diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-07-10 19:59:13 +0200 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-07-10 20:08:03 +0200 |
commit | 71525f539001ffab18215acbbbb92fef1d863860 (patch) | |
tree | eb5eeda9760903e253fabc9bb72b70c01b66212c | |
parent | f26978caa8e8aa870c47032a2adb5284a71a72bb (diff) |
Revert "Fix sql injection vulnerability"
This reverts commit 941133a42bad6a1d73c63913a950d1e4bc814fde.
This is required because this commit breaks the portal unit test due
to some other changes that happen between verify job and merge of that commit.
Issue-ID: OJSI-174
Change-Id: Ieb53f8ba23e2b1b05c67ec4d7d51c6d5107cfb87
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2 files changed, 3 insertions, 6 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java index b41dcd7a..522579d8 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java @@ -597,9 +597,8 @@ public class UserRolesCommonServiceImpl { "syncAppRoles: There is exactly 1 menu item for this role, so emptying the url"); @SuppressWarnings("unchecked") List<FunctionalMenuItem> funcMenuItems = localSession - .createQuery("from :name where menuId=:menuId") - .setParameter("name",FunctionalMenuItem.class.getName()) - .setParameter("menuId",menuId) + .createQuery( + "from " + FunctionalMenuItem.class.getName() + " where menuId=" + menuId) .list(); if (funcMenuItems.size() > 0) { logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item"); diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java index fb6c325c..9b5058d3 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java @@ -473,10 +473,8 @@ public class UserRolesCommonServiceImplTest { Mockito.when(epFunctionalMenuQuery2.setParameter("menuId",10l)).thenReturn(epFunctionalMenuQuery2); Mockito.doReturn(mockFunctionalMenuRolesList).when(epFunctionalMenuQuery2).list(); - Mockito.when(session.createQuery("from :name where menuId=:menuId")) + Mockito.when(session.createQuery("from " + FunctionalMenuItem.class.getName() + " where menuId=" + 10l)) .thenReturn(epFunctionalMenuItemQuery); - Mockito.when(epFunctionalMenuItemQuery.setParameter("name",FunctionalMenuItem.class.getName())).thenReturn(epFunctionalMenuItemQuery); - Mockito.when(epFunctionalMenuItemQuery.setParameter("menuId",10l)).thenReturn(epFunctionalMenuItemQuery); Mockito.doReturn(mockFunctionalMenuItemList).when(epFunctionalMenuItemQuery).list(); List<EcompRole> mockEcompRoleList2 = new ArrayList<>(); EcompRole mockUserAppRoles = new EcompRole(); |