*/
public static boolean isAccessAllowed(ServletRequest request, String nameSpace) throws Exception {
- if (nameSpace.isEmpty()) {
+ if (request==null) {
+ throw new Exception("Request cannot be null");
+ }
+
+ if (nameSpace==null || nameSpace.isEmpty()) {
throw new Exception("NameSpace not Declared!");
}
//logger.info(EELFLoggerDelegate.applicationLogger,
// "AAFPermission of the requested MechId for all the namespaces: " + aafPermsList);
- String requestUri = null;
logger.debug(EELFLoggerDelegate.applicationLogger, "Requested nameSpace: " + nameSpace);
- HttpServletRequest httpRequest = null;
List<AAFPermission> aafPermsFinalList = filterNameSpacesAAFPermissions(nameSpace, aafPermsList);
"AuthUtil list of AAFPermission for the specific namespace ::::::::::::::::::::::::::::::::::::::::::::"
+ aafPermsFinalList);
- if (null != request) {
- httpRequest = (HttpServletRequest) request;
- requestUri = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
- }
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+ String requestUri = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
logger.debug(EELFLoggerDelegate.applicationLogger,
"AuthUtil requestUri ::::::::::::::::::::::::::::::::::::::::::::" + requestUri);
String[] subPath = null;
//String type = null;
//type = keyArray[0];
- String instance = null;
- instance = keyArray[1];
- String action = null;
- action = keyArray[2];
+ String instance = keyArray[1];
+ String action = keyArray[2];
//if the instance & action both are * , then allow
if ("*".equalsIgnoreCase(instance) && "*".equalsIgnoreCase(action)) {
return response;
}
-
- public static Map<String,String> extractBasicAuthentication(String authorization){
- Map<String,String> authValues = new HashMap<>();
- if(authorization == null) {
- authValues.put("ERROR", "Authorization cannot be null");
- return authValues;
- }
- authorization = authorization.replaceFirst("Basic", "");
- String decoded = Base64.base64Decode(authorization);
- StringTokenizer token = new StringTokenizer(decoded, ":");
- authValues.put(MusicUtil.USERID, token.nextToken());
- authValues.put(MusicUtil.PASSWORD,token.nextToken());
- return authValues;
-
- }
-
public static boolean isValidConsistency(String consistency) {
for (String string : cosistencyLevel) {
if (string.equalsIgnoreCase(consistency))
public static ConsistencyLevel getConsistencyLevel(String consistency) {
return consistencyName.get(consistency.toUpperCase());
- }
-
- public static void loadProperties() throws Exception {
- Properties prop = new Properties();
- InputStream input = null;
- try {
- // load the properties file
- input = MusicUtil.class.getClassLoader().getResourceAsStream("music.properties");
- prop.load(input);
- } catch (Exception ex) {
- logger.error(EELFLoggerDelegate.errorLogger, "Unable to find properties file.", ex);
- throw new Exception();
- } finally {
- if (input != null) {
- try {
- input.close();
- } catch (IOException e) {
- e.printStackTrace();
- logger.error(EELFLoggerDelegate.errorLogger, e);
- }
- }
- }
- // get the property value and return it
- MusicUtil.setMyCassaHost(prop.getProperty("cassandra.host"));
- MusicUtil.setCassName(prop.getProperty("cassandra.user"));
- MusicUtil.setCassPwd(prop.getProperty("cassandra.password"));
- MusicUtil.setCassandraPort(Integer.parseInt(prop.getProperty("cassandra.port")));
- MusicUtil.setNotifyTimeOut(Integer.parseInt(prop.getProperty("notify.timeout")));
- MusicUtil.setNotifyInterval(Integer.parseInt(prop.getProperty("notify.interval")));
- MusicUtil.setCacheObjectMaxLife(Integer.parseInt(prop.getProperty("cacheobject.maxlife")));
}
public static void setNotifyInterval(int notifyinterval) {
try {
LockObject lockOwner = getLockingServiceHandle().peekLockQueue(keyspace, table, primaryKeyValue);
if (!lockOwner.getIsLockOwner()) {
- return "No lock holder!";
+ return null;
}
return "$" + fullyQualifiedKey + "$" + lockOwner.getLockRef();
} catch (MusicLockingException | MusicServiceException | MusicQueryException e) {
import org.junit.Test;
import org.onap.music.datastore.PreparedQueryObject;
import org.onap.music.main.MusicUtil;
+import org.onap.music.main.PropertiesLoader;
+import org.springframework.test.context.TestPropertySource;
import com.datastax.driver.core.DataType;
public class MusicUtilTest {
assertFalse(MusicUtil.isValidConsistency("TEST"));
