diff --git a/CHANGELOG.md b/CHANGELOG.md index d8ac614..7e6fa32 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 # Changelog +## [1.3.1] - [unreleased] + +### Fixes +- Fix vulnerability on postgresql version upgrade to 42.7.2 +- Fix vulnerability found upgrade spring boot version to 3.2.3 + +### Changed +- Change Spring security configuration and enable csrf configuration + ## [1.3.0] - 2024-02-19 ### Changed diff --git a/DEPENDENCIES b/DEPENDENCIES index 1560073..77da7a0 100644 --- a/DEPENDENCIES +++ b/DEPENDENCIES @@ -1,20 +1,20 @@ maven/mavencentral/ch.qos.logback/logback-classic/1.4.14, EPL-1.0 OR LGPL-2.1-only, approved, #3435 maven/mavencentral/ch.qos.logback/logback-core/1.4.14, EPL-1.0 OR LGPL-2.1-only, approved, #3373 -maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.15.3, Apache-2.0, approved, #7947 -maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.15.3, MIT AND Apache-2.0, approved, #7932 -maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.15.3, Apache-2.0, approved, #7934 -maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.15.3, Apache-2.0, approved, #8802 -maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jdk8/2.15.3, Apache-2.0, approved, #8808 -maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.15.3, Apache-2.0, approved, #7930 -maven/mavencentral/com.fasterxml.jackson.module/jackson-module-parameter-names/2.15.3, Apache-2.0, approved, #8803 -maven/mavencentral/com.fasterxml/classmate/1.5.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.15.4, Apache-2.0, approved, #7947 +maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.15.4, MIT AND Apache-2.0, approved, #7932 +maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.15.4, Apache-2.0, approved, #7934 +maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.15.4, Apache-2.0, approved, #8802 +maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jdk8/2.15.4, Apache-2.0, approved, #8808 +maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.15.4, Apache-2.0, approved, #7930 +maven/mavencentral/com.fasterxml.jackson.module/jackson-module-parameter-names/2.15.4, Apache-2.0, approved, #8803 +maven/mavencentral/com.fasterxml/classmate/1.6.0, Apache-2.0, approved, clearlydefined maven/mavencentral/com.github.docker-java/docker-java-api/3.3.0, Apache-2.0, approved, #10346 maven/mavencentral/com.github.docker-java/docker-java-transport-zerodep/3.3.0, Apache-2.0 AND (Apache-2.0 AND BSD-3-Clause), approved, #7946 maven/mavencentral/com.github.docker-java/docker-java-transport/3.3.0, Apache-2.0, approved, #7942 maven/mavencentral/com.github.stephenc.jcip/jcip-annotations/1.0-1, Apache-2.0, approved, CQ21949 maven/mavencentral/com.github.tomakehurst/wiremock-standalone/3.0.0-beta-10, MIT AND Apache-2.0, approved, #9734 maven/mavencentral/com.google.code.findbugs/jsr305/3.0.2, Apache-2.0, approved, #20 -maven/mavencentral/com.jayway.jsonpath/json-path/2.8.0, Apache-2.0, approved, clearlydefined +maven/mavencentral/com.jayway.jsonpath/json-path/2.9.0, Apache-2.0, approved, clearlydefined maven/mavencentral/com.nimbusds/content-type/2.2, Apache-2.0, approved, clearlydefined maven/mavencentral/com.nimbusds/lang-tag/1.7, Apache-2.0, approved, clearlydefined maven/mavencentral/com.nimbusds/nimbus-jose-jwt/9.24.4, Apache-2.0, approved, clearlydefined @@ -23,32 +23,33 @@ maven/mavencentral/com.opencsv/opencsv/5.7.1, Apache-2.0, approved, clearlydefin maven/mavencentral/com.sun.istack/istack-commons-runtime/4.1.2, BSD-3-Clause, approved, #2590 maven/mavencentral/com.vaadin.external.google/android-json/0.0.20131108.vaadin1, Apache-2.0, approved, CQ21310 maven/mavencentral/com.zaxxer/HikariCP/5.0.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/commons-codec/commons-codec/1.15, Apache-2.0 AND BSD-3-Clause AND LicenseRef-Public-Domain, approved, CQ22641 +maven/mavencentral/commons-codec/commons-codec/1.16.1, Apache-2.0 AND (Apache-2.0 AND BSD-3-Clause), approved, #9157 maven/mavencentral/io.hypersistence/hypersistence-tsid/2.0.0, MIT, approved, clearlydefined maven/mavencentral/io.hypersistence/hypersistence-utils-hibernate-60/3.5.1, Apache-2.0, approved, #9651 -maven/mavencentral/io.micrometer/micrometer-commons/1.11.8, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #9243 -maven/mavencentral/io.micrometer/micrometer-core/1.11.8, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #9238 -maven/mavencentral/io.micrometer/micrometer-observation/1.11.8, Apache-2.0, approved, #9242 -maven/mavencentral/io.netty/netty-buffer/4.1.105.Final, Apache-2.0, approved, CQ21842 -maven/mavencentral/io.netty/netty-codec-dns/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-codec-http/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-codec-http2/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-codec-socks/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-codec/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-common/4.1.105.Final, Apache-2.0 AND MIT AND CC0-1.0, approved, CQ21843 -maven/mavencentral/io.netty/netty-handler-proxy/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-handler/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-resolver-dns-classes-macos/4.1.105.Final, Apache-2.0, approved, #6367 -maven/mavencentral/io.netty/netty-resolver-dns-native-macos/4.1.105.Final, Apache-2.0, approved, #7004 -maven/mavencentral/io.netty/netty-resolver-dns/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-resolver/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-transport-classes-epoll/4.1.105.Final, Apache-2.0, approved, #6366 -maven/mavencentral/io.netty/netty-transport-native-epoll/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-transport-native-unix-common/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-transport/4.1.105.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.projectreactor.netty/reactor-netty-core/1.1.15, Apache-2.0, approved, #5946 -maven/mavencentral/io.projectreactor.netty/reactor-netty-http/1.1.15, Apache-2.0, approved, #6999 -maven/mavencentral/io.projectreactor/reactor-core/3.5.14, Apache-2.0, approved, #5934 +maven/mavencentral/io.micrometer/micrometer-commons/1.12.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11679 +maven/mavencentral/io.micrometer/micrometer-core/1.12.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11678 +maven/mavencentral/io.micrometer/micrometer-jakarta9/1.12.3, Apache-2.0, approved, #12923 +maven/mavencentral/io.micrometer/micrometer-observation/1.12.3, Apache-2.0, approved, #11680 +maven/mavencentral/io.netty/netty-buffer/4.1.107.Final, Apache-2.0, approved, CQ21842 +maven/mavencentral/io.netty/netty-codec-dns/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-codec-http/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-codec-http2/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-codec-socks/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-codec/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-common/4.1.107.Final, Apache-2.0 AND MIT AND CC0-1.0, approved, CQ21843 +maven/mavencentral/io.netty/netty-handler-proxy/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-handler/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-resolver-dns-classes-macos/4.1.107.Final, Apache-2.0, approved, #6367 +maven/mavencentral/io.netty/netty-resolver-dns-native-macos/4.1.107.Final, Apache-2.0, approved, #7004 +maven/mavencentral/io.netty/netty-resolver-dns/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-resolver/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-transport-classes-epoll/4.1.107.Final, Apache-2.0, approved, #6366 +maven/mavencentral/io.netty/netty-transport-native-epoll/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-transport-native-unix-common/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-transport/4.1.107.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.projectreactor.netty/reactor-netty-core/1.1.16, Apache-2.0, approved, #5946 +maven/mavencentral/io.projectreactor.netty/reactor-netty-http/1.1.16, Apache-2.0, approved, #6999 +maven/mavencentral/io.projectreactor/reactor-core/3.6.3, Apache-2.0, approved, #13392 maven/mavencentral/io.smallrye/jandex/3.0.5, Apache-2.0, approved, clearlydefined maven/mavencentral/io.swagger.core.v3/swagger-annotations-jakarta/2.2.9, Apache-2.0, approved, #5947 maven/mavencentral/io.swagger.core.v3/swagger-core-jakarta/2.2.9, Apache-2.0, approved, #5929 @@ -64,27 +65,26 @@ maven/mavencentral/javax.activation/javax.activation-api/1.2.0, (CDDL-1.1 OR GPL maven/mavencentral/javax.validation/validation-api/2.0.1.Final, Apache-2.0, approved, CQ15302 maven/mavencentral/javax.xml.bind/jaxb-api/2.3.1, CDDL-1.1 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, CQ16911 maven/mavencentral/junit/junit/4.13.2, EPL-2.0, approved, CQ23636 -maven/mavencentral/net.bytebuddy/byte-buddy-agent/1.14.11, Apache-2.0, approved, #7164 -maven/mavencentral/net.bytebuddy/byte-buddy/1.14.11, Apache-2.0 AND BSD-3-Clause, approved, #7163 +maven/mavencentral/net.bytebuddy/byte-buddy-agent/1.14.12, Apache-2.0, approved, #7164 +maven/mavencentral/net.bytebuddy/byte-buddy/1.14.12, Apache-2.0 AND BSD-3-Clause, approved, #7163 maven/mavencentral/net.java.dev.jna/jna/5.12.1, Apache-2.0 OR LGPL-2.1-or-later, approved, #3217 -maven/mavencentral/net.minidev/accessors-smart/2.4.11, Apache-2.0, approved, #7515 -maven/mavencentral/net.minidev/json-smart/2.4.11, Apache-2.0, approved, #3288 +maven/mavencentral/net.minidev/accessors-smart/2.5.0, Apache-2.0, approved, clearlydefined +maven/mavencentral/net.minidev/json-smart/2.5.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.antlr/antlr4-runtime/4.10.1, BSD-3-Clause AND LicenseRef-Public-domain AND MIT AND LicenseRef-Unicode-TOU, approved, #7065 maven/mavencentral/org.apache.commons/commons-collections4/4.4, Apache-2.0, approved, clearlydefined maven/mavencentral/org.apache.commons/commons-compress/1.23.0, Apache-2.0 AND BSD-3-Clause, approved, #7506 -maven/mavencentral/org.apache.commons/commons-lang3/3.12.0, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.apache.commons/commons-lang3/3.13.0, Apache-2.0, approved, #9820 maven/mavencentral/org.apache.commons/commons-text/1.10.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.apache.logging.log4j/log4j-api/2.20.