/*
* Copyright 2012 Nodeable Inc
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.streamreduce.datasource;
import com.mongodb.BasicDBObject;
import com.streamreduce.AbstractInContainerTestCase;
import com.streamreduce.Constants;
import com.streamreduce.connections.CloudProvider;
import com.streamreduce.core.model.Account;
import com.streamreduce.core.model.InventoryItem;
import com.streamreduce.core.model.User;
import com.streamreduce.core.service.ConnectionService;
import com.streamreduce.core.service.InventoryService;
import com.streamreduce.rest.dto.response.ConnectionInventoryResponseDTO;
import com.streamreduce.rest.dto.response.ConnectionResponseDTO;
import com.streamreduce.rest.dto.response.InventoryItemResponseDTO;
import java.util.List;
import junit.framework.Assert;
import net.sf.json.JSONObject;
import org.codehaus.jackson.map.type.TypeFactory;
import org.junit.Ignore;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
/**
* Tests that {@link com.streamreduce.datasource.BootstrapDatabaseDataPopulator} works as expected.
*/
public class BootstrapDatabaseDataPopulatorITCase extends AbstractInContainerTestCase {
private Account rootAccount = null;
private Account integrationsAccount = null;
@Autowired
private ConnectionService connectionService;
@Autowired
private InventoryService inventoryService;
@Override
public void setUp() throws Exception {
super.setUp();
for (Account account : userService.getAccounts()) {
if (account.getName().equals(Constants.NODEABLE_SUPER_ACCOUNT_NAME)) {
rootAccount = account;
}
if (rootAccount != null) {
break;
}
}
}
/**
* Make sure the proper accounts and users have been bootstrapped.
*
* @throws Exception if anything goes wrong
*/
@Test
@Ignore
public void testAccountsAndUsersCreatedProperly() throws Exception {
Assert.assertNotNull(rootAccount);
Assert.assertNotNull(integrationsAccount);
User rootUser = null;
for (User user : userService.allUsersForAccount(rootAccount)) {
if (user.getUsername().equals(Constants.NODEABLE_SUPER_USERNAME)) {
rootUser = user;
}
if (rootUser != null) {
break;
}
}
Assert.assertNotNull(rootUser);
}
/**
* Make sure connections and inventory items that are public do not leak sensitive information.
*
* @throws Exception if anything goes wrong
*/
@Test
@Ignore
public void testForSecurityLeaks() throws Exception {
// NOTE: This could be put elsewhere but since it was written as part of SOBA-1855, here it sits for now
String authnToken = login(testUsername, testUsername);
List<ConnectionResponseDTO> allConnections =
jsonToObject(makeRequest(connectionsBaseUrl, "GET", null, authnToken),
TypeFactory.defaultInstance().constructCollectionType(List.class,
ConnectionResponseDTO.class));
String awsAccessKeyId = cloudProperties.getString("nodeable.integrations.aws.accessKeyId");
String awsSecretKey = cloudProperties.getString("nodeable.integrations.aws.secretKey");
Assert.assertEquals(26, allConnections.size());
for (ConnectionResponseDTO connection : allConnections) {
// Make sure public connections do not have the connection credentials in them
Assert.assertFalse(connection.isOwner());
Assert.assertNull(connection.getIdentity());
// Only cloud inventory items can be leaked so let's filter our inventory items
if (connection.getType().equals(CloudProvider.TYPE)) {
inventoryService.refreshInventoryItemCache(connectionService.getConnection(connection.getId()));
List<InventoryItem> rawInventoryItems = inventoryService.getInventoryItems(connection.getId());
int retry = 0;
while (rawInventoryItems.size() == 0 && retry < 3) {
Thread.sleep(30000);
rawInventoryItems = inventoryService.getInventoryItems(connection.getId());
retry++;
}
if (rawInventoryItems.size() == 0) {
throw new Exception("Unable to prepare for the test so tests are unable to run.");
}
// Make sure public inventory items do not have anything sensitive in them
String rawResponse = makeRequest(connectionsBaseUrl + "/" + connection.getId() + "/inventory", "GET",
null, authnToken);
ConnectionInventoryResponseDTO responseDTO =
jsonToObject(rawResponse,
TypeFactory.defaultInstance().constructType(ConnectionInventoryResponseDTO.class));
for (InventoryItemResponseDTO inventoryItem : responseDTO.getInventoryItems()) {
BasicDBObject payload = inventoryItem.getPayload();
Assert.assertFalse(JSONObject.fromObject(payload).toString().contains(awsAccessKeyId));
Assert.assertFalse(JSONObject.fromObject(payload).toString().contains(awsSecretKey));
Assert.assertFalse(payload.containsField("adminPassword"));
Assert.assertFalse(payload.containsField("credentials"));
}
}
}
}
}