Added Junits
Issue-ID: PORTAL-155
Includes JUNITS, security issues fix
Change-Id: I7c4032808163c46bf53477195823c7ed9dc99edc
Signed-off-by:GUJJA <kg811t@research.att.com>
diff --git a/ecomp-portal-BE-common/pom.xml b/ecomp-portal-BE-common/pom.xml
index 261cf31..320e77a 100644
--- a/ecomp-portal-BE-common/pom.xml
+++ b/ecomp-portal-BE-common/pom.xml
@@ -172,10 +172,6 @@
<groupId>org.slf4j</groupId>
<artifactId>log4j-over-slf4j</artifactId>
</exclusion>
- <exclusion>
- <groupId>ch.qos.logback</groupId>
- <artifactId>logback-classic</artifactId>
- </exclusion>
</exclusions>
</dependency>
<!-- Hibernate -->
@@ -338,7 +334,7 @@
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi</artifactId>
- <version>3.5-FINAL</version>
+ <version>3.17</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
@@ -353,7 +349,7 @@
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml</artifactId>
- <version>3.5-FINAL</version>
+ <version>3.17</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
@@ -556,7 +552,7 @@
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
- <version>1.3</version>
+ <version>1.3.3</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
@@ -582,7 +578,7 @@
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-json-provider</artifactId>
- <version>2.6.3</version>
+ <version>2.9.2</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.connectors</groupId>
@@ -622,6 +618,33 @@
<artifactId>spring-security-config</artifactId>
<version>${springframework.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.lucene</groupId>
+ <artifactId>lucene-queryparser</artifactId>
+ <version>7.2.1</version>
+ </dependency>
+ <dependency>
+ <groupId>com.thoughtworks.xstream</groupId>
+ <artifactId>xstream</artifactId>
+ <version>1.4.10</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.wicket</groupId>
+ <artifactId>wicket-core</artifactId>
+ <version>1.5.16</version>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-core</artifactId>
+ <version>1.2.3</version>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ <version>1.2.3</version>
+ </dependency>
+
+
</dependencies>
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
index 6a8be89..8f0558a 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
@@ -505,7 +505,7 @@
String code = roleFunc.getType()+PIPE+roleFunc.getCode()+PIPE+roleFunc.getAction();
CentralV2RoleFunction domainRoleFunction = externalAccessRolesService.getRoleFunction(code,
requestedApp.getUebKey());
- if(domainRoleFunction.getType() == null || domainRoleFunction.getAction() == null) {
+ if(domainRoleFunction != null && (domainRoleFunction.getType() == null || domainRoleFunction.getAction() == null)) {
addIfTypeActionDoesNotExits(domainRoleFunction);
}
boolean isSave = true;
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java
index 11fb2fb..c112775 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java
@@ -112,7 +112,7 @@
MDC.put(className + methodName + EPCommonSystemProperties.METRICSLOG_BEGIN_TIMESTAMP, getCurrentDateTimeUTC());
MDC.put(EPCommonSystemProperties.TARGET_ENTITY, EPCommonSystemProperties.ECOMP_PORTAL_BE);
MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, methodName);
- if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null){
+ if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null || MDC.get(Configuration.MDC_KEY_REQUEST_ID).isEmpty()){
String requestId = UUID.randomUUID().toString();
MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId);
}
@@ -173,7 +173,7 @@
if (securityEventType != null && args.length > 0 && args[0] != null && args[0] instanceof HttpServletRequest
&& securityEventType == SecurityEventTypeEnum.INCOMING_REST_MESSAGE
&& (MDC.get(EPCommonSystemProperties.FULL_URL) == null
- || MDC.get(EPCommonSystemProperties.FULL_URL) == "")) {
+ || MDC.get(EPCommonSystemProperties.FULL_URL).isEmpty())) {
HttpServletRequest req = (HttpServletRequest) args[0];
this.setHttpRequestBasedDefaultsIntoGlobalLoggingContext(req, securityEventType, methodName);
}
@@ -313,7 +313,8 @@
if (accessingClient != null && accessingClient.trim().length()==0 && (accessingClient.contains("Mozilla")
|| accessingClient.contains("Chrome") || accessingClient.contains("Safari"))) {
accessingClient = EPCommonSystemProperties.ECOMP_PORTAL_FE;
- }
+ }else if(accessingClient==null || accessingClient.isEmpty())
+ accessingClient = "Unknown";
MDC.put(EPCommonSystemProperties.PARTNER_NAME, accessingClient);
// Load loginId into MDC context.
