Skip to content

Commit

Permalink
Merge pull request #319 from bci-oss/feature/286-implement-crud-acces…
Browse files Browse the repository at this point in the history 
…s-management-api__02-reformat-tests

feat: Implementation of CRUD API for Access management APIs - Preparation 02
  • Loading branch information
@agg3fe
agg3fe authored Feb 15, 2024
2 parents 30192d3 + 0b94054 commit 7fa9ba2
Show file tree
Hide file tree
Showing 2 changed files with 143 additions and 140 deletions.
268 changes: 135 additions & 133 deletions ...java/org/eclipse/tractusx/semantics/registry/AssetAdministrationShellApiSecurityTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
import org.eclipse.tractusx.semantics.aas.registry.model.SpecificAssetId;
import org.eclipse.tractusx.semantics.aas.registry.model.SubmodelDescriptor;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
Expand All @@ -51,131 +52,131 @@
*/
public class AssetAdministrationShellApiSecurityTest extends AbstractAssetAdministrationShellApi {

@Nested
@DisplayName("Authentication Tests")
class SecurityTests {
@Test
public void testWithoutAuthenticationTokenProvidedExpectUnauthorized() throws Exception {
mvc.perform(
MockMvcRequestBuilders
.get(SINGLE_SHELL_BASE_PATH, UUID.randomUUID())
.accept(MediaType.APPLICATION_JSON)
)
.andDo(MockMvcResultHandlers.print())
.andExpect(status().isUnauthorized());
}

@Test
public void testWithAuthenticationTokenProvidedExpectUnauthorized() throws Exception {
mvc.perform(
MockMvcRequestBuilders
.get(SINGLE_SHELL_BASE_PATH, UUID.randomUUID())
.accept(MediaType.APPLICATION_JSON)
)
.andDo(MockMvcResultHandlers.print())
.andExpect(status().isUnauthorized());
}

@Test
public void testWithInvalidAuthenticationTokenConfigurationExpectUnauthorized() throws Exception {
mvc.perform(
MockMvcRequestBuilders
.get(SINGLE_SHELL_BASE_PATH, UUID.randomUUID())
.accept(MediaType.APPLICATION_JSON)
.with(jwtTokenFactory.withoutResourceAccess())
)
.andDo(MockMvcResultHandlers.print())
.andExpect(status().isForbidden());

mvc.perform(
MockMvcRequestBuilders
.get(SINGLE_SHELL_BASE_PATH, UUID.randomUUID())
.accept(MediaType.APPLICATION_JSON)
.with(jwtTokenFactory.withoutRoles())
)
.andDo(MockMvcResultHandlers.print())
.andExpect(status().isForbidden());
}

}

@Nested
@DisplayName("Shell Authorization Test")
class ShellCrudTest {
String shellId;

@BeforeEach
public void before() throws Exception{
AssetAdministrationShellDescriptor shellPayload1 = TestUtil.createCompleteAasDescriptor();
shellPayload1.setId(UUID.randomUUID().toString());
performShellCreateRequest(mapper.writeValueAsString(shellPayload1));
shellId = shellPayload1.getId();

}

@Test
public void testRbacForGetAll() throws Exception {
mvc.perform(
MockMvcRequestBuilders
.get(SHELL_BASE_PATH)
.header( EXTERNAL_SUBJECT_ID_HEADER, jwtTokenFactory.tenantOne().getTenantId() )
.accept(MediaType.APPLICATION_JSON)
// test with wrong role
.with(jwtTokenFactory.addTwin())
)
.andDo(MockMvcResultHandlers.print())
.andExpect(status().isForbidden());

mvc.perform(
MockMvcRequestBuilders
.get(SHELL_BASE_PATH)
.header( EXTERNAL_SUBJECT_ID_HEADER, jwtTokenFactory.tenantOne().getTenantId() )
.accept(MediaType.APPLICATION_JSON)
.with(jwtTokenFactory.readTwin())
)
.andDo(MockMvcResultHandlers.print())
.andExpect(status().isOk());
}

