ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/SharedContextRestControllerTest.java

   1 package org.onap.portalapp.portal.controller;
   2 /*-
   3  * ============LICENSE_START==========================================
   4  * ONAP Portal
   5  * ===================================================================
   6  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
   7  * ===================================================================
   8  *
   9  * Unless otherwise specified, all software contained herein is licensed
  10  * under the Apache License, Version 2.0 (the "License");
  11  * you may not use this software except in compliance with the License.
  12  * You may obtain a copy of the License at
  13  *
  14  *             http://www.apache.org/licenses/LICENSE-2.0
  15  *
  16  * Unless required by applicable law or agreed to in writing, software
  17  * distributed under the License is distributed on an "AS IS" BASIS,
  18  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  19  * See the License for the specific language governing permissions and
  20  * limitations under the License.
  21  *
  22  * Unless otherwise specified, all documentation contained herein is licensed
  23  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  24  * you may not use this documentation except in compliance with the License.
  25  * You may obtain a copy of the License at
  26  *
  27  *             https://creativecommons.org/licenses/by/4.0/
  28  *
  29  * Unless required by applicable law or agreed to in writing, documentation
  30  * distributed under the License is distributed on an "AS IS" BASIS,
  31  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  32  * See the License for the specific language governing permissions and
  33  * limitations under the License.
  34  *
  35  * ============LICENSE_END============================================
  36  *
  37  *
  38  */
  39
  40
  41 import static org.junit.Assert.assertNotNull;
  42
  43 import com.fasterxml.jackson.databind.ObjectMapper;
  44 import java.util.ArrayList;
  45 import java.util.HashMap;
  46 import java.util.List;
  47 import java.util.Map;
  48 import java.util.UUID;
  49 import javax.servlet.http.HttpServletRequest;
  50 import javax.servlet.http.HttpServletResponse;
  51 import org.apache.commons.logging.Log;
  52 import org.apache.commons.logging.LogFactory;
  53 import org.json.JSONObject;
  54 import org.junit.Before;
  55 import org.junit.Test;
  56 import org.junit.runner.RunWith;
  57 import org.mockito.InjectMocks;
  58 import org.mockito.Matchers;
  59 import org.mockito.Mock;
  60 import org.mockito.Mockito;
  61 import org.mockito.MockitoAnnotations;
  62 import org.onap.portalapp.portal.core.MockEPUser;
  63 import org.onap.portalapp.portal.domain.SharedContext;
  64 import org.onap.portalapp.portal.exceptions.NotValidDataException;
  65 import org.onap.portalapp.portal.framework.MockitoTestSuite;
  66 import org.onap.portalapp.portal.service.SharedContextService;
  67 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
  68 import org.powermock.api.mockito.PowerMockito;
  69 import org.powermock.core.classloader.annotations.PrepareForTest;
  70 import org.powermock.modules.junit4.PowerMockRunner;
  71
  72 /**
  73  * Tests the endpoints exposed by the Shared Context controller in Portal.
  74  */
  75 @RunWith(PowerMockRunner.class)
  76 @PrepareForTest({SharedContext.class,EPCommonSystemProperties.class})
  77
  78 public class SharedContextRestControllerTest {
  79
  80         @Mock
  81         SharedContextService contextService;
  82
  83         @InjectMocks
  84         SharedContextRestController sharedContextRestController=new SharedContextRestController(contextService);
  85
  86         @Before
  87         public void setup() {
  88                 MockitoAnnotations.initMocks(this);
  89         }
  90
  91
  92         MockEPUser mockUser = new MockEPUser();
  93         MockitoTestSuite mockitoTestSuite = new MockitoTestSuite();
  94
  95         HttpServletRequest mockedRequest = mockitoTestSuite.getMockedRequest();
  96         HttpServletResponse mockedResponse = mockitoTestSuite.getMockedResponse();
  97         NullPointerException nullPointerException = new NullPointerException();
  98
  99         private final Log logger = LogFactory.getLog(getClass());
 100
 101         //private final SharedContextTestProperties properties;
 102
 103         private final String ckey = "ckey";
 104         private final String cvalue = "cvalue";
 105
 106         // Supposed to be a Portal session ID
 107         private final String cxid = UUID.randomUUID().toString();
 108
 109         private final String key = "key123";
 110         private final String value1 = "first value";
 111         private final String value2 = "second value";
 112
 113         /*public SharedContextRestControllerTest() throws IOException {
 114                 properties = new SharedContextTestProperties();
 115         }*/
 116
 117         @SuppressWarnings("unchecked")
 118         //@Test
 119         /*public void test() throws Exception {
 120                 String response = null, val = null;
 121                 ObjectMapper mapper = new ObjectMapper();
 122                 Map<String, Object> responseMap, jsonMap;
 123
 124                 logger.info("Get on empty context");
 125                 response = SharedContextRestClient.getJson(properties, "get", cxid, key);
