Repository: syncope Updated Branches: refs/heads/2_0_X 379e3e45c -> 9ed23b1dc
Switch to use PreparedStatements in a few places for the fit tests Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/9ed23b1d Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/9ed23b1d Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/9ed23b1d Branch: refs/heads/2_0_X Commit: 9ed23b1dc317a3b0a294ef7f1bd693fb10a0879d Parents: 379e3e4 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Thu Dec 8 16:35:42 2016 +0000 Committer: Francesco Chicchiriccò <ilgro...@apache.org> Committed: Fri Dec 9 08:19:11 2016 +0100 ---------------------------------------------------------------------- .../fit/buildtools/cxf/ProvisioningImpl.java | 24 +++++++++++++------- 1 file changed, 16 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/syncope/blob/9ed23b1d/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/ProvisioningImpl.java ---------------------------------------------------------------------- diff --git a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/ProvisioningImpl.java b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/ProvisioningImpl.java index e5854d7..e384734 100644 --- a/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/ProvisioningImpl.java +++ b/fit/build-tools/src/main/java/org/apache/syncope/fit/buildtools/cxf/ProvisioningImpl.java @@ -19,6 +19,7 @@ package org.apache.syncope.fit.buildtools.cxf; import java.sql.Connection; +import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.ResultSetMetaData; import java.sql.SQLException; @@ -63,12 +64,14 @@ public class ProvisioningImpl implements Provisioning { try { conn = DataSourceUtils.getConnection(dataSource); - Statement statement = conn.createStatement(); + PreparedStatement statement = + conn.prepareStatement("DELETE FROM user WHERE userId=?"); + statement.setString(1, accountid); String query = "DELETE FROM user WHERE userId='" + accountid + "';"; LOG.debug("Execute query: " + query); - statement.executeUpdate(query); + statement.executeUpdate(); return accountid; } catch (SQLException e) { @@ -113,7 +116,6 @@ public class ProvisioningImpl implements Provisioning { try { conn = DataSourceUtils.getConnection(dataSource); - final Statement statement = conn.createStatement(); String value; @@ -155,10 +157,13 @@ public class ProvisioningImpl implements Provisioning { } if (set.length() > 0) { + PreparedStatement statement = + conn.prepareStatement("UPDATE user SET " + set.toString() + " WHERE userId=?"); + statement.setString(1, accountid); String query = "UPDATE user SET " + set.toString() + " WHERE userId='" + accountid + "';"; LOG.debug("Execute query: " + query); - statement.executeUpdate(query); + statement.executeUpdate(); } return accountid; @@ -339,22 +344,25 @@ public class ProvisioningImpl implements Provisioning { Connection conn = null; try { conn = DataSourceUtils.getConnection(dataSource); - Statement statement = conn.createStatement(); + PreparedStatement statement = + conn.prepareStatement("SELECT userId FROM user WHERE userId=?"); + statement.setString(1, username); final String query = "SELECT userId FROM user WHERE userId='" + username + "';"; LOG.debug("Execute query: " + query); - ResultSet rs = statement.executeQuery(query); + ResultSet rs = statement.executeQuery(); resolved = rs.next() ? rs.getString(1) : null; if (resolved == null) { - statement = conn.createStatement(); + statement = conn.prepareStatement("SELECT roleName FROM role WHERE roleName=?"); + statement.setString(1, username); final String roleQuery = "SELECT roleName FROM role WHERE roleName='" + username + "';"; LOG.debug("Execute query: " + roleQuery); - rs = statement.executeQuery(roleQuery); + rs = statement.executeQuery(); resolved = rs.next() ? rs.getString(1) : null; }