ONAP-PAP-REST/src/test/java/org/onap/policy/pap/xacml/rest/components/FirewallConfigPolicyTest.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * ONAP-PAP-REST
   4  * ================================================================================
   5  * Copyright (C) 2017, 2019 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.onap.policy.pap.xacml.rest.components;
  22
  23 import static org.junit.Assert.*;
  24 import static org.mockito.Mockito.when;
  25
  26 import com.att.research.xacml.util.XACMLProperties;
  27
  28 import java.lang.reflect.InvocationTargetException;
  29 import java.lang.reflect.Method;
  30 import java.util.HashMap;
  31 import java.util.Map;
  32 import java.util.UUID;
  33
  34 import org.junit.After;
  35 import org.junit.Before;
  36 import org.junit.Test;
  37 import org.mockito.Mockito;
  38 import org.onap.policy.common.logging.flexlogger.FlexLogger;
  39 import org.onap.policy.common.logging.flexlogger.Logger;
  40 import org.onap.policy.pap.test.XACMLPAPTest;
  41 import org.onap.policy.rest.adapter.PolicyRestAdapter;
  42
  43 public class FirewallConfigPolicyTest {
  44
  45     private static Logger logger = FlexLogger.getLogger(FirewallConfigPolicyTest.class);
  46     PolicyRestAdapter policyAdapter = new PolicyRestAdapter();
  47     Map<String, String> attributeMap = new HashMap<>();
  48     FirewallConfigPolicy component = null;
  49     FirewallConfigPolicy mockFWConfig = null;
  50     private XACMLPAPTest papTest;
  51
  52     /**
  53      * @throws java.lang.Exception
  54      */
  55     @Before
  56     public void setUp() throws Exception {
  57         logger.info("setup: enter");
  58         System.setProperty(XACMLProperties.XACML_PROPERTIES_NAME, "src/test/resources/xacml.pap.properties");
  59
  60         policyAdapter.setPolicyName("FWjunitTest");
  61         policyAdapter.setPolicyDescription("test");
  62         policyAdapter.setRuleCombiningAlgId("urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-overrides");
  63         policyAdapter.setPolicyType("Config");
  64         policyAdapter.setConfigPolicyType("Firewall Config");
  65         policyAdapter.setEditPolicy(false);
  66         policyAdapter.setDomainDir("Test");
  67         policyAdapter.setNewFileName("Test.Config_FW_junitTest.1.xml");
  68         policyAdapter.setHighestVersion(1);
  69         policyAdapter.setVersion(String.valueOf(1));
  70         policyAdapter.setPolicyID("urn:xacml:policy:id:" + UUID.randomUUID());
  71         policyAdapter.setRuleID("");
  72         policyAdapter.setConfigName("testname");
  73         policyAdapter.setGuard("True");
  74         policyAdapter.setRiskLevel("3");
  75         policyAdapter.setRiskType("RiskTest");
  76         policyAdapter.setSecurityZone("CraigSecurityZone");
  77         policyAdapter.setUserId("API");
  78
  79         attributeMap.put("testJunits", "test");
  80         policyAdapter.setDynamicFieldConfigAttributes(attributeMap);
  81
  82         component = new FirewallConfigPolicy(policyAdapter);
  83         mockFWConfig = Mockito.mock(FirewallConfigPolicy.class);
  84         papTest = new XACMLPAPTest();
  85         papTest.setDBDao();
  86         logger.info("setUp: exit");
  87
  88     }
  89
  90     /**
  91      * @throws java.lang.Exception
  92      */
  93     @After
  94     public void tearDown() throws Exception {
  95     }
  96
  97     /**
  98      * Test method for {@link org.openecomp.policy.pap.xacml.rest.components.FirewallConfigPolicy#savePolicies()}.
