diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/assignments/AssignmentEndpoint.java b/webgoat-container/src/main/java/org/owasp/webgoat/assignments/AssignmentEndpoint.java index c4713a054..3b02b6129 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/assignments/AssignmentEndpoint.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/assignments/AssignmentEndpoint.java @@ -55,7 +55,7 @@ public abstract class AssignmentEndpoint extends Endpoint { //// TODO: 11/13/2016 events better fit? protected AttackResult trackProgress(AttackResult attackResult) { - UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName()); + UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName()); if (userTracker == null) { userTracker = new UserTracker(webSession.getUserName()); } diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Assignment.java b/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Assignment.java index 41758c742..d9b1f3470 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Assignment.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Assignment.java @@ -1,11 +1,9 @@ package org.owasp.webgoat.lessons; +import com.google.common.collect.Lists; import lombok.*; -import javax.persistence.Entity; -import javax.persistence.Id; -import javax.persistence.OneToMany; -import javax.persistence.Transient; +import javax.persistence.*; import java.util.List; /** @@ -37,19 +35,30 @@ import java.util.List; * @version $Id: $Id * @since November 25, 2016 */ -@AllArgsConstructor -@RequiredArgsConstructor -@NoArgsConstructor @Getter @EqualsAndHashCode @Entity public class Assignment { - @NonNull + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + private Long id; private String name; - @NonNull private String path; @Transient private List hints; + private Assignment() { + //Hibernate + } + + public Assignment(String name, String path) { + this(name, path, Lists.newArrayList()); + } + + public Assignment(String name, String path, List hints) { + this.name = name; + this.path = path; + this.hints = hints; + } } diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonMenuService.java b/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonMenuService.java index 097085c48..c0cfdc107 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonMenuService.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonMenuService.java @@ -73,7 +73,7 @@ public class LessonMenuService { List showLeftNav() { List menu = new ArrayList<>(); List categories = course.getCategories(); - UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName()); + UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName()); for (Category category : categories) { LessonMenuItem categoryItem = new LessonMenuItem(); diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonProgressService.java b/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonProgressService.java index fb4fe0071..c9fbf8820 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonProgressService.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonProgressService.java @@ -40,7 +40,7 @@ public class LessonProgressService { @RequestMapping(value = "/service/lessonprogress.mvc", produces = "application/json") @ResponseBody public Map getLessonInfo() { - UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName()); + UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName()); LessonTracker lessonTracker = userTracker.getLessonTracker(webSession.getCurrentLesson()); Map json = Maps.newHashMap(); String successMessage = ""; @@ -63,7 +63,7 @@ public class LessonProgressService { @RequestMapping(value = "/service/lessonoverview.mvc", produces = "application/json") @ResponseBody public List lessonOverview() { - UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName()); + UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName()); AbstractLesson currentLesson = webSession.getCurrentLesson(); List result = Lists.newArrayList(); if ( currentLesson != null ) { diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java b/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java index 21c8c1f20..a014e11fb 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java @@ -64,7 +64,7 @@ public class ReportCardService { @GetMapping(path = "/service/reportcard.mvc", produces = "application/json") @ResponseBody public ReportCard reportCard() { - UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName()); + UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName()); List lessons = course.getLessons(); ReportCard reportCard = new ReportCard(); reportCard.setTotalNumberOfLessons(course.getTotalOfLessons()); diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/service/RestartLessonService.java b/webgoat-container/src/main/java/org/owasp/webgoat/service/RestartLessonService.java index 4ea036996..b207b4ce1 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/service/RestartLessonService.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/RestartLessonService.java @@ -59,7 +59,7 @@ public class RestartLessonService { AbstractLesson al = webSession.getCurrentLesson(); log.debug("Restarting lesson: " + al); - UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName()); + UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName()); userTracker.reset(al); userTrackerRepository.save(userTracker); } diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/users/LessonTracker.java b/webgoat-container/src/main/java/org/owasp/webgoat/users/LessonTracker.java index 81d5d3b23..7d1d5d859 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/users/LessonTracker.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/LessonTracker.java @@ -47,8 +47,11 @@ import java.util.stream.Collectors; */ @Entity public class LessonTracker { - @Getter + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + private Long id; + @Getter private String lessonName; @OneToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER) private final Set solvedAssignments = Sets.newHashSet(); diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java b/webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java index aa8416d58..0b77b89c6 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java @@ -38,7 +38,7 @@ public class Scoreboard { List allUsers = userRepository.findAll(); List rankings = Lists.newArrayList(); for (WebGoatUser user : allUsers) { - UserTracker userTracker = userTrackerRepository.findOne(user.getUsername()); + UserTracker userTracker = userTrackerRepository.findByUser(user.getUsername()); rankings.add(new Ranking(user.getUsername(), challengesSolved(userTracker))); } return rankings; diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTracker.java b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTracker.java index 64ca5fb9a..3cc8ce19c 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTracker.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTracker.java @@ -50,6 +50,8 @@ import java.util.stream.Collectors; public class UserTracker { @Id + @GeneratedValue(strategy = GenerationType.AUTO) + private Long id; private String user; @OneToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER) private Set lessonTrackers = Sets.newHashSet(); diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTrackerRepository.java b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTrackerRepository.java index a322f9d8a..efa231d59 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTrackerRepository.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTrackerRepository.java @@ -8,5 +8,6 @@ import org.springframework.data.jpa.repository.JpaRepository; */ public interface UserTrackerRepository extends JpaRepository { + UserTracker findByUser(String user); } diff --git a/webgoat-container/src/test/java/org/owasp/webgoat/assignments/AssignmentEndpointTest.java b/webgoat-container/src/test/java/org/owasp/webgoat/assignments/AssignmentEndpointTest.java index 1f9628fb0..dc0c7a481 100644 --- a/webgoat-container/src/test/java/org/owasp/webgoat/assignments/AssignmentEndpointTest.java +++ b/webgoat-container/src/test/java/org/owasp/webgoat/assignments/AssignmentEndpointTest.java @@ -62,7 +62,7 @@ public class AssignmentEndpointTest { public void init(AssignmentEndpoint a) { messages.setBasenames("classpath:/i18n/messages", "classpath:/i18n/WebGoatLabels"); - when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker); + when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker); ReflectionTestUtils.setField(a, "userTrackerRepository", userTrackerRepository); ReflectionTestUtils.setField(a, "userSessionData", userSessionData); ReflectionTestUtils.setField(a, "webSession", webSession); diff --git a/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonMenuServiceTest.java b/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonMenuServiceTest.java index d71126d82..196610274 100644 --- a/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonMenuServiceTest.java +++ b/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonMenuServiceTest.java @@ -63,7 +63,7 @@ public class LessonMenuServiceTest { when(course.getLessons(any())).thenReturn(Lists.newArrayList(l1, l2)); when(course.getCategories()).thenReturn(Lists.newArrayList(Category.ACCESS_CONTROL)); when(userTracker.getLessonTracker(any(AbstractLesson.class))).thenReturn(lessonTracker); - when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker); + when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker); mockMvc.perform(MockMvcRequestBuilders.get(URL_LESSONMENU_MVC)) .andExpect(status().isOk()) @@ -81,7 +81,7 @@ public class LessonMenuServiceTest { when(course.getLessons(any())).thenReturn(Lists.newArrayList(l1)); when(course.getCategories()).thenReturn(Lists.newArrayList(Category.ACCESS_CONTROL)); when(userTracker.getLessonTracker(any(AbstractLesson.class))).thenReturn(lessonTracker); - when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker); + when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker); mockMvc.perform(MockMvcRequestBuilders.get(URL_LESSONMENU_MVC)) diff --git a/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonProgressServiceTest.java b/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonProgressServiceTest.java index 2ca3e9169..cdab7c84f 100644 --- a/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonProgressServiceTest.java +++ b/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonProgressServiceTest.java @@ -72,7 +72,7 @@ public class LessonProgressServiceTest { @Before public void setup() { Assignment assignment = new Assignment("test", "test"); - when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker); + when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker); when(userTracker.getLessonTracker(any(AbstractLesson.class))).thenReturn(lessonTracker); when(websession.getCurrentLesson()).thenReturn(lesson); when(lessonTracker.getLessonOverview()).thenReturn(Maps.newHashMap(assignment, true)); diff --git a/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java b/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java index e1b6f639f..9086741ba 100644 --- a/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java +++ b/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java @@ -53,7 +53,7 @@ public class ReportCardServiceTest { when(course.getTotalOfLessons()).thenReturn(1); when(course.getTotalOfAssignments()).thenReturn(10); when(course.getLessons()).thenReturn(Lists.newArrayList(lesson)); - when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker); + when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker); when(userTracker.getLessonTracker(any(AbstractLesson.class))).thenReturn(lessonTracker); mockMvc.perform(MockMvcRequestBuilders.get("/service/reportcard.mvc")) .andExpect(status().isOk()) diff --git a/webgoat-container/src/test/java/org/owasp/webgoat/users/UserTrackerRepositoryTest.java b/webgoat-container/src/test/java/org/owasp/webgoat/users/UserTrackerRepositoryTest.java index 5c8092c13..142a6c8c7 100644 --- a/webgoat-container/src/test/java/org/owasp/webgoat/users/UserTrackerRepositoryTest.java +++ b/webgoat-container/src/test/java/org/owasp/webgoat/users/UserTrackerRepositoryTest.java @@ -62,7 +62,7 @@ public class UserTrackerRepositoryTest { userTrackerRepository.save(userTracker); - userTracker = userTrackerRepository.findOne("test"); + userTracker = userTrackerRepository.findByUser("test"); Assertions.assertThat(userTracker.getLessonTracker("test")).isNotNull(); } @@ -77,7 +77,7 @@ public class UserTrackerRepositoryTest { userTrackerRepository.saveAndFlush(userTracker); - userTracker = userTrackerRepository.findOne("test"); + userTracker = userTrackerRepository.findByUser("test"); Assertions.assertThat(userTracker.numberOfAssignmentsSolved()).isEqualTo(1); } @@ -90,7 +90,7 @@ public class UserTrackerRepositoryTest { userTracker.assignmentFailed(lesson); userTrackerRepository.saveAndFlush(userTracker); - userTracker = userTrackerRepository.findOne("test"); + userTracker = userTrackerRepository.findByUser("test"); userTracker.assignmentFailed(lesson); userTracker.assignmentFailed(lesson); userTrackerRepository.saveAndFlush(userTracker); diff --git a/webgoat-lessons/csrf/src/main/java/org/owasp/webgoat/plugin/CSRFLogin.java b/webgoat-lessons/csrf/src/main/java/org/owasp/webgoat/plugin/CSRFLogin.java index 97edff2c1..122238bc1 100644 --- a/webgoat-lessons/csrf/src/main/java/org/owasp/webgoat/plugin/CSRFLogin.java +++ b/webgoat-lessons/csrf/src/main/java/org/owasp/webgoat/plugin/CSRFLogin.java @@ -33,7 +33,7 @@ public class CSRFLogin extends AssignmentEndpoint { } private void markAssignmentSolvedWithRealUser(String username) { - UserTracker userTracker = userTrackerRepository.findOne(username); + UserTracker userTracker = userTrackerRepository.findByUser(username); userTracker.assignmentSolved(getWebSession().getCurrentLesson(), this.getClass().getSimpleName()); userTrackerRepository.save(userTracker); }