src/test/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizerTest.java

   1 /*******************************************************************************
   2  *  ============LICENSE_START=======================================================
   3  *  org.onap.dmaap
   4  *  ================================================================================
   5  *  Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  *  Modification copyright (C) 2021 Nordix Foundation.
   7  *  ================================================================================
   8  *  Licensed under the Apache License, Version 2.0 (the "License");
   9  *  you may not use this file except in compliance with the License.
  10  *  You may obtain a copy of the License at
  11  *        http://www.apache.org/licenses/LICENSE-2.0
  12 *
  13  *  Unless required by applicable law or agreed to in writing, software
  14  *  distributed under the License is distributed on an "AS IS" BASIS,
  15  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  *  See the License for the specific language governing permissions and
  17  *  limitations under the License.
  18  *  ============LICENSE_END=========================================================
  19  *
  20  *
  21  *******************************************************************************/
  22 package org.onap.dmaap.kafkaAuthorize;
  23
  24 import static org.junit.Assert.assertNotNull;
  25 import static org.junit.Assert.assertTrue;
  26
  27 import org.apache.kafka.common.acl.AclOperation;
  28 import org.apache.kafka.common.security.auth.KafkaPrincipal;
  29 import org.junit.Before;
  30 import org.junit.Test;
  31 import org.junit.runner.RunWith;
  32 import org.mockito.Mock;
  33 import org.mockito.MockitoAnnotations;
  34 import org.onap.dmaap.commonauth.kafka.base.authorization.AuthorizationProvider;
  35 import org.onap.dmaap.commonauth.kafka.base.authorization.AuthorizationProviderFactory;
  36 import org.powermock.api.mockito.PowerMockito;
  37 import org.powermock.core.classloader.annotations.PowerMockIgnore;
  38 import org.powermock.core.classloader.annotations.PrepareForTest;
  39 import org.powermock.modules.junit4.PowerMockRunner;
  40
  41 import kafka.network.RequestChannel.Session;
  42 import kafka.security.auth.Operation;
  43 import kafka.security.auth.Resource;
  44 import kafka.security.auth.ResourceType;
  45
  46 @RunWith(PowerMockRunner.class)
  47 @PowerMockIgnore({"javax.net.ssl.*", "javax.security.auth.*", "jdk.internal.reflect.*", "javax.crypto.*"})
  48 @PrepareForTest({ AuthorizationProviderFactory.class })
  49 public class KafkaCustomAuthorizerTest {
  50         @Mock
  51         Session arg0;
  52         @Mock
  53         Operation arg1;
  54         @Mock
  55         Resource arg2;
  56         @Mock
  57         KafkaPrincipal principal;
  58         @Mock
  59         ResourceType resourceType;
  60         @Mock
  61         AuthorizationProviderFactory factory;
  62         @Mock
  63         AuthorizationProvider provider;
  64
  65         KafkaCustomAuthorizer authorizer;
  66
  67         static {
  68                 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
  69                 System.setProperty("enableCadi", "true");
  70         }
  71
  72         @Before
  73         public void setUp() {
  74                 MockitoAnnotations.initMocks(this);
  75                 PowerMockito.when(principal.getName()).thenReturn("fullName");
  76                 PowerMockito.when(arg0.principal()).thenReturn(principal);
  77                 PowerMockito.when(arg1.name()).thenReturn("Write");
  78                 PowerMockito.when(resourceType.name()).thenReturn("Topic");
  79                 PowerMockito.when(arg2.resourceType()).thenReturn(resourceType);
  80                 PowerMockito.when(arg2.name()).thenReturn("namespace.Topic");
  81                 PowerMockito.mockStatic(AuthorizationProviderFactory.class);
  82                 PowerMockito.when(AuthorizationProviderFactory.getProviderFactory()).thenReturn(factory);
  83                 PowerMockito.when(factory.getProvider()).thenReturn(provider);
  84
  85         }
  86
  87         @Test
  88         public void testAuthorizerSuccess() {
  89                 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
  90                                 .thenReturn(true);
  91                 authorizer = new KafkaCustomAuthorizer();
  92                 assertTrue(authorizer.authorize(arg0, arg1, arg2));
  93         }
  94
  95         @Test
  96         public void testAuthorizerFailure() {
  97                 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
  98                 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
  99                 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.CREATE);
 100                 System.setProperty("msgRtr.topicfactory.aaf", "org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:");
 101                 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
 102                                 .thenReturn(false);
 103                 authorizer = new KafkaCustomAuthorizer();
 104                 try {
 105                         authorizer.authorize(arg0, arg1, arg2);
 106                 } catch (Exception e) {
 107                         assertTrue(true);
