X-Git-Url: https://gerrit.onap.org/r/gitweb?p=portal.git;a=blobdiff_plain;f=portal-BE%2Fsrc%2Ftest%2Fjava%2Forg%2Fonap%2Fportal%2Fcontroller%2FWidgetsControllerTest.java;h=0f27747133939939ff6be65370206ce1604f334d;hp=a90b38ff041f64366db4ffdc9b5ebb6b14b65339;hb=26abc89a7ce21999cccd88b77cd2ecda21cbe905;hpb=bfb078b48e3558777b60a91775ea3c239a1f3a05
diff --git a/portal-BE/src/test/java/org/onap/portal/controller/WidgetsControllerTest.java b/portal-BE/src/test/java/org/onap/portal/controller/WidgetsControllerTest.java
index a90b38ff..0f277471 100644
--- a/portal-BE/src/test/java/org/onap/portal/controller/WidgetsControllerTest.java
+++ b/portal-BE/src/test/java/org/onap/portal/controller/WidgetsControllerTest.java
@@ -55,18 +55,23 @@ import org.onap.portal.dao.fn.FnLanguageDao;
import org.onap.portal.dao.fn.FnUserDao;
import org.onap.portal.domain.db.fn.FnLanguage;
import org.onap.portal.domain.db.fn.FnUser;
+import org.onap.portal.domain.db.fn.FnWidget;
+import org.onap.portal.domain.dto.transport.FieldsValidator;
import org.onap.portal.domain.dto.transport.OnboardingWidget;
import org.onap.portal.framework.MockitoTestSuite;
+import org.onap.portal.service.WidgetService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.transaction.annotation.Transactional;
@RunWith(SpringRunner.class)
@SpringBootTest
@TestPropertySource(locations = "classpath:test.properties")
+@Transactional
public class WidgetsControllerTest {
private UsernamePasswordAuthenticationToken principal = new UsernamePasswordAuthenticationToken("demo",
@@ -80,11 +85,11 @@ public class WidgetsControllerTest {
@Autowired
private WidgetsController widgetsController;
@Autowired
- private
- FnUserDao fnUserDao;
+ private FnUserDao fnUserDao;
@Autowired
- private
- FnLanguageDao fnLanguageDao;
+ private FnLanguageDao fnLanguageDao;
+ @Autowired
+ private WidgetService widgetService;
private FnLanguage language = getFnLanguage();
private FnUser questUser = getQuestUser();
@@ -140,7 +145,108 @@ public class WidgetsControllerTest {
}
@Test
- public void putOnboardingWidget() {
+ public void putOnboardingWidgetSameWidget() {
+ //Given
+ UsernamePasswordAuthenticationToken notQuestprincipal = new UsernamePasswordAuthenticationToken("cs0008",
+ "demo123");
+ fnUserDao.save(notQuestUser);
+ when(request.getHeader("X-Widgets-Type")).thenReturn("managed");
+
+ OnboardingWidget onboardingWidget = OnboardingWidget.builder()
+ .id(123L)
+ .name("Application")
+ .appId(1421L)
+ .appName("Application name")
+ .width(123)
+ .height(45)
+ .url("testurl")
+ .build();
+
+
+ FnWidget fnWidget = FnWidget.builder()
+ .name("Application")
+ .appId(453L)
+ .width(123)
+ .height(45)
+ .url("testurl")
+ .build();
+
+ widgetService.saveOne(fnWidget);
+
+ FieldsValidator expected = new FieldsValidator();
+ //When
+ FieldsValidator actual = widgetsController.putOnboardingWidget(principal, fnWidget.getWidgetId(), onboardingWidget, response);
+ //Then
+ assertEquals(expected.getErrorCode(), actual.getErrorCode());
+ assertEquals(expected.getHttpStatusCode(), actual.getHttpStatusCode());
+ assertEquals(expected.getFields(), actual.getFields());
+ }
+
+ @Test
+ public void putOnboardingWidgetAOP() {
+ //Given
+ UsernamePasswordAuthenticationToken notQuestprincipal = new UsernamePasswordAuthenticationToken("cs0008",
+ "demo123");
+ fnUserDao.save(notQuestUser);
+ when(request.getHeader("X-Widgets-Type")).thenReturn("managed");
+
+ OnboardingWidget onboardingWidget = OnboardingWidget.builder()
+ .id(123L)
+ .name("")
+ .appId(1L)
+ .appName("")
+ .width(123)
+ .height(45)
+ .url("testurl")
+ .build();
+
+
+ FnWidget fnWidget = FnWidget.builder()
+ .name("Application")
+ .appId(1421L)
+ .width(123)
+ .height(45)
+ .url("testurl")
+ .build();
+
+ widgetService.saveOne(fnWidget);
+
+ FieldsValidator expected = new FieldsValidator();
+ expected.setHttpStatusCode(406L);
+ expected.addProblematicFieldName("appName can't be blank, appId value must be higher than 1");
+ //When
+ FieldsValidator actual = widgetsController.putOnboardingWidget(principal, fnWidget.getWidgetId(), onboardingWidget, response);
+ //Then
+ assertEquals(expected.getHttpStatusCode(), actual.getHttpStatusCode());
+ assertEquals(expected.getFields().size(), actual.getFields().size());
+ }
+
+ @Test
+ public void putOnboardingWidgetAOPXSSTest() {
+ //Given
+ UsernamePasswordAuthenticationToken notQuestprincipal = new UsernamePasswordAuthenticationToken("cs0008",
+ "demo123");
+ fnUserDao.save(notQuestUser);
+ when(request.getHeader("X-Widgets-Type")).thenReturn("managed");
+
+ OnboardingWidget onboardingWidget = OnboardingWidget.builder()
+ .id(123L)
+ .name("\n")
+ .appId(34L)
+ .appName("")
+ .width(123)
+ .height(45)
+ .url("testurl")
+ .build();
+
+ FieldsValidator expected = new FieldsValidator();
+ expected.setHttpStatusCode(406L);
+ expected.addProblematicFieldName("appName may have unsafe html content, name may have unsafe html content");
+ //When
+ FieldsValidator actual = widgetsController.putOnboardingWidget(principal, 15L, onboardingWidget, response);
+ //Then
+ assertEquals(expected.getHttpStatusCode(), actual.getHttpStatusCode());
+ assertEquals(expected.getFields().size(), actual.getFields().size());
}
@Test