@@ -340,9 +341,9 @@
}
// Rest Path
- MDC.put(Configuration.MDC_SERVICE_NAME, restMethod);
+ MDC.put(Configuration.MDC_SERVICE_NAME, (restMethod==null || restMethod.isEmpty()) ? "Unknown" : restMethod);
String restPath = req.getServletPath();
- if (restPath != null && restPath != "") {
+ if (restPath != null && !restPath.isEmpty()) {
MDC.put(Configuration.MDC_SERVICE_NAME, restPath);
}
@@ -359,7 +360,7 @@
MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, "search");
}
} else {
- MDC.put(Configuration.MDC_SERVICE_NAME, restMethod);
+ MDC.put(Configuration.MDC_SERVICE_NAME, (restMethod==null || restMethod.isEmpty()) ? "Unknown" : restMethod);
MDC.put(EPCommonSystemProperties.PARTNER_NAME, EPCommonSystemProperties.ECOMP_PORTAL_FE);
}
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java
index 446c11c..6f9ce49 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java
@@ -37,6 +37,7 @@
*/
package org.onap.portalapp.portal.controller;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import javax.servlet.http.HttpServletRequest;
@@ -106,7 +107,7 @@
Mockito.when(microserviceProxyService.proxyToDestination(1, user, mockedRequest))
.thenThrow(httpClientErrorException);
String acutualString = microserviceProxyController.getMicroserviceProxy(mockedRequest, getMockedResponse(), 1);
- assertTrue(acutualString.equals("{\"error\":\"\"}"));
+ assertEquals("", acutualString);
}
@Test
@@ -138,6 +139,6 @@
.thenThrow(httpClientErrorException);
String acutualString = microserviceProxyController.getMicroserviceProxyByWidgetId(mockedRequest,
getMockedResponse(), 1);
- assertTrue(acutualString.equals("{\"error\":\"\"}"));
- }
+ assertEquals("", acutualString);
+ }
}
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/WidgetsCatalogControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/WidgetsCatalogControllerTest.java
index 50291f0..d8aba5f 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/WidgetsCatalogControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/WidgetsCatalogControllerTest.java
@@ -37,6 +37,9 @@
*/
package org.onap.portalapp.portal.controller;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+
import java.util.ArrayList;
import java.util.List;
@@ -44,17 +47,23 @@
import javax.servlet.http.HttpServletResponse;
import org.junit.Before;
-import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.InjectMocks;
+import org.mockito.Matchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;
import org.onap.portalapp.portal.controller.WidgetsCatalogController;
import org.onap.portalapp.portal.core.MockEPUser;
+import org.onap.portalapp.portal.domain.EPUser;
+import org.onap.portalapp.portal.domain.MicroserviceParameter;
import org.onap.portalapp.portal.domain.WidgetCatalog;
+import org.onap.portalapp.portal.domain.WidgetCatalogParameter;
+import org.onap.portalapp.portal.domain.WidgetParameterResult;
import org.onap.portalapp.portal.domain.WidgetServiceHeaders;
+import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
+import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
import org.onap.portalapp.portal.framework.MockitoTestSuite;
import org.onap.portalapp.portal.service.ConsulHealthService;
import org.onap.portalapp.portal.service.ConsulHealthServiceImpl;
@@ -65,29 +74,38 @@
import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
import org.onap.portalapp.portal.utils.EcompPortalUtils;
import org.onap.portalapp.util.EPUserUtils;
+import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
+import org.onap.portalsdk.core.onboarding.util.CipherUtil;