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.apache.logging.log4j/log4j-to-slf4j/2.20.0, Apache-2.0, approved, #8799 -maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-core/10.1.18, Apache-2.0 AND (EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND (CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND W3C AND CC0-1.0, approved, #5949 -maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-el/10.1.18, Apache-2.0, approved, #6997 -maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.18, Apache-2.0, approved, #7920 +maven/mavencentral/org.apache.logging.log4j/log4j-api/2.21.1, Apache-2.0 AND (Apache-2.0 AND LGPL-2.0-or-later), approved, #11079 +maven/mavencentral/org.apache.logging.log4j/log4j-to-slf4j/2.21.1, Apache-2.0, approved, #11919 +maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-core/10.1.19, Apache-2.0 AND (EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND (CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND W3C AND CC0-1.0, approved, #5949 +maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-el/10.1.19, Apache-2.0, approved, #6997 +maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.19, Apache-2.0, approved, #7920 maven/mavencentral/org.apiguardian/apiguardian-api/1.1.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.aspectj/aspectjweaver/1.9.21, Apache-2.0 AND BSD-3-Clause AND EPL-1.0 AND BSD-3-Clause AND Apache-1.1, approved, #7695 maven/mavencentral/org.assertj/assertj-core/3.24.2, Apache-2.0, approved, #6161 -maven/mavencentral/org.bouncycastle/bcpkix-jdk18on/1.73, MIT, approved, #7892 -maven/mavencentral/org.bouncycastle/bcutil-jdk18on/1.73, MIT, approved, #7894 -maven/mavencentral/org.checkerframework/checker-qual/3.31.0, MIT, approved, clearlydefined +maven/mavencentral/org.awaitility/awaitility/4.2.0, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.checkerframework/checker-qual/3.42.0, MIT, approved, clearlydefined maven/mavencentral/org.eclipse.angus/angus-activation/2.0.1, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.angus maven/mavencentral/org.glassfish.jaxb/jaxb-core/4.0.4, BSD-3-Clause, approved, ee4j.jaxb maven/mavencentral/org.glassfish.jaxb/jaxb-runtime/4.0.4, BSD-3-Clause, approved, ee4j.jaxb @@ -97,84 +97,84 @@ maven/mavencentral/org.hibernate.orm/hibernate-core/6.2.6.Final, LGPL-2.1-only A maven/mavencentral/org.hibernate.validator/hibernate-validator/8.0.1.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/org.jboss.logging/jboss-logging/3.5.3.Final, Apache-2.0, approved, #9471 maven/mavencentral/org.jetbrains/annotations/17.0.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.9.3, EPL-2.0, approved, #3133 -maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.9.3, EPL-2.0, approved, #3125 -maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.9.3, EPL-2.0, approved, #3134 -maven/mavencentral/org.junit.jupiter/junit-jupiter/5.9.3, EPL-2.0, approved, #6972 -maven/mavencentral/org.junit.platform/junit-platform-commons/1.9.3, EPL-2.0, approved, #3130 -maven/mavencentral/org.junit.platform/junit-platform-engine/1.9.3, EPL-2.0, approved, #3128 +maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.10.2, EPL-2.0, approved, #9714 +maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.10.2, EPL-2.0, approved, #9711 +maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.10.2, EPL-2.0, approved, #9708 +maven/mavencentral/org.junit.jupiter/junit-jupiter/5.10.2, EPL-2.0, approved, #13393 +maven/mavencentral/org.junit.platform/junit-platform-commons/1.10.2, EPL-2.0, approved, #9715 +maven/mavencentral/org.junit.platform/junit-platform-engine/1.10.2, EPL-2.0, approved, #9709 maven/mavencentral/org.latencyutils/LatencyUtils/2.0.3, BSD-2-Clause, approved, CQ17408 maven/mavencentral/org.liquibase/liquibase-core/4.23.0, Apache-2.0, approved, #9650 maven/mavencentral/org.mapstruct/mapstruct/1.5.5.Final, Apache-2.0, approved, #6277 -maven/mavencentral/org.mockito/mockito-core/5.3.1, MIT AND (Apache-2.0 AND MIT) AND Apache-2.0, approved, #7925 -maven/mavencentral/org.mockito/mockito-junit-jupiter/5.3.1, MIT, approved, clearlydefined +maven/mavencentral/org.mockito/mockito-core/5.7.0, MIT AND (Apache-2.0 AND MIT) AND Apache-2.0, approved, #11424 +maven/mavencentral/org.mockito/mockito-junit-jupiter/5.7.0, MIT, approved, #11423 maven/mavencentral/org.objenesis/objenesis/3.3, Apache-2.0, approved, clearlydefined maven/mavencentral/org.openapitools/jackson-databind-nullable/0.2.6, Apache-2.0, approved, #3294 -maven/mavencentral/org.opentest4j/opentest4j/1.2.0, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.opentest4j/opentest4j/1.3.0, Apache-2.0, approved, #9713 maven/mavencentral/org.ow2.asm/asm/9.3, BSD-3-Clause, approved, clearlydefined -maven/mavencentral/org.postgresql/postgresql/42.6.0, BSD-2-Clause AND Apache-2.0, approved, #9159 +maven/mavencentral/org.postgresql/postgresql/42.7.2, BSD-2-Clause AND Apache-2.0, approved, #11681 maven/mavencentral/org.projectlombok/lombok/1.18.28, MIT AND LicenseRef-Public-Domain, approved, CQ23907 maven/mavencentral/org.reactivestreams/reactive-streams/1.0.4, CC0-1.0, approved, CQ16332 maven/mavencentral/org.rnorth.duct-tape/duct-tape/1.0.8, MIT, approved, clearlydefined maven/mavencentral/org.skyscreamer/jsonassert/1.5.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.slf4j/jul-to-slf4j/2.0.11, MIT, approved, #7698 -maven/mavencentral/org.slf4j/slf4j-api/2.0.11, MIT, approved, #5915 +maven/mavencentral/org.slf4j/jul-to-slf4j/2.0.12, MIT, approved, #7698 +maven/mavencentral/org.slf4j/slf4j-api/2.0.12, MIT, approved, #5915 maven/mavencentral/org.springdoc/springdoc-openapi-starter-common/2.1.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-api/2.1.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-ui/2.1.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.boot/spring-boot-actuator-autoconfigure/3.1.8, Apache-2.0, approved, #9348 -maven/mavencentral/org.springframework.boot/spring-boot-actuator/3.1.8, Apache-2.0, approved, #9342 -maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.1.8, Apache-2.0, approved, #9341 -maven/mavencentral/org.springframework.boot/spring-boot-starter-actuator/3.1.8, Apache-2.0, approved, #9344 -maven/mavencentral/org.springframework.boot/spring-boot-starter-aop/3.1.8, Apache-2.0, approved, #9338 -maven/mavencentral/org.springframework.boot/spring-boot-starter-cache/3.1.8, Apache-2.0, approved, #9653 -maven/mavencentral/org.springframework.boot/spring-boot-starter-data-jpa/3.1.8, Apache-2.0, approved, #9733 -maven/mavencentral/org.springframework.boot/spring-boot-starter-jdbc/3.1.8, Apache-2.0, approved, #9737 -maven/mavencentral/org.springframework.boot/spring-boot-starter-json/3.1.8, Apache-2.0, approved, #9336 -maven/mavencentral/org.springframework.boot/spring-boot-starter-logging/3.1.8, Apache-2.0, approved, #9343 +maven/mavencentral/org.springframework.boot/spring-boot-actuator-autoconfigure/3.2.3, Apache-2.0, approved, #11921 +maven/mavencentral/org.springframework.boot/spring-boot-actuator/3.2.3, Apache-2.0, approved, #11918 +maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.2.3, Apache-2.0, approved, #11751 +maven/mavencentral/org.springframework.boot/spring-boot-starter-actuator/3.2.3, Apache-2.0, approved, #12918 +maven/mavencentral/org.springframework.boot/spring-boot-starter-aop/3.2.3, Apache-2.0, approved, #11928 +maven/mavencentral/org.springframework.boot/spring-boot-starter-cache/3.2.3, Apache-2.0, approved, #13493 +maven/mavencentral/org.springframework.boot/spring-boot-starter-data-jpa/3.2.3, Apache-2.0, approved, #11926 +maven/mavencentral/org.springframework.boot/spring-boot-starter-jdbc/3.2.3, Apache-2.0, approved, #11878 +maven/mavencentral/org.springframework.boot/spring-boot-starter-json/3.2.3, Apache-2.0, approved, #11894 +maven/mavencentral/org.springframework.boot/spring-boot-starter-logging/3.2.3, Apache-2.0, approved, #11890 maven/mavencentral/org.springframework.boot/spring-boot-starter-oauth2-client/3.1.7, Apache-2.0, approved, #8806 maven/mavencentral/org.springframework.boot/spring-boot-starter-oauth2-resource-server/3.1.7, Apache-2.0, approved, #8804 -maven/mavencentral/org.springframework.boot/spring-boot-starter-reactor-netty/3.1.8, Apache-2.0, approved, #9738 -maven/mavencentral/org.springframework.boot/spring-boot-starter-test/3.1.8, Apache-2.0, approved, #9353 -maven/mavencentral/org.springframework.boot/spring-boot-starter-tomcat/3.1.8, Apache-2.0, approved, #9351 -maven/mavencentral/org.springframework.boot/spring-boot-starter-validation/3.1.8, Apache-2.0, approved, #9335 -maven/mavencentral/org.springframework.boot/spring-boot-starter-web/3.1.8, Apache-2.0, approved, #9347 +maven/mavencentral/org.springframework.boot/spring-boot-starter-reactor-netty/3.2.3, Apache-2.0, approved, #12590 +maven/mavencentral/org.springframework.boot/spring-boot-starter-test/3.2.3, Apache-2.0, approved, #12917 +maven/mavencentral/org.springframework.boot/spring-boot-starter-tomcat/3.2.3, Apache-2.0, approved, #11923 +maven/mavencentral/org.springframework.boot/spring-boot-starter-validation/3.2.3, Apache-2.0, approved, #12921 +maven/mavencentral/org.springframework.boot/spring-boot-starter-web/3.2.3, Apache-2.0, approved, #11916 maven/mavencentral/org.springframework.boot/spring-boot-starter-webflux/3.1.7, Apache-2.0, approved, #9739 -maven/mavencentral/org.springframework.boot/spring-boot-starter/3.1.8, Apache-2.0, approved, #9349 -maven/mavencentral/org.springframework.boot/spring-boot-test-autoconfigure/3.1.8, Apache-2.0, approved, #9339 -maven/mavencentral/org.springframework.boot/spring-boot-test/3.1.8, Apache-2.0, approved, #9346 -maven/mavencentral/org.springframework.boot/spring-boot/3.1.8, Apache-2.0, approved, #9352 -maven/mavencentral/org.springframework.cloud/spring-cloud-commons/4.0.4, Apache-2.0, approved, #7292 -maven/mavencentral/org.springframework.cloud/spring-cloud-context/4.0.4, Apache-2.0, approved, #7306 -maven/mavencentral/org.springframework.cloud/spring-cloud-starter-bootstrap/4.0.4, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.cloud/spring-cloud-starter/4.0.4, Apache-2.0, approved, #7299 -maven/mavencentral/org.springframework.data/spring-data-commons/3.1.8, Apache-2.0, approved, #8805 -maven/mavencentral/org.springframework.data/spring-data-jpa/3.1.8, Apache-2.0, approved, #9120 +maven/mavencentral/org.springframework.boot/spring-boot-starter/3.2.3, Apache-2.0, approved, #11935 +maven/mavencentral/org.springframework.boot/spring-boot-test-autoconfigure/3.2.3, Apache-2.0, approved, #12920 +maven/mavencentral/org.springframework.boot/spring-boot-test/3.2.3, Apache-2.0, approved, #12916 +maven/mavencentral/org.springframework.boot/spring-boot/3.2.3, Apache-2.0, approved, #11752 +maven/mavencentral/org.springframework.cloud/spring-cloud-commons/4.1.1, Apache-2.0, approved, #13495 +maven/mavencentral/org.springframework.cloud/spring-cloud-context/4.1.1, Apache-2.0, approved, #13494 +maven/mavencentral/org.springframework.cloud/spring-cloud-starter-bootstrap/4.1.