}
+ @Test
+ public void testLockUsing() {
+ MusicUtil.setLockUsing("testlock");
+ assertEquals("testlock", MusicUtil.getLockUsing());
+ }
+
+ @Test
+ public void testAAFAdminUrl() {
+ MusicUtil.setAafAdminUrl("aafAdminURL.com");
+ assertEquals("aafAdminURL.com", MusicUtil.getAafAdminUrl());
+ }
+
+ @Test
+ public void testAAFEndpointUrl() {
+ MusicUtil.setAafEndpointUrl("aafEndpointURL.com");
+ assertEquals("aafEndpointURL.com", MusicUtil.getAafEndpointUrl());
+ }
+
+ @Test
+ public void testNamespace() {
+ MusicUtil.setMusicNamespace("musicNamespace");
+ assertEquals("musicNamespace", MusicUtil.getMusicNamespace());
+ }
+
+ @Test
+ public void testAAFRole() {
+ MusicUtil.setAdminAafRole("aafRole");
+ assertEquals("aafRole", MusicUtil.getAdminAafRole());
+ }
+
+ @Test
+ public void testAdminId() {
+ MusicUtil.setAdminId("adminId");
+ assertEquals("adminId", MusicUtil.getAdminId());
+ }
+
+ @Test
+ public void testAdminPass() {
+ MusicUtil.setAdminPass("pass");
+ assertEquals("pass", MusicUtil.getAdminPass());
+ }
+
+ @Test
+ public void testCassaPort() {
+ MusicUtil.setCassandraPort(1234);
+ assertEquals(1234, MusicUtil.getCassandraPort());
+ }
+
+ @Test
+ public void testBuild() {
+ MusicUtil.setBuild("testbuild");
+ assertEquals("testbuild", MusicUtil.getBuild());
+ }
+
+ @Test
+ public void testNotifyInterval() {
+ MusicUtil.setNotifyInterval(123);
+ assertEquals(123, MusicUtil.getNotifyInterval());
+ }
+
+ @Test
+ public void testNotifyTimeout() {
+ MusicUtil.setNotifyTimeOut(789);
+ assertEquals(789, MusicUtil.getNotifyTimeout());
+ }
+
+ @Test
+ public void testTransId() {
+ MusicUtil.setTransIdPrefix("prefix");
+ assertEquals("prefix-", MusicUtil.getTransIdPrefix());
+ }
+
+
+ @Test
+ public void testConversationIdPrefix() {
+ MusicUtil.setConversationIdPrefix("prefix-");
+ assertEquals("prefix-", MusicUtil.getConversationIdPrefix());
+ }
+
+ @Test
+ public void testClientIdPrefix() {
+ MusicUtil.setClientIdPrefix("clientIdPrefix");
+ assertEquals("clientIdPrefix-", MusicUtil.getClientIdPrefix());
+ }
+
+ @Test
+ public void testMessageIdPrefix() {
+ MusicUtil.setMessageIdPrefix("clientIdPrefix");
+ assertEquals("clientIdPrefix-", MusicUtil.getMessageIdPrefix());
+ }
+
+ @Test
+ public void testTransIdPrefix() {
+ MusicUtil.setTransIdPrefix("transIdPrefix");
+ assertEquals("transIdPrefix-", MusicUtil.getTransIdPrefix());
+ }
+
+ @Test
+ public void testconvIdReq() {
+ MusicUtil.setConversationIdRequired("conversationIdRequired");
+ assertEquals("conversationIdRequired", MusicUtil.getConversationIdRequired());
+ }
+
+ @Test
+ public void testClientIdRequired() {
+ MusicUtil.setClientIdRequired("conversationIdRequired");
+ assertEquals("conversationIdRequired", MusicUtil.getClientIdRequired());
+ }
+
+ @Test
+ public void testMessageIdRequired() {
+ MusicUtil.setMessageIdRequired("msgIdRequired");
+ assertEquals("msgIdRequired", MusicUtil.getMessageIdRequired());
+ }
+
+ @Test
+ public void testLoadProperties() {
+ PropertiesLoader pl = new PropertiesLoader();
+ pl.loadProperties();
+ }
+
}
Map<String, String> respMap = (Map<String, String>) response.getEntity();
assertEquals(ResultType.FAILURE, respMap.get("status"));
}
+
+ @Test
+ public void test1_createKeyspaceSuccess() throws Exception {
+ System.out.println("Testing successful creation and deletion of keyspace");
+ MusicUtil.setKeyspaceActive(true);
+
+ String keyspaceToCreate = "temp"+keyspaceName;
+
+
+ JsonKeySpace jsonKeyspace = new JsonKeySpace();
+ Map<String, String> consistencyInfo = new HashMap<>();
+ Map<String, Object> replicationInfo = new HashMap<>();
+ consistencyInfo.put("type", "eventual");
+ replicationInfo.put("class", "SimpleStrategy");
+ replicationInfo.put("replication_factor", 1);
+ jsonKeyspace.setConsistencyInfo(consistencyInfo);
+ jsonKeyspace.setDurabilityOfWrites("true");
+ //don't overwrite a keyspace we already have
+ jsonKeyspace.setKeyspaceName(keyspaceToCreate);
+ jsonKeyspace.setReplicationInfo(replicationInfo);
+ // Mockito.doNothing().when(http).addHeader(xLatestVersion, MusicUtil.getVersion());
+ Response response =
+ data.createKeySpace("1", "1", "1", null, authorization, appName, jsonKeyspace, keyspaceToCreate);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(200, response.getStatus());
+ Map<String, String> respMap = (Map<String, String>) response.getEntity();
