Fortify, version, Junit

Issue-ID: PORTAL-543, PORTAL-273, PORTAL-544 Change-Id: Ib864ef78bbd534170cab90d9314f2d8943f78872 Signed-off-by: Thota, Saisree <st398c@research.att.com>
author: st398c <st398c@research.att.com> 2019-03-28 16:30:03 -0400
committer: st398c <st398c@research.att.com> 2019-03-28 16:30:03 -0400
commit: fa5f20d91c416a855f0d6afe157db8250574617c (patch)
tree: 3dd5dd3f8bccc8c0f30ca41cb2569aa4b0c5cefb /ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model
parent: 1ded3bb69c5e91cd879d83e13d2b3295710cdb4f (diff)
1 files changed, 23 insertions, 11 deletions
diff --git a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/SearchHandler.java b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/SearchHandler.java
index 5d3c94e9..8b4fc340 100644
--- a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/SearchHandler.java
+++ b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/SearchHandler.java
@@ -216,6 +216,7 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
 
 		String sql = Globals.getLoadReportSearchResult();
 		String rep_id = "";
+		String rep_id_sql_value = "";
 		String rep_id_options = "";
 		String rep_id_sql = Globals.getLoadReportSearchRepIdSql();
 		//rep_id_sql = " AND ROUND(cr.rep_id, 0) like coalesce('%%', ROUND(cr.rep_id, 0)) ";
@@ -237,20 +238,24 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
 			if(AppUtils.nvl(rep_id_options).length()>0 ) {
 				switch (rep_id_options) {
 				case "0":
-					rep_id_sql = " AND cr.rep_id = "+ rep_id+" ";
+					rep_id_sql = " AND cr.rep_id = ? ";
+					rep_id_sql_value = rep_id;
 					break;
 				case "1":
-					rep_id_sql = " AND cr.rep_id < "+ rep_id+" ";
+					rep_id_sql = " AND cr.rep_id < ? ";
+					rep_id_sql_value = rep_id;
 					break;
 				case "2":
-					rep_id_sql = " AND cr.rep_id > "+ rep_id+" ";
+					rep_id_sql = " AND cr.rep_id > ? ";
+					rep_id_sql_value = rep_id;
 					break;
 				default: 
 					rep_id_sql = Globals.getLoadReportSearchRepIdSql();
 					break;
 				}
 			} else {
-				rep_id_sql = " AND cr.rep_id = "+ rep_id+" ";
+				rep_id_sql = " AND cr.rep_id = ? ";
+				rep_id_sql_value = rep_id;
 			}
 		} else {
 			rep_id_sql = Globals.getLoadReportSearchRepIdSql(); //equal is default
@@ -259,6 +264,7 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
 		sql = sql.replace("[fReportID]", rep_id_sql);
 		
 		String rep_name = "";
+		String rep_name_sql_value = "";
 		String rep_name_options = "";
 		String rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%%') ";
 		if(request.getParameter("rep_name")!=null) {
@@ -277,23 +283,29 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
 			if(AppUtils.nvl(rep_name_options).length()>0 ) {
 				switch (rep_name_options) {
 				case "0":
-					rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('"+rep_name+"%') ";
+					rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+					rep_name_sql_value = rep_name+"%";
 					break;
 				case "1":
-					rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%"+rep_name+"') ";
+					rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+					rep_name_sql_value = "%"+rep_name;
 					break;
 				case "2":
-					rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%"+rep_name+"%') ";
+					rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+					rep_name_sql_value = "%"+rep_name+"%";
 					break;
 				default: 
-					rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%%') ";
+					rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+					rep_name_sql_value = "%%";
 					break;
 				}
 			} else {
-				rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%"+rep_name+"%') "; //contains is default
+				rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) "; //contains is default
+				rep_name_sql_value = "%"+rep_name+"%";
 			}
 		} else {
-			rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%%') ";
+			rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+			rep_name_sql_value = "%%";
 		}
 		sql = sql.replace("[fReportName]",rep_name_sql);
 
@@ -365,7 +377,7 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
 		sql = sql.replace("[roleList.toString()]", roleList.toString());
 
 		//System.out.println("query is for search list is : " +  sql);
-		DataSet ds = DbUtils.executeQuery(sql);
+		DataSet ds = DbUtils.executeQuery(sql, rep_name_sql_value, rep_id_sql_value);
 
 		ReportSearchResultJSON rsr = new ReportSearchResultJSON(0, 6, 7);
 		rsr.parseData(ds, request, 0, 20, 6, 7);
author	st398c <st398c@research.att.com>	2019-03-28 16:30:03 -0400
committer	st398c <st398c@research.att.com>	2019-03-28 16:30:03 -0400
commit	fa5f20d91c416a855f0d6afe157db8250574617c (patch)
tree	3dd5dd3f8bccc8c0f30ca41cb2569aa4b0c5cefb /ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model
parent	1ded3bb69c5e91cd879d83e13d2b3295710cdb4f (diff)