Merge branch 'develop' into feat-orbeon-endpoint

InseeFr · Jul 10, 2024 · 98f8f25 · 98f8f25
2 parents ab44b7c + ac056ef
commit 98f8f25
Show file tree

Hide file tree

Showing 5 changed files with 62 additions and 32 deletions.
diff --git a/.github/workflows/ci-rc.yml b/.github/workflows/ci-rc.yml
@@ -17,6 +17,14 @@ jobs:
           java-version: 21
       - name: Build with Maven
         run: mvn -B clean package
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/[email protected]
+        with:
+          format: 'table'
+          scan-type: 'repo'
+          exit-code: '1'
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
       - name: Upload jar
         uses: actions/upload-artifact@v3
         with:

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -0,0 +1,30 @@
+name: Trivy Analysis
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  build:
+    name: Build and analyze
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: 21
+          distribution: 'temurin'
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/[email protected]
+        with:
+          format: 'table'
+          scan-type: 'repo'
+          exit-code: '1'
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
diff --git a/pom.xml b/pom.xml
@@ -11,7 +11,7 @@
 	</parent>
 	<groupId>fr.insee.survey</groupId>
 	<artifactId>platine-management</artifactId>
-	<version>2.4.1</version>
+	<version>2.4.2</version>
 	<name>platine-management</name>
 	<description>REST API for communication between DB and Platine-Management UI and Platine-My-Surveys UI</description>
 	<properties>

diff --git a/...nsee/survey/datacollectionmanagement/questioning/service/impl/QuestioningServiceImpl.java b/...nsee/survey/datacollectionmanagement/questioning/service/impl/QuestioningServiceImpl.java
@@ -81,9 +81,8 @@ public int deleteQuestioningsOfOnePartitioning(Partitioning partitioning) {
             SurveyUnit su = q.getSurveyUnit();
             su.getQuestionings().remove(q);
             surveyUnitService.saveSurveyUnit(su);
-            q.getQuestioningEvents().stream().forEach(qe -> questioningEventService.deleteQuestioningEvent(qe.getId()));
-            q.getQuestioningAccreditations().stream()
-                    .forEach(questioningAccreditationService::deleteAccreditation);
+            q.getQuestioningEvents().forEach(qe -> questioningEventService.deleteQuestioningEvent(qe.getId()));
+            q.getQuestioningAccreditations().forEach(questioningAccreditationService::deleteAccreditation);
             deleteQuestioning(q.getId());
             nbQuestioningDeleted++;
         }
@@ -101,15 +100,15 @@ public Set<Questioning> findBySurveyUnitIdSu(String idSu) {
      *
      * @param baseUrl      The base URL for the access.
      * @param typeUrl      The type of URL (V1 or V2).
-     * @param role          The user role (REVIEWER or INTERVIEWER).
-     * @param questioning   The questioning object.
-     * @param surveyUnitId  The survey unit ID.
+     * @param role         The user role (REVIEWER or INTERVIEWER).
+     * @param questioning  The questioning object.
+     * @param surveyUnitId The survey unit ID.
      * @return The generated access URL.
      */
     public String getAccessUrl(String baseUrl, String typeUrl, String role, Questioning questioning, String surveyUnitId, String sourceId) {
         // Set default values if baseUrl or typeUrl is empty
         baseUrl = StringUtils.defaultIfEmpty(baseUrl, applicationConfig.getQuestioningUrl());
-        typeUrl = StringUtils.defaultIfEmpty(typeUrl, V2.name());
+        typeUrl = StringUtils.defaultIfEmpty(typeUrl, V3.name());
 
         if (typeUrl.equalsIgnoreCase(V1.name())) {
             return buildV1Url(baseUrl, role, questioning.getModelName(), surveyUnitId);
@@ -125,14 +124,13 @@ public String getAccessUrl(String baseUrl, String typeUrl, String role, Question
     }
 
 
-
     /**
      * Builds a V1 access URL based on the provided parameters.
      *
      * @param baseUrl      The base URL for the access.
-     * @param role          The user role (REVIEWER or INTERVIEWER).
-     * @param campaignId    The campaign ID.
-     * @param surveyUnitId  The survey unit ID.
+     * @param role         The user role (REVIEWER or INTERVIEWER).
+     * @param campaignId   The campaign ID.
+     * @param surveyUnitId The survey unit ID.
      * @return The generated V1 access URL.
      */
     protected String buildV1Url(String baseUrl, String role, String campaignId, String surveyUnitId) {
@@ -147,10 +145,11 @@ protected String buildV1Url(String baseUrl, String role, String campaignId, Stri
 
     /**
      * Builds a V3 access URL based on the provided parameters
-     * @param baseUrl host url
-     * @param role
-     * @param modelName
-     * @param surveyUnitId
+     *
+     * @param baseUrl      The base URL for the access.
+     * @param role         The user role (REVIEWER or INTERVIEWER).
+     * @param modelName    The model ID.
+     * @param surveyUnitId The survey unit ID.
      * @return The generated V3 access URL.
      */
 
@@ -166,11 +165,11 @@ protected String buildV2Url(String baseUrl, String role, String modelName, Strin
 
     /**
      * Builds a V3 access URL based on the provided parameters
-     * @param baseUrl
-     * @param role
-     * @param modelName
-     * @param surveyUnitId
-     * @param sourceId
+     *
+     * @param baseUrl      The base URL for the access.
+     * @param role         The user role (REVIEWER or INTERVIEWER).
+     * @param modelName    The model ID.
+     * @param surveyUnitId The survey unit ID.
      * @return The generated V3 access URL.
      */
     protected String buildV3Url(String baseUrl, String role, String modelName, String surveyUnitId, String sourceId, Long questioningId) {
@@ -186,4 +185,4 @@ protected String buildV3Url(String baseUrl, String role, String modelName, Strin
         return "";
     }
 
- }
+}
diff --git a/...st/java/fr/insee/survey/datacollectionmanagement/query/controller/MoogControllerTest.java b/...st/java/fr/insee/survey/datacollectionmanagement/query/controller/MoogControllerTest.java
@@ -3,8 +3,7 @@
 import fr.insee.survey.datacollectionmanagement.config.AuthenticationUserProvider;
 import fr.insee.survey.datacollectionmanagement.config.auth.user.AuthorityRoleEnum;
 import fr.insee.survey.datacollectionmanagement.constants.Constants;
-import fr.insee.survey.datacollectionmanagement.query.service.MoogService;
-import org.junit.jupiter.api.BeforeEach;
+
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
@@ -27,20 +26,14 @@ class MoogControllerTest {
 
     @Autowired
     MockMvc mockMvc;
-
-    @Autowired
-    MoogService moogService;
-    @BeforeEach
-    void init() {
-        SecurityContextHolder.getContext().setAuthentication(AuthenticationUserProvider.getAuthenticatedUser("test", AuthorityRoleEnum.ADMIN));
-    }
+
     @Test
     void getMoogReadOnlyUrl() throws Exception {
         String idCampaign = "SOURCE12023T01";
         String surveyUnitId = "100000000";
         this.mockMvc.perform(get(Constants.MOOG_API_READONLY_URL, idCampaign, surveyUnitId)).andDo(print()).andExpect(status().isOk())
 
-                .andExpect(content().string("http://localhost:8081/readonly/questionnaire/m0/unite-enquetee/100000000"));
+                .andExpect(content().string("http://localhost:8081/v3/review/questionnaire/m0/unite-enquetee/100000000"));
     }