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.cloud/spring-cloud-starter/4.1.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.data/spring-data-commons/3.2.3, Apache-2.0, approved, #11917 +maven/mavencentral/org.springframework.data/spring-data-jpa/3.2.3, Apache-2.0, approved, #11882 maven/mavencentral/org.springframework.security.oauth/spring-security-oauth2/2.5.2.RELEASE, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.security/spring-security-config/6.1.6, Apache-2.0, approved, #9736 -maven/mavencentral/org.springframework.security/spring-security-core/6.1.6, Apache-2.0, approved, #9801 -maven/mavencentral/org.springframework.security/spring-security-crypto/6.1.6, Apache-2.0 AND ISC, approved, #9735 -maven/mavencentral/org.springframework.security/spring-security-oauth2-client/6.1.6, Apache-2.0, approved, #9740 -maven/mavencentral/org.springframework.security/spring-security-oauth2-core/6.1.6, Apache-2.0, approved, #9741 -maven/mavencentral/org.springframework.security/spring-security-oauth2-jose/6.1.6, Apache-2.0, approved, #9345 -maven/mavencentral/org.springframework.security/spring-security-oauth2-resource-server/6.1.6, Apache-2.0, approved, #8798 -maven/mavencentral/org.springframework.security/spring-security-rsa/1.0.12.RELEASE, Apache-2.0, approved, CQ20647 +maven/mavencentral/org.springframework.security/spring-security-config/6.2.2, Apache-2.0, approved, #11896 +maven/mavencentral/org.springframework.security/spring-security-core/6.2.2, Apache-2.0, approved, #11904 +maven/mavencentral/org.springframework.security/spring-security-crypto/6.2.2, Apache-2.0 AND ISC, approved, #11908 +maven/mavencentral/org.springframework.security/spring-security-oauth2-client/6.2.2, Apache-2.0, approved, #12586 +maven/mavencentral/org.springframework.security/spring-security-oauth2-core/6.2.2, Apache-2.0, approved, #11925 +maven/mavencentral/org.springframework.security/spring-security-oauth2-jose/6.2.2, Apache-2.0, approved, #11893 +maven/mavencentral/org.springframework.security/spring-security-oauth2-resource-server/6.2.2, Apache-2.0, approved, #11920 +maven/mavencentral/org.springframework.security/spring-security-rsa/1.1.1, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springframework.security/spring-security-web/6.2.1, Apache-2.0, approved, #11911 -maven/mavencentral/org.springframework/spring-aop/6.0.16, Apache-2.0, approved, #5940 -maven/mavencentral/org.springframework/spring-aspects/6.0.16, Apache-2.0, approved, #5930 -maven/mavencentral/org.springframework/spring-beans/6.0.16, Apache-2.0, approved, #5937 -maven/mavencentral/org.springframework/spring-context-support/6.0.16, Apache-2.0, approved, #6960 -maven/mavencentral/org.springframework/spring-context/6.0.16, Apache-2.0, approved, #5936 -maven/mavencentral/org.springframework/spring-core/6.0.16, Apache-2.0 AND BSD-3-Clause, approved, #5948 -maven/mavencentral/org.springframework/spring-expression/6.0.16, Apache-2.0, approved, #3284 -maven/mavencentral/org.springframework/spring-jcl/6.0.16, Apache-2.0, approved, #3283 -maven/mavencentral/org.springframework/spring-jdbc/6.0.16, Apache-2.0, approved, #5924 -maven/mavencentral/org.springframework/spring-orm/6.0.16, Apache-2.0, approved, #5925 -maven/mavencentral/org.springframework/spring-test/6.0.16, Apache-2.0, approved, #7003 -maven/mavencentral/org.springframework/spring-tx/6.0.16, Apache-2.0, approved, #5926 -maven/mavencentral/org.springframework/spring-web/6.0.16, Apache-2.0, approved, #5942 -maven/mavencentral/org.springframework/spring-webflux/6.0.16, Apache-2.0, approved, #6964 -maven/mavencentral/org.springframework/spring-webmvc/6.0.16, Apache-2.0, approved, #5944 +maven/mavencentral/org.springframework/spring-aop/6.1.4, Apache-2.0, approved, #11755 +maven/mavencentral/org.springframework/spring-aspects/6.1.4, Apache-2.0, approved, #11905 +maven/mavencentral/org.springframework/spring-beans/6.1.4, Apache-2.0, approved, #11754 +maven/mavencentral/org.springframework/spring-context-support/6.1.4, Apache-2.0, approved, #13496 +maven/mavencentral/org.springframework/spring-context/6.1.4, Apache-2.0, approved, #11753 +maven/mavencentral/org.springframework/spring-core/6.1.4, Apache-2.0 AND BSD-3-Clause, approved, #11750 +maven/mavencentral/org.springframework/spring-expression/6.1.4, Apache-2.0, approved, #11747 +maven/mavencentral/org.springframework/spring-jcl/6.1.4, Apache-2.0, approved, #11749 +maven/mavencentral/org.springframework/spring-jdbc/6.1.4, Apache-2.0, approved, #11897 +maven/mavencentral/org.springframework/spring-orm/6.1.4, Apache-2.0, approved, #11924 +maven/mavencentral/org.springframework/spring-test/6.1.4, Apache-2.0, approved, #12919 +maven/mavencentral/org.springframework/spring-tx/6.1.4, Apache-2.0, approved, #11901 +maven/mavencentral/org.springframework/spring-web/6.1.4, Apache-2.0, approved, #11748 +maven/mavencentral/org.springframework/spring-webflux/6.1.4, Apache-2.0, approved, #12593 +maven/mavencentral/org.springframework/spring-webmvc/6.1.4, Apache-2.0, approved, #11879 maven/mavencentral/org.testcontainers/database-commons/1.18.3, MIT, approved, clearlydefined maven/mavencentral/org.testcontainers/jdbc/1.18.3, MIT, approved, clearlydefined maven/mavencentral/org.testcontainers/junit-jupiter/1.18.3, MIT, approved, #7941 diff --git a/pom.xml b/pom.xml index 188fea1..30df427 100644 --- a/pom.xml +++ b/pom.xml @@ -23,12 +23,12 @@ org.springframework.boot spring-boot-starter-parent - 3.1.8 + 3.2.3 org.eclipse.tractusx value-added-service - 1.3.0 + 1.3.1 vas-country-risk-backend Project to Validate Country Risks Score @@ -41,7 +41,7 @@ 3.1.7 0.26.0 2.1.0 - 4.0.4 + 4.1.1 https://sonarcloud.io ${project.reporting.outputDirectory}/target/jacoco-report/jacoco.xml @@ -54,7 +54,7 @@ 0.8.7 6.2.1 - 42.6.0 + 42.7.2 0.2.6 3.0.0-beta-10 2.2 @@ -264,11 +264,7 @@ org.liquibase liquibase-maven-plugin - - org.apache.maven.plugins - maven-help-plugin - ${maven-clean-plugin.version} - + org.apache.maven.plugins maven-compiler-plugin diff --git a/src/main/java/org/eclipse/tractusx/valueaddedservice/config/SecurityConfiguration.java b/src/main/java/org/eclipse/tractusx/valueaddedservice/config/SecurityConfiguration.java index 59fc095..227f0b4 100644 --- a/src/main/java/org/eclipse/tractusx/valueaddedservice/config/SecurityConfiguration.java +++ b/src/main/java/org/eclipse/tractusx/valueaddedservice/config/SecurityConfiguration.java @@ -24,6 +24,7 @@ import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.web.SecurityFilterChain; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @@ -41,16 +42,13 @@ public class SecurityConfiguration { @Bean @ConditionalOnProperty(prefix = "security", name = "enabled", havingValue = "true") public SecurityFilterChain securityFilterChain(final HttpSecurity httpSecurity) throws Exception { - httpSecurity.cors(withDefaults()) - .csrf(((csrf)-> csrf.disable())) - .authorizeHttpRequests(((authz)-> authz + .authorizeHttpRequests((auth-> auth .requestMatchers("/error","/api/dashboard/**","/api/sharing/**","/api/edc/**") .authenticated() .requestMatchers("/v3/api-docs/**", "/swagger-ui.html", "/swagger-ui/**","/management/**") .permitAll() )); - httpSecurity.oauth2ResourceServer(resourceServer -> resourceServer .jwt(withDefaults())); @@ -69,26 +67,12 @@ public void addCorsMappings(CorsRegistry registry) { }; } - @Bean - @ConditionalOnProperty(prefix = "security", name = "enabled", havingValue = "false") - public SecurityFilterChain securityFilterChainLocal(final HttpSecurity httpSecurity) throws Exception { - - - - httpSecurity.cors(withDefaults()) - .csrf(((csrf)-> csrf.disable())) - .formLogin(((form)-> form.disable())) - .httpBasic((httpBasic)-> httpBasic.disable()) - .logout((logout)-> logout.disable()) - .headers((headers)->headers.frameOptions(frameOptionsConfig -> frameOptionsConfig.disable())) - .authorizeHttpRequests(((authz)-> authz - .requestMatchers("/error","/api/**","/management/**","/v3/api-docs/**", "/swagger-ui.html", "/swagger-ui/**") - .permitAll() - )); - - return httpSecurity.build(); + @Bean + @ConditionalOnProperty(prefix = "security", name = "enabled", havingValue = "false") + public WebSecurityCustomizer webSecurityCustomizer() { + return (web) -> web.ignoring().requestMatchers("/**"); } diff --git a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/ReportService.java b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/ReportService.java index 3c6cc8a..3506f7f 100644 --- a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/ReportService.java +++ b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/ReportService.java @@ -19,6 +19,7 @@ ********************************************************************************/ package org.eclipse.tractusx.valueaddedservice.service; +import org.apache.commons.text.StringEscapeUtils; import org.eclipse.tractusx.valueaddedservice.domain.Report; import org.eclipse.tractusx.valueaddedservice.domain.enumeration.Type; import org.eclipse.tractusx.valueaddedservice.dto.ReportDTO; @@ -58,7 +59,8 @@ public ReportService(ReportRepository reportRepository, ReportMapper reportMappe * @return the persisted entity. */ public ReportDTO save(ReportDTO reportDTO) { - log.debug("Request to save Report : {}", reportDTO); + String reportString = StringEscapeUtils.escapeJava(reportDTO.toString()); + log.debug("Request to save Report : {}", reportString); Report report = reportMapper.toEntity(reportDTO); report = reportRepository.save(report); return reportMapper.toDto(report); diff --git a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/ReportValuesService.java b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/ReportValuesService.java index 7a45c5d..27790ca 100644 --- a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/ReportValuesService.java +++ b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/ReportValuesService.java @@ -19,6 +19,7 @@ ********************************************************************************/ package org.eclipse.tractusx.valueaddedservice.service; +import org.apache.commons.text.StringEscapeUtils; import org.eclipse.tractusx.valueaddedservice.domain.Report; import org.eclipse.tractusx.valueaddedservice.domain.ReportValues; import org.eclipse.tractusx.valueaddedservice.dto.ReportDTO; @@ -62,7 +63,8 @@ public ReportValuesService(ReportValuesRepository reportValuesRepository, Report * @return the persisted entity. */ public ReportValuesDTO save(ReportValuesDTO reportValuesDTO, ReportDTO reportDTO) { - log.debug("Request to save ReportValues : {}", reportValuesDTO); + String reports = StringEscapeUtils.escapeJava(reportValuesDTO.toString()); + log.debug("Request to save ReportValues : {}", reports); Report report = reportMapper.toEntity(reportDTO); ReportValues reportValues = reportValuesMapper.toEntity(reportValuesDTO); reportValues.setReport(report); diff --git a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/CountryLogicService.java b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/CountryLogicService.java index fa0a72f..ffd41e7 100644 --- a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/CountryLogicService.java +++ b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/CountryLogicService.java @@ -20,6 +20,7 @@ package org.eclipse.tractusx.valueaddedservice.service.logic; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.text.StringEscapeUtils; import org.eclipse.tractusx.valueaddedservice.dto.CompanyUserDTO; import org.eclipse.tractusx.valueaddedservice.dto.CountryDTO; import org.eclipse.tractusx.valueaddedservice.service.CountryService; @@ -47,7 +48,8 @@ public class CountryLogicService { @Cacheable(value = "vas-country", key = "{#root.methodName , {#companyUserDTO.name,#companyUserDTO.email,#companyUserDTO.companyName},#roles }", unless = "#result == null") public List getAssociatedCountries (CompanyUserDTO companyUserDTO,String token,List roles) { - log.debug("getAssociatedCountries filtered by companyUserDTO " + companyUserDTO); + String sanitizedCompany = StringEscapeUtils.escapeJava(companyUserDTO.toString()); + log.debug("getAssociatedCountries filtered by companyUserDTO " + sanitizedCompany); List countryList; countryList = externalBusinessPartnersLogicService.getExternalPartnersCountry(companyUserDTO,token,roles); @@ -61,7 +63,8 @@ public List getAssociatedCountries (CompanyUserDTO companyUserDTO,St @Cacheable(value = "vas-country", key = "{#root.methodName , {#companyUserDTO.name,#companyUserDTO.email,#companyUserDTO.companyName},#roles}", unless = "#result == null") public List getCountryFilterByISO2(CompanyUserDTO companyUserDTO,String token,List roles){ - log.debug("getCountryFilterByISO2 filtered by companyUserDTO "+ companyUserDTO); + String sanitizedCompany = StringEscapeUtils.escapeJava(companyUserDTO.toString()); + log.debug("getCountryFilterByISO2 filtered by companyUserDTO "+ sanitizedCompany); List countryDTOList = countryService.findAll().stream().filter(MethodUtils.distinctByKey(CountryDTO::getIso2)).toList(); countryDTOList.forEach(countryDTO -> countryDTO.setTotalBpn(externalBusinessPartnersLogicService.getTotalBpnByCountry(countryDTO,companyUserDTO,token,roles))); diff --git a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/DataSourceLogicService.java b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/DataSourceLogicService.java index e6c36e3..3b7b02e 100644 --- a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/DataSourceLogicService.java +++ b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/DataSourceLogicService.java @@ -20,6 +20,7 @@ package org.eclipse.tractusx.valueaddedservice.service.logic; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.text.StringEscapeUtils; import org.eclipse.tractusx.valueaddedservice.domain.enumeration.Type; import org.eclipse.tractusx.valueaddedservice.dto.CompanyUserDTO; import org.eclipse.tractusx.valueaddedservice.dto.DataSourceDTO; @@ -51,7 +52,8 @@ public class DataSourceLogicService { @Cacheable(value = "vas-datasource", key = "{#root.methodName , {#year,#companyUserDTO.name,#companyUserDTO.email,#companyUserDTO.companyName}}", unless = "#result == null") public List findRatingsByYearAndCompanyUser(Integer year, CompanyUserDTO companyUserDTO){ - log.debug("findRatingsByYearAndCompanyUser {}",companyUserDTO); + String sanitizedCompany = StringEscapeUtils.escapeJava(companyUserDTO.toString()); + log.debug("findRatingsByYearAndCompanyUser {}",sanitizedCompany); List dataSourceDTOS = dataSourceService.findRatingsByYearAndTypeGlobal(year); List companyRatings = dataSourceService.findByYearPublishedAndCompanyUserCompanyNameAndType(year, companyUserDTO, Type.Company); List dataSourceDTOByYearAndUser = dataSourceService.findRatingByYearAndUser(year,companyUserDTO); @@ -63,7 +65,8 @@ public List findRatingsByYearAndCompanyUser(Integer year, Company @Cacheable(value = "vas-datasource", key = "{#root.methodName , {#companyUserDTO.name,#companyUserDTO.email,#companyUserDTO.companyName}}", unless = "#result == null") public List findRatingsByCompanyUser(CompanyUserDTO companyUserDTO){ - log.debug("findRatingsByCompanyUser {}",companyUserDTO); + String sanitizedCompany = StringEscapeUtils.escapeJava(companyUserDTO.toString()); + log.debug("findRatingsByCompanyUser {}",sanitizedCompany); return dataSourceService.findRatingByUser(companyUserDTO); } @@ -75,7 +78,8 @@ public void invalidateAllCache() { @Cacheable(value = "vas-datasource", key = "{#root.methodName , {#year,#companyUserDTO.companyName}}", unless = "#result == null") public List findRatingsByYearAndCompanyUserCompany(Integer year, CompanyUserDTO companyUserDTO){ - log.debug("findRatingsByYearAndCompanyUser {}",companyUserDTO); + String sanitizedCompany = StringEscapeUtils.escapeJava(companyUserDTO.toString()); + log.debug("findRatingsByYearAndCompanyUser {}",sanitizedCompany); List dataSourceDTOS = dataSourceService.findRatingsByYearAndTypeGlobal(year); List companyRatings = dataSourceService.findByYearPublishedAndCompanyUserCompanyNameAndType(year, companyUserDTO, Type.Company); dataSourceDTOS.addAll(companyRatings); diff --git a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/ExternalBusinessPartnersLogicService.java b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/ExternalBusinessPartnersLogicService.java index f938485..600761e 100644 --- a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/ExternalBusinessPartnersLogicService.java +++ b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/ExternalBusinessPartnersLogicService.java @@ -20,6 +20,7 @@ package org.eclipse.tractusx.valueaddedservice.service.logic; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.text.StringEscapeUtils; import org.eclipse.tractusx.valueaddedservice.dto.BusinessPartnerDTO; import org.eclipse.tractusx.valueaddedservice.dto.CompanyUserDTO; import org.eclipse.tractusx.valueaddedservice.dto.CountryDTO; @@ -42,7 +43,8 @@ public class ExternalBusinessPartnersLogicService { @Cacheable(value = "vas-bpn", key = "{#root.methodName , {#companyUserDTO.name,#companyUserDTO.email,#companyUserDTO.companyName},#roles}", unless = "#result == null") public List getExternalPartnersCountry (CompanyUserDTO companyUserDTO,String token,List roles) { - log.debug("getExternalPartnersCountry for companyUserDTO {}",companyUserDTO); + String sanitizedCompany = StringEscapeUtils.escapeJava(companyUserDTO.toString()); + log.debug("getExternalPartnersCountry for companyUserDTO {}",sanitizedCompany); List businessPartnerDTOS; businessPartnerDTOS = businessPartnersLogicService.getExternalBusinessPartners(companyUserDTO,token,roles); List countryList = new ArrayList<>(); diff --git a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/RangeLogicService.java b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/RangeLogicService.java index b769dc4..37cd782 100644 --- a/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/RangeLogicService.java +++ b/src/main/java/org/eclipse/tractusx/valueaddedservice/service/logic/RangeLogicService.java @@ -20,6 +20,7 @@ package org.eclipse.tractusx.valueaddedservice.service.logic; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.text.StringEscapeUtils; import org.eclipse.tractusx.valueaddedservice.constants.VasConstants; import org.eclipse.tractusx.valueaddedservice.domain.enumeration.RangeType; import org.eclipse.tractusx.valueaddedservice.dto.CompanyUserDTO; @@ -40,7 +41,9 @@ public class RangeLogicService { RangeService rangeService; public void saveRanges(List rangeDTOS, CompanyUserDTO companyUserDTO) { - log.debug("saveRanges save new ranges {} for companyUser {}",rangeDTOS,companyUserDTO); + String sanitizedRange = StringEscapeUtils.escapeJava(rangeDTOS.toString()); + String sanitizedCompany = StringEscapeUtils.escapeJava(companyUserDTO.toString()); + log.debug("saveRanges save new ranges {} for companyUser {}",sanitizedRange,sanitizedCompany); List list = rangeService.getUserRanges(companyUserDTO); if (list.isEmpty()) { rangeDTOS.forEach(rangeDTO -> { @@ -57,7 +60,8 @@ public void saveRanges(List rangeDTOS, CompanyUserDTO companyUserDTO) @Cacheable(value = "vas-range", key = "{#root.methodName , {#companyUserDTO.name,#companyUserDTO.email,#companyUserDTO.companyName}}", unless = "#result == null") public List getUserRangesOrDefault(CompanyUserDTO companyUserDTO) { - log.debug("getUserRangesOrDefault get ranges for companyUser {}",companyUserDTO); + String sanitizedCompany = StringEscapeUtils.escapeJava(companyUserDTO.toString()); + log.debug("getUserRangesOrDefault get ranges for companyUser {}",sanitizedCompany); List ranges = rangeService.getUserRanges(companyUserDTO); if (!ranges.isEmpty()) { return ranges; diff --git a/src/main/java/org/eclipse/tractusx/valueaddedservice/web/rest/DashBoardResource.java b/src/main/java/org/eclipse/tractusx/valueaddedservice/web/rest/DashBoardResource.java index 40ce154..ea48803 100644 --- a/src/main/java/org/eclipse/tractusx/valueaddedservice/web/rest/DashBoardResource.java +++ b/src/main/java/org/eclipse/tractusx/valueaddedservice/web/rest/DashBoardResource.java @@ -29,6 +29,7 @@ import io.swagger.v3.oas.annotations.security.SecurityRequirements; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.text.StringEscapeUtils; import org.eclipse.tractusx.valueaddedservice.constants.VasConstants; import org.eclipse.tractusx.valueaddedservice.dto.