Skip to content

Commit

Permalink
Merge pull request #1213 from catenax-ng/feature/783-reject-notificat…
Browse files Browse the repository at this point in the history
…ion-to-own-bpn

chore(validation): 783 reject notification when sender is receiver (BPN)
  • Loading branch information
ds-lcapellino authored May 7, 2024
2 parents d612254 + df06caf commit 877414d
Show file tree
Hide file tree
Showing 8 changed files with 67 additions and 24 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ _**For better traceability add the corresponding GitHub issue number in each cha
- #844 Validation for BPN to Notification API (Create / Edit), Fixed pagination
- #726 Added @Preauthorize annotation to dashboard controller
- #837 Added digital twin type to data provisioning workflow to be able to lookup shells created by trace-x
- #783 Validation that receiver of a notification must not be same as sender.

### Changed
- #844 Prefilled bpn on investigation creation
Expand Down
4 changes: 2 additions & 2 deletions DEPENDENCIES_FRONTEND
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@ npm/npmjs/-/d3-timer/3.0.1, ISC, approved, clearlydefined
npm/npmjs/-/d3-transition/3.0.1, ISC, approved, clearlydefined
npm/npmjs/-/d3-zoom/3.0.0, ISC, approved, clearlydefined
npm/npmjs/-/d3/7.8.4, ISC, approved, clearlydefined
npm/npmjs/-/dashdash/1.14.1, MIT, restricted, clearlydefined
npm/npmjs/-/dashdash/1.14.1, MIT AND CDDL-1.0, approved, #14596
npm/npmjs/-/data-urls/2.0.0, MIT, approved, clearlydefined
npm/npmjs/-/date-format/4.0.14, MIT, approved, clearlydefined
npm/npmjs/-/dayjs/1.11.7, MIT, approved, #9149
Expand Down Expand Up @@ -592,7 +592,7 @@ npm/npmjs/-/js-tokens/4.0.0, MIT, approved, #2401
npm/npmjs/-/js-yaml/3.14.1, MIT, approved, clearlydefined
npm/npmjs/-/js-yaml/4.1.0, MIT, approved, clearlydefined
npm/npmjs/-/js2xmlparser/4.0.2, Apache-2.0, approved, clearlydefined
npm/npmjs/-/jsbn/0.1.1, MIT, restricted, clearlydefined
npm/npmjs/-/jsbn/0.1.1, LicenseRef-scancode-mit-addition AND MIT, restricted, #14597
npm/npmjs/-/jsdoc-type-pratt-parser/4.0.0, MIT, approved, clearlydefined
npm/npmjs/-/jsdom/16.7.0, LGPL-2.0-or-later AND MIT, approved, #1370
npm/npmjs/-/jsesc/0.5.0, MIT, approved, clearlydefined
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@
import org.eclipse.tractusx.traceability.discovery.infrastructure.exception.DiscoveryFinderException;
import org.eclipse.tractusx.traceability.notification.application.contract.model.CreateNotificationContractException;
import org.eclipse.tractusx.traceability.notification.application.notification.validation.UpdateNotificationValidationException;
import org.eclipse.tractusx.traceability.notification.domain.notification.exception.NotificationSenderAndReceiverBPNEqualException;
import org.eclipse.tractusx.traceability.notification.domain.notification.exception.NotificationNotFoundException;
import org.eclipse.tractusx.traceability.notification.domain.notification.exception.NotificationIllegalUpdate;
import org.eclipse.tractusx.traceability.notification.domain.base.exception.SendNotificationException;
Expand Down Expand Up @@ -180,6 +181,13 @@ ResponseEntity<ErrorResponse> handleInvestigationReceiverBpnMismatchException(In
.body(new ErrorResponse(exception.getMessage()));
}

@ExceptionHandler(NotificationSenderAndReceiverBPNEqualException.class)
ResponseEntity<ErrorResponse> handleNotificationSenderAndReceiverBPNEqualException(NotificationSenderAndReceiverBPNEqualException exception) {
log.warn("handleNotificationSenderAndReceiverBPNEqualException", exception);
return ResponseEntity.status(HttpStatus.BAD_REQUEST)
.body(new ErrorResponse(exception.getMessage()));
}

@ExceptionHandler(SendNotificationException.class)
ResponseEntity<ErrorResponse> handleSendNotificationException(SendNotificationException exception) {
log.warn("handleSendNotificationException", exception);
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
/********************************************************************************
* Copyright (c) 2024 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
*
* This program and the accompanying materials are made available under the
* terms of the Apache License, Version 2.0 which is available at
* https://www.apache.org/licenses/LICENSE-2.0.
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*
* SPDX-License-Identifier: Apache-2.0
********************************************************************************/

package org.eclipse.tractusx.traceability.notification.domain.notification.exception;

import org.eclipse.tractusx.traceability.common.model.BPN;

public class NotificationSenderAndReceiverBPNEqualException extends IllegalArgumentException {

public NotificationSenderAndReceiverBPNEqualException(String message) {
super(message);
}

public NotificationSenderAndReceiverBPNEqualException(BPN bpn, String investigationId) {
super("Quality Notification with id %s rejected. Sender BPN: %s is same as receiver BPN.".formatted(investigationId, bpn));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,9 @@
import jakarta.validation.ConstraintValidatorContext;
import org.eclipse.tractusx.traceability.common.model.BPN;
import org.eclipse.tractusx.traceability.common.properties.TraceabilityProperties;
import org.eclipse.tractusx.traceability.notification.infrastructure.edc.model.EDCNotification;
import org.eclipse.tractusx.traceability.notification.domain.notification.exception.InvestigationReceiverBpnMismatchException;
import org.eclipse.tractusx.traceability.notification.domain.notification.exception.NotificationSenderAndReceiverBPNEqualException;
import org.eclipse.tractusx.traceability.notification.infrastructure.edc.model.EDCNotification;
import org.springframework.stereotype.Component;