@Test
public void testRbacForGetById() throws Exception {
// get shell by id
mvc.perform(
MockMvcRequestBuilders
.get(SINGLE_SHELL_BASE_PATH, shellId )
.header( EXTERNAL_SUBJECT_ID_HEADER, jwtTokenFactory.tenantOne().getTenantId() )
.accept(MediaType.APPLICATION_JSON)
// test with wrong role
.with(jwtTokenFactory.deleteTwin())
)
.andDo(MockMvcResultHandlers.print())
.andExpect(status().isForbidden());

mvc.perform(
MockMvcRequestBuilders
.get(SINGLE_SHELL_BASE_PATH, getEncodedValue(shellId ) )
.header( EXTERNAL_SUBJECT_ID_HEADER, jwtTokenFactory.tenantOne().getTenantId() )
.accept(MediaType.APPLICATION_JSON)
.with(jwtTokenFactory.readTwin())
)
.andDo(MockMvcResultHandlers.print())
.andExpect(status().isOk());
}

@Test
public void testRbacForCreate() throws Exception {
AssetAdministrationShellDescriptor shellPayload1 = TestUtil.createCompleteAasDescriptor();
shellPayload1.setId(UUID.randomUUID().toString());
mvc.perform(
MockMvcRequestBuilders
.post(SHELL_BASE_PATH)
.contentType(MediaType.APPLICATION_JSON)
.content(mapper.writeValueAsString(shellPayload1))
// test with wrong role
.with(jwtTokenFactory.readTwin())
)
.andDo(MockMvcResultHandlers.print())
.andExpect(status().isForbidden());
@Nested
@DisplayName( "Authentication Tests" )
class SecurityTests {
@Test
public void testWithoutAuthenticationTokenProvidedExpectUnauthorized() throws Exception {
mvc.perform(
MockMvcRequestBuilders
.get( SINGLE_SHELL_BASE_PATH, UUID.randomUUID() )
.accept( MediaType.APPLICATION_JSON )
)
.andDo( MockMvcResultHandlers.print() )
.andExpect( status().isUnauthorized() );
}

@Test
public void testWithAuthenticationTokenProvidedExpectUnauthorized() throws Exception {
mvc.perform(
MockMvcRequestBuilders
.get( SINGLE_SHELL_BASE_PATH, UUID.randomUUID() )
.accept( MediaType.APPLICATION_JSON )
)
.andDo( MockMvcResultHandlers.print() )
.andExpect( status().isUnauthorized() );
}

@Test
public void testWithInvalidAuthenticationTokenConfigurationExpectUnauthorized() throws Exception {
mvc.perform(
MockMvcRequestBuilders
.get( SINGLE_SHELL_BASE_PATH, UUID.randomUUID() )
.accept( MediaType.APPLICATION_JSON )
.with( jwtTokenFactory.withoutResourceAccess() )
)
.andDo( MockMvcResultHandlers.print() )
.andExpect( status().isForbidden() );

mvc.perform(
MockMvcRequestBuilders
.get( SINGLE_SHELL_BASE_PATH, UUID.randomUUID() )
.accept( MediaType.APPLICATION_JSON )
.with( jwtTokenFactory.withoutRoles() )
)
.andDo( MockMvcResultHandlers.print() )
.andExpect( status().isForbidden() );
}

}

@Nested
@DisplayName( "Shell Authorization Test" )
class ShellCrudTest {
String shellId;

@BeforeEach
public void before() throws Exception {
AssetAdministrationShellDescriptor shellPayload1 = TestUtil.createCompleteAasDescriptor();
shellPayload1.setId( UUID.randomUUID().toString() );
performShellCreateRequest( mapper.writeValueAsString( shellPayload1 ) );
shellId = shellPayload1.getId();

