Trib 244: bug fix users may not cosign themselves #163
Conversation
- updates cosign service saveCosign() return type to Optional<CosignDTO>
- updates call to cosign service saveCosignI() to Optional<CosignDTO> - adds return for bad request 403 forbidden
- updates variable names for clarity (test, mock, expected) - updates return values to the new Optional<CosignDTO> change - simplifies assertions with recursive comparison method
- updates variable names for clarity (test, mock, expected) - updates return values to the new Optional<CosignDTO> change - adds test for user trying to cosign themselves saveCosignSadPathUserCosignsThemselves()
- adds test saveCosignFailsWhenIdsEqual()
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## feature/connect-page #163 +/- ##
==========================================================
+ Coverage 79.79% 79.89% +0.09%
- Complexity 529 531 +2
==========================================================
Files 77 77
Lines 1638 1646 +8
Branches 266 267 +1
==========================================================
+ Hits 1307 1315 +8
Misses 295 295
Partials 36 36 ☔ View full report in Codecov by Sentry. |
|
Looks good so far.. I will run it and test it tomorrow. |
|
|
||
| if(opt.isEmpty()) { | ||
| log.error("Users may not cosign themselves. "); | ||
| return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null); |
There was a problem hiding this comment.
According to a quick Googling, 400 BAD REQUEST, perhaps including the string "Users may not cosign themselves.", is most appropriate.
There was a problem hiding this comment.
In oder to return a message, I changed the return type from ResponseEntity to ResponseEntity. The endpoint now returns either a CosignDTO or a GenericMessageDTO with a string. Is this what you were envisioning?
There was a problem hiding this comment.
Also, I had a couple merge conflicts to fix, and it may make for some strange formatting commits in the cosign service imports. I didn't realize you were working on it and I didn't pull before push. oops.
- updates the saveCosign endpoint to return Response Entity - updates the return for when the user is trying to cosign themselves to return a 400 BAD_REQUEST and a GenericResponseDTO message.
- updates saveCosignSadPathUserCosignsThemselves to check for the new return values "BAD_REQUEST" and a string message.
haxwell
merged commit 015fde1
into
savvato-software:feature/connect-page
TESTING
Cosign service and Connect API
QUESTIONS:
This ticket is a stab in the dark. Please let me know if you want changes to the return values for the ConnectAPI save cosign endpoint.