2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017, 2019 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Modifications Copyright (C) 2019 Samsung
8 * ================================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 * ============LICENSE_END=========================================================
23 package org.onap.policy.daoImp;
25 import static org.junit.Assert.assertEquals;
26 import static org.junit.Assert.assertFalse;
27 import static org.junit.Assert.assertTrue;
28 import static org.junit.Assert.fail;
31 import java.util.ArrayList;
32 import java.util.Date;
33 import java.util.List;
34 import java.util.Properties;
36 import javax.script.SimpleBindings;
38 import org.apache.tomcat.dbcp.dbcp2.BasicDataSource;
39 import org.h2.tools.Server;
40 import org.hibernate.SessionFactory;
41 import org.junit.After;
42 import org.junit.Before;
43 import org.junit.Test;
44 import org.onap.policy.common.logging.flexlogger.FlexLogger;
45 import org.onap.policy.common.logging.flexlogger.Logger;
46 import org.onap.policy.conf.HibernateSession;
47 import org.onap.policy.controller.PolicyController;
48 import org.onap.policy.rest.jpa.OnapName;
49 import org.onap.policy.rest.jpa.PolicyEntity;
50 import org.onap.policy.rest.jpa.PolicyRoles;
51 import org.onap.policy.rest.jpa.PolicyVersion;
52 import org.onap.policy.rest.jpa.SystemLogDB;
53 import org.onap.policy.rest.jpa.UserInfo;
54 import org.onap.policy.rest.jpa.WatchPolicyNotificationTable;
55 import org.springframework.orm.hibernate4.LocalSessionFactoryBuilder;
56 import org.springframework.test.annotation.Rollback;
57 import org.springframework.transaction.annotation.Transactional;
59 public class CommonClassDaoImplTest {
61 private static Logger logger = FlexLogger.getLogger(CommonClassDaoImplTest.class);
63 SessionFactory sessionFactory;
65 CommonClassDaoImpl commonClassDao;
68 public void setUp() throws Exception {
70 BasicDataSource dataSource = new BasicDataSource();
71 dataSource.setDriverClassName("org.h2.Driver");
72 // In-memory DB for testing
73 dataSource.setUrl("jdbc:h2:mem:test");
74 dataSource.setUsername("sa");
75 dataSource.setPassword("");
76 LocalSessionFactoryBuilder sessionBuilder = new LocalSessionFactoryBuilder(dataSource);
77 sessionBuilder.scanPackages("org.onap.*", "com.*");
79 Properties properties = new Properties();
80 properties.put("hibernate.show_sql", "false");
81 properties.put("hibernate.dialect", "org.hibernate.dialect.H2Dialect");
82 properties.put("hibernate.hbm2ddl.auto", "drop");
83 properties.put("hibernate.hbm2ddl.auto", "create");
85 sessionBuilder.addProperties(properties);
86 sessionFactory = sessionBuilder.buildSessionFactory();
88 // Set up dao with SessionFactory
89 commonClassDao = new CommonClassDaoImpl();
90 CommonClassDaoImpl.setSessionfactory(sessionFactory);
91 PolicyController.setLogTableLimit("1");
92 HibernateSession.setSession(sessionFactory);
93 SystemLogDB data1 = new SystemLogDB();
94 data1.setDate(new Date());
95 data1.setLogtype("INFO");
96 data1.setRemote("Test");
97 data1.setSystem("Test");
98 data1.setType("Test");
99 SystemLogDB data2 = new SystemLogDB();
100 data2.setDate(new Date());
101 data2.setLogtype("error");
102 data2.setRemote("Test");
103 data2.setSystem("Test");
104 data2.setType("Test");
105 HibernateSession.getSession().save(data1);
106 HibernateSession.getSession().save(data2);
107 // Create TCP server for troubleshooting
108 server = Server.createTcpServer("-tcpAllowOthers").start();
109 System.out.println("URL: jdbc:h2:" + server.getURL() + "/mem:test");
111 } catch (Exception e) {
112 System.err.println(e);
120 public void testDB() {
123 UserInfo userinfo = new UserInfo();
124 userinfo.setUserLoginId("Test");
125 userinfo.setUserName("Test");
126 commonClassDao.save(userinfo);
127 OnapName onapName = new OnapName();
128 onapName.setOnapName("Test");
129 onapName.setUserCreatedBy(userinfo);
130 onapName.setUserModifiedBy(userinfo);
131 onapName.setModifiedDate(new Date());
132 commonClassDao.save(onapName);
134 List<Object> list = commonClassDao.getData(OnapName.class);
135 assertTrue(list.size() == 1);
136 logger.debug(list.size());
137 logger.debug(list.get(0));
138 } catch (Exception e) {
139 logger.debug("Exception Occured" + e);
147 public void testUser() {