*; import org.eclipse.tractusx.valueaddedservice.service.DashboardService; @@ -159,23 +160,24 @@ public ResponseEntity uploadFile( CompanyUserDTO companyUser, @Parameter(name = "file", description = "") @RequestPart(value = "file", required = false) MultipartFile file ) { - log.debug( "REST request to uploadCsv"); + log.debug("REST request to uploadCsv"); String message = ""; - message = VasConstants.UPLOAD_SUCCESS_MESSAGE + file.getOriginalFilename(); + String sanitizedFileName = StringEscapeUtils.escapeJava(file.getOriginalFilename()); + message = VasConstants.UPLOAD_SUCCESS_MESSAGE + sanitizedFileName; try { dashboardService.saveCsv(file, ratingName, companyUser, year, type); } catch (DataIntegrityViolationException e) { - message = VasConstants.UPLOAD_ERROR_MESSAGE + ratingName + "!"; - log.error( message); - log.error( VasConstants.ERROR_LOG + e.getMessage()); + + String sanitizedRatingName = StringEscapeUtils.escapeJava(ratingName); + message = VasConstants.UPLOAD_ERROR_MESSAGE + sanitizedRatingName + "!"; + log.error(message); + log.error(VasConstants.ERROR_LOG + e.getMessage()); return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new ResponseMessage(message)); } catch (Exception e) { - log.error( VasConstants.ERROR_LOG + e.getMessage()); + log.error(VasConstants.ERROR_LOG + e.getMessage()); return ResponseEntity.status(HttpStatus.NOT_ACCEPTABLE).body(new ResponseMessage(e.getMessage())); } return ResponseEntity.status(HttpStatus.OK).body(new ResponseMessage(message)); - - } @Operation(summary = "Retrieves current user ranges") @@ -254,18 +256,20 @@ public ResponseEntity> getReportsByCompanyUser(CompanyUserDTO co @ApiResponse(responseCode = "401", description = "Authentication Required", content = @Content)}) @PostMapping("/dashboard/saveReports") public ResponseEntity saveReports(@Valid @RequestBody ReportDTO reportDTO, CompanyUserDTO companyUserDTO) { - log.debug( "REST request to save reports"); + log.debug("REST request to save reports"); String message = ""; try { dashboardService.saveReportForUser(companyUserDTO, reportDTO); } catch (DataIntegrityViolationException e) { - message = "Could not upload the report duplicate name: " + reportDTO.getReportName() + "!"; - log.error( message); - log.error( "Error " + e.getMessage()); + String sanitizedReportName = StringEscapeUtils.escapeJava(reportDTO.getReportName()); + message = "Could not upload the report duplicate name: " + sanitizedReportName + "!"; + log.error(message); + log.error("Error " + e.getMessage()); return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new ResponseMessage(message)); } catch (Exception e) { - message = "Could not upload the report: " + reportDTO.getReportName() + "!"; - log.error( "Error " + e.getMessage()); + String sanitizedReportName = StringEscapeUtils.escapeJava(reportDTO.getReportName()); + message = "Could not upload the report: " + sanitizedReportName + "!"; + log.error("Error " + e.getMessage()); return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new ResponseMessage(message)); } return ResponseEntity.status(HttpStatus.OK).build(); @@ -281,13 +285,15 @@ public ResponseEntity shareReport(@Valid @RequestBody ReportDTO try { dashboardService.shareReportForUser(reportDTO); } catch (DataIntegrityViolationException e) { - message = "Could not upload the report duplicate name: " + reportDTO.getReportName() + "!"; - log.error( message); - log.error( "Error " + e.getMessage()); + String sanitizedReportName = StringEscapeUtils.escapeJava(reportDTO.getReportName()); + message = "Could not upload the report duplicate name: " + sanitizedReportName + "!"; + log.error(message); + log.error("Error " + e.getMessage()); return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new ResponseMessage(message)); } catch (Exception e) { - message = "Could not upload the report: " + reportDTO.getReportName() + "!"; - log.error( "Error " + e.getMessage()); + String sanitizedReportName = StringEscapeUtils.escapeJava(reportDTO.getReportName()); + message = "Could not upload the report: " + sanitizedReportName + "!"; + log.error("Error " + e.getMessage()); return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new ResponseMessage(message)); } return ResponseEntity.status(HttpStatus.NO_CONTENT).build(); diff --git a/src/test/java/org/eclipse/tractusx/valueaddedservice/rest/ReportApiIntegrationTest.java b/src/test/java/org/eclipse/tractusx/valueaddedservice/rest/ReportApiIntegrationTest.java index 6864f46..6c2d6c0 100644 --- a/src/test/java/org/eclipse/tractusx/valueaddedservice/rest/ReportApiIntegrationTest.java +++ b/src/test/java/org/eclipse/tractusx/valueaddedservice/rest/ReportApiIntegrationTest.java @@ -1,22 +1,22 @@ /******************************************************************************** -* Copyright (c) 2022,2024 BMW Group AG -* Copyright (c) 2022,2024 Contributors to the Eclipse Foundation -* -* See the NOTICE file(s) distributed with this work for additional -* information regarding copyright ownership. -* -* This program and the accompanying materials are made available under the -* terms of the Apache License, Version 2.0 which is available at -* https://www.apache.org/licenses/LICENSE-2.0. -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -* License for the specific language governing permissions and limitations -* under the License. -* -* SPDX-License-Identifier: Apache-2.0 -********************************************************************************/ + * Copyright (c) 2022,2024 BMW Group AG + * Copyright (c) 2022,2024 Contributors to the Eclipse Foundation + * + * See the NOTICE file(s) distributed with this work for additional + * information regarding copyright ownership. + * + * This program and the accompanying materials are made available under the + * terms of the Apache License, Version 2.0 which is available at + * https://www.apache.org/licenses/LICENSE-2.0. + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + * SPDX-License-Identifier: Apache-2.0 + ********************************************************************************/ package org.eclipse.tractusx.valueaddedservice.rest; import lombok.extern.slf4j.Slf4j; @@ -53,7 +53,7 @@ import static org.junit.jupiter.api.Assertions.assertNotEquals; @Slf4j -@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,classes = ValueAddedServiceApplication.class) +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = ValueAddedServiceApplication.class) @ContextConfiguration(initializers = PostgreSQLContextInitializer.class) class ReportApiIntegrationTest { @@ -71,18 +71,18 @@ class ReportApiIntegrationTest { @Autowired CompanyUserRepository companyUserRepository; - private Map getMap() throws IOException { - Map map = new HashMap<>(); - map.put("companyName","TestCompany"); - map.put("name","John"); - map.put("email","john@email.com"); + private Map getMap() throws IOException { + Map map = new HashMap<>(); + map.put("companyName", "TestCompany"); + map.put("name", "John"); + map.put("email", "john@email.com"); map.put("ratingName", "testRating123"); return map; } @AfterEach - public void cleanReports(){ + public void cleanReports() { reportValuesRepository.deleteAll(); reportRepository.deleteAll(); companyUserRepository.deleteAll(); @@ -90,19 +90,19 @@ public void cleanReports(){ } @Test - void saveReports () throws Exception { + void saveReports() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity requestEntity = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); // ############# Get API ############## UriTemplate uriTemplateGet = new UriTemplate("/api/dashboard/getReportsByCompanyUser?name={name}&companyName={companyName}&email={email}"); @@ -110,13 +110,14 @@ void saveReports () throws Exception { RequestEntity requestEntityGet = new RequestEntity(HttpMethod.GET, uriGet); - ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() { + }); - assertEquals(HttpStatus.OK,responseEntityGet.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntityGet.getStatusCode()); List reportDTOSize = responseEntityGet.getBody(); - assertNotEquals(0,reportDTOSize.size()); + assertNotEquals(0, reportDTOSize.size()); } @@ -126,40 +127,40 @@ void errorOnReport() throws IOException { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity requestEntity = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); //################## Duplicated Name on Report ############## RequestEntity requestEntityDupe = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); - ResponseEntity responseEntityDupe = testRestTemplate.exchange(requestEntityDupe,String.class); + ResponseEntity responseEntityDupe = testRestTemplate.exchange(requestEntityDupe, String.class); - assertEquals(HttpStatus.BAD_REQUEST,responseEntityDupe.getStatusCode()); + assertEquals(HttpStatus.BAD_REQUEST, responseEntityDupe.getStatusCode()); } @Test - void getReportsValueByReport () throws Exception { + void getReportsValueByReport() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity requestEntity = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); - ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity,ResponseMessage.class); + ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); // ############# Get API ############## UriTemplate uriTemplate = new UriTemplate("/api/dashboard/getReportsByCompanyUser?name={name}&companyName={companyName}&email={email}"); @@ -167,18 +168,19 @@ void getReportsValueByReport () throws Exception { RequestEntity requestEntityGet = new RequestEntity(HttpMethod.GET, uriGet); - ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() { + }); - assertEquals(HttpStatus.OK,responseEntityGet.