}

@Test
public void testRbacForGetAll() throws Exception {
mvc.perform(
MockMvcRequestBuilders
.get( SHELL_BASE_PATH )
.header( EXTERNAL_SUBJECT_ID_HEADER, jwtTokenFactory.tenantOne().getTenantId() )
.accept( MediaType.APPLICATION_JSON )
// test with wrong role
.with( jwtTokenFactory.addTwin() )
)
.andDo( MockMvcResultHandlers.print() )
.andExpect( status().isForbidden() );

mvc.perform(
MockMvcRequestBuilders
.get( SHELL_BASE_PATH )
.header( EXTERNAL_SUBJECT_ID_HEADER, jwtTokenFactory.tenantOne().getTenantId() )
.accept( MediaType.APPLICATION_JSON )
.with( jwtTokenFactory.readTwin() )
)
.andDo( MockMvcResultHandlers.print() )
.andExpect( status().isOk() );
}

@Test
public void testRbacForGetById() throws Exception {
// get shell by id
mvc.perform(
MockMvcRequestBuilders
.get( SINGLE_SHELL_BASE_PATH, shellId )
.header( EXTERNAL_SUBJECT_ID_HEADER, jwtTokenFactory.tenantOne().getTenantId() )
.accept( MediaType.APPLICATION_JSON )
// test with wrong role
.with( jwtTokenFactory.deleteTwin() )
)
.andDo( MockMvcResultHandlers.print() )
.andExpect( status().isForbidden() );

mvc.perform(
MockMvcRequestBuilders
.get( SINGLE_SHELL_BASE_PATH, getEncodedValue( shellId ) )
.header( EXTERNAL_SUBJECT_ID_HEADER, jwtTokenFactory.tenantOne().getTenantId() )
.accept( MediaType.APPLICATION_JSON )
.with( jwtTokenFactory.readTwin() )
)
.andDo( MockMvcResultHandlers.print() )
.andExpect( status().isOk() );
}

@Test
public void testRbacForCreate() throws Exception {
AssetAdministrationShellDescriptor shellPayload1 = TestUtil.createCompleteAasDescriptor();
shellPayload1.setId( UUID.randomUUID().toString() );
mvc.perform(
MockMvcRequestBuilders
.post( SHELL_BASE_PATH )
.contentType( MediaType.APPLICATION_JSON )
.content( mapper.writeValueAsString( shellPayload1 ) )
// test with wrong role
.with( jwtTokenFactory.readTwin() )
)
.andDo( MockMvcResultHandlers.print() )
.andExpect( status().isForbidden() );

shellPayload1.setId( UUID.randomUUID().toString() );
mvc.perform(
Expand Down Expand Up @@ -538,9 +539,9 @@ public void testRbacForLookupByAssetIds() throws Exception {
@DisplayName( "Custom AAS API Authorization Tests" )
class CustomAASApiTest {

//TODO: Test will be ignored, because the new api does not provided batch, fetch and query. This will be come later in version 0.3.1
// @Test
public void testRbacCreateShellInBatch() throws Exception {
@Test
@Disabled( "Test will be ignored, because the new api does not provided batch, fetch and query. This will be come later in version 0.3.1" )
void testRbacCreateShellInBatch() throws Exception {
ObjectNode shell = createShell();
ArrayNode batchShellBody = emptyArrayNode().add( shell );

Expand All @@ -567,8 +568,9 @@ public void testRbacCreateShellInBatch() throws Exception {
.andExpect( status().isCreated() );
}

// @Test - don't have /fetch
public void testRbacForFetchShellsByIds() throws Exception {
@Test
@Disabled( "Don't have /fetch" )
void testRbacForFetchShellsByIds() throws Exception {
mvc.perform(
MockMvcRequestBuilders
.post( SHELL_BASE_PATH + "/fetch" )
Expand Down Expand Up @@ -704,9 +706,9 @@ public void testGetShellWithFilteredSpecificAssetIdsByTenantId() throws Exceptio
.andExpect( jsonPath( "$.specificAssetIds[*].value", not( hasItems( "tenantThreeAssetIdValue", "ignoreWildcard" ) ) ) );
}