150 UserInfo userinfo = new UserInfo();
151 String loginId_userName = "Test";
152 userinfo.setUserLoginId(loginId_userName);
153 userinfo.setUserName(loginId_userName);
154 commonClassDao.save(userinfo);
156 List<Object> dataCur = commonClassDao.getDataByQuery("from UserInfo", new SimpleBindings());
158 assertEquals(1, dataCur.size());
159 UserInfo cur = (UserInfo) dataCur.get(0);
160 assertEquals(loginId_userName, cur.getUserLoginId());
161 assertEquals(loginId_userName, cur.getUserName());
163 assertFalse(dataCur.isEmpty());
165 } catch (Exception e) {
166 logger.debug("Exception Occured" + e);
174 public void getDataByQuery_DashboardController() {
177 PolicyEntity pe = new PolicyEntity();
178 String name = "TestPolicy";
179 pe.setPolicyName(name);
180 pe.setPolicyData("dummyData");
182 pe.setScope("dummyScope");
183 pe.setDescription("descr");
184 pe.setDeleted(false);
185 pe.setCreatedBy("Test");
186 commonClassDao.save(pe);
188 List<Object> dataCur = commonClassDao.getDataByQuery("from PolicyEntity", new SimpleBindings());
190 assertTrue(1 == dataCur.size());
191 assertTrue(dataCur.get(0) instanceof PolicyEntity);
192 assertEquals(name, ((PolicyEntity) dataCur.get(0)).getPolicyName());
193 assertEquals(pe, ((PolicyEntity) dataCur.get(0)));
195 } catch (Exception e) {
196 logger.debug("Exception Occured" + e);
204 public void getDataByQuery_AutoPushController() {
207 PolicyVersion pv = new PolicyVersion();
208 pv.setActiveVersion(2);
209 pv.setPolicyName("myPname");
211 pv.setCreatedBy("Test");
212 pv.setModifiedBy("Test");
214 PolicyVersion pv2 = new PolicyVersion();
215 pv2.setActiveVersion(1);
216 pv2.setPolicyName("test");
218 pv2.setCreatedBy("Test");
219 pv2.setModifiedBy("Test");
221 commonClassDao.save(pv);
222 commonClassDao.save(pv2);
226 String query = "From PolicyVersion where policy_name like :scope and id > 0";
227 SimpleBindings params = new SimpleBindings();
228 params.put("scope", scope);
229 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
231 assertTrue(1 == dataCur.size());
232 assertEquals(pv, (PolicyVersion) dataCur.get(0));
234 } catch (Exception e) {
235 logger.debug("Exception Occured" + e);
243 public void getDataByQuery_PolicyNotificationMail() {
246 WatchPolicyNotificationTable watch = new WatchPolicyNotificationTable();
247 String policyFileName = "banana";
248 watch.setLoginIds("Test");
249 watch.setPolicyName("bananaWatch");
250 commonClassDao.save(watch);
252 if (policyFileName.contains("/")) {
253 policyFileName = policyFileName.substring(0, policyFileName.indexOf("/"));
254 policyFileName = policyFileName.replace("/", File.separator);
256 if (policyFileName.contains("\\")) {
257 policyFileName = policyFileName.substring(0, policyFileName.indexOf("\\"));
258 policyFileName = policyFileName.replace("\\", "\\\\");
261 // Current Implementation
262 policyFileName += "%";
263 String query = "from WatchPolicyNotificationTable where policyName like:policyFileName";
264 SimpleBindings params = new SimpleBindings();
265 params.put("policyFileName", policyFileName);
266 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
269 assertTrue(dataCur.size() == 1);
270 assertTrue(dataCur.get(0) instanceof WatchPolicyNotificationTable);
271 assertEquals(watch, (WatchPolicyNotificationTable) dataCur.get(0));
273 } catch (Exception e) {
274 logger.debug("Exception Occured" + e);
282 public void getDataByQuery_PolicyController() {
285 PolicyEntity pe = new PolicyEntity();
286 String name = "actionDummy";
287 pe.setPolicyName(name);
288 pe.setPolicyData("dummyData");
290 pe.setScope("dummyScope");
291 pe.setDescription("descr");
292 pe.setDeleted(false);
293 pe.setCreatedBy("Test");
294 commonClassDao.save(pe);
296 String dbCheckName = "dummyScope:action";
297 String[] splitDBCheckName = dbCheckName.split(":");
299 // Current Implementation
300 String query = "FROM PolicyEntity where policyName like :splitDBCheckName1 and scope = :splitDBCheckName0";
301 SimpleBindings params = new SimpleBindings();
302 params.put("splitDBCheckName1", splitDBCheckName[1] + "%");
303 params.put("splitDBCheckName0", splitDBCheckName[0]);
304 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
307 assertTrue(dataCur.size() == 1);
308 assertTrue(dataCur.get(0) instanceof PolicyEntity);
