Re: [PR] [SYNCOPE-1827] Only JPA with JSON support available, PostgreSQL the default option [syncope]

via GitHub Mon, 26 Aug 2024 08:06:45 -0700


github-advanced-security[bot] commented on code in PR #820:
URL: https://github.com/apache/syncope/pull/820#discussion_r1731391165



##########
core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/AbstractTest.java:
##########
@@ -18,22 +18,194 @@
  */
 package org.apache.syncope.core.persistence.jpa;
 
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.fail;
+
+import io.zonky.test.db.postgres.embedded.EmbeddedPostgres;
 import jakarta.persistence.EntityManager;
-import java.util.Optional;
+import java.io.InputStream;
+import java.util.Map;
+import java.util.Properties;
+import java.util.function.Supplier;
+import java.util.stream.Stream;
 import org.apache.syncope.core.persistence.api.entity.AnyUtilsFactory;
 import org.apache.syncope.core.persistence.api.entity.EntityFactory;
-import org.apache.syncope.core.persistence.api.entity.PlainAttr;
-import org.apache.syncope.core.persistence.api.entity.PlainAttrValue;
-import org.apache.syncope.core.persistence.jpa.dao.JPAPlainAttrValueDAO;
-import org.apache.syncope.core.persistence.jpa.dao.repo.PlainSchemaRepoExtImpl;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.test.context.DynamicPropertyRegistry;
+import org.springframework.test.context.DynamicPropertySource;
 import org.springframework.test.context.junit.jupiter.SpringJUnitConfig;
+import org.testcontainers.containers.MariaDBContainer;
+import org.testcontainers.containers.MySQLContainer;
+import org.testcontainers.oracle.OracleContainer;
 
 @SpringJUnitConfig(classes = { MasterDomain.class, 
PersistenceTestContext.class })
-@DirtiesContext
 public abstract class AbstractTest {
 
+    private static String JDBC_DRIVER;
+
+    private static String DATABASE_PLATFORM;
+
+    private static String ORM = "META-INF/spring-orm.xml";
+
+    private static String INDEXES = "classpath:META-INF/indexes.xml";
+
+    private static String VIEWS = "classpath:META-INF/views.xml";
+
+    private static Supplier<Object> JDBC_URL_SUPPLIER;
+
+    private static Supplier<Object> JDBC2_URL_SUPPLIER;
+
+    private static Supplier<Object> DB_USER_SUPPLIER = () -> "syncope";
+
+    private static Supplier<Object> DB_PWD_SUPPLIER = () -> "syncope";
+
+    private static Supplier<Object> DB2_USER_SUPPLIER = () -> "syncope";
+
+    private static Supplier<Object> DB2_PWD_SUPPLIER = () -> "syncope";
+
+    private static boolean classExists(final String name) {
+        try {
+            Class.forName(name, false, AbstractTest.class.getClassLoader());
+            return true;
+        } catch (ClassNotFoundException e) {
+            // ignore
+            return false;
+        }
+    }
+
+    static {
+        String dockerMySQLVersion = null;
+        String dockerMariaDBVersion = null;
+        String dockerOracleVersion = null;
+        try (InputStream propStream = 
AbstractTest.class.getResourceAsStream("/test.properties")) {
+            Properties props = new Properties();
+            props.load(propStream);
+
+            dockerMySQLVersion = props.getProperty("docker.mysql.version");
+            dockerMariaDBVersion = props.getProperty("docker.mariadb.version");
+            dockerOracleVersion = props.getProperty("docker.oracle.version");
+        } catch (Exception e) {
+            fail("Could not load /test.properties", e);
+        }
+        assertNotNull(dockerMySQLVersion);
+        assertNotNull(dockerMariaDBVersion);
+        assertNotNull(dockerOracleVersion);
+
+        if (classExists("org.postgresql.Driver")) {
+            JDBC_DRIVER = "org.postgresql.Driver";
+            DATABASE_PLATFORM = 
"org.apache.openjpa.jdbc.sql.PostgresDictionary";
+            ORM = "META-INF/spring-orm.xml";
+            INDEXES = "classpath:META-INF/indexes.xml";
+            VIEWS = "classpath:META-INF/views.xml";
+
+            try {
+                EmbeddedPostgres pg = EmbeddedPostgres.builder().start();
+                JdbcTemplate jdbcTemplate = new 
JdbcTemplate(pg.getPostgresDatabase());
+                Stream.of("syncope", "syncopetwo").forEach(key -> {
+                    jdbcTemplate.execute("CREATE DATABASE " + key);
+
+                    jdbcTemplate.execute("CREATE USER " + key + " WITH 
PASSWORD '" + key + "'");

Review Comment:
   ## Query built by concatenation with a possibly-untrusted string
   
   Query built by concatenation with [this expression](1), which may be 
untrusted.
   
   [Show more 
details](https://github.com/apache/syncope/security/code-scanning/1628)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] [SYNCOPE-1827] Only JPA with JSON support available, PostgreSQL the default option [syncope]

Reply via email to