From 3562d314d63dc8f8610a18c89c037f369d162d8a Mon Sep 17 00:00:00 2001 From: dishenggg Date: Sat, 8 Jun 2024 10:23:30 +0000 Subject: [PATCH 1/3] Fix failing test cases --- .../teammates/it/storage/sqlapi/AccountRequestsDbIT.java | 5 +++++ .../teammates/it/ui/webapi/UpdateAccountRequestActionIT.java | 2 ++ 2 files changed, 7 insertions(+) diff --git a/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java b/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java index 6807e43a9b4..05ed6d0c144 100644 --- a/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java +++ b/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java @@ -11,6 +11,7 @@ import teammates.it.test.BaseTestCaseWithSqlDatabaseAccess; import teammates.storage.sqlapi.AccountRequestsDb; import teammates.storage.sqlentity.AccountRequest; +import teammates.test.TestProperties; /** * SUT: {@link AccountRequestsDb}. @@ -239,6 +240,10 @@ public void testSqlInjectionInDeleteAccountRequest() throws Exception { @Test public void testSqlInjectionSearchAccountRequestsInWholeSystem() throws Exception { + if (!TestProperties.isSearchServiceActive()) { + return; + } + ______TS("SQL Injection test in searchAccountRequestsInWholeSystem"); AccountRequest accountRequest = diff --git a/src/it/java/teammates/it/ui/webapi/UpdateAccountRequestActionIT.java b/src/it/java/teammates/it/ui/webapi/UpdateAccountRequestActionIT.java index f5932deaf99..7687f80813f 100644 --- a/src/it/java/teammates/it/ui/webapi/UpdateAccountRequestActionIT.java +++ b/src/it/java/teammates/it/ui/webapi/UpdateAccountRequestActionIT.java @@ -257,6 +257,8 @@ protected void tearDown() { for (AccountRequest ar : accountRequests) { logic.deleteAccountRequest(ar.getId()); } + + logic.deleteAccount(getTypicalAccount().getGoogleId()); HibernateUtil.commitTransaction(); } } From 572d8ba0b7b736d0286f91b8d2633ab2a104454f Mon Sep 17 00:00:00 2001 From: dishenggg Date: Sat, 8 Jun 2024 11:05:34 +0000 Subject: [PATCH 2/3] Update test logs with unique sorting order --- .../UpdateFeedbackSessionLogsActionIT.java | 37 +++++++++++-------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/src/it/java/teammates/it/ui/webapi/UpdateFeedbackSessionLogsActionIT.java b/src/it/java/teammates/it/ui/webapi/UpdateFeedbackSessionLogsActionIT.java index b6f2a8b1f47..8c5a0c6f21d 100644 --- a/src/it/java/teammates/it/ui/webapi/UpdateFeedbackSessionLogsActionIT.java +++ b/src/it/java/teammates/it/ui/webapi/UpdateFeedbackSessionLogsActionIT.java @@ -82,47 +82,52 @@ String getRequestMethod() { @Override protected void testExecute() { ______TS("No spam all logs added"); + + // Gap is larger than spam filter + mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), + session1InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), startTime.toEpochMilli()); + mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), + session1InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), + startTime.plusMillis(SPAM_FILTER + 1).toEpochMilli()); + // Different Types + long padding = 3 * SPAM_FILTER; mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), session1InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), - startTime.plusSeconds(100).toEpochMilli()); + startTime.plusMillis(padding).toEpochMilli()); mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), session1InCourse1.getId(), FeedbackSessionLogType.SUBMISSION.getLabel(), - startTime.plusSeconds(100).toEpochMilli()); + startTime.plusMillis(padding + 1).toEpochMilli()); mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), session1InCourse1.getId(), FeedbackSessionLogType.VIEW_RESULT.getLabel(), - startTime.plusSeconds(100).toEpochMilli()); + startTime.plusMillis(padding + 2).toEpochMilli()); // Different feedback sessions + padding = 5 * SPAM_FILTER; mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), session1InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), - startTime.plusSeconds(200).toEpochMilli()); + startTime.plusMillis(padding).toEpochMilli()); mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), session2InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), - startTime.plusSeconds(200).toEpochMilli()); + startTime.plusMillis(padding + 1).toEpochMilli()); // Different Student + padding = 7 * SPAM_FILTER; mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), session1InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), - startTime.plusSeconds(300).toEpochMilli()); + startTime.plusMillis(padding).toEpochMilli()); mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student2InCourse1.getId(), session1InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), - startTime.plusSeconds(300).toEpochMilli()); + startTime.plusMillis(padding + 1).toEpochMilli()); // Different course + padding = 9 * SPAM_FILTER; mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), session1InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), - startTime.plusSeconds(400).toEpochMilli()); + startTime.plusMillis(padding).toEpochMilli()); mockLogsProcessor.insertFeedbackSessionLog(course3.getId(), student1InCourse3.getId(), session1InCourse3.getId(), FeedbackSessionLogType.ACCESS.getLabel(), - startTime.plusSeconds(400).toEpochMilli()); - - // Gap is larger than spam filter - mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), - session1InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), startTime.toEpochMilli()); - mockLogsProcessor.insertFeedbackSessionLog(course1.getId(), student1InCourse1.getId(), - session1InCourse1.getId(), FeedbackSessionLogType.ACCESS.getLabel(), - startTime.plusMillis(SPAM_FILTER + 1).toEpochMilli()); + startTime.plusMillis(padding + 1).toEpochMilli()); UpdateFeedbackSessionLogsAction action = getAction(); getJsonResult(action); From 02bee72d231e433b368dc0d2f03ea37e95357302 Mon Sep 17 00:00:00 2001 From: dishenggg Date: Sat, 8 Jun 2024 11:40:46 +0000 Subject: [PATCH 3/3] Revert AccountRequestDbIT --- .../teammates/it/storage/sqlapi/AccountRequestsDbIT.java | 5 ----- 1 file changed, 5 deletions(-) diff --git a/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java b/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java index 05ed6d0c144..6807e43a9b4 100644 --- a/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java +++ b/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java @@ -11,7 +11,6 @@ import teammates.it.test.BaseTestCaseWithSqlDatabaseAccess; import teammates.storage.sqlapi.AccountRequestsDb; import teammates.storage.sqlentity.AccountRequest; -import teammates.test.TestProperties; /** * SUT: {@link AccountRequestsDb}. @@ -240,10 +239,6 @@ public void testSqlInjectionInDeleteAccountRequest() throws Exception { @Test public void testSqlInjectionSearchAccountRequestsInWholeSystem() throws Exception { - if (!TestProperties.isSearchServiceActive()) { - return; - } - ______TS("SQL Injection test in searchAccountRequestsInWholeSystem"); AccountRequest accountRequest =