diff options
| author |   Sunder Tattavarada <statta@research.att.com> | 2019-06-18 16:04:28 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2019-06-18 16:04:28 +0000 |
| commit | 37ea104d5c99b4100381cc0e8e79be3feb98a0ec (patch) | |
| tree | 13b233367dc8135d80eccb578e7c809e1a242f06 /ecomp-portal-BE-common/src/test/java/org/onap/portalapp | |
| parent | 80ddb55b9f5569c6443104150cb74ba2ae4fcb08 (diff) | |
| parent | d4ce764ca897efe12f3b46850aa37852c0372aa5 (diff) | |
Merge "Fix sql injection vulnerability"
Diffstat (limited to 'ecomp-portal-BE-common/src/test/java/org/onap/portalapp')
| -rw-r--r-- | ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java index d3ac4b9e..680d766d 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java @@ -454,9 +454,11 @@ public class UserRolesCommonServiceImplTest { Mockito.when(epRoleQuery.setParameter("appId",mockApp.getId())).thenReturn(epRoleQuery); Mockito.doReturn(mockEPRoleList).when(epRoleQuery).list(); - Mockito.when(session.createQuery( - "from " + EPUserApp.class.getName() + " where app.id=" + mockApp.getId() + " and role_id=" + 15l)) + Mockito.when(session.createQuery("from :name where app.id=:appId and role_id=:roleId")) .thenReturn(epUserAppsQuery); + Mockito.when(epUserAppsQuery.setParameter("name",EPUserApp.class.getName())).thenReturn(epUserAppsQuery); + Mockito.when(epUserAppsQuery.setParameter("appId",mockApp.getId())).thenReturn(epUserAppsQuery); + Mockito.when(epUserAppsQuery.setParameter("roleId",15l)).thenReturn(epUserAppsQuery); Mockito.doReturn(mockUserRolesList).when(epUserAppsQuery).list(); Mockito.when(session.createQuery("from " + FunctionalMenuRole.class.getName() + " where roleId=" + 15l)) |