X-Git-Url: https://gerrit.onap.org/r/gitweb?p=dmaap%2Fdbcapi.git;a=blobdiff_plain;f=src%2Ftest%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fservice%2FAafPermissionServiceTest.java;fp=src%2Ftest%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fservice%2FAafPermissionServiceTest.java;h=1bba2bfe4551257affa664fc63d604f25d5499c7;hp=0000000000000000000000000000000000000000;hb=45ccf584c8574e9f96dd6fa3b8016accf24fc541;hpb=d3994fb85f92d429b626013a0bd9f2ff69418c95

diff --git a/src/test/java/org/onap/dmaap/dbcapi/service/AafPermissionServiceTest.java b/src/test/java/org/onap/dmaap/dbcapi/service/AafPermissionServiceTest.java
new file mode 100644
index 0000000..1bba2bf
--- /dev/null
+++ b/src/test/java/org/onap/dmaap/dbcapi/service/AafPermissionServiceTest.java
@@ -0,0 +1,165 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * org.onap.dmaap
+ * ================================================================================
+ * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dmaap.dbcapi.service;
+
+import junitparams.JUnitParamsRunner;
+import junitparams.Parameters;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+import org.onap.dmaap.dbcapi.aaf.AafService;
+import org.onap.dmaap.dbcapi.aaf.AafUserRole;
+import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
+import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
+import org.onap.dmaap.dbcapi.model.ApiError;
+import org.onap.dmaap.dbcapi.model.MR_Client;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.BDDMockito.given;
+import static org.mockito.BDDMockito.then;
+import static org.mockito.Mockito.verifyZeroInteractions;
+
+@RunWith(JUnitParamsRunner.class)
+public class AafPermissionServiceTest {
+
+    private static final String ROLE = "dmaap.mr.demoTopic.publisher";
+    private static final String IDENTITY = "dmaap-bc@dmaap-bc.onap.org";
+    private static final String TOPIC_PERM = "org.onap.dmaap.mr.topic";
+    private static final String FQTN = "org.onap.dmaap.mr.demoTopic";
+    private static final String PUB_ACTION = "pub";
+    private static final int INTERNAL_SERVER_ERROR = 500;
+    @Mock
+    private AafService aafService;
+    @Mock
+    private DmaapService dmaapService;
+    @Mock
+    private MR_Client mrClient;
+    private AafPermissionService aafPermissionService;
+
+    @Before
+    public void setUp() throws Exception {
+        MockitoAnnotations.initMocks(this);
+        aafPermissionService = new AafPermissionService(aafService, dmaapService);
+        given(mrClient.getClientIdentity()).willReturn(IDENTITY);
+        given(mrClient.getFqtn()).willReturn(FQTN);
+        given(mrClient.getAction()).willReturn(new String[]{PUB_ACTION});
+        given(dmaapService.getTopicPerm()).willReturn(TOPIC_PERM);
+    }
+
+    @Test
+    @Parameters({"201", "409"})
+    public void shouldAssignClientToRole(int aafServiceReturnedCode) {
+        ApiError apiError = new ApiError();
+        AafUserRole userRole = new AafUserRole(IDENTITY, ROLE);
+        given(aafService.addUserRole(userRole)).willReturn(aafServiceReturnedCode);
+
+        aafPermissionService.assignIdentityToRole(mrClient, ROLE, apiError);
+
+        then(aafService).should().addUserRole(userRole);
+        assertOkStatus(apiError);
+    }
+
+    @Test
+    public void shouldReturnErrorStatusWhenClientWasNotAssignedToRole() {
+        ApiError apiError = new ApiError();
+        AafUserRole userRole = new AafUserRole(IDENTITY, ROLE);
+        given(aafService.addUserRole(userRole)).willReturn(INTERNAL_SERVER_ERROR);
+
+        aafPermissionService.assignIdentityToRole(mrClient, ROLE, apiError);
+
+        assertErrorStatus(apiError, INTERNAL_SERVER_ERROR);
+    }
+
+    @Test
+    @Parameters({"201", "409"})
+    public void shouldGrantActionPermissionForClientRole(int aafServiceReturnedCode) {
+        ApiError apiError = new ApiError();
+        DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
+        given(mrClient.getClientRole()).willReturn(ROLE);
+        given(aafService.addGrant(grant)).willReturn(aafServiceReturnedCode);
+
+        aafPermissionService.grantClientRolePerms(mrClient, apiError);
+
+        then(aafService).should().addGrant(grant);
+        assertOkStatus(apiError);
+    }
+
+    @Test
+    public void shouldReturnErrorStatusWhenPermissionWasNotGrantToRole() {
+        ApiError apiError = new ApiError();
+        DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
+        given(mrClient.getClientRole()).willReturn(ROLE);
+        given(aafService.addGrant(grant)).willReturn(INTERNAL_SERVER_ERROR);
+
+        aafPermissionService.grantClientRolePerms(mrClient, apiError);
+
+        assertErrorStatus(apiError, INTERNAL_SERVER_ERROR);
+    }
+
+    @Test
+    public void shouldReturnOkStatusWhenClientRoleIsNull() {
+        ApiError apiError = new ApiError();
+        given(mrClient.getClientRole()).willReturn(null);
+
+        aafPermissionService.grantClientRolePerms(mrClient, apiError);
+
+        verifyZeroInteractions(aafService);
+        assertOkStatus(apiError);
+    }
+
+    @Test
+    @Parameters({"200", "404"})
+    public void shouldRevokeActionPermissionForClientRole(int aafServiceReturnedCode) {
+        ApiError apiError = new ApiError();
+        DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
+        given(mrClient.getClientRole()).willReturn(ROLE);
+        given(aafService.delGrant(grant)).willReturn(aafServiceReturnedCode);
+
+        aafPermissionService.revokeClientPerms(mrClient, apiError);
+
+        then(aafService).should().delGrant(grant);
+        assertOkStatus(apiError);
+    }
+
+    @Test
+    public void shouldReturnErrorStatusWhenPermissionWasNotRevokedFromRole() {
+        ApiError apiError = new ApiError();
+        DmaapGrant grant = new DmaapGrant(new DmaapPerm(TOPIC_PERM, ":topic." + FQTN, PUB_ACTION), ROLE);
+        given(mrClient.getClientRole()).willReturn(ROLE);
+        given(aafService.delGrant(grant)).willReturn(INTERNAL_SERVER_ERROR);
+
+        aafPermissionService.revokeClientPerms(mrClient, apiError);
+
+        assertErrorStatus(apiError, INTERNAL_SERVER_ERROR);
+    }
+
+    private void assertErrorStatus(ApiError apiError, int code) {
+        assertEquals(code, apiError.getCode());
+    }
+
+    private void assertOkStatus(ApiError apiError) {
+        assertTrue(apiError.is2xx());
+        assertEquals("OK", apiError.getMessage());
+    }
+}
\ No newline at end of file