 126                 // Should not exist - just generated the UUID
 127                 Map<String, Object> responseMap1 = mapper.readValue(response, Map.class);
 128                 response = (String) responseMap1.get("response");
 129                 Assert.assertNull(response);
 130
 131                 logger.info("Set a new context");
 132                 response = setContext(cxid, key, value1);
 133                 Assert.assertNotNull(response);
 134                 responseMap = mapper.readValue(response, Map.class);
 135                 String responseValue = (String) responseMap.get("response");
 136                 Assert.assertNotNull(responseValue);
 137                 Assert.assertEquals("added", responseValue);
 138
 139                 logger.info("Get existing context");
 140                 response = SharedContextRestClient.getJson(properties, "get", cxid, key);
 141                 responseMap = mapper.readValue(response, Map.class);
 142                 jsonMap = (Map<String,Object>) responseMap.get("response");
 143                 Assert.assertNotNull(jsonMap);
 144                 val = (String) jsonMap.get(cvalue);
 145                 Assert.assertEquals(val, value1);
 146
 147                 logger.info("Overwrite exiting context");
 148                 response = setContext(cxid, key, value2);
 149                 Assert.assertNotNull(response);
 150                 responseMap = mapper.readValue(response, Map.class);
 151                 response = (String) responseMap.get("response");
 152                 Assert.assertNotNull(responseValue);
 153                 // Assert.assertEquals("replaced", responseValue);
 154
 155                 logger.info("Get existing context to verify overwrite");
 156                 response = SharedContextRestClient.getJson(properties, "get", cxid, key);
 157                 responseMap = mapper.readValue(response, Map.class);
 158                 jsonMap = (Map<String,Object>) responseMap.get("response");
 159                 Assert.assertNotNull(jsonMap);
 160                 val = (String) jsonMap.get(cvalue);
 161                 Assert.assertEquals(val, value2);
 162
 163                 logger.info("Delete one context");
 164                 response = SharedContextRestClient.getJson(properties, "remove", cxid, key);
 165                 responseMap = mapper.readValue(response, Map.class);
 166                 response = (String) responseMap.get("response");
 167                 Assert.assertEquals(response, "removed");
 168
 169                 logger.info("Clear the context");
 170                 response = SharedContextRestClient.getJson(properties, "clear", cxid, null);
 171                 Assert.assertEquals("", response);
 172         }
 173
 174         private String setContext(String context, String id, String value) throws Exception {
 175                 ObjectMapper mapper = new ObjectMapper();
 176                 HashMap<String,String> stringMap = new HashMap<String,String>();
 177                 stringMap.put("context_id", cxid);
 178                 stringMap.put(ckey, key);
 179                 stringMap.put(cvalue, value2);
 180                 String json = mapper.writeValueAsString(stringMap);
 181                 String response = SharedContextRestClient.postJson(properties, "set", json);
 182                 return response;
 183         }*/
 184
 185         @Test
 186         public void getContextTest() throws Exception{
 187                 SharedContext sharedContext=new SharedContext();
 188                 sharedContext.setContext_id("test_contextid");
 189                 sharedContext.setCkey("test_ckey");
 190                 Mockito.when(contextService.getSharedContext(Matchers.any(), Matchers.any())).thenReturn(sharedContext);
 191                 String result = sharedContextRestController.getContext(mockedRequest, "12","test");
 192                 assertNotNull(result);
 193         }
 194
 195         @Test
 196         public void getContextTestWithContextNull() throws Exception{
 197                 SharedContext sharedContext=new SharedContext();
 198                 sharedContext.setContext_id("test_contextid");
 199                 sharedContext.setCkey("test_ckey");
 200                 Mockito.when(contextService.getSharedContext(Matchers.any(), Matchers.any())).thenReturn(null);
 201                 String result = sharedContextRestController.getContext(mockedRequest, "12","test");
 202                 assertNotNull(result);
 203         }
 204
 205         @Test(expected=Exception.class)
 206         public void getContextTestWithException() throws Exception{
 207                 sharedContextRestController.getContext(mockedRequest, null,null);
 208         }
 209
 210         @Test(expected=NotValidDataException.class)
 211         public void getContextTestNotValidDataException() throws Exception{
 212                 sharedContextRestController.getContext(mockedRequest, "<script>alert(\"hellox worldss\");</script>","test");
 213         }
 214
 215         @Test(expected=NotValidDataException.class)
 216         public void getContextTest2NotValidDataException() throws Exception{
 217                 sharedContextRestController.getContext(mockedRequest, "test","“><script>alert(“XSS”)</script>");
 218         }
 219
 220         @Test(expected=NotValidDataException.class)
