diff --git a/src/org/labkey/test/tests/SecurityTest.java b/src/org/labkey/test/tests/SecurityTest.java index a540146b65..98fdf4cdb1 100644 --- a/src/org/labkey/test/tests/SecurityTest.java +++ b/src/org/labkey/test/tests/SecurityTest.java @@ -100,7 +100,7 @@ protected String getProjectName() @BeforeClass public static void setupProject() { - ((SecurityTest)getCurrentTest()).doSetup(); + ((SecurityTest) getCurrentTest()).doSetup(); } protected void doSetup() @@ -425,9 +425,9 @@ protected void checkGroupMembership(String userName, String groupName, int expec if (isPresent) { clickAndWait(userAccessLink); - + // check for the expected number of group membership links (note: they may be hidden by expandos) - click(Locator.xpath("//tr[td/a[text()='" + getProjectName() + "']]//img" )); + click(Locator.xpath("//tr[td/a[text()='" + getProjectName() + "']]//img")); assertElementPresent(Locator.linkWithText(groupName), expectedCount); return; } @@ -476,10 +476,10 @@ protected void impersonationTest() DataRegionTable table = new DataRegionTable("query", getDriver()); table.getDataAsText(2, 2); - String createdBy = table.getDataAsText(2, "Created By"); + String createdBy = table.getDataAsText(2, "Created By"); String impersonatedBy = table.getDataAsText(2, "Impersonated By"); - String user = table.getDataAsText(2, "User"); - String comment = table.getDataAsText(2, "Comment"); + String user = table.getDataAsText(2, "User"); + String comment = table.getDataAsText(2, "Comment"); assertTrue("Incorrect display for deleted user -- expected '', found '" + user + "'", user.matches("<\\d{4,}>")); assertEquals("Incorrect log entry for deleted user", @@ -504,7 +504,7 @@ public void loginSelfRegistrationEnabledTest() _userHelper.deleteUsers(false, selfRegUserEmail); int getResponse = setAuthenticationParameter("SelfRegistration", true); - assertEquals("failed to set authentication param to enable self register via http get", 200, getResponse ); + assertEquals("failed to set authentication param to enable self register via http get", 200, getResponse); signOut(); // test: attempt login, check if register button appears, click register @@ -551,4 +551,25 @@ public void loginSelfRegistrationDisabledTest() // cleanup: sign admin back in signIn(); } -} + + @LogMethod + @Test + public void invokeMutatingSqlAction() + { + // Ensure that a GET request invoking mutating SQL is flagged + String feature = "AllowMutatingSqlViaGet"; + Connection conn = createDefaultConnection(); + OptionalFeatureHelper.disableOptionalFeature(conn, feature); + beginAt(buildURL("test", "executeMutatingSql")); + assertTextPresent("MUTATING SQL executed as part of handling action: GET org.labkey.devtools.TestController$ExecuteMutatingSqlAction"); + checkExpectedErrors(2); + + // Turn on the deprecated feature flag and ensure that GET request can invoke mutating SQL + OptionalFeatureHelper.enableOptionalFeature(conn, feature); + beginAt(buildURL("test", "executeMutatingSql")); + assertTextPresent("UPDATE via GET was allowed!"); + + // Restore flag to original value + OptionalFeatureHelper.resetOptionalFeature(conn, feature); + } +} \ No newline at end of file diff --git a/src/org/labkey/test/util/DeferredErrorCollector.java b/src/org/labkey/test/util/DeferredErrorCollector.java index bc35abb0a0..9c66fb46d2 100644 --- a/src/org/labkey/test/util/DeferredErrorCollector.java +++ b/src/org/labkey/test/util/DeferredErrorCollector.java @@ -398,7 +398,7 @@ public void reportResults() { if (allErrors.getLast().getScreenshotName() == null) { - withScreenshot("fallback").error("No screeshot taken for last deferred error(s). " + + withScreenshot("fallback").error("No screenshot taken for last deferred error(s). " + "This screenshot may be relevant to previous failures. " + "Please update test to take appropriate screenshots."); }