+ assertEquals(ResultType.SUCCESS, respMap.get("status"));
+
+ response = data.dropKeySpace("1", "1", "1", null, authorization, appName, keyspaceToCreate);
+ assertEquals(200, response.getStatus());
+ respMap = (Map<String, String>) response.getEntity();
+ assertEquals(ResultType.SUCCESS, respMap.get("status"));
+
+ //unset to not mess up any further tests
+ MusicUtil.setKeyspaceActive(false);
+ }
@Test
public void test3_createTable() throws Exception {
System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
assertEquals(400, response.getStatus());
}
+
+ @Test
+ public void test3_createTableNoFields() throws Exception {
+ System.out.println("Testing create table without fields");
+ JsonTable jsonTable = new JsonTable();
+ Map<String, String> consistencyInfo = new HashMap<>();
+ consistencyInfo.put("type", "eventual");
+ jsonTable.setConsistencyInfo(consistencyInfo);
+ jsonTable.setKeyspaceName(keyspaceName);
+ jsonTable.setPrimaryKey("emp_name");
+ jsonTable.setTableName("");
+ Response response = data.createTable("1", "1", "1", "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName,
+ authorization, jsonTable, keyspaceName, "");
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(400, response.getStatus());
+ }
@Test
// Improper parenthesis in key field
@Test
- public void test3_createTable_badParantesis() throws Exception {
+ public void test3_createTable_badParanthesis() throws Exception {
System.out.println("Testing malformed create table request");
String tableNameC = "testTable0";
JsonTable jsonTable = new JsonTable();
assertEquals(200, response.getStatus());
}
+ @Test
+ public void test4_insertIntoTableNoValues() throws Exception {
+ System.out.println("Testing insert into table");
+ createTable();
+ JsonInsert jsonInsert = new JsonInsert();
+ Map<String, String> consistencyInfo = new HashMap<>();
+ consistencyInfo.put("type", "eventual");
+ jsonInsert.setConsistencyInfo(consistencyInfo);
+ jsonInsert.setKeyspaceName(keyspaceName);
+ jsonInsert.setTableName(tableName);
+
+ Response response = data.insertIntoTable("1", "1", "1", "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName,
+ authorization, jsonInsert, keyspaceName, tableName);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+
+ assertEquals(400, response.getStatus());
+ }
+
@Test
public void test4_insertIntoTableCriticalNoLockID() throws Exception {
System.out.println("Testing critical insert into table without lockid");
assertEquals(200, response.getStatus());
}
+
+ public void test5_updateTableNoBody() throws Exception {
+ System.out.println("Testing update table no body");
+ createTable();
+
+ Response response = data.updateTable("1", "1", "1", "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName,
+ authorization, null, keyspaceName, tableName, info);
+
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+
+ assertEquals(400, response.getStatus());
+ }
+
@Test
public void test5_updateTable_tableDNE() throws Exception {
System.out.println("Testing update table that does not exist");
Map<String, String> row0 = (Map<String, String>) result.get("row 0");
assertEquals("testname", row0.get("emp_name"));
assertEquals(BigInteger.valueOf(500), row0.get("emp_salary"));
- }
+ }
+
@Test
public void test6_critical_selectCritical_nolockid() throws Exception {
assertTrue(respMap.containsKey("lock"));
assertTrue(((Map<String, String>) respMap.get("lock")).containsKey("lock"));
}
+
+ @Test
+ public void test_createBadLockReference() throws Exception {
+ System.out.println("Testing create bad lockref");
+ createAndInsertIntoTable();
+ Response response = lock.createLockReference("badlock", "1", "1", authorization,
+ "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", null, appName);
+ Map<String, Object> respMap = (Map<String, Object>) response.getEntity();
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+
+ assertEquals(400, response.getStatus());
+ }
@Test
public void test_createReadLock() throws Exception {
assertEquals(200, response.getStatus());
}
+ @Test
+ public void test_accquireBadLockWLease() throws Exception {
+ System.out.println("Testing acquire bad lock ref with lease");
+ createAndInsertIntoTable();
+ String lockRef = createLockReference();
+
+ JsonLeasedLock jsonLock = new JsonLeasedLock();
+ jsonLock.setLeasePeriod(10000); // 10 second lease period?
