feat: add parameters to customise redirection (#66)

.github/workflows/ci-rc.yml

@@ -17,6 +17,14 @@ jobs:
           java-version: 21
       - name: Build with Maven
         run: mvn -B clean package
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/[email protected]
+        with:
+          format: 'table'
+          scan-type: 'repo'
+          exit-code: '1'
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
       - name: Upload jar
         uses: actions/upload-artifact@v3
         with:

.github/workflows/trivy.yml

@@ -0,0 +1,30 @@
+name: Trivy Analysis
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  build:
+    name: Build and analyze
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: 21
+          distribution: 'temurin'
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/[email protected]
+        with:
+          format: 'table'
+          scan-type: 'repo'
+          exit-code: '1'
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'

pom.xml

@@ -6,12 +6,12 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>3.2.4</version>
+		<version>3.3.1</version>
 		<relativePath /> <!-- lookup parent from repository -->
 	</parent>
 	<groupId>fr.insee.survey</groupId>
 	<artifactId>platine-management</artifactId>
-	<version>2.2.3</version>
+	<version>2.4.2</version>
 	<name>platine-management</name>
 	<description>REST API for communication between DB and Platine-Management UI and Platine-My-Surveys UI</description>
 	<properties>
@@ -202,4 +202,4 @@
 	</build>
 
 
-</project>
+</project>

src/main/java/fr/insee/survey/datacollectionmanagement/constants/CheckHabilitationsRoles.java → src/main/java/fr/insee/survey/datacollectionmanagement/constants/UserRoles.java

@@ -1,6 +1,10 @@
 package fr.insee.survey.datacollectionmanagement.constants;
 
-public class CheckHabilitationsRoles {
+public class UserRoles {
+
+    private UserRoles() {
+        throw new IllegalStateException("Utility class");
+    }
     public static final String INTERVIEWER = "interviewer";
     public static final String REVIEWER = "reviewer";
 }

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/controller/CampaignController.java

@@ -5,16 +5,19 @@
 import fr.insee.survey.datacollectionmanagement.exception.NotFoundException;
 import fr.insee.survey.datacollectionmanagement.exception.NotMatchException;
 import fr.insee.survey.datacollectionmanagement.metadata.domain.Campaign;
+import fr.insee.survey.datacollectionmanagement.metadata.domain.Parameters;
 import fr.insee.survey.datacollectionmanagement.metadata.domain.Partitioning;
 import fr.insee.survey.datacollectionmanagement.metadata.domain.Survey;
 import fr.insee.survey.datacollectionmanagement.metadata.dto.CampaignDto;
 import fr.insee.survey.datacollectionmanagement.metadata.dto.CampaignPartitioningsDto;
 import fr.insee.survey.datacollectionmanagement.metadata.dto.OnGoingDto;
+import fr.insee.survey.datacollectionmanagement.metadata.dto.ParamsDto;
 import fr.insee.survey.datacollectionmanagement.metadata.service.CampaignService;
 import fr.insee.survey.datacollectionmanagement.metadata.service.SurveyService;
 import fr.insee.survey.datacollectionmanagement.questioning.domain.Upload;
 import fr.insee.survey.datacollectionmanagement.questioning.service.QuestioningService;
 import fr.insee.survey.datacollectionmanagement.questioning.service.UploadService;
+import fr.insee.survey.datacollectionmanagement.util.EmailValidatorRegex;
 import fr.insee.survey.datacollectionmanagement.view.service.ViewService;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.media.Content;
@@ -37,8 +40,13 @@
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
 
+import java.util.Arrays;
 import java.util.List;
 import java.util.Set;
+import java.util.stream.Collectors;
+
+import static fr.insee.survey.datacollectionmanagement.questioning.util.UrlTypeEnum.values;
+import static java.util.stream.Collectors.joining;
 
 @RestController
 @PreAuthorize("@AuthorizeMethodDecider.isInternalUser() "
@@ -109,6 +117,43 @@ public ResponseEntity<CampaignDto> getCampaign(@PathVariable("id") String id) {
 