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntityGet.getStatusCode()); List reportDTOSize = responseEntityGet.getBody(); - assertNotEquals(0,reportDTOSize.size()); + assertNotEquals(0, reportDTOSize.size()); reportDTO.setId(reportDTOSize.get(0).getId()); // ######## ReportsByReport ####### - UriTemplate uriTemplateByReport= + UriTemplate uriTemplateByReport = new UriTemplate("/api/dashboard/getReportsValueByReport?id={id}&" + "reportName={reportName}&" + "companyUserName={companyUserName}&" + @@ -187,12 +189,12 @@ void getReportsValueByReport () throws Exception { "email={email}" + "&type={type}"); - Map mapByReport = new HashMap<>(); - mapByReport.put("id",reportDTO.getId()); - mapByReport.put("reportName",reportDTO.getReportName()); - mapByReport.put("companyUserName",reportDTO.getCompanyUserName()); - mapByReport.put("companyName",reportDTO.getCompany()); - mapByReport.put("type",reportDTO.getType()); + Map mapByReport = new HashMap<>(); + mapByReport.put("id", reportDTO.getId()); + mapByReport.put("reportName", reportDTO.getReportName()); + mapByReport.put("companyUserName", reportDTO.getCompanyUserName()); + mapByReport.put("companyName", reportDTO.getCompany()); + mapByReport.put("type", reportDTO.getType()); mapByReport.putAll(map); URI uriByReport = uriTemplateByReport.expand(mapByReport); @@ -201,11 +203,11 @@ void getReportsValueByReport () throws Exception { ResponseEntity> responseEntityByReport = testRestTemplate.exchange(requestByReport, new ParameterizedTypeReference<>() {}); List listByReport = responseEntityByReport.getBody(); - assertEquals(HttpStatus.OK,responseEntityByReport.getStatusCode()); - assertNotEquals(0,listByReport.size()); + assertEquals(HttpStatus.OK, responseEntityByReport.getStatusCode()); + assertNotEquals(0, listByReport.size()); } - private ReportDTO createReport(){ + private ReportDTO createReport() { List list = new ArrayList<>(); list.add("value"); @@ -227,7 +229,7 @@ private ReportDTO createReport(){ } //Update Report Object - private ReportDTO createReportUpdate(){ + private ReportDTO createReportUpdate() { List list = new ArrayList<>(); list.add("valueUpdate"); @@ -249,19 +251,19 @@ private ReportDTO createReportUpdate(){ } @Test - void saveReportsAndDelete () throws Exception { + void saveReportsAndDelete() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity requestEntity = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); // ############# Get API ############## UriTemplate uriTemplateGet = new UriTemplate("/api/dashboard/getReportsByCompanyUser?name={name}&companyName={companyName}&email={email}"); @@ -269,46 +271,47 @@ void saveReportsAndDelete () throws Exception { RequestEntity requestEntityGet = new RequestEntity(HttpMethod.GET, uriGet); - ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() { + }); - assertEquals(HttpStatus.OK,responseEntityGet.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntityGet.getStatusCode()); List reportDTOSize = responseEntityGet.getBody(); - assertNotEquals(0,reportDTOSize.size()); + assertNotEquals(0, reportDTOSize.size()); // ############# Delete API ############## UriTemplate uriTemplateDelete = new UriTemplate("/api/dashboard/deleteReport/{id}?name={name}&companyName={companyName}&email={email}"); - map.put("id",reportDTOSize.get(0).getId()); + map.put("id", reportDTOSize.get(0).getId()); URI uriDelete = uriTemplateDelete.expand(map); RequestEntity request = new RequestEntity(HttpMethod.DELETE, uriDelete); - ResponseEntity responseEntityDelete = testRestTemplate.exchange(request, new ParameterizedTypeReference<>() {}); - - assertEquals(HttpStatus.NO_CONTENT,responseEntityDelete.getStatusCode()); + ResponseEntity responseEntityDelete = testRestTemplate.exchange(request, new ParameterizedTypeReference<>() { + }); + assertEquals(HttpStatus.NO_CONTENT, responseEntityDelete.getStatusCode()); } @Test - void saveReportsAndUpdate () throws Exception { + void saveReportsAndUpdate() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity requestEntity = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); // ############# Get API ############## UriTemplate uriTemplateGet = new UriTemplate("/api/dashboard/getReportsByCompanyUser?name={name}&companyName={companyName}&email={email}"); @@ -316,13 +319,14 @@ void saveReportsAndUpdate () throws Exception { RequestEntity requestEntityGet = new RequestEntity(HttpMethod.GET, uriGet); - ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() { + }); - assertEquals(HttpStatus.OK,responseEntityGet.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntityGet.getStatusCode()); List reportDTOSize = responseEntityGet.getBody(); - assertNotEquals(0,reportDTOSize.size()); + assertNotEquals(0, reportDTOSize.size()); // ############# Update API ############## //reportValuesDTO name changed from ReportValues to ReportValuesUpdated @@ -337,12 +341,12 @@ void saveReportsAndUpdate () throws Exception { ResponseEntity responseEntityUpdate = testRestTemplate.exchange(requestEntityUpdate, ResponseMessage.class); - assertEquals(HttpStatus.NO_CONTENT,responseEntityUpdate.getStatusCode()); + assertEquals(HttpStatus.NO_CONTENT, responseEntityUpdate.getStatusCode()); // ############# Get Update Report Values ############## reportDTO.setId(reportDTOSize.get(0).getId()); - UriTemplate uriTemplateByReport= + UriTemplate uriTemplateByReport = new UriTemplate("/api/dashboard/getReportsValueByReport?id={id}&" + "reportName={reportName}&" + "companyUserName={companyUserName}&" + @@ -351,39 +355,40 @@ void saveReportsAndUpdate () throws Exception { "email={email}" + "&type={type}"); - Map mapByReport = new HashMap<>(); - mapByReport.put("id",reportDTO.getId()); - mapByReport.put("reportName",reportDTO.getReportName()); - mapByReport.put("companyUserName",reportDTO.getCompanyUserName()); - mapByReport.put("companyName",reportDTO.getCompany()); - mapByReport.put("type",reportDTO.getType()); + Map mapByReport = new HashMap<>(); + mapByReport.put("id", reportDTO.getId()); + mapByReport.put("reportName", reportDTO.getReportName()); + mapByReport.put("companyUserName", reportDTO.getCompanyUserName()); + mapByReport.put("companyName", reportDTO.getCompany()); + mapByReport.put("type", reportDTO.getType()); mapByReport.putAll(map); URI uriByReport = uriTemplateByReport.expand(mapByReport); RequestEntity requestByReport = RequestEntity .get(uriByReport).build(); - ResponseEntity> responseEntityByReport = testRestTemplate.exchange(requestByReport, new ParameterizedTypeReference<>() {}); - List listByReport = responseEntityByReport.getBody(); + ResponseEntity> responseEntityByReport = testRestTemplate.exchange(requestByReport, new ParameterizedTypeReference<>() { + }); + List listByReport = responseEntityByReport.getBody(); - assertEquals(HttpStatus.OK,responseEntityByReport.getStatusCode()); - assertNotEquals(0,listByReport.size()); + assertEquals(HttpStatus.OK, responseEntityByReport.getStatusCode()); + assertNotEquals(0, listByReport.size()); assertEquals("ReportValuesUpdated", listByReport.get(0).getName()); } @Test - void saveReportsAndDeleteOtherUserError () throws Exception { + void saveReportsAndDeleteOtherUserError() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity requestEntity = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); // ############# Get API ############## UriTemplate uriTemplateGet = new UriTemplate("/api/dashboard/getReportsByCompanyUser?name={name}&companyName={companyName}&email={email}"); @@ -391,65 +396,64 @@ void saveReportsAndDeleteOtherUserError () throws Exception { RequestEntity requestEntityGet = new RequestEntity(HttpMethod.GET, uriGet); - ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() { + }); - assertEquals(HttpStatus.OK,responseEntityGet.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntityGet.getStatusCode()); List reportDTOSize = responseEntityGet.getBody(); - assertNotEquals(0,reportDTOSize.size()); + assertNotEquals(0, reportDTOSize.size()); // ############# Delete API ############## - UriTemplate uriTemplateDelete = new UriTemplate("/api/dashboard/deleteReport/{id}?name={name}&companyName={companyName}&email={email}"); - map.put("id",reportDTOSize.get(0).getId()); - map.put("name","Not John"); - URI uriDelete = uriTemplateDelete.expand(map); - - - RequestEntity request = new RequestEntity(HttpMethod.DELETE, uriDelete); - - ResponseEntity responseEntityDelete = testRestTemplate.exchange(request, new ParameterizedTypeReference<>() {}); + webTestClient.delete() + .uri(uriBuilder -> uriBuilder.path("/api/dashboard/deleteReport/{id}") + .queryParam("name", "Not John") // Updated name to "Not John" + .queryParam("companyName", map.get("companyName")) + .queryParam("email", map.get("email")) + .build(reportDTOSize.get(0).getId())).exchange() + .expectStatus().isEqualTo(HttpStatus.UNAUTHORIZED); - assertEquals(HttpStatus.UNAUTHORIZED,responseEntityDelete.getStatusCode()); } @Test - void deleteNonExistReportError () throws Exception { + void deleteNonExistReportError() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); + Map map = getMap(); // ############# Delete API ############## UriTemplate uriTemplateDelete = new UriTemplate("/api/dashboard/deleteReport/{id}?name={name}&companyName={companyName}&email={email}"); - map.put("id",Integer.MAX_VALUE); + map.put("id", Integer.MAX_VALUE); URI uriDelete = uriTemplateDelete.expand(map); RequestEntity request = new RequestEntity(HttpMethod.DELETE, uriDelete); - ResponseEntity responseEntityDelete = testRestTemplate.exchange(request, new ParameterizedTypeReference<>() {}); + ResponseEntity responseEntityDelete = testRestTemplate.exchange(request, new ParameterizedTypeReference<>() { + }); - assertEquals(HttpStatus.NOT_FOUND,responseEntityDelete.getStatusCode()); + assertEquals(HttpStatus.NOT_FOUND, responseEntityDelete.getStatusCode()); } @Test - void saveReportsAndShare () throws Exception { + void saveReportsAndShare() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity requestEntity = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); // ############# Get API ############## UriTemplate uriTemplateGet = new UriTemplate("/api/dashboard/getReportsByCompanyUser?name={name}&companyName={companyName}&email={email}"); @@ -457,13 +461,14 @@ void saveReportsAndShare () throws Exception { RequestEntity requestEntityGet = new RequestEntity(HttpMethod.GET, uriGet); - ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() { + }); - assertEquals(HttpStatus.OK,responseEntityGet.