summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2019-07-10 19:59:13 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2019-07-10 20:08:03 +0200
commit71525f539001ffab18215acbbbb92fef1d863860 (patch)
treeeb5eeda9760903e253fabc9bb72b70c01b66212c
parentf26978caa8e8aa870c47032a2adb5284a71a72bb (diff)
Revert "Fix sql injection vulnerability"
This reverts commit 941133a42bad6a1d73c63913a950d1e4bc814fde. This is required because this commit breaks the portal unit test due to some other changes that happen between verify job and merge of that commit. Issue-ID: OJSI-174 Change-Id: Ieb53f8ba23e2b1b05c67ec4d7d51c6d5107cfb87 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java5
-rw-r--r--ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java4
2 files changed, 3 insertions, 6 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
index b41dcd7a..522579d8 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
@@ -597,9 +597,8 @@ public class UserRolesCommonServiceImpl {
"syncAppRoles: There is exactly 1 menu item for this role, so emptying the url");
@SuppressWarnings("unchecked")
List<FunctionalMenuItem> funcMenuItems = localSession
- .createQuery("from :name where menuId=:menuId")
- .setParameter("name",FunctionalMenuItem.class.getName())
- .setParameter("menuId",menuId)
+ .createQuery(
+ "from " + FunctionalMenuItem.class.getName() + " where menuId=" + menuId)
.list();
if (funcMenuItems.size() > 0) {
logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item");
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java
index fb6c325c..9b5058d3 100644
--- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java
+++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java
@@ -473,10 +473,8 @@ public class UserRolesCommonServiceImplTest {
Mockito.when(epFunctionalMenuQuery2.setParameter("menuId",10l)).thenReturn(epFunctionalMenuQuery2);
Mockito.doReturn(mockFunctionalMenuRolesList).when(epFunctionalMenuQuery2).list();
- Mockito.when(session.createQuery("from :name where menuId=:menuId"))
+ Mockito.when(session.createQuery("from " + FunctionalMenuItem.class.getName() + " where menuId=" + 10l))
.thenReturn(epFunctionalMenuItemQuery);
- Mockito.when(epFunctionalMenuItemQuery.setParameter("name",FunctionalMenuItem.class.getName())).thenReturn(epFunctionalMenuItemQuery);
- Mockito.when(epFunctionalMenuItemQuery.setParameter("menuId",10l)).thenReturn(epFunctionalMenuItemQuery);
Mockito.doReturn(mockFunctionalMenuItemList).when(epFunctionalMenuItemQuery).list();
List<EcompRole> mockEcompRoleList2 = new ArrayList<>();
EcompRole mockUserAppRoles = new EcompRole();