  99      */
 100     @Test
 101     public void testSavePolicies() {
 102         Map<String, String> successMap = new HashMap<>();
 103         successMap.put("success", "success");
 104         try {
 105             when(mockFWConfig.savePolicies()).thenReturn(successMap);
 106             successMap = mockFWConfig.savePolicies();
 107         } catch (Exception e) {
 108             logger.error("Exception Occured" + e);
 109         }
 110     }
 111
 112     /**
 113      * Test method for {@link org.openecomp.policy.pap.xacml.rest.components.FirewallConfigPolicy#prepareToSave()}.
 114      */
 115     @Test
 116     public void testPrepareToSave() {
 117         logger.debug("test prepareToSave Policy: enter");
 118
 119         boolean response = false;
 120         try {
 121             when(mockFWConfig.prepareToSave()).thenReturn(true);
 122             response = mockFWConfig.prepareToSave();
 123         } catch (Exception e) {
 124             logger.error("Exception Occured" + e);
 125         }
 126         assertTrue(response);
 127
 128     }
 129
 130     @Test
 131     public void testUpdateJson() throws NoSuchMethodException, SecurityException, IllegalAccessException,
 132             IllegalArgumentException, InvocationTargetException {
 133         FirewallConfigPolicy firewallConfigPolicy = new FirewallConfigPolicy();
 134         Method method = firewallConfigPolicy.getClass().getDeclaredMethod("updateFirewallDictionaryData", String.class,
 135                 String.class);
 136         method.setAccessible(true);
 137         String jsonBody =
 138                 "{\"serviceTypeId\":\"/v0/firewall/pan\",\"configName\":\"TestFwPolicyConfig\",\"deploymentOption\":"
 139                 + "{\"deployNow\":false},\"securityZoneId\":\"cloudsite:dev1a\",\"serviceGroups\":[{\"name\":"
 140                 + "\"SSH\",\"description\":\"Sshservice entry in servicelist\",\"type\":\"SERVICE\","
 141                 + "\"transportProtocol\":\"tcp\",\"appProtocol\":null,\"ports\":\"22\"}],\"addressGroups\":"
 142                 + "[{\"name\":\"test\",\"description\":\"Destination\",\"members\":[{\"type\":\"SUBNET\",\"value\":"
 143                 + "\"127.0.0.1/12\"}]},{\"name\":\"TestServers\",\"description\":"
 144                 + "\"SourceTestServers for firsttesting\",\"members\":[{\"type\":\"SUBNET\",\"value\":"
 145                 + "\"127.0.0.1/23\"}]}],\"firewallRuleList\":[{\"position\":\"1\",\"ruleName\":"
 146                 + "\"FWRuleTestServerToTest\",\"fromZones\":[\"UntrustedZoneTestName\"],\"toZones\":"
 147                 + "[\"TrustedZoneTestName\"],\"negateSource\":false,\"negateDestination\":false,\"sourceList\":"
 148                 + "[{\"type\":\"REFERENCE\",\"name\":\"TestServers\"}],\"destinationList\":[{\"type\":"
 149                 + "\"REFERENCE\",\"name\":\"Test\"}],\"sourceServices\":[],\"destServices\":[{\"type\":"
 150                 + "\"REFERENCE\",\"name\":\"SSH\"}],\"action\":\"accept\",\"description\":"
 151                 + "\"FWrule for Test source to Test destination\",\"enabled\":true,\"log\":true}]}";
 152         String prevJsonBody =
 153                 "{\"serviceTypeId\":\"/v0/firewall/pan\",\"configName\":\"TestFwPolicy1Config\","
 154                 + "\"deploymentOption\":{\"deployNow\":false},\"securityZoneId\":\"cloudsite:dev\","
 155                 + "\"vendorServiceId\":\"test\",\"vendorSpecificData\":{\"idMap\":[{\"Id\":\"cloudsite:dev1a\","