     }
 
+
+    @Operation(summary = "Get campaign parameters")
+    @GetMapping(value = "/api/campaigns/{id}/params", produces = "application/json")
+    public ResponseEntity<List<ParamsDto>> getParams(@PathVariable("id") String id) {
+        Campaign campaign = campaignService.findById(StringUtils.upperCase(id));
+        List<ParamsDto> listParams = campaign.getParams().stream().map(this::convertToDto).toList();
+        return ResponseEntity.ok().body(listParams);
+    }
+
+
+    @Operation(summary = "Create a parameter for a campaign")
+    @PutMapping(value = "/api/campaigns/{id}/params", produces = "application/json")
+    public void putParams(@PathVariable("id") String id, @RequestBody @Valid ParamsDto paramsDto) {
+        Campaign campaign = campaignService.findById(StringUtils.upperCase(id));
+
+        if (paramsDto.getParamId().equalsIgnoreCase(Parameters.ParameterEnum.URL_TYPE.name())
+                && Arrays.stream(values()).noneMatch(p -> p.name().equals(paramsDto.getParamValue()))) {
+
+            throw new NotMatchException(String.format("Only %s are valid values for URL_TYPE", Arrays.stream(values()).map(item -> item.name())
+                    .collect(joining(" "))));
+        }
+        if (paramsDto.getParamId().equalsIgnoreCase(Parameters.ParameterEnum.MAIL_ASSISTANCE.name())
+                && !EmailValidatorRegex.isValidEmail(paramsDto.getParamValue())) {
+
+            throw new NotMatchException(String.format("Email %s is not valid", paramsDto.getParamValue()));
+        }
+        Parameters param = convertToEntity(paramsDto);
+        param.setMetadataId(StringUtils.upperCase(id));
+        Set<Parameters> setParams = campaign.getParams().stream()
+                .filter(parameter -> !parameter.getParamId().equals(param.getParamId()))
+                .collect(Collectors.toSet());
+        setParams.add(param);
+        campaign.setParams(setParams);
+        campaignService.insertOrUpdateCampaign(campaign);
+    }
+
+
     @Operation(summary = "Update or create a campaign")
     @PutMapping(value = Constants.API_CAMPAIGNS_ID, produces = "application/json", consumes = "application/json")
     @ApiResponses(value = {
@@ -189,6 +234,10 @@ private CampaignDto convertToDto(Campaign campaign) {
         return modelmapper.map(campaign, CampaignDto.class);
     }
 
+    private ParamsDto convertToDto(Parameters params) {
+        return modelmapper.map(params, ParamsDto.class);
+    }
+
     private CampaignPartitioningsDto convertToCampaignPartitioningsDto(Campaign campaign) {
         return modelmapper.map(campaign, CampaignPartitioningsDto.class);
     }
@@ -197,6 +246,13 @@ private Campaign convertToEntity(CampaignDto campaignDto) {
         return modelmapper.map(campaignDto, Campaign.class);
     }
 
+    private Parameters convertToEntity(ParamsDto paramsDto) {
+
+        Parameters params = modelmapper.map(paramsDto, Parameters.class);
+        params.setParamId(Parameters.ParameterEnum.valueOf(paramsDto.getParamId()));
+        return params;
+    }
+
     class CampaignPage extends PageImpl<CampaignDto> {
 
         public CampaignPage(List<CampaignDto> content, Pageable pageable, long total) {

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/domain/Campaign.java

@@ -33,6 +33,10 @@ public class Campaign {
     @OneToMany(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
     private Set<Partitioning> partitionings;
 
+    @OneToMany(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+    @Enumerated(EnumType.STRING)
+    private Set<Parameters> params;
+
     @ManyToOne
     private Survey survey;
 

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/domain/Parameters.java

@@ -0,0 +1,30 @@
+package fr.insee.survey.datacollectionmanagement.metadata.domain;
+
+import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
+import jakarta.persistence.Id;
+import jakarta.persistence.*;
+import lombok.Data;
+import lombok.Getter;
+
+@Entity
+@Data
+public class Parameters {
+
+    @Getter
+    public enum ParameterEnum {
+        URL_REDIRECTION,URL_TYPE, MAIL_ASSISTANCE;
+    }
+
+    @Id
+    private String metadataId;
+
+    @Id
+    @Enumerated(EnumType.STRING)
+    private ParameterEnum paramId;
+
+    @Column(length = 2000)
+    private String paramValue;
+
+}

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/domain/Partitioning.java

@@ -5,6 +5,7 @@
 import lombok.Setter;
 
 import java.util.Date;
+import java.util.Set;
 
 @Entity
 @Getter
@@ -24,4 +25,8 @@ public class Partitioning {
     @ManyToOne
     private Campaign campaign;
 
+    @OneToMany(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+    @Enumerated(EnumType.STRING)
+    private Set<Parameters> params;
+
 }

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/domain/Source.java

@@ -40,4 +40,8 @@ public class Source {
     @NonNull
     private Support support;
 
+    @OneToMany(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+    @Enumerated(EnumType.STRING)
+    private Set<Parameters> params;
+
 }

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/domain/Survey.java

@@ -39,6 +39,10 @@ public class Survey {
     @OneToMany(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
     private Set<Campaign> campaigns;
 
+    @OneToMany(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+    @Enumerated(EnumType.STRING)
+    private Set<Parameters> params;
+
     @ManyToOne
     private Source source;
 