import org.onap.portalsdk.core.util.SystemProperties;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;
import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.mock.web.MockMultipartFile;
+import org.springframework.mock.web.MockMultipartHttpServletRequest;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;
-
-@Ignore
+@SuppressWarnings("rawtypes")
@RunWith(PowerMockRunner.class)
-@PrepareForTest({EPUserUtils.class, EcompPortalUtils.class, SystemProperties.class, EPCommonSystemProperties.class})
+@PrepareForTest({ EPUserUtils.class, CipherUtil.class, EcompPortalUtils.class, SystemProperties.class,
+ EPCommonSystemProperties.class, EPUserUtils.class })
public class WidgetsCatalogControllerTest {
@Mock
ConsulHealthService consulHealthService = new ConsulHealthServiceImpl();
-
+
@Mock
MicroserviceService microserviceService = new MicroserviceServiceImpl();
-
+
@Mock
WidgetParameterService widgetParameterService = new WidgetParameterServiceImpl();
-
+
@InjectMocks
WidgetsCatalogController widgetsCatalogController = new WidgetsCatalogController();
@@ -95,10 +113,10 @@
public void setup() {
MockitoAnnotations.initMocks(this);
}
+
@Mock
- WidgetServiceHeaders widgetServiceHeaders ;
-
-
+ WidgetServiceHeaders widgetServiceHeaders;
+
@Mock
RestTemplate template = new RestTemplate();
@@ -108,32 +126,380 @@
HttpServletResponse mockedResponse = mockitoTestSuite.getMockedResponse();
NullPointerException nullPointerException = new NullPointerException();
-
+
MockEPUser mockUser = new MockEPUser();
-
- @Mock
- HttpEntity mockHttpEntity;
-
+
+ @Test
+ public void getUserWidgetCatalogTest() throws RestClientException, Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ List<WidgetCatalog> widgetsList = new ArrayList<>();
+ WidgetCatalog widgetCatalog = new WidgetCatalog();
+ widgetCatalog.setId(1l);
+ widgetCatalog.setName("test");
+ widgetsList.add(widgetCatalog);
+ ResponseEntity<List> ans = new ResponseEntity<>(widgetsList, HttpStatus.OK);
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET), Matchers.<HttpEntity<?>>any(),
+ Matchers.eq(List.class))).thenReturn(ans);
+ List<WidgetCatalog> expectedWidgets = widgetsCatalogController.getUserWidgetCatalog("guestT");
+ assertEquals(expectedWidgets, widgetsList);
+ }
+
+ @Test
+ public void getUserWidgetCatalogExceptionTest() throws RestClientException, Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.doThrow(new NullPointerException()).when(template).exchange(Matchers.anyString(),
+ Matchers.eq(HttpMethod.GET), Matchers.<HttpEntity<?>>any(), Matchers.eq(List.class));
+ List<WidgetCatalog> expectedWidgets = widgetsCatalogController.getUserWidgetCatalog("guestT");
+ assertNull(expectedWidgets);
+ }
+
+ @Test
+ public void getWidgetCatalogTest() throws CipherUtilException {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ List<WidgetCatalog> widgetsList = new ArrayList<>();
+ WidgetCatalog widgetCatalog = new WidgetCatalog();
+ widgetCatalog.setId(1l);
+ widgetCatalog.setName("test");
+ widgetsList.add(widgetCatalog);
+ ResponseEntity<List> ans = new ResponseEntity<>(widgetsList, HttpStatus.OK);
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET), Matchers.<HttpEntity<?>>any(),
+ Matchers.eq(List.class))).thenReturn(ans);
+ List<WidgetCatalog> expectedWidgets = widgetsCatalogController.getWidgetCatalog();
+ assertEquals(expectedWidgets, widgetsList);
+ }
+
+ @Test
+ public void getWidgetCatalogExceptionTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.doThrow(new NullPointerException()).when(template).exchange(Matchers.anyString(),
