Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(backend):783 added validation to notification service not allowing… #1230

Merged
merged 4 commits into from
May 8, 2024
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7,510 changes: 7,509 additions & 1 deletion docs/api/traceability-foss-backend.json

Large diffs are not rendered by default.

7,510 changes: 7,509 additions & 1 deletion tx-backend/openapi/traceability-foss-backend.json

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@
import org.eclipse.tractusx.traceability.notification.domain.base.model.NotificationSide;
import org.eclipse.tractusx.traceability.notification.domain.base.model.NotificationStatus;
import org.eclipse.tractusx.traceability.notification.domain.base.model.NotificationType;
import org.eclipse.tractusx.traceability.notification.domain.notification.exception.NotificationSenderAndReceiverBPNEqualException;
import org.eclipse.tractusx.traceability.notification.domain.notification.model.EditNotification;
import org.eclipse.tractusx.traceability.notification.domain.notification.model.StartNotification;
import org.eclipse.tractusx.traceability.notification.domain.notification.repository.NotificationRepository;
Expand Down Expand Up @@ -71,6 +72,7 @@ public PageResult<Notification> getNotifications(Pageable pageable, SearchCriter

@Override
public NotificationId start(StartNotification startNotification) {
validateReceiverIsNotOwnBpn(startNotification.getReceiverBpn(), null);
Notification notification = notificationPublisherService.startNotification(startNotification);
NotificationId createdAlertId = getNotificationRepository().saveNotification(notification);
log.info("Start Quality Notification {}", notification);
Expand Down Expand Up @@ -110,6 +112,7 @@ public void updateStatusTransition(Long notificationId, NotificationStatus notif

@Override
public void editNotification(EditNotification editNotification) {
validateReceiverIsNotOwnBpn(editNotification.getReceiverBpn(), editNotification.getId());
Notification notification = loadOrNotFoundException(new NotificationId(editNotification.getId()));
List<AssetBase> affectedParts = assetAsBuiltRepository.getAssetsById(editNotification.getAffectedPartIds());
List<BpnEdcMapping> bpnMappings = bpnRepository.findAllByIdIn(affectedParts.stream().map(AssetBase::getManufacturerId).toList());
Expand Down Expand Up @@ -218,4 +221,16 @@ private List<String> getAssetEnumFieldValues(String fieldName) {
default -> null;
};
}

private void validateReceiverIsNotOwnBpn(String bpn, Long notificationId) {
if (traceabilityProperties.getBpn().value().equals(bpn)) {
if (notificationId != null) {
throw new NotificationSenderAndReceiverBPNEqualException(bpn, notificationId);
} else {
throw new NotificationSenderAndReceiverBPNEqualException(bpn);
}
}

}

}
Original file line number Diff line number Diff line change
Expand Up @@ -19,15 +19,14 @@

package org.eclipse.tractusx.traceability.notification.domain.notification.exception;

import org.eclipse.tractusx.traceability.common.model.BPN;

public class NotificationSenderAndReceiverBPNEqualException extends IllegalArgumentException {

public NotificationSenderAndReceiverBPNEqualException(String message) {
super(message);
public NotificationSenderAndReceiverBPNEqualException(String bpn) {
super("Quality notification cannot be created. Sender BPN %s is same as receiver BPN.".formatted(bpn));
}

public NotificationSenderAndReceiverBPNEqualException(BPN bpn, String investigationId) {
super("Quality Notification with id %s rejected. Sender BPN: %s is same as receiver BPN.".formatted(investigationId, bpn));
public NotificationSenderAndReceiverBPNEqualException(String bpn, Long notificationId) {
super("Quality notification with id %s cannot be edited. Sender BPN %s is same as receiver BPN.".formatted(bpn, notificationId));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ public boolean isValid(EDCNotification edcNotification, ConstraintValidatorConte
throw new InvestigationReceiverBpnMismatchException("BPN of sender cannot be null.");
}
if (applicationBPN.value().equals(senderBPN)) {
throw new NotificationSenderAndReceiverBPNEqualException(BPN.of(senderBPN), edcNotification.getNotificationId());
throw new NotificationSenderAndReceiverBPNEqualException(senderBPN, Long.valueOf(edcNotification.getNotificationId()));

Check notice

Code scanning / CodeQL

Missing catch of NumberFormatException

Potential uncaught 'java.lang.NumberFormatException'.
}
if (!senderBPN.equals(applicationBPN.value()) && !recipientBPN.equals(applicationBPN.value())) {
final String senderBPNIsNotSameAsReceiverError = String.format("BPN {%s} is not eligible to handle BPN: {%s}", applicationBPN.value(), senderBPN);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,46 @@ void shouldUpdateInvestigation_RemovingOnePartOnly() throws JoseException, com.f
.log().all();
}

@Test
void shouldThrowBadRequestWhenUpdateInvestigation_SenderAndReceiverBpnIsSame() throws JoseException, com.fasterxml.jackson.core.JsonProcessingException {
Header authHeader = oAuth2Support.jwtAuthorization(SUPERVISOR);
// given
List<String> partIds = List.of(
"urn:uuid:fe99da3d-b0de-4e80-81da-882aebcca978", // BPN: BPNL00000003AYRE
"urn:uuid:d387fa8e-603c-42bd-98c3-4d87fef8d2bb", // BPN: BPNL00000003AYRE
"urn:uuid:0ce83951-bc18-4e8f-892d-48bad4eb67ef" // BPN: BPNL00000003AXS3
);
String description = "at least 15 characters long investigation description";
String title = "the title";

val startNotificationRequest = StartNotificationRequest.builder()
.affectedPartIds(partIds)
.description(description)
.title(title)
.type(NotificationTypeRequest.INVESTIGATION)
.receiverBpn("BPNL00000003CNKC")
.severity(NotificationSeverityRequest.MINOR)
.build();
int id = notificationAPISupport.createNotificationRequest_withDefaultAssetsStored(authHeader, startNotificationRequest, 201);

// given
ds-lcapellino marked this conversation as resolved.
Show resolved Hide resolved
List<String> editedPartIds = List.of(
"urn:uuid:fe99da3d-b0de-4e80-81da-882aebcca978", // BPN: BPNL00000003AYRE
"urn:uuid:d387fa8e-603c-42bd-98c3-4d87fef8d2bb" // BPN: BPNL00000003AYRE
);

val request = EditNotificationRequest.builder()
.affectedPartIds(editedPartIds)
.severity(startNotificationRequest.getSeverity())
.description(startNotificationRequest.getDescription())
.title(startNotificationRequest.getTitle())
.receiverBpn("BPNL00000003AXS3")
.build();

// when
notificationAPISupport.editNotificationRequest(authHeader, request, id, 400);
}

@Test
void shouldUpdateInvestigationFields() throws JsonProcessingException, JoseException, com.fasterxml.jackson.core.JsonProcessingException {
Header authHeader = oAuth2Support.jwtAuthorization(SUPERVISOR);
Expand Down