X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Ftest%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fservice%2FUserRolesCommonServiceImplTest.java;h=d3ac4b9eaa95bf3fffae13c575c029076fbab118;hb=80ddb55b9f5569c6443104150cb74ba2ae4fcb08;hp=82b902a139c8a170ee8f717f4bb88b5c4364ed35;hpb=b475a63d78de90cb89301e3830a61b6fe2a723f0;p=portal.git diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java index 82b902a1..d3ac4b9e 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -248,19 +248,15 @@ public class UserRolesCommonServiceImplTest { List mockEPUserList = new ArrayList<>(); mockEPUserList.add(user); - // test with SQL injection, should return false Mockito.when(session.createQuery("from :name where orgUserId=:userId")).thenReturn(epUserQuery); Mockito.when(epUserQuery.setParameter("name",EPUser.class.getName())).thenReturn(epUserQuery); Mockito.when(epUserQuery.setParameter("userId",user.getOrgUserId() + "; select * from " + EPUser.class.getName() +";")).thenReturn(epUserQuery); - boolean ret = userRolesCommonServiceImpl.createLocalUserIfNecessary(user.getOrgUserId()); - assertFalse(ret); + userRolesCommonServiceImpl.createLocalUserIfNecessary(user.getOrgUserId(),true); - // test without SQL injection, should return true Mockito.when(session.createQuery("from :name where orgUserId=:userId")).thenReturn(epUserQuery); Mockito.when(epUserQuery.setParameter("name",EPUser.class.getName())).thenReturn(epUserQuery); Mockito.when(epUserQuery.setParameter("userId",user.getOrgUserId())).thenReturn(epUserQuery); - ret = userRolesCommonServiceImpl.createLocalUserIfNecessary(user.getOrgUserId()); - assertTrue(ret); + userRolesCommonServiceImpl.createLocalUserIfNecessary(user.getOrgUserId(),true); } @SuppressWarnings("unchecked") @@ -450,8 +446,13 @@ public class UserRolesCommonServiceImplTest { Mockito.when(applicationsRestClientService.get(EcompRole[].class, mockApp.getId(), "/roles")) .thenReturn(mockEcompRoleArray); // syncAppRolesTest - Mockito.when(session.createQuery("from " + EPRole.class.getName() + " where appId=" + mockApp.getId())) + + Mockito.when(session.createQuery("from :name where appId = :appId")) .thenReturn(epRoleQuery); + + Mockito.when(epRoleQuery.setParameter("name",EPRole.class.getName())).thenReturn(epRoleQuery); + Mockito.when(epRoleQuery.setParameter("appId",mockApp.getId())).thenReturn(epRoleQuery); + Mockito.doReturn(mockEPRoleList).when(epRoleQuery).list(); Mockito.when(session.createQuery( "from " + EPUserApp.class.getName() + " where app.id=" + mockApp.getId() + " and role_id=" + 15l)) @@ -1340,7 +1341,7 @@ public class UserRolesCommonServiceImplTest { EPUserAppRolesRequest mockEpAppRolesRequestData = new EPUserAppRolesRequest(); Mockito.doNothing().when(dataAccessService).saveDomainObject(mockEpAppRolesRequestData, null); final Map params = new HashMap<>(); - params.put("appId", appWithRolesForUser.appId); + params.put("appId", appWithRolesForUser.getAppId()); params.put("appRoleId", roleInAppForUser.roleId); Mockito.when((List) dataAccessService.executeNamedQuery("appRoles", params, null)) .thenReturn(epUserAppRolesList);