[#12901] Check if the search service is active in account request sea…

…rch test (#13101) * added check for active search service in account request search test * moved account request search test to AccountRequestSearchIT and updated variables and asserts accordingly * Add caution note to instructor email copies and remove hyperlinks * updated account request test constructor to be consistent with latest commits * fixed style errors * fixed compiler errors * fixed assertion error and style * fixed linter errors * Revert "Add caution note to instructor email copies and remove hyperlinks" This reverts commit 232c757. --------- Co-authored-by: Carolyn Liu <[email protected]> Co-authored-by: Anna Zhang <[email protected]> Co-authored-by: DS <[email protected]> Co-authored-by: Wei Qing <[email protected]>
TEAMMATES · Jun 28, 2024 · 015b872 · 015b872
1 parent efeffd4
commit 015b872
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 15 deletions.
diff --git a/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java b/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java
@@ -237,19 +237,4 @@ public void testSqlInjectionInDeleteAccountRequest() throws Exception {
         assertEquals(accountRequest, actual);
     }
 
-    @Test
-    public void testSqlInjectionSearchAccountRequestsInWholeSystem() throws Exception {
-        ______TS("SQL Injection test in searchAccountRequestsInWholeSystem");
-
-        AccountRequest accountRequest =
-                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
-        accountRequestDb.createAccountRequest(accountRequest);
-
-        String searchInjection = "institute'; DROP TABLE account_requests; --";
-        List<AccountRequest> actualInjection = accountRequestDb.searchAccountRequestsInWholeSystem(searchInjection);
-        assertEquals(0, actualInjection.size());
-
-        AccountRequest actual = accountRequestDb.getAccountRequest(accountRequest.getId());
-        assertEquals(accountRequest, actual);
-    }
 }
diff --git a/src/it/java/teammates/it/storage/sqlsearch/AccountRequestSearchIT.java b/src/it/java/teammates/it/storage/sqlsearch/AccountRequestSearchIT.java
@@ -6,6 +6,7 @@
 import org.testng.annotations.BeforeMethod;
 import org.testng.annotations.Test;
 
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.common.datatransfer.SqlDataBundle;
 import teammates.common.exception.SearchServiceException;
 import teammates.common.util.HibernateUtil;
@@ -162,6 +163,26 @@ public void testSearchAccountRequest_noSearchService_shouldThrowException() {
                 () -> accountRequestsDb.searchAccountRequestsInWholeSystem("anything"));
     }
 
+    @Test
+    public void testSqlInjectionSearchAccountRequestsInWholeSystem() throws Exception {
+        ______TS("SQL Injection test in searchAccountRequestsInWholeSystem");
+
+        if (!TestProperties.isSearchServiceActive()) {
+            return;
+        }
+
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
+        accountRequestsDb.createAccountRequest(accountRequest);
+
+        String searchInjection = "institute'; DROP TABLE account_requests; --";
+        List<AccountRequest> actualInjection = accountRequestsDb.searchAccountRequestsInWholeSystem(searchInjection);
+        assertEquals(typicalBundle.accountRequests.size(), actualInjection.size());
+
+        AccountRequest actual = accountRequestsDb.getAccountRequest(accountRequest.getId());
+        assertEquals(accountRequest, actual);
+    }
+
     /**
      * Verifies that search results match with expected output.
      *