 221         public void getContextTest3NotValidDataException() throws Exception{
 222                 sharedContextRestController.getContext(mockedRequest, "<ScRipT>alert(\"XSS\");</ScRipT>","“><script>alert(“XSS”)</script>");
 223         }
 224
 225         @Test(expected= Exception.class)
 226         public void getUserContextTest() throws Exception{
 227                 sharedContextRestController.getUserContext(mockedRequest, null);
 228         }
 229
 230         @Test(expected= NotValidDataException.class)
 231         public void getUserContextXSSTest() throws Exception{
 232                 sharedContextRestController.getUserContext(mockedRequest, "<svg><script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}");
 233         }
 234
 235         @Test
 236         public void getUserContextTestWithContext() throws Exception{
 237                 PowerMockito.mock(SharedContext.class);
 238                 SharedContext sharedContext=new SharedContext();
 239                 sharedContext.setContext_id("test_contextid");
 240                 sharedContext.setCkey("test_ckey");
 241                 List<SharedContext> listSharedContext = new ArrayList<SharedContext>();
 242                 listSharedContext.add(sharedContext);
 243                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(sharedContext);
 244                 String response=sharedContextRestController.getUserContext(mockedRequest, "12");
 245                 assertNotNull(response);
 246         }
 247
 248         @Test
 249         public void checkContextTest() throws Exception{
 250                 SharedContext sharedContext=new SharedContext();
 251                 sharedContext.setContext_id("test_contextid");
 252                 sharedContext.setCkey("test_ckey");
 253                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(sharedContext);
 254                 String response=sharedContextRestController.checkContext(mockedRequest, "12","test");
 255                 assertNotNull(response);
 256         }
 257
 258         @Test(expected=Exception.class)
 259         public void checkContextTestWithContextIdNull() throws Exception{
 260                 SharedContext sharedContext=new SharedContext();
 261                 sharedContext.setContext_id("test_contextid");
 262                 sharedContext.setCkey("test_ckey");
 263                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(sharedContext);
 264                 sharedContextRestController.checkContext(mockedRequest, null,null);
 265         }
 266
 267         @Test(expected=NotValidDataException.class)
 268         public void checkContextTestWithContextXSSl() throws Exception{
 269                 SharedContext sharedContext=new SharedContext();
 270                 sharedContext.setContext_id("test_contextid");
 271                 sharedContext.setCkey("test_ckey");
 272                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(sharedContext);
 273                 sharedContextRestController.checkContext(mockedRequest,
 274                         "<ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?","<script>alert(123);</script>");
 275         }
 276
 277         @Test
 278         public void removeContextTest() throws Exception{
 279                 SharedContext sharedContext=new SharedContext();
 280                 sharedContext.setContext_id("test_contextid");
 281                 sharedContext.setCkey("test_ckey");
 282                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(sharedContext);
 283
 284                 //Mockito.when(contextService.deleteSharedContext(sharedContext));
 285                 String actual=sharedContextRestController.removeContext(mockedRequest, "12","test");
 286                 assertNotNull(actual);
 287
 288         }
 289
 290         @Test(expected=Exception.class)
 291         public void removeContextTestWithContextNull() throws Exception{
 292                 SharedContext sharedContext=new SharedContext();
 293                 sharedContext.setContext_id("test_contextid");
 294                 sharedContext.setCkey("test_ckey");
 295                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(sharedContext);
 296
 297                 //Mockito.when(contextService.deleteSharedContext(sharedContext));
 298                 String actual=sharedContextRestController.removeContext(mockedRequest, null,null);
 299                 assertNotNull(actual);
 300
 301         }
 302
 303         @Test(expected=NotValidDataException.class)
 304         public void removeContextTestWithContextXSS() throws Exception{
 305                 SharedContext sharedContext=new SharedContext();
 306                 sharedContext.setContext_id("test_contextid");
 307                 sharedContext.setCkey("test_ckey");
 308                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(sharedContext);
 309
 310                 //Mockito.when(contextService.deleteSharedContext(sharedContext));
 311                 String actual=sharedContextRestController.removeContext(mockedRequest,
 312                         "<script>alert(“XSS”)</script> ","<script>alert(/XSS/)</script>");
 313                 assertNotNull(actual);
 314
 315         }
 316
 317         @Test(expected=Exception.class)
 318         public void clearContextTestwithContextIdNull() throws Exception{
 319