/**
Expand Down Expand Up @@ -72,11 +73,15 @@ public boolean isValid(EDCNotification edcNotification, ConstraintValidatorConte
if (senderBPN == null) {
throw new InvestigationReceiverBpnMismatchException("BPN of sender cannot be null.");
}
if (applicationBPN.value().equals(senderBPN)) {
throw new NotificationSenderAndReceiverBPNEqualException(BPN.of(senderBPN), edcNotification.getNotificationId());
}
if (!senderBPN.equals(applicationBPN.value()) && !recipientBPN.equals(applicationBPN.value())) {
final String senderBPNIsNotSameAsReceiverError = String.format("BPN {%s} is not eligible to handle BPN: {%s}", applicationBPN.value(), senderBPN);
throw new InvestigationReceiverBpnMismatchException(senderBPNIsNotSameAsReceiverError);
}


return true;
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import jakarta.validation.ConstraintValidatorContext;
import org.eclipse.tractusx.traceability.common.model.BPN;
import org.eclipse.tractusx.traceability.common.properties.TraceabilityProperties;
import org.eclipse.tractusx.traceability.notification.domain.notification.exception.NotificationSenderAndReceiverBPNEqualException;
import org.eclipse.tractusx.traceability.notification.infrastructure.edc.model.EDCNotification;
import org.eclipse.tractusx.traceability.notification.domain.notification.exception.InvestigationReceiverBpnMismatchException;
import org.eclipse.tractusx.traceability.notification.infrastructure.edc.EDCNotificationValidator;
Expand Down Expand Up @@ -64,20 +65,6 @@ void testIsValidWithNullEDCNotification() {

}


@Test
void testIsValidSenderBpnMatch() {
// Given
when(traceabilityProperties.getBpn()).thenReturn(BPN.of("BPN_OF_APPLICATION"));
when(edcNotification.getSenderBPN()).thenReturn("BPN_OF_APPLICATION");
when(edcNotification.getRecipientBPN()).thenReturn("OTHER");
// When
boolean result = validator.isValid(edcNotification, context);

// Then
assertTrue(result);
}

@Test
void testReceiverIsApplicationOwner() {
// Given
Expand All @@ -92,6 +79,16 @@ void testReceiverIsApplicationOwner() {
assertTrue(result);
}

@Test
void testSenderAndReceiverSameBPNException(){
String bpn = "APPLICATION_BON";
// Given
when(traceabilityProperties.getBpn()).thenReturn(BPN.of(bpn));
when(edcNotification.getSenderBPN()).thenReturn(bpn);
when(edcNotification.getRecipientBPN()).thenReturn(bpn);
assertThrows(NotificationSenderAndReceiverBPNEqualException.class, () -> validator.isValid(edcNotification, context));
}

@Test
void testThrowsExceptionNoBpnMatch() {
// Given
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ void setUp() {
}

@Test
void shouldCreateAnInvestigationIncludingNotificationOnAPICallClass() throws IOException, JoseException {
void shouldRejectInvestigationNotificationOnAPICallClass_whenAppBpnEqualsSenderBpn() throws IOException, JoseException {
// given
assetsSupport.defaultAssetsStored();
String notificationJson = readFile("/testdata/edc_notification_okay.json");
Expand All @@ -79,12 +79,11 @@ void shouldCreateAnInvestigationIncludingNotificationOnAPICallClass() throws IOE
.when()
.post("/api/qualitynotifications/receive")
.then()
.statusCode(200);
.statusCode(400);

// then
investigationNotificationsSupport.assertNotificationsSize(1);
investigationsSupport.assertInvestigationsSize(1);
investigationsSupport.assertInvestigationStatus(NotificationStatus.RECEIVED);
investigationNotificationsSupport.assertNotificationsSize(0);
investigationsSupport.assertInvestigationsSize(0);
}

@Test
Expand Down Expand Up @@ -133,7 +132,7 @@ void shouldAddANotificationToExistingInvestigationOnAPICallback() throws IOExcep

NotificationEntity investigation = NotificationEntity.builder()
.assets(Collections.emptyList())
.bpn("BPNL00000003AXS3")
.bpn("BPNL00000003AXB3")
.status(NotificationStatusBaseEntity.SENT)
.type(NotificationTypeEntity.INVESTIGATION)
.side(NotificationSideBaseEntity.SENDER)
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"header" : {
"notificationId" : "cda2d956-fa91-4a75-bb4a-8e5ba39b268a",
"senderBPN" : "BPNL00000003AXS3",
"senderBPN" : "BPNL00000003AXB3",
"senderAddress" : "https://some-url.com",
"recipientBPN" : "BPNL00000003AXS3",
"severity" : "CRITICAL",
Expand Down

0 comments on commit 877414d

Please sign in to comment.