Code Review / portal.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Fix sql injection vulnerability
[portal.git] / ecomp-portal-BE-common / src / test / java / org / onap / portalapp / portal / service / UserRolesCommonServiceImplTest.java
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java
index c907a6e..2415987 100644 (file)
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java
@@ -432,12 +432,16 @@ public class UserRolesCommonServiceImplTest {
                                .thenReturn(epUserAppsQuery);
                Mockito.doReturn(mockUserRolesList).when(epUserAppsQuery).list();
 
-               Mockito.when(session.createQuery("from " + FunctionalMenuRole.class.getName() + " where roleId=" + 15l))
+               Mockito.when(session.createQuery("from :name where roleId=:roleId"))
                                .thenReturn(epFunctionalMenuQuery);
+               Mockito.when(epFunctionalMenuQuery.setParameter("name",FunctionalMenuRole.class.getName())).thenReturn(epFunctionalMenuQuery);
+               Mockito.when(epFunctionalMenuQuery.setParameter("roleId",15l)).thenReturn(epFunctionalMenuQuery);
                Mockito.doReturn(mockFunctionalMenuRolesList).when(epFunctionalMenuQuery).list();
 
-               Mockito.when(session.createQuery("from " + FunctionalMenuRole.class.getName() + " where menuId=" + 10l))
+               Mockito.when(session.createQuery("from :name where menuId=:menuId"))
                                .thenReturn(epFunctionalMenuQuery2);
+               Mockito.when(epFunctionalMenuQuery2.setParameter("name",FunctionalMenuRole.class.getName())).thenReturn(epFunctionalMenuQuery2);
+               Mockito.when(epFunctionalMenuQuery2.setParameter("menuId",10l)).thenReturn(epFunctionalMenuQuery2);
                Mockito.doReturn(mockFunctionalMenuRolesList).when(epFunctionalMenuQuery2).list();
 
                Mockito.when(session.createQuery("from " + FunctionalMenuItem.class.getName() + " where menuId=" + 10l))
ARCHIVED- 2022-02-15 at the request of the project