Merge pull request #96 from ls1intum/fix/hidden-test-leakage

MarkusPaulsen · web-flow · commit 7af4b424433a · 2026-06-03T15:18:22.000+02:00
fix(security): suppress hidden test details from student-visible feedback
diff --git a/src/main/java/de/tum/cit/ase/ares/api/internal/ReportingUtils.java b/src/main/java/de/tum/cit/ase/ares/api/internal/ReportingUtils.java
@@ -10,6 +10,7 @@
 import org.slf4j.*;
 
 import de.tum.cit.ase.ares.api.context.TestContext;
+import de.tum.cit.ase.ares.api.context.TestType;
 import de.tum.cit.ase.ares.api.internal.sanitization.*;
 //REMOVED: Import of ArtemisSecurityManager
 
@@ -40,6 +41,9 @@ public static <T> T doProceedAndPostProcess(Invocation<T> invocation, TestContex
 	}
 
 	public static Throwable processThrowable(Throwable t, TestContext context) {
+		if (context.findTestType().orElse(null) == TestType.HIDDEN) {
+			return new AssertionError(localized("test_guard.hidden_test_failed"));
+		}
 		Optional<String> nonprivilegedFailureMessage = ConfigurationUtils.getNonprivilegedFailureMessage(context);
 		if (nonprivilegedFailureMessage.isPresent())
 			return processThrowablePrivilegedOnly(t, nonprivilegedFailureMessage.get());
diff --git a/src/main/resources/de/tum/cit/ase/ares/api/localization/messages.properties b/src/main/resources/de/tum/cit/ase/ares/api/localization/messages.properties
@@ -182,6 +182,7 @@ security.policy.within.path.invalid=The following path is invalid for withinPath
 # test guard and deadline handling
 test_guard.extended_deadline_zero_or_negative=deadline extension must not be ZERO or negative: %s
 test_guard.hidden_test_before_deadline_message=hidden tests will be executed after the deadline.
+test_guard.hidden_test_failed=Hidden test failed.
 test_guard.hidden_test_missing_deadline=cannot find a deadline for hidden test %s
 test_guard.invalid_deadline_format=invalid deadline string: %s
 test_guard.invalid_extended_deadline_format=invalid deadline extension format: %s
diff --git a/src/main/resources/de/tum/cit/ase/ares/api/localization/messages_de.properties b/src/main/resources/de/tum/cit/ase/ares/api/localization/messages_de.properties
@@ -175,6 +175,7 @@ security.policy.within.path.invalid=Der folgende Pfad ist f\u0308r withinPath un
 # test guard and deadline handling
 test_guard.extended_deadline_zero_or_negative=Deadline Verl\u00e4ngerung muss positiv sein: %s
 test_guard.hidden_test_before_deadline_message=Versteckte Tests werden nach der Deadline ausgef\u0308hrt.
+test_guard.hidden_test_failed=Versteckter Test fehlgeschlagen.
 test_guard.hidden_test_missing_deadline=F\u0308r den versteckten Test %s konnte keine Deadline gefunden werden
 test_guard.invalid_deadline_format=Ung\u0308ltiges ExtendedDeadline Format: %s
 test_guard.invalid_extended_deadline_format=Ung\u0308ltiges ExtendedDeadline Format: %s
