From 840cf8830d1d142400c16f9812d8f5bf97a0bd1a Mon Sep 17 00:00:00 2001
From: Michael Weimann <mail@michael-weimann.eu>
Date: Mon, 26 Jul 2021 19:30:50 +0200
Subject: [PATCH] add sql special chars test

---
 ki/test/test_find_profiles_endpoint.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/ki/test/test_find_profiles_endpoint.py b/ki/test/test_find_profiles_endpoint.py
index 5987fc4..7c45c45 100644
--- a/ki/test/test_find_profiles_endpoint.py
+++ b/ki/test/test_find_profiles_endpoint.py
@@ -22,6 +22,13 @@ class TestFindProfilesEndpoint(ApiTest):
         self.assertEqual(response.status_code, 200)
         self.assertEqual(response.json, {"total": 0, "profiles": []})
 
+    def test_find_sql_specialchars(self):
+        token = self.login("peter", "geheim")["token"]
+
+        response = self.client.get("/users/profiles?nickname=%22%27%25", headers={"Authorization": "Bearer " + token})
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.json, {"total": 0, "profiles": []})
+
     def test_find_all(self):
         token = self.login("peter", "geheim")["token"]