309 assertEquals(pe, (PolicyEntity) dataCur.get(0));
311 } catch (Exception e) {
312 logger.debug("Exception Occured" + e);
320 public void getDataByQuery_PolicyNotificationController() {
323 WatchPolicyNotificationTable watch = new WatchPolicyNotificationTable();
324 String finalName = "banana"; // Policy File Name
325 String userId = "Test";
326 watch.setLoginIds(userId);
327 watch.setPolicyName(finalName);
328 commonClassDao.save(watch);
330 // Current Implementation
331 String query = "from WatchPolicyNotificationTable where POLICYNAME = :finalName and LOGINIDS = :userId";
332 SimpleBindings params = new SimpleBindings();
333 params.put("finalName", finalName);
334 params.put("userId", userId);
335 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
338 assertTrue(dataCur.size() == 1);
339 assertTrue(dataCur.get(0) instanceof WatchPolicyNotificationTable);
340 assertEquals(watch, (WatchPolicyNotificationTable) dataCur.get(0));
342 } catch (Exception e) {
343 logger.debug("Exception Occured" + e);
349 * Test for SQL Injection Protection
355 public void getDataByQuery_PolicyNotificationController_Injection() {
358 WatchPolicyNotificationTable watch = new WatchPolicyNotificationTable();
359 String userId = "Test";
360 watch.setLoginIds(userId);
361 watch.setPolicyName("banana");
362 commonClassDao.save(watch);
364 WatchPolicyNotificationTable watch2 = new WatchPolicyNotificationTable();
365 watch2.setLoginIds(userId);
366 watch2.setPolicyName("banana2");
367 commonClassDao.save(watch2);
369 // SQL Injection attempt
370 String finalName = "banana' OR '1'='1";
372 // Current Implementation
373 String query = "from WatchPolicyNotificationTable where POLICYNAME = :finalName and LOGINIDS = :userId";
374 SimpleBindings params = new SimpleBindings();
375 params.put("finalName", finalName);
376 params.put("userId", userId);
377 List<Object> dataCur = commonClassDao.getDataByQuery(query, params);
380 assertTrue(dataCur.size() <= 1);
382 if (dataCur.size() >= 1) {
383 assertTrue(dataCur.get(0) instanceof WatchPolicyNotificationTable);
384 assertFalse(watch.equals((WatchPolicyNotificationTable) dataCur.get(0)));
385 assertFalse(watch.equals((WatchPolicyNotificationTable) dataCur.get(0)));
387 } catch (Exception e) {
388 logger.debug("Exception Occured" + e);
394 public void testCommonClassDaoImplMethods() {
396 UserInfo userInfo = new UserInfo();
397 userInfo.setUserLoginId("TestID");
398 userInfo.setUserName("Test");
399 commonClassDao.save(userInfo);
400 List<Object> data = commonClassDao.getDataById(UserInfo.class, "userLoginId:userName", "TestID:Test");
401 assertTrue(data.size() == 1);
402 UserInfo userInfoUpdate = (UserInfo) data.get(0);
403 userInfoUpdate.setUserName("Test1");
404 commonClassDao.update(userInfoUpdate);
405 List<String> data1 = commonClassDao.getDataByColumn(UserInfo.class, "userLoginId");
406 assertTrue(data1.size() == 1);
408 (UserInfo) commonClassDao.getEntityItem(UserInfo.class, "userLoginId:userName", "TestID:Test1");
409 assertTrue("TestID".equals(data2.getUserLoginId()));
411 commonClassDao.checkDuplicateEntry("TestID:Test1", "userLoginId:userName", UserInfo.class);
412 assertTrue(data3.size() == 1);
413 PolicyRoles roles = new PolicyRoles();
414 roles.setRole("admin");
415 roles.setLoginId(userInfo);
416 roles.setScope("test");
417 commonClassDao.save(roles);
418 List<PolicyRoles> roles1 = commonClassDao.getUserRoles();
419 assertTrue(roles1.size() == 1);
420 List<String> multipleData = new ArrayList<>();
421 multipleData.add("TestID:Test1");
422 List<Object> data4 = commonClassDao.getMultipleDataOnAddingConjunction(UserInfo.class,
423 "userLoginId:userName", multipleData);
424 assertTrue(data4.size() == 1);
425 commonClassDao.delete(data2);
426 } catch (Exception e) {
427 logger.debug("Exception Occured" + e);
433 public final void testGetLoggingData() {
434 SystemLogDbDaoImpl system = new SystemLogDbDaoImpl();
435 PolicyController.setjUnit(true);
437 assertTrue(system.getLoggingData() != null);
438 } catch (Exception e) {
444 public final void testGetSystemAlertData() {
445 SystemLogDbDaoImpl system = new SystemLogDbDaoImpl();
446 PolicyController.setjUnit(true);
448 assertTrue(system.getSystemAlertData() != null);
449 } catch (Exception e) {
455 public void deleteDB() {
456 sessionFactory.close();