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntityGet.getStatusCode()); List reportDTOSize = responseEntityGet.getBody(); - assertNotEquals(0,reportDTOSize.size()); + assertNotEquals(0, reportDTOSize.size()); // ############# Share the Created Report ############## @@ -487,26 +492,26 @@ void saveReportsAndShare () throws Exception { ResponseEntity responseEntityUpdate = testRestTemplate.exchange(requestEntityUpdate, ResponseMessage.class); - assertEquals(HttpStatus.NO_CONTENT,responseEntityUpdate.getStatusCode()); + assertEquals(HttpStatus.NO_CONTENT, responseEntityUpdate.getStatusCode()); } @Test - void saveReportsAndShareDuplicatedError () throws Exception { + void saveReportsAndShareDuplicatedError() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity requestEntity = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); // ############# Get API ############## UriTemplate uriTemplateGet = new UriTemplate("/api/dashboard/getReportsByCompanyUser?name={name}&companyName={companyName}&email={email}"); @@ -514,13 +519,14 @@ void saveReportsAndShareDuplicatedError () throws Exception { RequestEntity requestEntityGet = new RequestEntity(HttpMethod.GET, uriGet); - ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() { + }); - assertEquals(HttpStatus.OK,responseEntityGet.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntityGet.getStatusCode()); List reportDTOSize = responseEntityGet.getBody(); - assertNotEquals(0,reportDTOSize.size()); + assertNotEquals(0, reportDTOSize.size()); // ############# Share the Created Report ############## @@ -544,20 +550,20 @@ void saveReportsAndShareDuplicatedError () throws Exception { ResponseEntity responseEntityUpdate = testRestTemplate.exchange(requestEntityUpdate, ResponseMessage.class); - assertEquals(HttpStatus.NO_CONTENT,responseEntityUpdate.getStatusCode()); + assertEquals(HttpStatus.NO_CONTENT, responseEntityUpdate.getStatusCode()); ResponseEntity responseError = testRestTemplate.exchange(requestEntityUpdate, ResponseMessage.class); - assertEquals(HttpStatus.BAD_REQUEST,responseError.getStatusCode()); + assertEquals(HttpStatus.BAD_REQUEST, responseError.getStatusCode()); } @Test - void UpdateNonExistReportError () throws Exception { + void UpdateNonExistReportError() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); - Map map = getMap(); + Map map = getMap(); // ############# Update API ############## //reportValuesDTO name changed from ReportValues to ReportValuesUpdated @@ -572,16 +578,16 @@ void UpdateNonExistReportError () throws Exception { ResponseEntity responseEntityUpdate = testRestTemplate.exchange(requestEntityUpdate, ResponseMessage.class); - assertEquals(HttpStatus.NOT_FOUND,responseEntityUpdate.getStatusCode()); + assertEquals(HttpStatus.NOT_FOUND, responseEntityUpdate.getStatusCode()); } @Test - //Share a Report when the user is not in the DB - void ShareReportNoUserFoundError () throws Exception { + //Share a Report when the user is not in the DB + void ShareReportNoUserFoundError() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); - Map map = getMap(); + Map map = getMap(); ReportDTO reportDTOShare = createReport(); @@ -596,7 +602,7 @@ void ShareReportNoUserFoundError () throws Exception { ResponseEntity responseEntityUpdate = testRestTemplate.exchange(requestEntityUpdate, ResponseMessage.class); - assertEquals(HttpStatus.BAD_REQUEST,responseEntityUpdate.getStatusCode()); + assertEquals(HttpStatus.BAD_REQUEST, responseEntityUpdate.getStatusCode()); } @@ -605,15 +611,15 @@ void saveReportsAndUpdateUnauthorized() throws Exception { HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); ReportDTO reportDTO = createReport(); - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/saveReports?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity requestEntity = new RequestEntity(reportDTO, headers, HttpMethod.POST, uri); ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); // ############# Get API ############## UriTemplate uriTemplateGet = new UriTemplate("/api/dashboard/getReportsByCompanyUser?name={name}&companyName={companyName}&email={email}"); @@ -621,13 +627,14 @@ void saveReportsAndUpdateUnauthorized() throws Exception { RequestEntity requestEntityGet = new RequestEntity(HttpMethod.GET, uriGet); - ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseEntityGet = testRestTemplate.exchange(requestEntityGet, new ParameterizedTypeReference<>() { + }); - assertEquals(HttpStatus.OK,responseEntityGet.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntityGet.getStatusCode()); List reportDTOSize = responseEntityGet.getBody(); - assertNotEquals(0,reportDTOSize.size()); + assertNotEquals(0, reportDTOSize.size()); // ############# Delete API ############## diff --git a/src/test/java/org/eclipse/tractusx/valueaddedservice/rest/UploadAndDownloadApiIntegrationTest.java b/src/test/java/org/eclipse/tractusx/valueaddedservice/rest/UploadAndDownloadApiIntegrationTest.java index 83b41de..ba8baff 100644 --- a/src/test/java/org/eclipse/tractusx/valueaddedservice/rest/UploadAndDownloadApiIntegrationTest.java +++ b/src/test/java/org/eclipse/tractusx/valueaddedservice/rest/UploadAndDownloadApiIntegrationTest.java @@ -1,22 +1,22 @@ /******************************************************************************** -* Copyright (c) 2022,2024 BMW Group AG -* Copyright (c) 2022,2024 Contributors to the Eclipse Foundation -* -* See the NOTICE file(s) distributed with this work for additional -* information regarding copyright ownership. -* -* This program and the accompanying materials are made available under the -* terms of the Apache License, Version 2.0 which is available at -* https://www.apache.org/licenses/LICENSE-2.0. -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -* License for the specific language governing permissions and limitations -* under the License. -* -* SPDX-License-Identifier: Apache-2.0 -********************************************************************************/ + * Copyright (c) 2022,2024 BMW Group AG + * Copyright (c) 2022,2024 Contributors to the Eclipse Foundation + * + * See the NOTICE file(s) distributed with this work for additional + * information regarding copyright ownership. + * + * This program and the accompanying materials are made available under the + * terms of the Apache License, Version 2.0 which is available at + * https://www.apache.org/licenses/LICENSE-2.0. + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + * SPDX-License-Identifier: Apache-2.0 + ********************************************************************************/ package org.eclipse.tractusx.valueaddedservice.rest; import lombok.extern.slf4j.Slf4j; @@ -36,6 +36,7 @@ import org.springframework.core.ParameterizedTypeReference; import org.springframework.http.*; import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.web.reactive.server.WebTestClient; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.MultiValueMap; @@ -54,7 +55,7 @@ import static org.junit.jupiter.api.Assertions.assertNotEquals; @Slf4j -@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,classes = ValueAddedServiceApplication.class) +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = ValueAddedServiceApplication.class) @ContextConfiguration(initializers = PostgreSQLContextInitializer.class) class UploadAndDownloadApiIntegrationTest { @@ -70,12 +71,14 @@ class UploadAndDownloadApiIntegrationTest { @Autowired private DataSourceMapper dataSourceMapper; + @Autowired + private WebTestClient webTestClient; - private Map getMap() throws IOException { - Map map = new HashMap<>(); - map.put("companyName","TestCompany"); - map.put("name","John"); - map.put("email","John@email.com"); + private Map getMap() throws IOException { + Map map = new HashMap<>(); + map.put("companyName", "TestCompany"); + map.put("name", "John"); + map.put("email", "John@email.com"); return map; } @@ -84,8 +87,8 @@ private Map getMap() throws IOException { @Test void uploadCsv() throws Exception { - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); HttpHeaders headers = new HttpHeaders(); @@ -109,9 +112,9 @@ void uploadCsv() throws Exception { RequestEntity requestEntity = new RequestEntity(body, headers, HttpMethod.POST, uri); - ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity,ResponseMessage.class); + ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); //Get Current Year map.put("year", Calendar.getInstance().get(Calendar.YEAR)); @@ -121,10 +124,11 @@ void uploadCsv() throws Exception { URI uriRatings = uritemplateRatings.expand(map); RequestEntity requestRatings = RequestEntity .get(uriRatings).build(); - ResponseEntity> responseRatings = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseRatings = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() { + }); List dataSourceDTOList = responseRatings.getBody(); - assertNotEquals(0,dataSourceDTOList.size()); + assertNotEquals(0, dataSourceDTOList.size()); DataSourceDTO dataSourceDTO = dataSourceDTOList.get(0); assertEquals(VasConstants.HEADER_CSV_NAME, dataSourceDTO.getFileName()); @@ -137,24 +141,24 @@ void uploadCsv() throws Exception { @Transactional void getDataSourceTemplate() throws Exception { - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/getTemplate?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/getTemplate?