR);
121 public void shouldReturnOkStatusWhenClientRoleIsNull() {
122 ApiError apiError = new ApiError();
123 given(mrClient.getClientRole()).willReturn(null);
125 aafPermissionService.grantClientRolePerms(mrClient, apiError);
127 verifyZeroInteractions(aafService);
128 assertOkStatus(apiError);
132 @Parameters({"200", "404"})
133 public void shouldRevokeActionPermissionForClientRole(int aafServiceReturnedCode) {
134 ApiError apiError = new ApiError();
135 DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
136 given(mrClient.getClientRole()).willReturn(ROLE);
137 given(aafService.delGrant(grant)).willReturn(aafServiceReturnedCode);
139 aafPermissionService.revokeClientPerms(mrClient, apiError);
141 then(aafService).should().delGrant(grant);
142 assertOkStatus(apiError);
146 public void shouldReturnErrorStatusWhenPermissionWasNotRevokedFromRole() {
147 ApiError apiError = new ApiError();
148 DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
149 given(mrClient.getClientRole()).willReturn(ROLE);
150 given(aafService.delGrant(grant)).willReturn(INTERNAL_SERVER_ERROR);
152 aafPermissionService.revokeClientPerms(mrClient, apiError);
154 assertErrorStatus(apiError, INTERNAL_SERVER_ERROR);
157 private void assertErrorStatus(ApiError apiError, int code) {
158 assertEquals(code, apiError.getCode());
161 private void assertOkStatus(ApiError apiError) {
162 assertTrue(apiError.is2xx());
163 assertEquals("OK", apiError.getMessage());