+ Matchers.eq(HttpMethod.GET), Matchers.<HttpEntity<?>>any(), Matchers.eq(List.class));
+ List<WidgetCatalog> expectedWidgets = widgetsCatalogController.getUserWidgetCatalog("guestT");
+ assertNull(expectedWidgets);
+ }
+
+ @Test
+ public void updateWidgetCatalogTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ ResponseEntity<List> ans = new ResponseEntity<>(HttpStatus.OK);
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.PUT), Matchers.<HttpEntity<?>>any(),
+ Matchers.eq(List.class))).thenReturn(ans);
+ WidgetCatalog widget = new WidgetCatalog();
+ widget.setId(1l);
+ widgetsCatalogController.updateWidgetCatalog(widget, 1);
+ }
+
+ @Test
+ public void deleteOnboardingWidgetTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ ResponseEntity<List> ans = new ResponseEntity<>(HttpStatus.OK);
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.DELETE),
+ Matchers.<HttpEntity<?>>any(), Matchers.eq(List.class))).thenReturn(ans);
+ widgetsCatalogController.deleteOnboardingWidget(1l);
+ }
+
@SuppressWarnings("unchecked")
@Test
- public void getUserWidgetCatalogTest() throws RestClientException, Exception{
-
- String resourceType = null;
- List<WidgetCatalog> widgets = new ArrayList<>();
- PowerMockito.mockStatic(EcompPortalUtils.class);
- PowerMockito.mockStatic(SystemProperties.class);
- PowerMockito.mockStatic(EPCommonSystemProperties.class);
- Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
- Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
-// Mockito.when(WidgetServiceHeaders.getInstance()).thenReturn(HttpHeaders.ACCEPT);
- Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
- Mockito.when(consulHealthService.getServiceLocation("widgets-service",
- "test")).thenReturn("test.com");
- Mockito.when(new HttpEntity(WidgetServiceHeaders.getInstance())).thenReturn(mockHttpEntity);
-// HttpEntity<String> entity = new HttpEntity<String>("helloWorld");
-// ResponseEntity<ArrayList> ans = new ResponseEntity<>(statusCode);
-// Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET),
-// Matchers.<HttpEntity<?>>any(), Matchers.eq(ArrayList.class))).thenReturn(ans);
-// List<WidgetCatalog> expectedWidgets = widgetsCatalogController.getUserWidgetCatalog(mockedRequest, mockedResponse, "guestT");
+ public void updateWidgetCatalogWithFilesTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ String ans = "success";
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.postForObject(Mockito.any(String.class), Mockito.any(HttpEntity.class),
+ Mockito.any(Class.class))).thenReturn(ans);
+ MockMultipartHttpServletRequest request = new MockMultipartHttpServletRequest();
+ byte[] mockData = "test".getBytes();
+ String originalFilename = "Test_File.zip";
+ MockMultipartFile mockMultipartFile = new MockMultipartFile("file", originalFilename, "application/zip",
+ mockData);
+ request.addFile(mockMultipartFile);
+ String actual = widgetsCatalogController.updateWidgetCatalogWithFiles(request, 1l);
+ assertEquals(ans, actual);
+ }
+
+ @SuppressWarnings("unchecked")
+ @Test
+ public void createWidgetCatalogTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ String ans = "success";
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.postForObject(Mockito.any(String.class), Mockito.any(HttpEntity.class),
+ Mockito.any(Class.class))).thenReturn(ans);
+ MockMultipartHttpServletRequest request = new MockMultipartHttpServletRequest();
+ byte[] mockData = "test".getBytes();
+ String originalFilename = "Test_File.zip";