//TODO: Test will be ignored, because the new api does not provided batch, fetch and query. This will be come later in version 0.3.1
//@Test
public void testFetchShellsWithFilteredSpecificAssetIdsByTenantId() throws Exception {
@Test
@Disabled( "Test will be ignored, because the new api does not provided batch, fetch and query. This will be come later in version 0.3.1" )
void testFetchShellsWithFilteredSpecificAssetIdsByTenantId() throws Exception {
ObjectNode shellPayload = createBaseIdPayload( "example", "example" );
String tenantTwoAssetIdValue = "tenantTwofgkj129293";
String tenantThreeAssetIdValue = "tenantThree543412394";
Expand Down
15 changes: 8 additions & 7 deletions .../eclipse/tractusx/semantics/registry/GranularAssetAdministrationShellApiSecurityTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,13 +163,14 @@ public void testRbacForLookupByAssetIds() throws Exception {
@DisplayName( "Custom AAS API Authorization Tests" )
class CustomAASApiTest extends AssetAdministrationShellApiSecurityTest.CustomAASApiTest {

//TODO: Test will be ignored, because the new api does not provided batch, fetch and query. This will be come later in version 0.3.1
// @Test
@Test
@Disabled("Test will be ignored, because the new api does not provided batch, fetch and query. This will be come later in version 0.3.1")
public void testRbacCreateShellInBatch() throws Exception {
super.testRbacCreateShellInBatch();
}

// @Test - don't have /fetch
@Test
@Disabled( "Don't have /fetch" )
public void testRbacForFetchShellsByIds() throws Exception {
super.testRbacForFetchShellsByIds();
}
Expand All @@ -189,8 +190,8 @@ public void testGetShellWithFilteredSpecificAssetIdsByTenantId() throws Exceptio
super.testGetShellWithFilteredSpecificAssetIdsByTenantId();
}

//TODO: Test will be ignored, because the new api does not provided batch, fetch and query. This will be come later in version 0.3.1
//@Test
@Test
@Disabled("Test will be ignored, because the new api does not provided batch, fetch and query. This will be come later in version 0.3.1")
public void testFetchShellsWithFilteredSpecificAssetIdsByTenantId() throws Exception {
super.testFetchShellsWithFilteredSpecificAssetIdsByTenantId();
}
Expand Down Expand Up @@ -338,7 +339,7 @@ void testPostSubmodelDescriptorAuthorizedWithoutAnyShellsExpectForbidden() throw
}

@Test
@Disabled("disabled while we have no way to create dynamic rules")
@Disabled( "disabled while we have no way to create dynamic rules" )
void testPostSubmodelDescriptorAuthorizedWithoutMatchingSemanticIdExpectForbidden() throws Exception {
AssetAdministrationShellDescriptor shellPayload = TestUtil.createCompleteAasDescriptor( UUID.randomUUID().toString(), "http://endpoint-address" );
shellPayload.setId( UUID.randomUUID().toString() );
Expand Down Expand Up @@ -387,7 +388,7 @@ void testPostSubmodelDescriptorAuthorizedWithMatchingShellAndSemanticIdExpectSuc
}

@Test
@Disabled("disabled while we have no way to create dynamic rules")
@Disabled( "disabled while we have no way to create dynamic rules" )
void testPostSubmodelDescriptorAuthorizedWithoutMatchingShellExpectForbidden() throws Exception {
AssetAdministrationShellDescriptor shellPayload = TestUtil.createCompleteAasDescriptor();
shellPayload.setSpecificAssetIds( null );
Expand Down

0 comments on commit 7fa9ba2

Please sign in to comment.