 108                 }
 109
 110         }
 111
 112         @Test
 113         public void testAuthorizerFailure1() {
 114                 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
 115                 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
 116                 PowerMockito.when(resourceType.name()).thenReturn("Cluster");
 117                 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.CREATE);
 118                 System.setProperty("msgRtr.topicfactory.aaf", "org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:");
 119                 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
 120                                 .thenReturn(false);
 121                 authorizer = new KafkaCustomAuthorizer();
 122                 try {
 123                         authorizer.authorize(arg0, arg1, arg2);
 124                 } catch (Exception e) {
 125                         assertTrue(true);
 126                 }
 127
 128         }
 129
 130         @Test
 131         public void testAuthorizerFailure2() {
 132                 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
 133                 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
 134                 PowerMockito.when(resourceType.name()).thenReturn("Topic");
 135                 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.WRITE);
 136                 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
 137                                 .thenReturn(false);
 138                 authorizer = new KafkaCustomAuthorizer();
 139                 try {
 140                         authorizer.authorize(arg0, arg1, arg2);
 141                 } catch (Exception e) {
 142                         assertTrue(true);
 143                 }
 144
 145         }
 146
 147         @Test
 148         public void testAuthorizerFailure3() {
 149                 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
 150                 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
 151                 PowerMockito.when(resourceType.name()).thenReturn("Topic");
 152                 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.DESCRIBE);
 153                 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
 154                                 .thenReturn(false);
 155                 authorizer = new KafkaCustomAuthorizer();
 156                 try {
 157                         authorizer.authorize(arg0, arg1, arg2);
 158                 } catch (Exception e) {
 159                         assertTrue(true);
 160                 }
 161
 162         }
 163         @Test
 164         public void testAuthorizerFailure4() {
 165                 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
 166                 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
 167                 PowerMockito.when(resourceType.name()).thenReturn("Topic");
 168                 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.READ);
 169                 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
 170                                 .thenReturn(false);
 171                 authorizer = new KafkaCustomAuthorizer();
 172                 try {
 173                         authorizer.authorize(arg0, arg1, arg2);
 174                 } catch (Exception e) {
 175                         assertTrue(true);
 176                 }
 177
 178         }
 179
 180         @Test
 181         public void testAuthorizerFailure5() {
 182                 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
 183                 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
 184                 PowerMockito.when(resourceType.name()).thenReturn("Cluster");
 185                 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.IDEMPOTENT_WRITE);
 186                 System.setProperty("msgRtr.topicfactory.aaf", "org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:");
 187                 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
 188                                 .thenReturn(false);
 189                 authorizer = new KafkaCustomAuthorizer();
 190                 try {
 191                         authorizer.authorize(arg0, arg1, arg2);
 192                 } catch (Exception e) {
 193                         assertTrue(true);
 194                 }
 195
 196         }
 197
 198         @Test
 199         public void testAuthorizerFailure6() {
 200                 System.setProperty("CADI_PROPERTIES", "src/test/resources/cadi.properties");
 201                 PowerMockito.when(arg2.name()).thenReturn("org.onap.dmaap.mr.testtopic");
 202                 PowerMockito.when(arg1.toJava()).thenReturn(AclOperation.DELETE);
 203                 System.setProperty("msgRtr.topicfactory.aaf", "org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:");
 204                 PowerMockito.when(provider.hasPermission("fullName", "namespace.topic", ":topic.namespace.Topic", "pub"))
 205                                 .thenReturn(false);
 206                 authorizer = new KafkaCustomAuthorizer();
 207                 try {
 208                         authorizer.authorize(arg0, arg1, arg2);
 209                 } catch (Exception e) {
 210                         assertTrue(true);
 211                 }
 212
 213         }
 214
 215
 216 }