+ MockMultipartFile mockMultipartFile = new MockMultipartFile("file", originalFilename, "application/zip",
+ mockData);
+ request.addFile(mockMultipartFile);
+ String actual = widgetsCatalogController.createWidgetCatalog(request);
+ assertEquals(ans, actual);
+ }
+
+ @SuppressWarnings("unchecked")
+ @Test
+ public void getWidgetFrameworkTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.getForObject(Mockito.anyString(), Mockito.any(Class.class), Mockito.any(String.class)))
+ .thenReturn("test123");
+ String result = widgetsCatalogController.getWidgetFramework(1l);
+ assertNull(result);
+ }
+
+ @SuppressWarnings("unchecked")
+ @Test
+ public void getWidgetControllerTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.getForObject(Mockito.anyString(), Mockito.any(Class.class), Mockito.any(String.class)))
+ .thenReturn("test123");
+ String result = widgetsCatalogController.getWidgetController(1);
+ assertNull(result);
+ }
+
+ @SuppressWarnings("unchecked")
+ @Test
+ public void getWidgetCSSTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.getForObject(Mockito.anyString(), Mockito.any(Class.class), Mockito.any(String.class)))
+ .thenReturn("test123");
+ String result = widgetsCatalogController.getWidgetCSS(1);
+ assertNull(result);
+ }
+
+ @Test
+ public void getWidgetParameterResultTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ PowerMockito.mockStatic(EPUserUtils.class);
+ EPUser user = mockUser.mockEPUser();
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ Mockito.when(EPUserUtils.getUserSession(request)).thenReturn(user);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ ResponseEntity<Long> ans = new ResponseEntity<>(1l, HttpStatus.OK);
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET), Matchers.<HttpEntity<?>>any(),
+ Matchers.eq(Long.class))).thenReturn(ans);
+ List<MicroserviceParameter> defaultParam = new ArrayList<>();
+ MicroserviceParameter microserviceParameter = new MicroserviceParameter();
+ microserviceParameter.setId(1l);
+ microserviceParameter.setPara_key("test");
+ MicroserviceParameter microserviceParameter2 = new MicroserviceParameter();
+ microserviceParameter2.setId(2l);
+ microserviceParameter2.setPara_key("test2");
+ defaultParam.add(microserviceParameter);
+ defaultParam.add(microserviceParameter2);
+ Mockito.when(microserviceService.getParametersById(1)).thenReturn(defaultParam);
+ Mockito.when(widgetParameterService.getUserParamById(1l, user.getId(), 1l)).thenReturn(null);
+ WidgetCatalogParameter userValue = new WidgetCatalogParameter();
+ userValue.setUser_value("test123");
+ Mockito.when(widgetParameterService.getUserParamById(1l, user.getId(), 2l)).thenReturn(userValue);
+ PortalRestResponse<List<WidgetParameterResult>> actual = widgetsCatalogController
+ .getWidgetParameterResult(request, 1);
+ PortalRestResponse<List<WidgetParameterResult>> expected = new PortalRestResponse<List<WidgetParameterResult>>(
+ PortalRestStatusEnum.OK, "SUCCESS", new ArrayList<>());
+ assertEquals(expected.getStatus(), actual.getStatus());
+ }
+
+ @SuppressWarnings("unchecked")
+ @Test
+ public void doDownloadTest() throws Exception {
+ PowerMockito.mockStatic(EcompPortalUtils.class);
+ PowerMockito.mockStatic(SystemProperties.class);
+ PowerMockito.mockStatic(EPCommonSystemProperties.class);
+ PowerMockito.mockStatic(CipherUtil.class);
+ Mockito.when(EcompPortalUtils.widgetMsProtocol()).thenReturn("test1");
+ Mockito.when(SystemProperties.getProperty(EPCommonSystemProperties.WIDGET_MS_PROTOCOL)).thenReturn("https");