 156                 + "\"vendorId\":\"deviceGroup:dev\"}]},\"serviceGroups\":[{\"name\":\"SSH\",\"description\":"
 157                 + "\"Ssh service entry in service list\",\"type\":\"SERVICE\",\"transportProtocol\":\"tcp\","
 158                 + "\"appProtocol\":null,\"ports\":\"22\"}],\"addressGroups\":[{\"name\":\"Test\",\"description\":"
 159                 + "\"Destination Test\",\"members\":[{\"type\":\"SUBNET\",\"value\":\"127.0.0.1/12\"}]},{\"name\":"
 160                 + "\"TestServers\",\"description\":\"Source TestServers for first testing\",\"members\":[{\"type\":"
 161                 + "\"SUBNET\",\"value\":\"127.0.0.1/23\"}]}],\"firewallRuleList\":[{\"position\":\"1\",\"ruleName\":"
 162                 + "\"FWRuleTestServerTot\",\"fromZones\":[\"UntrustedZoneTestName\"],\"toZones\":"
 163                 + "[\"TrustedZoneTName\"],\"negateSource\":false,\"negateDestination\":false,\"sourceList\":"
 164                 + "[{\"type\":\"REFERENCE\",\"name\":\"TServers\"}],\"destinationList\":[{\"type\":\"REFERENCE\","
 165                 + "\"name\":\"Test\"}],\"sourceServices\":[],\"destServices\":[{\"type\":\"REFERENCE\",\"name\":"
 166                 + "\"SSH\"}],\"action\":\"accept\",\"description\":\"FW rule for HOHO source to CiscoVCE destination\","
 167                 + "\"enabled\":true,\"log\":true}]}";
 168         assertTrue((Boolean) method.invoke(firewallConfigPolicy, jsonBody, prevJsonBody));
 169     }
 170
 171     @Test
 172     public void testInsertJson() throws NoSuchMethodException, SecurityException, IllegalAccessException,
 173             IllegalArgumentException, InvocationTargetException {
 174         FirewallConfigPolicy firewallConfigPolicy = new FirewallConfigPolicy();
 175         Method method = firewallConfigPolicy.getClass().getDeclaredMethod("insertFirewallDicionaryData", String.class);
 176         method.setAccessible(true);
 177         String jsonBody =
 178                 "{\"serviceTypeId\":\"/v0/firewall/pan\",\"configName\":\"TestFwPolicyConfig\",\"deploymentOption\":"
 179                 + "{\"deployNow\":false},\"securityZoneId\":\"cloudsite:dev1a\",\"serviceGroups\":[{\"name\":\"SSH\","
 180                 + "\"description\":\"Sshservice entry in servicelist\",\"type\":\"SERVICE\",\"transportProtocol\":"
 181                 + "\"tcp\",\"appProtocol\":null,\"ports\":\"22\"}],\"addressGroups\":[{\"name\":\"test\","
 182                 + "\"description\":\"Destination\",\"members\":[{\"type\":\"SUBNET\",\"value\":\"127.0.0.1/12\"}]},"
 183                 + "{\"name\":\"TestServers\",\"description\":\"SourceTestServers for firsttesting\",\"members\":"
 184                 + "[{\"type\":\"SUBNET\",\"value\":\"127.0.0.1/23\"}]}],\"firewallRuleList\":[{\"position\":\"1\","
 185                 + "\"ruleName\":\"FWRuleTestServerToTest\",\"fromZones\":[\"UntrustedZoneTestName\"],\"toZones\":"
 186                 + "[\"TrustedZoneTestName\"],\"negateSource\":false,\"negateDestination\":false,\"sourceList\":"
 187                 + "[{\"type\":\"REFERENCE\",\"name\":\"TestServers\"}],\"destinationList\":[{\"type\":\"REFERENCE\","
 188                 + "\"name\":\"Test\"}],\"sourceServices\":[],\"destServices\":[{\"type\":\"REFERENCE\",\"name\":"
 189                 + "\"SSH\"}],\"action\":\"accept\",\"description\":\"FWrule for Test source to Test destination\","
 190                 + "\"enabled\":true,\"log\":true}]}";
 191         assertTrue((Boolean) method.invoke(firewallConfigPolicy, jsonBody));
 192     }
 193
 194 }