Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate UUID request parameters #3590

Merged
merged 1 commit into from
Mar 30, 2024
Merged

Validate UUID request parameters #3590

merged 1 commit into from
Mar 30, 2024

Conversation

nscuro
Copy link
Member

@nscuro nscuro commented Mar 29, 2024

Description

Many resources accept UUID parameters, but because they use the type String, requests with invalid UUIDs are not properly rejected, causing HTTP 500 responses being returned.

This commit adds a @ValidUuid annotation. It further adds a Jersey ExceptionMapper to handle validation exceptions properly.

Additionally, it add the format = "uuid" hint to Swagger annotations, making the API docs less ambiguous as to what format is being expected.

Addressed Issue

Relates to DependencyTrack/frontend#684

Additional Details

N/A

Checklist

  • I have read and understand the contributing guidelines
  • This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • This PR introduces changes to the database model, and I have added corresponding update logic
  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

@nscuro
Validate UUID request parameters
801dfda 
Many resources accept UUID parameters, but because they use the type `String`, requests with invalid UUIDs are not properly rejected, causing `HTTP 500` responses being returned.

This commit adds a `@ValidUuid` annotation. It further adds a Jersey `ExceptionMapper` to handle validation exceptions properly.

Additionally, it add the `format = "uuid"` hint to Swagger annotations, making the API docs less ambiguous as to what format is being expected.

Relates to DependencyTrack/frontend#684

Signed-off-by: nscuro <nscuro@protonmail.com>
@nscuro nscuro added defect Something isn't working api docs labels Mar 29, 2024
@nscuro nscuro added this to the 4.11 milestone Mar 29, 2024
@codacy-production Codacy Production
Copy link

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
+0.02% (target: -1.00%) 100.00% (target: 70.00%)
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (c15560b) 21606 16001 74.06%
Head commit (801dfda) 21623 (+17) 16018 (+17) 74.08% (+0.02%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#3590) 17 17 100.00%

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

You may notice some variations in coverage metrics with the latest Coverage engine update. For more details, visit the documentation

@nscuro nscuro merged commit 9ad07b5 into DependencyTrack:master Mar 30, 2024
12 checks passed
@nscuro nscuro deleted the validate-uuid-params branch March 30, 2024 17:39
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 30, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
api docs defect Something isn't working
Projects
None yet
Milestone
4.11
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@nscuro