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); RequestEntity request = RequestEntity .get(uri).accept(MediaType.APPLICATION_OCTET_STREAM).build(); - ResponseEntity responseEntity = testRestTemplate.exchange(request,String.class); - String data = responseEntity.getBody(); + ResponseEntity responseEntity = testRestTemplate.exchange(request, String.class); + String data = responseEntity.getBody(); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); - assertNotEquals(0,data.length()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); + assertNotEquals(0, data.length()); } @Test void errorOnUpload() throws Exception { - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); HttpHeaders headers = new HttpHeaders(); @@ -180,9 +184,9 @@ void errorOnUpload() throws Exception { RequestEntity requestEntity = new RequestEntity(body, headers, HttpMethod.POST, uri); - ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity,ResponseMessage.class); + ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); //Get Current Year map.put("year", Calendar.getInstance().get(Calendar.YEAR)); @@ -192,18 +196,19 @@ void errorOnUpload() throws Exception { URI uriRatings = uritemplateRatings.expand(map); RequestEntity requestRatings = RequestEntity .get(uriRatings).build(); - ResponseEntity> responseRatings = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseRatings = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() { + }); List dataSourceDTOList = responseRatings.getBody(); - assertNotEquals(0,dataSourceDTOList.size()); + assertNotEquals(0, dataSourceDTOList.size()); DataSourceDTO dataSourceDTO = dataSourceDTOList.get(0); assertEquals(VasConstants.HEADER_CSV_NAME_ERROR, dataSourceDTO.getFileName()); - responseEntity = testRestTemplate.exchange(requestEntity,ResponseMessage.class); + responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.BAD_REQUEST,responseEntity.getStatusCode()); + assertEquals(HttpStatus.BAD_REQUEST, responseEntity.getStatusCode()); cleanDataSources(dataSourceDTO); } @@ -211,8 +216,8 @@ void errorOnUpload() throws Exception { @Test void uploadCsvAndDeleteCSV() throws Exception { - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); HttpHeaders headers = new HttpHeaders(); @@ -236,9 +241,9 @@ void uploadCsvAndDeleteCSV() throws Exception { RequestEntity requestEntity = new RequestEntity(body, headers, HttpMethod.POST, uri); - ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity,ResponseMessage.class); + ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); //Get Current Year map.put("year", Calendar.getInstance().get(Calendar.YEAR)); @@ -248,22 +253,24 @@ void uploadCsvAndDeleteCSV() throws Exception { URI uriRatings = uriTemplateRatings.expand(map); RequestEntity requestRatings = RequestEntity .get(uriRatings).build(); - ResponseEntity> responseRatings = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseRatings = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() { + }); List dataSourceDTOList = responseRatings.getBody(); - assertNotEquals(0,dataSourceDTOList.size()); + assertNotEquals(0, dataSourceDTOList.size()); DataSourceDTO dataSourceDTO = dataSourceDTOList.get(0); assertEquals(VasConstants.HEADER_CSV_NAME, dataSourceDTO.getFileName()); uriTemplateRatings = new UriTemplate("/api/dashboard/deleteRating/{id}?name={name}&companyName={companyName}&email={email}"); - map.put("id",dataSourceDTO.getId()); + map.put("id", dataSourceDTO.getId()); uriRatings = uriTemplateRatings.expand(map); requestRatings = RequestEntity .delete(uriRatings).build(); - int status = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() {}).getStatusCode().value(); - assertEquals(HttpStatus.NO_CONTENT.value(),status); + int status = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() { + }).getStatusCode().value(); + assertEquals(HttpStatus.NO_CONTENT.value(), status); } @@ -271,8 +278,8 @@ void uploadCsvAndDeleteCSV() throws Exception { @Test void uploadCsvAndDeleteCSVFromOtherUserError() throws Exception { - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); HttpHeaders headers = new HttpHeaders(); @@ -296,9 +303,9 @@ void uploadCsvAndDeleteCSVFromOtherUserError() throws Exception { RequestEntity requestEntity = new RequestEntity(body, headers, HttpMethod.POST, uri); - ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity,ResponseMessage.class); + ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.OK,responseEntity.getStatusCode()); + assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); //Get Current Year map.put("year", Calendar.getInstance().get(Calendar.YEAR)); @@ -308,23 +315,35 @@ void uploadCsvAndDeleteCSVFromOtherUserError() throws Exception { URI uriRatings = uriTemplateRatings.expand(map); RequestEntity requestRatings = RequestEntity .get(uriRatings).build(); - ResponseEntity> responseRatings = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() {}); + ResponseEntity> responseRatings = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() { + }); List dataSourceDTOList = responseRatings.getBody(); - assertNotEquals(0,dataSourceDTOList.size()); + assertNotEquals(0, dataSourceDTOList.size()); DataSourceDTO dataSourceDTO = dataSourceDTOList.get(0); assertEquals(VasConstants.HEADER_CSV_NAME, dataSourceDTO.getFileName()); - uriTemplateRatings = new UriTemplate("/api/dashboard/deleteRating/{id}?name={name}&companyName={companyName}&email={email}"); - map.put("id",dataSourceDTO.getId()); - map.put("name","Not john"); - uriRatings = uriTemplateRatings.expand(map); - requestRatings = RequestEntity - .delete(uriRatings).build(); - int status = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() {}).getStatusCode().value(); - assertEquals(HttpStatus.UNAUTHORIZED.value(),status); + // Assuming dataSourceDTO and map are already defined and populated as needed + map = new HashMap<>(); + map.put("id", dataSourceDTO.getId()); // Assuming dataSourceDTO is defined elsewhere + map.put("name", "Not john"); // Overriding the name in the map + map.put("companyName", "YourCompanyName"); // Assuming value is set + map.put("email", "email@example.com"); // Assuming value is set + + + Map finalMap = map; + + webTestClient.delete() + .uri(uriBuilder -> uriBuilder.path("/api/dashboard/deleteRating/{id}") + .queryParam("name", finalMap.get("name")) + .queryParam("companyName", finalMap.get("companyName")) + .queryParam("email", finalMap.get("email")) + .build(finalMap.get("id"))) + .exchange() + .expectStatus().isEqualTo(HttpStatus.UNAUTHORIZED); + cleanDataSources(dataSourceDTO); } @@ -332,24 +351,25 @@ void uploadCsvAndDeleteCSVFromOtherUserError() throws Exception { @Test void uploadCsvAndDeleteCSVNotFoundError() throws Exception { - Map map = getMap(); + Map map = getMap(); UriTemplate uriTemplateRatings = new UriTemplate("/api/dashboard/deleteRating/{id}?name={name}&companyName={companyName}&email={email}"); - map.put("id",Integer.MAX_VALUE); + map.put("id", Integer.MAX_VALUE); URI uriRatings = uriTemplateRatings.expand(map); RequestEntity requestRatings = RequestEntity .delete(uriRatings).build(); - int status = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() {}).getStatusCode().value(); - assertEquals(HttpStatus.NOT_FOUND.value(),status); + int status = testRestTemplate.exchange(requestRatings, new ParameterizedTypeReference<>() { + }).getStatusCode().value(); + assertEquals(HttpStatus.NOT_FOUND.value(), status); } @Test void uploadCsvWithErrorOnScore() throws Exception { - Map map = getMap(); - UriTemplate uritemplate= new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); + Map map = getMap(); + UriTemplate uritemplate = new UriTemplate("/api/dashboard/uploadCsv?name={name}&companyName={companyName}&email={email}"); URI uri = uritemplate.expand(map); HttpHeaders headers = new HttpHeaders(); @@ -373,9 +393,9 @@ void uploadCsvWithErrorOnScore() throws Exception { RequestEntity requestEntity = new RequestEntity(body, headers, HttpMethod.POST, uri); - ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity,ResponseMessage.class); + ResponseEntity responseEntity = testRestTemplate.exchange(requestEntity, ResponseMessage.class); - assertEquals(HttpStatus.NOT_ACCEPTABLE,responseEntity.getStatusCode()); + assertEquals(HttpStatus.NOT_ACCEPTABLE, responseEntity.getStatusCode()); } @@ -385,7 +405,7 @@ private void cleanDataSources(DataSourceDTO dataSourceDTO) { List deleteList = dataSourceValueRepository.findByDataSource(dataSourceMapper.toEntity(dataSourceDTO)); - assertNotEquals(0,deleteList.size()); + assertNotEquals(0, deleteList.size()); dataSourceValueRepository.deleteAll(deleteList); diff --git a/src/test/java/org/eclipse/tractusx/valueaddedservice/service/logic/CountryLogicServiceTest.java b/src/test/java/org/eclipse/tractusx/valueaddedservice/service/logic/CountryLogicServiceTest.java index 6fe2324..ff5be02 100644 --- a/src/test/java/org/eclipse/tractusx/valueaddedservice/service/logic/CountryLogicServiceTest.java +++ b/src/test/java/org/eclipse/tractusx/valueaddedservice/service/logic/CountryLogicServiceTest.java @@ -136,7 +136,7 @@ void getCountryFilterByISO2ShouldReturnListOfCountriesFilteredByISO2AndTotalBusi @Test @DisplayName("Should return an empty list when the companyuserdto is null") void getAssociatedCountriesWhenCompanyUserDTONullThenReturnEmptyList() { - CompanyUserDTO companyUserDTO = null; + CompanyUserDTO companyUserDTO = new CompanyUserDTO(); List countryDTOList = countryLogicService.getAssociatedCountries(companyUserDTO, "", new ArrayList<>()); assertTrue(countryDTOList.isEmpty()); @@ -150,9 +150,6 @@ void getAssociatedCountriesWhenCompanyUserDTONotNullThenReturnListOfCountries() companyUserDTO.setEmail("john@email.com"); companyUserDTO.setCompanyName("TestCompany"); - List countryList = new ArrayList<>(); - countryList.add("Germany"); - countryList.add("France"); List countryDTOList = new ArrayList<>(); CountryDTO countryDTO = new CountryDTO(); diff --git a/src/test/java/org/eclipse/tractusx/valueaddedservice/service/logic/DataSourceLogicServiceTest.java b/src/test/java/org/eclipse/tractusx/valueaddedservice/service/logic/DataSourceLogicServiceTest.java index f8aa493..54be352 100644 --- a/src/test/java/org/eclipse/tractusx/valueaddedservice/service/logic/DataSourceLogicServiceTest.java +++ b/src/test/java/org/eclipse/tractusx/valueaddedservice/service/logic/DataSourceLogicServiceTest.java @@ -49,7 +49,7 @@ class DataSourceLogicServiceTest { @Test @DisplayName("Should return an empty list when the companyuserdto is null") void findRatingsByCompanyUserWhenCompanyUserDTOIsNull() { - CompanyUserDTO companyUserDTO = null; + CompanyUserDTO companyUserDTO = new CompanyUserDTO(); List dataSourceDTOS = dataSourceLogicService.findRatingsByCompanyUser(companyUserDTO); assertTrue(dataSourceDTOS.isEmpty());