From 7a8c9135f4f41d37a627c108bfb63ab9e8130aa8 Mon Sep 17 00:00:00 2001
From: Roly Rudy Gutierrez Pinto <gproly@gmail.com>
Date: Wed, 19 May 2021 00:13:10 -0400
Subject: [PATCH] PMCORE-2994 Complete the phpunit test for "SqlBlacklist"
 class.

---
 .../Validation/SqlBlacklistTest.php           | 120 ++++++++++++++++++
 .../engine/controllers/InstallerModule.php    |   4 +-
 2 files changed, 122 insertions(+), 2 deletions(-)
 create mode 100644 tests/unit/workflow/engine/src/ProcessMaker/Validation/SqlBlacklistTest.php

diff --git a/tests/unit/workflow/engine/src/ProcessMaker/Validation/SqlBlacklistTest.php b/tests/unit/workflow/engine/src/ProcessMaker/Validation/SqlBlacklistTest.php
new file mode 100644
index 000000000..321be5815
--- /dev/null
+++ b/tests/unit/workflow/engine/src/ProcessMaker/Validation/SqlBlacklistTest.php
@@ -0,0 +1,120 @@
+<?php
+
+namespace Tests\unit\workflow\engine\src\ProcessMaker\Validation;
+
+use Exception;
+use ProcessMaker\Validation\SqlBlacklist;
+use Tests\TestCase;
+
+class SqlBlacklistTest extends TestCase
+{
+    /**
+     * Property $sqlBlacklist
+     * @var object
+     */
+    private $sqlBlacklist;
+
+    /**
+     * Property $content.
+     * @var string
+     */
+    private $content;
+
+    /**
+     * Method setUp.
+     */
+    public function setUp()
+    {
+        parent::setUp();
+        $this->content = "";
+        $path = PATH_CONFIG . 'execute-query-blacklist.ini';
+        if (file_exists($path)) {
+            $this->content = file_get_contents($path);
+        }
+    }
+
+    /**
+     * Method tearDown.
+     */
+    public function tearDown()
+    {
+        parent::tearDown();
+        $path = PATH_CONFIG . 'execute-query-blacklist.ini';
+        if (file_exists($path)) {
+            file_put_contents($path, $this->content);
+        }
+    }
+
+    /**
+     * This test the getConfigValues method.
+     * @test
+     * @covers \ProcessMaker\Validation\SqlBlacklist::getConfigValues()
+     */
+    public function it_should_test_getConfigValues_method()
+    {
+        $this->sqlBlacklist = new SqlBlacklist();
+        $result = $this->sqlBlacklist->getConfigValues();
+
+        //asserts
+        $this->assertArrayHasKey('tables', $result);
+        $this->assertArrayHasKey('statements', $result);
+        $this->assertArrayHasKey('pmtables', $result);
+    }
+
+    /**
+     * This test the validate method when restricted system tables.
+     * @test
+     * @covers \ProcessMaker\Validation\SqlBlacklist::validate()
+     */
+    public function it_should_test_validate_method_when_restricted_system_tables()
+    {
+        //assert exception
+        $this->expectException(Exception::class);
+
+        $sql = "INSERT INTO APPLICATION (c1,c2,c3) values('', '', '')";
+        $this->sqlBlacklist = new SqlBlacklist($sql);
+        $this->sqlBlacklist->validate();
+    }
+
+    /**
+     * This test the validate method when restricted queries.
+     * @test
+     * @covers \ProcessMaker\Validation\SqlBlacklist::validate()
+     */
+    public function it_should_test_validate_method_when_restricted_queries()
+    {
+        //assert exception
+        $this->expectException(Exception::class);
+
+        $path = PATH_CONFIG . 'execute-query-blacklist.ini';
+        $content = ""
+            . "queries  = \"INSERT|UPDATE|REPLACE|DELETE|SHOW\"\n\n"
+            . "pmtables = \"PMT_TEST\"\n";
+        file_put_contents($path, $content);
+
+        $sql = "SHOW tables";
+        $this->sqlBlacklist = new SqlBlacklist($sql);
+        $this->sqlBlacklist->validate();
+    }
+
+    /**
+     * This test the validate method when restricted pmtables.
+     * @test
+     * @covers \ProcessMaker\Validation\SqlBlacklist::validate()
+     */
+    public function it_should_test_validate_method_when_restricted_pmtables()
+    {
+        //assert exception
+        $this->expectException(Exception::class);
+
+        $path = PATH_CONFIG . 'execute-query-blacklist.ini';
+        $content = ""
+            . "queries  = \"INSERT|UPDATE|REPLACE|DELETE|SHOW\"\n\n"
+            . "pmtables = \"PMT_TEST\"\n";
+        file_put_contents($path, $content);
+
+        $sql = "INSERT INTO PMT_TEST (c1,c2,c3) values('', '', '')";
+        $this->sqlBlacklist = new SqlBlacklist($sql);
+        $this->sqlBlacklist->validate();
+    }
+}
diff --git a/workflow/engine/controllers/InstallerModule.php b/workflow/engine/controllers/InstallerModule.php
index 9e1db0694..101a32d89 100644
--- a/workflow/engine/controllers/InstallerModule.php
+++ b/workflow/engine/controllers/InstallerModule.php
@@ -730,9 +730,9 @@ class InstallerModule extends Controller
             $dbText .= sprintf("  define ('DB_REPORT_PASS', '%s' );\n", $wfPass);
 
             $requestFlag = $_REQUEST['PARTNER_FLAG'];
-            if (defined('PARTNER_FLAG') || isset($requestFlag])) {
+            if (defined('PARTNER_FLAG') || isset($requestFlag)) {
                 $dbText .= "\n";
-                $dbText .= " (define('PARTNER_FLAG', " . (defined('PARTNER_FLAG') ? PARTNER_FLAG : isset(requestFlag)) ? $requestFlag : 'false') . ");\n";
+                $dbText .= "  define ('PARTNER_FLAG', " . (defined('PARTNER_FLAG') ? PARTNER_FLAG : (isset($requestFlag) ? $requestFlag : 'false') ) . ");\n";
                 if (!empty($this->systemName)) {
                     $dbText .= "  define ('SYSTEM_NAME', '" . $this->systemName . "');\n";
                 }