 320                 Mockito.when(contextService.deleteSharedContexts(Matchers.any())).thenReturn(12);
 321
 322                 String actual=sharedContextRestController.clearContext(mockedRequest,null);
 323                 assertNotNull(actual);
 324
 325         }
 326
 327         @Test(expected=NotValidDataException.class)
 328         public void clearContextTestwithContextXSS() throws Exception{
 329
 330                 Mockito.when(contextService.deleteSharedContexts(Matchers.any())).thenReturn(12);
 331
 332                 String actual=sharedContextRestController.clearContext(mockedRequest,"<script>alert(123)</script>");
 333                 assertNotNull(actual);
 334
 335         }
 336
 337         @Test
 338         public void clearContextTest() throws Exception{
 339
 340                 Mockito.when(contextService.deleteSharedContexts(Matchers.any())).thenReturn(12);
 341
 342                 String actual=sharedContextRestController.clearContext(mockedRequest,"12");
 343                 assertNotNull(actual);
 344
 345         }
 346
 347         @Test
 348         public void setContextTest() throws Exception{
 349                 ObjectMapper mapper = new ObjectMapper();
 350                 Map<String, Object> userData = new HashMap<String, Object>();
 351                 userData.put("context_id", "test_contextId");
 352                 userData.put("ckey", "test_ckey");
 353                 userData.put("cvalue", "test_cvalue");
 354                 //String testUserJson=Matchers.anyString();
 355                 JSONObject testUserJson = new JSONObject();
 356                 testUserJson.put("context_id", "test1ContextId");
 357                 testUserJson.put("ckey", "testCkey");
 358                 testUserJson.put("cvalue", "testCValue");
 359                 Map<String, Object> userData1 = mapper.readValue(testUserJson.toString(), Map.class);
 360                 SharedContext sharedContext=new SharedContext();
 361                 sharedContext.setContext_id("test_contextid");
 362                 sharedContext.setCkey("test_ckey");
 363                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(sharedContext);
 364                 // Mockito.when(mapper.readValue("true", Map.class)).thenReturn(userData);
 365                 String actual=sharedContextRestController.setContext(mockedRequest,testUserJson.toString());
 366
 367         }
 368
 369         @Test(expected=Exception.class)
 370         public void setContextTestWithContextNull() throws Exception{
 371                 ObjectMapper mapper = new ObjectMapper();
 372                 Map<String, Object> userData = new HashMap<String, Object>();
 373                 userData.put("context_id", "test_contextId");
 374                 userData.put("ckey", "test_ckey");
 375                 userData.put("cvalue", "test_cvalue");
 376                 //String testUserJson=Matchers.anyString();
 377                 JSONObject testUserJson = new JSONObject();
 378                 testUserJson.put("context_id", "test1ContextId");
 379                 testUserJson.put("ckey", "testCkey");
 380                 testUserJson.put("cvalue", "testCValue");
 381                 Map<String, Object> userData1 = mapper.readValue(testUserJson.toString(), Map.class);
 382                 SharedContext sharedContext=new SharedContext();
 383                 sharedContext.setContext_id("test_contextid");
 384                 sharedContext.setCkey("test_ckey");
 385                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(null);
 386                 Mockito.when(userData1.get(ckey)).thenReturn(null);
 387                 Mockito.when(userData1.get(cxid)).thenReturn(null);
 388
 389                 // Mockito.when(mapper.readValue("true", Map.class)).thenReturn(userData);
 390                 String actual=sharedContextRestController.setContext(mockedRequest,testUserJson.toString());
 391
 392         }
 393
 394         @Test(expected=NotValidDataException.class)
 395         public void setContextTestWithContextXSS() throws Exception{
 396                 ObjectMapper mapper = new ObjectMapper();
 397                 Map<String, Object> userData = new HashMap<String, Object>();
 398                 userData.put("context_id", "test_contextId");
 399                 userData.put("ckey", "<script>alert(‘XSS’)</script>");
 400                 userData.put("cvalue", "test_cvalue");
 401                 //String testUserJson=Matchers.anyString();
 402                 JSONObject testUserJson = new JSONObject();
 403                 testUserJson.put("context_id", "test1ContextId");
 404                 testUserJson.put("ckey", "testCkey");
 405                 testUserJson.put("cvalue", "<script>alert(‘XSS’)</script>");
 406                 Map<String, Object> userData1 = mapper.readValue(testUserJson.toString(), Map.class);
 407                 SharedContext sharedContext=new SharedContext();
 408                 sharedContext.setContext_id("test_contextid");
 409                 sharedContext.setCkey("test_ckey");
 410                 Mockito.when(contextService.getSharedContext(Matchers.any(),Matchers.any())).thenReturn(sharedContext);
 411                 // Mockito.when(mapper.readValue("true", Map.class)).thenReturn(userData);
 412                 String actual=sharedContextRestController.setContext(mockedRequest,testUserJson.toString());
 413
 414         }
 415
 416 }