+ Response response = lock.accquireLockWithLease(jsonLock, "badlock", "1", "1", authorization,
+ "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(400, response.getStatus());
+ }
+
@Test
public void test_accquireBadLock() throws Exception {
System.out.println("Testing acquire lock that is not lock-holder");
assertEquals(400, response.getStatus());
}
+ @Test
+ public void test_accquireBadLockRef() throws Exception {
+ System.out.println("Testing acquire bad lock ref");
+ createAndInsertIntoTable();
+ // This is required to create an initial loc reference.
+ String lockRef1 = createLockReference();
+
+ Response response = lock.accquireLock("badlockref", "1", "1", authorization,
+ "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(400, response.getStatus());
+ }
+
@Test
public void test_currentLockHolder() throws Exception {
System.out.println("Testing get current lock holder");
assertEquals(lockRef, ((Map<String, String>) respMap.get("lock")).get("lock-holder"));
}
+ @Test
+ public void test_nocurrentLockHolder() throws Exception {
+ System.out.println("Testing get current lock holder w/ bad lockref");
+ createAndInsertIntoTable();
+
+ Response response =
+ lock.enquireLock(lockName, "1", "1", authorization, "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(400, response.getStatus());
+ }
+
+ @Test
+ public void test_badcurrentLockHolder() throws Exception {
+ System.out.println("Testing get current lock holder w/ bad lockref");
+ createAndInsertIntoTable();
+
+ String lockRef = createLockReference();
+
+ Response response =
+ lock.enquireLock("badlock", "1", "1", authorization, "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(400, response.getStatus());
+ }
+
+ @Test
+ public void test_holders() throws Exception {
+ System.out.println("Testing holders api");
+ createAndInsertIntoTable();
+
+ String lockRef = createLockReference();
+
+ Response response =
+ lock.currentLockHolder(lockName, "1", "1", authorization, "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(200, response.getStatus());
+ Map<String, Object> respMap = (Map<String, Object>) response.getEntity();
+ //TODO: this should be lockRef
+ assertEquals("1", ((Map<String, String>) respMap.get("lock")).get("lock-holder"));
+ }
+
+ @Test
+ public void test_holdersbadRef() throws Exception {
+ System.out.println("Testing holders api w/ bad lockref");
+ createAndInsertIntoTable();
+
+ String lockRef = createLockReference();
+
+ Response response =
+ lock.currentLockHolder("badname", "1", "1", authorization, "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(400, response.getStatus());
+ }
+
@Test
public void test_unLock() throws Exception {
System.out.println("Testing unlock");
assertEquals(200, response.getStatus());
}
+ @Test
+ public void test_unLockBadRef() throws Exception {
+ System.out.println("Testing unlock w/ bad lock ref");
+ createAndInsertIntoTable();
+ String lockRef = createLockReference();
+
+ Response response =
+ lock.unLock("badref", "1", "1", authorization, "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(400, response.getStatus());
+ }
+
@Test
public void test_getLockState() throws Exception {
System.out.println("Testing get lock state");
Map<String,Object> respMap = (Map<String, Object>) response.getEntity();
assertEquals(lockRef, ((Map<String,String>) respMap.get("lock")).get("lock-holder"));
}
+
+ @Test
+ public void test_getLockStateBadRef() throws Exception {
+ System.out.println("Testing get lock state w/ bad ref");
+ createAndInsertIntoTable();
+
+ String lockRef = createLockReference();
+
+ Response response = lock.currentLockState("badname", "1", "1", authorization,
+ "abc66ccc-d857-4e90-b1e5-df98a3d40ce6", appName);
+ System.out.println("Status: " + response.getStatus() + ". Entity " + response.getEntity());
+ assertEquals(400, response.getStatus());
+ }
// Ignoring since this is now a duplicate of delete lock ref.
