From 04854d5c458e9607c33c9f2a18d3610329d7f622 Mon Sep 17 00:00:00 2001
From: Martin Wahnschaffe <martin.wahnschaffe@vitagroup.ag>
Date: Thu, 2 Feb 2023 09:10:54 +0100
Subject: [PATCH] #11441 update spring expression dependency to get rid of
 security issue

SpEL is need for campaigns. Added test to make sure needed dependencies are available on Android
---
 .../CampaignFormDataFragmentUtilsTest.java    | 29 +++++++++++++++++++
 .../app/backend/common/AdoDtoHelper.java      |  2 +-
 .../CampaignFormDataFragmentUtils.java        | 10 +++----
 sormas-base/pom.xml                           |  3 +-
 4 files changed, 36 insertions(+), 8 deletions(-)
 create mode 100644 sormas-app/app/src/androidTest/java/de/symeda/sormas/app/campaign/CampaignFormDataFragmentUtilsTest.java

diff --git a/sormas-app/app/src/androidTest/java/de/symeda/sormas/app/campaign/CampaignFormDataFragmentUtilsTest.java b/sormas-app/app/src/androidTest/java/de/symeda/sormas/app/campaign/CampaignFormDataFragmentUtilsTest.java
new file mode 100644
index 000000000000..5a285a98ab79
--- /dev/null
+++ b/sormas-app/app/src/androidTest/java/de/symeda/sormas/app/campaign/CampaignFormDataFragmentUtilsTest.java
@@ -0,0 +1,29 @@
+package de.symeda.sormas.app.campaign;
+
+import static junit.framework.Assert.assertEquals;
+import static junit.framework.Assert.assertTrue;
+
+import java.util.Arrays;
+
+import org.junit.Test;
+import org.springframework.expression.spel.standard.SpelExpressionParser;
+
+import de.symeda.sormas.api.campaign.data.CampaignFormDataEntry;
+
+/**
+ * This test is part of the android tests, to make sure
+ * Spring expression languages and it's dependencies are correctly working.
+ *
+ * Execute this on a device with minimum android SDK version!
+ */
+public class CampaignFormDataFragmentUtilsTest {
+
+	@Test
+	public void handleExpression() {
+		Object result = CampaignFormDataFragmentUtils.getExpressionValue(
+			new SpelExpressionParser(),
+			Arrays.asList(new CampaignFormDataEntry("missedChildren", 3), new CampaignFormDataEntry("teamDidNotVisit", 2)),
+			"missedChildren > 2 and teamDidNotVisit >= 2");
+		assertEquals(Boolean.TRUE, result);
+	}
+}
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/common/AdoDtoHelper.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/common/AdoDtoHelper.java
index 1de312b82777..00fe51a6c23c 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/common/AdoDtoHelper.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/backend/common/AdoDtoHelper.java
@@ -21,7 +21,7 @@
 import com.j256.ormlite.logger.Logger;
 import com.j256.ormlite.logger.LoggerFactory;
 
-import org.springframework.util.CollectionUtils;
+import org.apache.commons.collections.CollectionUtils;
 
 import java.io.IOException;
 import java.sql.SQLException;
diff --git a/sormas-app/app/src/main/java/de/symeda/sormas/app/campaign/CampaignFormDataFragmentUtils.java b/sormas-app/app/src/main/java/de/symeda/sormas/app/campaign/CampaignFormDataFragmentUtils.java
index e502978707a0..77ce0cad1eb6 100644
--- a/sormas-app/app/src/main/java/de/symeda/sormas/app/campaign/CampaignFormDataFragmentUtils.java
+++ b/sormas-app/app/src/main/java/de/symeda/sormas/app/campaign/CampaignFormDataFragmentUtils.java
@@ -24,17 +24,17 @@
 import java.util.Locale;
 import java.util.Map;
 
-import org.springframework.expression.EvaluationContext;
-import org.springframework.expression.Expression;
-import org.springframework.expression.ExpressionParser;
-import org.springframework.expression.spel.SpelEvaluationException;
-
 import android.content.Context;
 import android.util.AttributeSet;
 import android.util.Log;
 import android.view.Gravity;
 import android.view.View;
 
+import org.springframework.expression.EvaluationContext;
+import org.springframework.expression.Expression;
+import org.springframework.expression.ExpressionParser;
+import org.springframework.expression.spel.SpelEvaluationException;
+
 import de.symeda.sormas.api.campaign.data.CampaignFormDataEntry;
 import de.symeda.sormas.api.campaign.form.CampaignFormElement;
 import de.symeda.sormas.api.campaign.form.CampaignFormElementType;
diff --git a/sormas-base/pom.xml b/sormas-base/pom.xml
index d73b036ede02..1ae834a3ea6a 100644
--- a/sormas-base/pom.xml
+++ b/sormas-base/pom.xml
@@ -930,8 +930,7 @@
 			<dependency>
 				<groupId>org.springframework</groupId>
 				<artifactId>spring-context</artifactId>
-				<version>4.3.30.RELEASE</version>
-				<!-- downgraded because of missing support in android api 24-->
+				<version>5.3.25</version>
 			</dependency>
 
 			<dependency>