Code Review / portal.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Fixed health check issue
[portal.git] / ecomp-portal-BE-common / src / test / java / org / onap / portalapp / portal / controller / BasicAuthAccountControllerTest.java
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/BasicAuthAccountControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/BasicAuthAccountControllerTest.java
index bec28d5..ff056d0 100644 (file)
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/BasicAuthAccountControllerTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/BasicAuthAccountControllerTest.java
@@ -33,7 +33,7 @@
  *
  * ============LICENSE_END============================================
  *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * 
  */
 package org.onap.portalapp.portal.controller;
 
@@ -134,6 +134,28 @@ public class BasicAuthAccountControllerTest extends MockitoTestSuite {
                assertEquals(actualResponse, expectedResponse);
        }
 
+       @Test
+       public void createBasicAuthAccountXSSTest() throws Exception {
+               BasicAuthCredentials basicAuthCredentials = basicAuthCredentials();
+               basicAuthCredentials.setPassword("<script>alert(“XSS”);</script>");
+
+               EPUser user = mockUser.mockEPUser();
+               Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user);
+               Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(true);
+               PortalRestResponse<String> expectedResponse = new PortalRestResponse<String>();
+               expectedResponse.setMessage("createBasicAuthAccount() failed, new credential are not safe");
+               expectedResponse.setResponse("");
+               PortalRestStatusEnum portalRestStatusEnum = null;
+               expectedResponse.setStatus(portalRestStatusEnum.ERROR);
+               long accountd = 1;
+
+               Mockito.when(basicAuthAccountService.saveBasicAuthAccount(basicAuthCredentials)).thenReturn(accountd);
+
+               PortalRestResponse<String> actualResponse = basicAuthAccountController.createBasicAuthAccount(mockedRequest,
+                       mockedResponse, basicAuthCredentials);
+               assertEquals(actualResponse, expectedResponse);
+       }
+
        @Test
        public void createBasicAuthAccountAdminTest() throws Exception {
                BasicAuthCredentials basicAuthCredentials = basicAuthCredentials();
ARCHIVED- 2022-02-15 at the request of the project