diff options
author | Sunder Tattavarada <statta@research.att.com> | 2019-06-18 16:04:36 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2019-06-18 16:04:36 +0000 |
commit | 2a462c99939b19f972813b64c7a4d6e33b9aaa5a (patch) | |
tree | 08c96378a6de50412d24309bde8fa04883b931f4 /ecomp-portal-BE-common/src/test/java/org/onap | |
parent | 37ea104d5c99b4100381cc0e8e79be3feb98a0ec (diff) | |
parent | 44484dc3fe12385b64defb2f287826285e890a65 (diff) |
Merge "Fix sql injection vulnerability"
Diffstat (limited to 'ecomp-portal-BE-common/src/test/java/org/onap')
-rw-r--r-- | ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java index 680d766d..9b5058d3 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java @@ -461,12 +461,16 @@ public class UserRolesCommonServiceImplTest { Mockito.when(epUserAppsQuery.setParameter("roleId",15l)).thenReturn(epUserAppsQuery); Mockito.doReturn(mockUserRolesList).when(epUserAppsQuery).list(); - Mockito.when(session.createQuery("from " + FunctionalMenuRole.class.getName() + " where roleId=" + 15l)) + Mockito.when(session.createQuery("from :name where roleId=:roleId")) .thenReturn(epFunctionalMenuQuery); + Mockito.when(epFunctionalMenuQuery.setParameter("name",FunctionalMenuRole.class.getName())).thenReturn(epFunctionalMenuQuery); + Mockito.when(epFunctionalMenuQuery.setParameter("roleId",15l)).thenReturn(epFunctionalMenuQuery); Mockito.doReturn(mockFunctionalMenuRolesList).when(epFunctionalMenuQuery).list(); - Mockito.when(session.createQuery("from " + FunctionalMenuRole.class.getName() + " where menuId=" + 10l)) + Mockito.when(session.createQuery("from :name where menuId=:menuId")) .thenReturn(epFunctionalMenuQuery2); + Mockito.when(epFunctionalMenuQuery2.setParameter("name",FunctionalMenuRole.class.getName())).thenReturn(epFunctionalMenuQuery2); + Mockito.when(epFunctionalMenuQuery2.setParameter("menuId",10l)).thenReturn(epFunctionalMenuQuery2); Mockito.doReturn(mockFunctionalMenuRolesList).when(epFunctionalMenuQuery2).list(); Mockito.when(session.createQuery("from " + FunctionalMenuItem.class.getName() + " where menuId=" + 10l)) |