+ Mockito.when(SystemProperties.getProperty("microservices.widget.local.port")).thenReturn("test");
+ Mockito.when(EcompPortalUtils.getPropertyOrDefault("microservices.widget.username", "widget_user"))
+ .thenReturn("test");
+ Mockito.when(CipherUtil
+ .decryptPKC(EcompPortalUtils.getPropertyOrDefault("microservices.widget.password", "widget_password")))
+ .thenReturn("abc");
+ Mockito.when(consulHealthService.getServiceLocation("widgets-service", "test")).thenReturn("test.com");
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ ResponseEntity<byte[]> mockData = new ResponseEntity("testfile.zip".getBytes(), HttpStatus.OK);
+ Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET), Matchers.<HttpEntity<?>>any(),
+ Matchers.eq(byte[].class))).thenReturn(mockData);
+ widgetsCatalogController.doDownload(request, response, 1l);
+ }
+
+ @Test
+ public void saveWidgetParameterTest() {
+ PowerMockito.mockStatic(EPUserUtils.class);
+ EPUser user = mockUser.mockEPUser();
+ WidgetCatalogParameter widgetCatalogParameter = new WidgetCatalogParameter();
+ widgetCatalogParameter.setId(1l);
+ widgetCatalogParameter.setParamId(1l);
+ widgetCatalogParameter.setUserId(user.getId());
+ widgetCatalogParameter.setUser_value("test123");
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ Mockito.when(EPUserUtils.getUserSession(request)).thenReturn(user);
+ Mockito.when(widgetParameterService.getUserParamById(widgetCatalogParameter.getWidgetId(),
+ widgetCatalogParameter.getUserId(), widgetCatalogParameter.getParamId())).thenReturn(widgetCatalogParameter);
+ PortalRestResponse<String> response = widgetsCatalogController.saveWidgetParameter(request,
+ widgetCatalogParameter);
+ PortalRestResponse<String> expected = new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", "");
+ assertEquals(expected.getMessage(), response.getMessage());
+ }
+
+ @Test
+ public void saveWidgetParameterExceptionTest() {
+ PowerMockito.mockStatic(EPUserUtils.class);
+ EPUser user = mockUser.mockEPUser();
+ WidgetCatalogParameter widgetCatalogParameter = new WidgetCatalogParameter();
+ widgetCatalogParameter.setId(1l);
+ widgetCatalogParameter.setParamId(1l);
+ widgetCatalogParameter.setUserId(user.getId());
+ widgetCatalogParameter.setUser_value("test123");
+ MockHttpServletRequest request = new MockHttpServletRequest();
+ Mockito.when(EPUserUtils.getUserSession(request)).thenReturn(user);
+ Mockito.doThrow(new NullPointerException()).when(widgetParameterService).getUserParamById(widgetCatalogParameter.getWidgetId(),
+ widgetCatalogParameter.getUserId(), widgetCatalogParameter.getParamId());
+ PortalRestResponse<String> response = widgetsCatalogController.saveWidgetParameter(request,
+ widgetCatalogParameter);
+ PortalRestResponse<String> expected = new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", "");
+ assertEquals(expected.getMessage(), response.getMessage());
}
}
diff --git a/ecomp-portal-BE-os/README.md b/ecomp-portal-BE-os/README.md
index d1262b6..6ca4b1e 100644
--- a/ecomp-portal-BE-os/README.md
+++ b/ecomp-portal-BE-os/README.md
@@ -36,6 +36,7 @@
- [Portal-162] CVE-2015-5211 - Spring - File Upload issue. Upgrade to 4.2.2
- [Portal-163] NVD - CVE-2016-1000341: bouncycastle issue. Upgrade to 2.4.4
- [Portal-168] CVE-2015-0254 JSTL-Upgrade to 1.2.3+
+- [Portal-155] Review security issues: portal
Version 1.1.0 (Amsterdam), November 2017
- [Portal-6] Updates to License and Trademark in the PORTAL Source Code
diff --git a/ecomp-portal-BE-os/pom.xml b/ecomp-portal-BE-os/pom.xml