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/dto/ParamsDto.java

@@ -0,0 +1,13 @@
+package fr.insee.survey.datacollectionmanagement.metadata.dto;
+
+import fr.insee.survey.datacollectionmanagement.metadata.validation.ParameterEnumValid;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class ParamsDto {
+    @ParameterEnumValid
+    private String paramId;
+    private String paramValue;
+}

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/service/PartitioningService.java

@@ -1,5 +1,6 @@
 package fr.insee.survey.datacollectionmanagement.metadata.service;
 
+import fr.insee.survey.datacollectionmanagement.metadata.domain.Parameters;
 import fr.insee.survey.datacollectionmanagement.metadata.domain.Partitioning;
 
 import java.util.Date;
@@ -14,4 +15,8 @@ public interface PartitioningService {
 
     boolean isOnGoing(Partitioning part, Date date);
 
+    String findSuitableParameterValue(Partitioning part, Parameters.ParameterEnum paramValue);
+
+
+
 }

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/service/impl/PartioningServiceImpl.java

@@ -1,6 +1,7 @@
 package fr.insee.survey.datacollectionmanagement.metadata.service.impl;
 
 import fr.insee.survey.datacollectionmanagement.exception.NotFoundException;
+import fr.insee.survey.datacollectionmanagement.metadata.domain.Parameters;
 import fr.insee.survey.datacollectionmanagement.metadata.domain.Partitioning;
 import fr.insee.survey.datacollectionmanagement.metadata.repository.PartitioningRepository;
 import fr.insee.survey.datacollectionmanagement.metadata.service.PartitioningService;
@@ -9,6 +10,8 @@
 import org.springframework.stereotype.Service;
 
 import java.util.Date;
+import java.util.Optional;
+import java.util.Set;
 
 @Service
 @Slf4j
@@ -40,4 +43,23 @@ public void deletePartitioningById(String id) {
     public boolean isOnGoing(Partitioning part, Date date) {
         return part.getClosingDate().compareTo(date) > 0 && part.getOpeningDate().compareTo(date) < 0;
     }
+
+    @Override
+    public String findSuitableParameterValue(Partitioning part, Parameters.ParameterEnum paramValue) {
+        return findParameterValueInSet(part.getParams(), paramValue)
+                .orElse(findParameterValueInSet(part.getCampaign().getParams(), paramValue)
+                        .orElse(findParameterValueInSet(part.getCampaign().getSurvey().getParams(), paramValue)
+                                .orElse(findParameterValueInSet(part.getCampaign().getSurvey().getSource().getParams(), paramValue)
+                                        .orElse(""))));
+    }
+
+    private Optional<String> findParameterValueInSet(Set<Parameters> params, Parameters.ParameterEnum paramValue) {
+        return params.stream()
+                .filter(param -> param.getParamId().equals(paramValue))
+                .map(Parameters::getParamValue)
+                .findFirst();
+    }
+
+
+
 }

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/validation/ParameterEnumValid.java

@@ -0,0 +1,26 @@
+package fr.insee.survey.datacollectionmanagement.metadata.validation;
+
+import jakarta.validation.Constraint;
+import jakarta.validation.Payload;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import static java.lang.annotation.ElementType.*;
+
+@Target({FIELD, PARAMETER, METHOD})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@Constraint(validatedBy = ParameterEnumValidator.class)
+public @interface ParameterEnumValid {
+    //error message
+    String message() default "Type missing or not recognized. Only URL_REDIRECTION,URL_TYPE,MAIL_ASSISTANCE are valid";
+
+    //represents group of constraints
+    Class<?>[] groups() default {};
+
+    //represents additional information about annotation
+    Class<? extends Payload>[] payload() default {};
+}

src/main/java/fr/insee/survey/datacollectionmanagement/metadata/validation/ParameterEnumValidator.java

@@ -0,0 +1,23 @@
+package fr.insee.survey.datacollectionmanagement.metadata.validation;
+
+import fr.insee.survey.datacollectionmanagement.metadata.domain.Parameters;
+import jakarta.validation.ConstraintValidator;
+import jakarta.validation.ConstraintValidatorContext;
+
+import java.util.Arrays;
+
+public class ParameterEnumValidator implements ConstraintValidator<ParameterEnumValid, String> {
+
+
+    @Override
+    public void initialize(ParameterEnumValid constraintAnnotation) {
+        ConstraintValidator.super.initialize(constraintAnnotation);
+    }
+
+    @Override
+    public boolean isValid(String value, ConstraintValidatorContext context) {
+        if (value == null)
+            return false;
+        return Arrays.stream(Parameters.ParameterEnum.values()).anyMatch(v -> value.equals(v.name()));
+    }
+}