@Test
public void test_deleteLock() throws Exception {
System.out.println("Testing get lock state");
createAndInsertIntoTable();
+
+ String lockRef = createLockReference();
Response response = lock.deleteLock(lockName, "1", "1",
"abc66ccc-d857-4e90-b1e5-df98a3d40ce6", authorization, appName);
--- /dev/null
+/*
+ * ============LICENSE_START==========================================
+ * org.onap.music
+ * ===================================================================
+ * Copyright (c) 2019 AT&T Intellectual Property
+ * ===================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END=============================================
+ * ====================================================================
+ */
+
+package org.onap.music.unittests.authentication;
+
+import static org.junit.Assert.*;
+import java.util.ArrayList;
+import java.util.List;
+import javax.servlet.ServletRequest;
+import org.junit.Test;
+import org.mockito.Mockito;
+import org.onap.aaf.cadi.CadiWrap;
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.music.authentication.AuthUtil;
+
+public class AuthUtilTest {
+
+ @Test
+ public void testGetAAFPermissions() {
+ CadiWrap cw = Mockito.mock(CadiWrap.class);
+ List<Permission> permList = new ArrayList<Permission>();
+ Permission perm1 = Mockito.mock(AAFPermission.class);
+ permList.add(perm1);
+ Mockito.when(cw.getPermissions(Mockito.any())).thenReturn(permList);
+
+ List<AAFPermission> returnedPerm = AuthUtil.getAAFPermissions(cw);
+
+ assertEquals(perm1, returnedPerm.get(0));
+ }
+
+ @Test
+ public void testDecodeFunctionCode() throws Exception {
+ String toDecode = "some%2dthing.something.%2a";
+ String decoded = AuthUtil.decodeFunctionCode(toDecode);
+
+ assertEquals("some-thing.something.*", decoded);
+ }
+
+ @Test
+ public void testIsAccessAllowed() throws Exception {
+ System.out.println("Request perms");
+ assertTrue(AuthUtil.isAccessAllowed(createRequest("*", "*"), "testns"));
+ }
+
+ @Test
+ public void testIsAccessNotAllowed() throws Exception {
+ System.out.println("Request to write when have read perms");
+ assertFalse(AuthUtil.isAccessAllowed(createRequest("POST", "GET"), "testns"));
+ }
+
+ @Test
+ public void testIsAccessAllowedNullRequest() {
+ try {
+ assertFalse(AuthUtil.isAccessAllowed(null, "namespace"));
+ fail("Should throw exception");
+ } catch (Exception e) {
+ }
+ }
+
+ @Test
+ public void testIsAccessAllowedNullNamespace() {
+ try {
+ assertFalse(AuthUtil.isAccessAllowed(createRequest(), null));
+ fail("Should throw exception");
+ } catch (Exception e) {
+ }
+ }
+
+ @Test
+ public void testIsAccessAllowedEmptyNamespace() {
+ try {
+ assertFalse(AuthUtil.isAccessAllowed(createRequest(), ""));
+ fail("Should throw exception");
+ } catch (Exception e) {
+ }
+ }
+
+ /**
+ *
+ * @param permRequested 'PUT', 'POST', 'GET', or 'DELETE'
+ * @param permGranted '*' or 'GET'
+ * @return
+ */
+ private ServletRequest createRequest(String permRequested, String permGranted) {
+ CadiWrap cw = Mockito.mock(CadiWrap.class);
+ List<Permission> permList = new ArrayList<Permission>();
+ AAFPermission perm1 = Mockito.mock(AAFPermission.class);
+ Mockito.when(perm1.getType()).thenReturn("testns");
+ Mockito.when(perm1.getKey()).thenReturn("org.onap.music.api.user.access|testns|" + permGranted);
+
+ permList.add(perm1);
+ Mockito.when(cw.getPermissions(Mockito.any())).thenReturn(permList);
+ Mockito.when(cw.getRequestURI()).thenReturn("/v2/locks/create/testns.MyTable.Field1");
+ Mockito.when(cw.getContextPath()).thenReturn("/v2/locks/create");
+ Mockito.when(cw.getMethod()).thenReturn(permRequested);
+
+ return cw;
+ }
+
+ private ServletRequest createRequest() {
+ return createRequest("POST","*");
+ }
+}
Code Review / music.git / commitdiff