index 975f6de..4172261 100644
--- a/ecomp-portal-BE-os/pom.xml
+++ b/ecomp-portal-BE-os/pom.xml
@@ -318,17 +318,17 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.6.3</version>
+ <version>2.9.2</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.6.3</version>
+ <version>2.9.2</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>2.9.2</version>
</dependency>
<dependency>
<groupId>com.fasterxml</groupId>
@@ -380,7 +380,7 @@
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi</artifactId>
- <version>3.5-FINAL</version>
+ <version>3.17</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
@@ -395,7 +395,7 @@
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml</artifactId>
- <version>3.5-FINAL</version>
+ <version>3.17</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java
index 88f7651..0ee1171 100644
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java
@@ -200,7 +200,7 @@
Map<Object, Object> model = new HashMap<Object, Object>();
HashMap<Object, Object> additionalParamsMap = new HashMap<Object, Object>();
EPLoginBean commandBean = new EPLoginBean();
- MDC.put(MDC_KEY_REQUEST_ID, getRequestId(request));
+ MDC.put(MDC_KEY_REQUEST_ID, (getRequestId(request)==null || getRequestId(request).isEmpty()) ? UUID.randomUUID().toString():getRequestId(request));
// get userId from cookie
String orgUserId = SessionCookieUtil.getUserIdFromCookie(request, response);
logger.info(EELFLoggerDelegate.debugLogger, "processSingleSignOn: begins with orgUserId {}", orgUserId);
@@ -230,11 +230,11 @@
additionalParamsMap);
stopWatch.stop();
- MDC.put(EPSystemProperties.MDC_TIMER, stopWatch.getTotalTimeMillis() + "ms");
+ MDC.put(EPSystemProperties.MDC_TIMER, String.valueOf(stopWatch.getTotalTimeMillis()));
logger.info(EELFLoggerDelegate.debugLogger, "Operation findUser is completed.");
} catch (Exception e) {
stopWatch.stop();
- MDC.put(EPSystemProperties.MDC_TIMER, stopWatch.getTotalTimeMillis() + "ms");
+ MDC.put(EPSystemProperties.MDC_TIMER, String.valueOf(stopWatch.getTotalTimeMillis()));
logger.info(EELFLoggerDelegate.errorLogger, "processSingleSignOn failed on user " + orgUserId, e);
} finally {
MDC.remove(EPSystemProperties.MDC_TIMER);
diff --git a/ecomp-portal-FE-os/.gitignore b/ecomp-portal-FE-os/.gitignore
index 8f3fb88..5f37e3e 100644
--- a/ecomp-portal-FE-os/.gitignore
+++ b/ecomp-portal-FE-os/.gitignore
@@ -8,4 +8,5 @@
node_modules
app
.tmp
-client/bower_components
\ No newline at end of file
+client/bower_components
+npm-debug.log
\ No newline at end of file
diff --git a/ecomp-portal-widget-ms/widget-ms/pom.xml b/ecomp-portal-widget-ms/widget-ms/pom.xml
index 77a68e0..16e0a75 100644
--- a/ecomp-portal-widget-ms/widget-ms/pom.xml
+++ b/ecomp-portal-widget-ms/widget-ms/pom.xml
@@ -137,6 +137,11 @@
<version>${jacocoVersion}</version>
<classifier>runtime</classifier>
</dependency>
+ <dependency>
+ <groupId>org.apache.tomcat.embed</groupId>
+ <artifactId>tomcat-embed-core</artifactId>
+ <version>8.5.13</version>
+ </dependency>
</dependencies>
<build>
diff --git a/pom.xml b/pom.xml
index 7d6e12c..055ea26 100644
--- a/pom.xml
+++ b/pom.xml
@@ -30,7 +30,7 @@
<epsdk.version>2.1.0</epsdk.version>
<springframework.version>4.2.2.RELEASE</springframework.version>
<hibernate.version>4.3.11.Final</hibernate.version>
- <fasterxml.version>2.7.4</fasterxml.version>
+ <fasterxml.version>2.9.2</fasterxml.version>
<eelf.version>1.0.0</eelf.version>
<!-- NOT provided by OParent, unfortunately -->
<jacocoVersion>0.7.6.201602180812</jacocoVersion>