test(web): WebMvc coverage for DrillController routes and redirects

[ArchILLtect]

Layer

Web / Controller

Scope

• Problem / context
  • Ensure the Drill flow pages render and redirects occur as expected, including unauthenticated redirects.
• Proposed solution
  • WebMvc tests:
    • GET /drill/next when due exists → redirect to /drill/{id}
    • GET /drill/{id} renders solve JSP (session user present)
    • POST /drill/{id}/submit uses stub outcome, sets flash, redirects to /drill/next
    • Unauthenticated attempts to Drill routes → redirected to /logIn by filter
• In scope
  • WebMvc tests with view resolver and session attrs
• Out of scope
  • Full integration tests

Acceptance criteria

• Tests cover the above scenarios and pass

Related issues/PRs

Issue #27--Drill submission flow, Issue #28--Security guard